DiscoverSecurity Stories
Security Stories
Claim Ownership

Security Stories

Author: Cisco Secure

Subscribed: 41Played: 831


Discover the unique, inspiring, and often amusing stories behind what it takes to lead cybersecurity efforts in an organization. The Security Stories podcast features interviews with a diverse range of guests, each sharing their leadership experiences for the benefit of others in the cybersecurity industry. Discover more at
66 Episodes
In this episode, Taz interviews Alex Wolf. Alex  is a business & tech thought-leader, investor and author; recognized as Fast Company’s Top 100 Most Creative People In Business. Alex’s effort to make big companies think critically about technology has been recognized by Apple, Snapchat, Stanford University, Fordham University, NYU and more. Her thought-leadership has been profiled in Forbes, Inc. Entrepreneur and in AfroTech as “The Woman Silicon Valley Is Too Afraid To Call A Genius”. She sold a multi-million dollar internet company she built from scratch before the age of 25. Wolf now speaks and writes to an audience of over 34,000+ entrepreneurs & investors who trust her opinion on the future of business & acquisitions.In this episode, Taz and Alex chat about Alex's path into the M&A space, what it's like to be an investor and how security plays a valuable role in her work and industry. Enjoy! Links from discussion:How to reach Alex:'s book, Resonate : Button episode on SS podcast: Outcomes Report: the report to learn:Ways to set your cybersecurity strategy up for success by striking the right balance between risk and resilience  What CISOs and other experts are considering when building up their own security resilience How the most resilient organizations prepare for inevitable disruption and recover quickly to emerge stronger
Trigger warning - {child abuse} content filtration is a sensitive topic that covers some of the harsh realities of our world that folks on trust and security teams have to deal with on a daily basis.In this episode, Taz speaks with Yasmin Abdi, CEO and Founder of NoHack and Security engineering manager at Snap. They cover a wide range of topics from Yasmin's career trajectory, her experience on a content filtration team and her transition into entrepreneurship as a new founder.Yasmin Abdi is an experienced technical advisor on security, privacy, and data protection. She has over 5 years of experience as a software engineer and has built and managed in-house software and security solutions at Snap, Meta, and Google. Yasmin was also a founding member of Meemo, an AI-powered social finance app, which was recently acquired by Coinbase. The technologies she has built are currently being used by 100+ million daily active users worldwide.Ms. Abdi has several years of experience leading organizations, providing thought leadership, and assisting private sector clients in the areas of software engineering, security infrastructure and best practices, IT solutions, and corporate strategy consulting. Given her unrelenting entrepreneurial spirit and keen interest for information security, Yasmin founded noHack, a government contracting company focused on cyber security services and solutions. As the CEO of noHack, Ms. Abdi takes a hands-on approach to delivering high-impact solutions. Her goal is to protect her clients by providing an extra layer of all-around protection. Outside of tech, Ms. Abdi’s passion is to help bridge the gap between minority students and tech companies. Yasmin has mentored and helped over 50 students land jobs within tech.Ms. Abdi also holds a Bachelor of Science in Computer Science with a focus in cyber security engineering from the University of Maryland. Here’s Yasmin, hope you enjoy.Links:
In today’s episode you’ll hear from Joe Toscano. Joe is an award winning designer, published author, and international keynote speaker who left his role consulting for Google because he felt the industry was misusing data and that the issues needed to be addressed through innovation rather than strict regulation. Since leaving, Joe has written a book, called Automating Humanity, and has started DataGrade, both focused on increasing technology literacy and purpose-driven innovation. You may have seen Joe featured in The Social Dilemma or his TEDx Talk, “Want to work for Google? You already do,”.   Joe and Taz have been running in the same data ethics advocacy circles for some time but officially met in 2021 during their joint keynote speech alongside Brittany Kaiser at Eurpol’s annual EDEN conference. In our chat, you’ll hear about Joe’s origin story – mathmetician, turned psychology buff turned data scientist. Through his changing career one factor remained strong – data ethics. We cover his journey into data ethics advocacy, what he’s doing with his new start up DataGrade and most importantly – you’ll learn what resilience means to him.  Here’s Joe – hope you enjoy.  
In this episode, Taz interviews Jason Button, Information Security Director who manages our  Mergers & Acquisitions Cybersecurity efforts. This conversation is full of compassion, leadership insights, and brilliant gems that anyone can apply in their lives. In addition to chatting about imposter syndrome and Jason's career journey, you'll hear details about the M&A process and how to successfully go about it, no matter the size of your organization.Jason came to Cisco through the Duo acquisition, and the work that he and his team have been doing is quite interesting as they are now working with Corporate Development to assess the security threats of companies we’re looking to acquire.  More from Jason:Blog on trust and transparency in M&A Berkley study that was funded by Cisco.
I’m interviewing Lena Olympio. Lena hosted a fantastic conversation about Women in Leadership. You all know how important that is to us here at Cisco and on this podcast so I wanted to share it with all of you. Lena interviewed 3 incredible leaders here at Cisco Dana, Alex and Allison (a part of our Partners Organization) - they were rightfully recognized as this year’s Women of the Channel among many other incredible humans. I was inspired by their story and inevitably became more curious about Lena's. In this episode you can expect to hear more about Lena, her career journey and how her interview with Dana, Alex and Allison truly inspired her. You’ll also hear about the different paths non-technical people can take to get into a technical role – especially women. And lastly, the biggest take away from this conversation ... you don’t have to be in a position of quote "leadership" to. lead.  I’ve included their full conversation at 32 minutes and 30 seconds at the end of my interview with Lena. I hope you are inspired and can take this energy with you into the holiday season! More on Lena:Lena Olympio is currently a Technical Solutions Architect at Cisco. She joined Cisco in November 2012 as contractor, auditing customer service phone calls and cases, and worked her way into a Global Process Manager role in March of 2015 to drive process improvement within the Cisco Commerce Workspace (CCW) customer service teams.With Cisco’s latest focus on security, Lena is excited to be working in an area that is helping drive the company’s priorities. She is perpetually learning and sharing her knowledge with others to help them achieve their personal and professional goals.More on the Women of the Channel 2022: Della Sera Miller Stahl 
National Cybersecurity Awareness Month continues and in honor of it we interview global and industry recognized thought leader, Confidence Staveley. To name a few of her incredible accomplishments, Confidence has been recognized as Cybersecurity Woman of the Year in 2021 and 2022, she is a part of the U.S. State Department’s International Visitors Leadership Program. Not to mention she has single handedly changed the future of so many young girls as it relates to their access to technology, education and security awareness. To learn more about Confidence, you can find her on all social media platforms: Linkedin, Twitter, InstagramTo learn more about her organization, Cybersafe Foundation and to donate to their incredible cause you can visit: resources:CISA Security ResourcesCisco Secure's Cyberecurity Awareness Month PageIf you’re inclined to share this episode with your community, please tag us!@Ciscosecure @techwithtaz @hazeburton #seeyourselfincyber #Ciscosecure #NCSAM
Happy National Cyber Security Awareness Month! Today's guest is Cathy Pedrayes: Author, television host and bilingual social media influencer, Cathy Pedrayes is best known as TikTok's 'Mom Friend.' She developed the reputation after sharing safety content that ranges from items she keeps in her first aid kit to how to maintain your security and privacy online.With millions of followers on TikTok, Cathy is on a mission to help her audience see themselves in cyber. Our chat covers Cathy's unique way in the security industry, her origin industry and insights into her book, The Mom Friend Guide to Everyday Safety and Security.This episode is a reminder that no matter where you are, what you do - you are entitled to feel safe online and better yet, you can get involved! We can't thank you enough for your continued support, especially during this glorious month of National Cybersecurity Awareness!If you are inclined to share this episode with your friends, please tag us and use the hashtags below:#Seeyourselfincyber #thinkbeforeyouclick #NCSAM #Ciscosecure
On today's show our guest is one of our very own - Ashlee Benge, Strategic Intelligence Lead on the Cisco Talos team. After a very informative presentation at Blackhat on "Opsec in a Post-Roe World' we wanted to dive deeper with her to learn about the impact and implications on the security industry, practitioners and the world at large. The episode covers a vast range of discussion, with the fundamental hope to inspire people to take charge of their privacy and develop agency around big decisions made by regulators. Join us for a raw, rich and very real conversation. Oh, and some exciting news underway for the podcast!To read more about this topic, take a look at Ashlee's in depth article: Our current world, health care apps and your personal data
Today's episode features a recording from a live event that we hosted on 24 August, aka Independence Day for Ukraine. Six months since Russia's invasion of Ukraine, Dmytro Korzhevin, a senior threat intelligence researcher, JJ Cummings, Talos' national intelligence principal, and Ashlee Benge, a strategic intelligence lead, provided insights into their past few months of work in the region.The discussion primarily focused on the resiliency of Ukrainians, who have worked tirelessly over the years to transform their cybersecurity capabilities. Ukrainian infrastructure has largely stayed operational and, in most cases, exceeded expectations. It seems to have baffled most pundits, but for those that have spent years working in Ukraine, it’s no surprise about the levels of dedication and commitment to protecting their critical infrastructure from those that would do it harm.  The team also covered how groundwork laid years ago is paying dividends now during the war, as well as an update on the types of cyber threats we’re observing, including the deployment of the GoMet backdoor. You can watch the video version of this event on the Talos blog which is also where you can access relevant resources and articles.
Security Stories faces off, once again, against the Beers with Talos crew, to see if we can regain some dignity after our close defeat in the first game of "Would I lie to you?" This second round contains stories of betrayal, donkeys, embarrassing situations, and antics so dangerous, Hazel feels compelled to issue a "Don't try this at home kids" warning at the start.Speaking of Hazel, where is she, and why does she suddenly have a much deeper, more Americanized voice?This episode also contains a preview of what we've got going on at Black Hat. Be sure to stop by booth 1932 to see lightening talks, and chat with our crew of experts. More details can be found at hope to see you there!
Martin Lee, who leads Strategic Planning and Communications for Cisco Talos in EMEA, joins Hazel for a quick chat about the current status of hiring in cybersecurity. We discuss the industry needs are in terms of bringing more threat analysts in, what is getting in the way of hiring, and the potential solutions that we as an industry should consider.We also talk about the skills need to be nurtured within the security workforce, and how we can improve knowledge transfer.For more stories on the various paths people have taken to join the cybersecurity industry, take a look at our ebook: Diversity in cybersecurity: A mosaic of career opportunities 
Today’s episode, recorded live at RSA 2022, features a great conversation with Tomás Maldonado, NFL Chief Information Security Officer, and Brad Garnett, Director of Cisco Talos Incident Response. The dialogue is led by none other than the brilliant Tazin Khan.Taz talks to Tomás about his early life and career (“I didn’t want to be another statistic”) and how he approaches new opportunities. He talks about how he communicates his vision for a cybersecurity strategy, as well as how he ‘blends the tracks’ between a technical and managerial style of leadership. Tomás then goes into details about how he builds steering committees across the NFL so that people have a voting stake in technology and security decisions. Together with Brad, they discuss how Cisco and the NFL worked together to secure the most recent Super Bowl (“This sounds like a movie script”), and how they created a playbook based on learned threat intelligence, to proactively secure future major events.For more details about the work Cisco has been doing to help secure the NFL, visit this blog
All rise, all rise, for the inaugural episode of Infosec Court, brought to you live from RSA Conference. Judge Wendy Nather presides, and three infosec experts (Helen Patton, Dave Lewis and Dennis Fisher) all have a ‘hot take’ that they want to be more widely accepted in the infosec industry.Their task as plaintiffs is to try to persuade Judge Wendy and a jury of their peers that their hot take deserves to become infosec canon. Come for the chance to hear Wendy in her element. Stay for the outrageous objections ("What even is Non Zero Trust?) and the unexpected turn of events when Wendy introduces an Amicus Curiae, handed to her shortly before proceedings began...
For our 50th episode, we invited our friends from Cisco Talos to join us for an authentic, truthful conversation about mental health and burnout. Amy Henderson, Ashlee Benge, Matt Olney, and Mitch Neff, joined Hazel and Taz to share  some experiences. We start by talking about the work that Talos has been doing in Ukraine and the mental health effects of that work. That also includes that weird, disconnected feeling that can develop when we're doing as much as we can to help, but we also go home to a warm and comfortable bed, i.e not in a war zone. This takes us to conversations about other global events, and how hard it can be to prioritize self care when everything feels...a lot....We also share our own practices and techniques that have helped us manage our mental health, and how we can give ourselves permission to be kind to ourselves. Further resources:Creating safe spaces in cybersecurity ebookRyan K. Louie’s presentation at RSA: The mental health impact of cyberattacksBlack Hat community: A place to engage with Black Hat attendees on topics specific to the InfoSec community, including health and well-being.Cisco Gateway: A global online community where Cisco customers share their professional and personal challenges and stories.CALM (Campaign Against Living Miserably):Leading a movement against suicide.
Today's episode features a chat between Hazel and three security leaders - Accidental CISO (yes, the anonymity intrigues us too!), Liz Waddell, Incident Response Practice Lead for Cisco Talos, and Christos Syngelakis, CISO and Data Privacy Officer at Motor Oil Group. They talk about their experiences of building security resilience – so we got into the key elements of an Incident Response plan, how to achieve company wide buy in, the best ways to go about training your people and trying to avoid burnout, how to use threat intelligence and all the things that go into running a SOC, what to do in the case of a Zero Day attack, how to build a security design program...and so much more.For more stories on how to build security resilience, check out our new ebook here.This episode was originally recorded as a live Cisco Chat event. You can watch the original video here
Today we're going full steam into the metaverse and Web 3.0.  Joining us to discuss his research on this topic is Jaeson Schultz, Technical Leader for Cisco Talos Security Intelligence & Research Group. Taz and Hazel have a great conversation with Jason about the evolution of the metaverse, as well as the security implications, such as rising numbers of scams going after people’s cryptowallets, and the ethical concerns that are potentially popping up.For more on this topic, have a read of Jason's in depth research on the metaverse and Web 3.0  here.Jason has over 20 years specialising in thwarting abuse of security protocols like SMTP, HTTP/S, and DNS. He's a former manager of the SpamCop DNSBL which has been taking the fight to the spammers for over a decade.He's also assisted in design and development of the Cisco IronPort Anti-Spam content scanner and he’s also developed some of the architecture & content detection for Cisco’s Web Security Appliance, Cloud Web Security, and Next Generation Firewall products. Most recently as Technical Leader for Talos, he conducts security research, speaks at conferences, and authors blogs and whitepaper publications.
Today's guest is Shannon Lietz, VP of Vulnerability Labs at Adobe. Shannon joined Hazel to talk about how she first got into offensive security and the lessons she’s learned along the way, as well as the kind of work she and her team undertake at Adobe to test defenses. We also talk about measurement, and how security was never set up to be measured properly, which is something Shannon is trying to change. She also has some thoughts on risk management and tackling that in a different way. And at one of the most poignant parts of the interview, Shannon talks about the moment she decided to change her leadership style.If you're interested in the book Shannon mentioned, "Humanocracy" here's a link to the website www.humanocracy.comFinally, if you're free at 10am PT on April 26th, be sure to join Hazel plus special guests Accidental CISO, Liz Waddell and Christos Syngelakis, to discuss stories of how to build security resilience. Sign up to be reminded here - CiscoChat Live: Detect, Respond, Recover
Today we welcome two guests to the Security Stories pod. Firstly Martin Lee from Talos drops by to give us an update on wiper malware, and how it’s been playing a part in cyber attacks on Ukrainian organizations and infrastructure.We talk about the history of wiper malware, where it’s cropped up before, it’s role in the kill chain and possible threat actor motivations, as well as what organizations can be doing to prevent this type of attack.Secondly, we welcome Jerry Gamblin, Director of Security Research at Kenna Security to join us for an in depth chat about his career.  Jerry’s story is a really interesting one, from starting out on the IT helpdesk, to working on security networks at the Misouri House of Representatives, and onto his role at Kenna where he has built several tools to help people understand the different types of vulnerabilities and how to mitigate them.We discuss Jerry’s approach – how he inspires his team to think differently, and how personally he’s driven a sense of thinking outside of the job description. We also discuss how organizations can deal with the ever growing list of new vulnerabilities, and how you can prirotise them. Head here for Kenna's Prioritization to Prediction reportHead here for Jerry's vulnerability analysis and graphing CVE.ICU
A short bonus episode for your feeds today, as Hazel got the opportunity to sit down with Cisco Talos' Head of Outreach, Nick Biasini, and chat all things hybrid work. Nick recently published the research, "Time to secure hybrid work for 2022, not 2002" and in this episode, we explore some of the malicious activities from state-sponsored actors and criminal organizations, which have made being a defender an increasingly difficult task in recent months.
Join Hazel for a threat alert event for guidance on current cyberattacks and insight into internet activity in Ukraine. This event was originally broadcast live, featuring members of the Cisco Talos threat intelligence team, and Cisco ThousandEyes. Both teams are actively monitoring the digital landscape and openly sharing essential findings to contribute to the safety of our customers globally.Speakers:JJ Cummings, Principal, Threat Intelligence & Interdiction, Cisco TalosAmy Henderson - Leader, Strategic Planning and Communications, Cisco TalosAngelique Medina, Head of Internet Intelligence, Cisco ThousandEyes For the latest information on Talos' research into the current situation in Ukraine, check here for continual updates:
Download from Google Play
Download from App Store