Thursday, July 19, 2018

DtSR Episode 305 – Security for the Mid-market

Do you work at a company that's too big to be "small business" but too small to be "large enterprise"? You're probably in that place known as the "mid-market". Many of the large vendors don't pay attention to you,...

DtSR Episode 304 – Transforming Security

This week, James and I interview a former Optiv colleague and advisor to many Fortune 250 CISOs in his long career, our friend Ron Kurisczak. Ron's long and successful career has included time spent truly transforming the way security...

DtSR Episode 303 – Advising Security Leadership

Thanks to my friend Brian Wrozek for joining us this week on Down the Security Rabbithole Podcast. Brian's long career as a CISO has broken several 'typical' molds... so he's a fantastic person to join us to talk about...

DtSR Episode 302 – InfoSec Superhero Syndrome

This week, as DtSR rolls on to Episode 302, we talk with John Svazic who is a Cloud Security Architect for a day job and runs the Purple Squad Security Podcast in his spare time. His perspective on the idea...

DtSR Episode 301 – Julie Conroy on eFraud and Identity

This week on Episode 301, James is off and I take a one on one conversation with Julie Conroy from Aite group on the topic of global fraud. It's a fascinating conversation that winds through the fringes and often...

DtSR Episode 300 – Reminiscing

Thank you, listeners! Down the Security Rabbithole has reached milestone episode #300. In this episode, James and Rafal sit down with the nothing more than an open mic and talk through topics the podcast has previously covered, and others...

DtSR Episode 299 – Leadership Lessons w Chris Abramson

Special thanks to Chris for doing this in-person. It was a fun conversation and always a pleasure!   Highlights from this week's show include... Chris and I talk about measuring 'risk' We discuss 'brittle systems' which apparently are still...

DtSR Episode 298 – Overcoming the Language Barrier

Two more episodes until we hit #300...what a crazy ride it's been! Thanks for taking the journey with us, and we're looking forward to having you along for another 300 (maybe).   Highlights from this week's show include... Applications...

DtSR Episode 297 – A Model for Prioritizing Patching Efforts

Before you listen to this podcast ... go grab this report: https://www.kennasecurity.com/prioritization-to-prediction-report/ from Kenna Security and the Cyentia Institute. Read it. Think about it. Then listen to this show.   Highlights from this week's show include... A high-level walkthrough of the...

DtSR Episode 296 – Hype Machine Off the Rails

This week, former analyst and security industry veteran Adrian Sanabria joins James & Rafal to talk about some of the hype in our industry. From current events, to learning lessons, to the on-going master-class in bullsh*t we convince ourselves...

DtSR Episode 295 – DevSecOps is Not a Thing

This week, Mark Nunnikhoven joins us from the great white North. All the way from Ottawa, Canada - Mark talks with James and Raf about cloud computing, DevOps, and some silly things security folks are doing to undermine themselves...

DtSR Episode 294 – Securing Azure

* Special thanks to Microsoft for giving DtSR access to fantastic guests, and printing t-shirts & stickers for RSA Conference 2018. Please help us say thank you and check out all of the MS announcements at https://microsoft.com/rsa and if you really...

DtSR Episode 293 – Diana Kelley from RSA 2018

* Special thanks to Microsoft for giving DtSR access to fantastic guests, and printing t-shirts & stickers for RSA Conference 2018. Please help us say thank you and check out all of the MS announcements at https://microsoft.com/rsa and if you...

DtSR Episode 292 – Navigating Industry Conferences (RSA)

This week, James is back and he and Raf sit down for a discussion on navigating the big industry conferences, as RSA Conference kicks off in San Francisco. We add just the right bit of snark to your day,...

DtSR Episode 291 – A New Perspective On Endpoint (Nyotron)

. DtSR listeners already know we don't do advertisements or traditional sponsorship - so when we bring in a sponsored guest it's because we believe the topic is interesting and the guests have a genuinely interesting point of view....

Okta Acquires Access Control Startup ScaleFT

Enterprise identity management firm Okta this week announced that it has acquired ScaleFT, a company that offers a Zero Trust access control platform. read more

Suing South Carolina Because Its Election Machines Are Insecure

A group called Protect Democracy is suing South Carolina because its insecure voting machines are effectively denying people the right to vote. Note: I am an advisor to Protect Democracy on its work related to election cybersecurity, and submitted a...

Why the Best Defense Is a Good Offensive Security Strategy

When many people think about offensive security, they picture a mysterious figure wearing a hoodie, sitting behind a black-and-green terminal, diligently typing away as he probes enterprise networks. But the cybersecurity world has evolved well beyond this Hollywood hacker...

Google hit with $5.1b fine in EU’s Android antitrust case

This could mean the end of free Android. In the meantime, Google plans to appeal.

Privacy Advocates Say Kelsey Smith Act Gives Police Too Much Power

This bill making its way through Congress would allow law enforcement to more easily uncover location data for cell phones from mobile carriers in an emergency.