OwlTail

Cover image of Cheryl Biswas

Cheryl Biswas Podcasts

Read more

6 of The Best Podcast Episodes for Cheryl Biswas. A collection of podcasts episodes with or about Cheryl Biswas, often where they are interviewed.

Read more

6 of The Best Podcast Episodes for Cheryl Biswas. A collection of podcasts episodes with or about Cheryl Biswas, often where they are interviewed.

Updated daily with the latest episodes

Episode artwork

Cheryl Biswas

Play
Read more

Cheryl Biswas loves being a Threat Intel Analyst with TD Bank in Canada and assessing threat actors, vulnerabilities, and exploits. She is a Political Science graduate, ITIL certified, and took the long way to InfoSec. She actively shares her passion for security online as a speaker, volunteers at conferences, and champions diversity as a founding member of The Diana Initiative.

Twitter: @3ncr1pt3d
Websites: whitehatcheryl.wordpress.com and www.linkedin.com/in/cherylbiswas

CHAPTERS (use the chapter feature on your podcast player!)
00:00:00 Intro
00:01:02 Cheryl's Origin Story
00:03:20 Twitter and the Kardashians of InfoSec
00:04:20 Welcoming newbies, how awesome is @sn0ww
00:05:20 Seriously... everyone loves @sn0ww
00:07:45 Alice in Security Wonderland. https://www.linkedin.com/pulse/my-first-con-alice-security-wonderland-cheryl-biswas/)
00:10:45 Diana Initiative Mission https://www.dianainitiative.org
00:11:50 Cheryl's First talks, shoutout to @mainframed767
00:18:05 DEFCON and Diana
00:25:40Advice to a younger Cheryl
00:27:00 Cheryl's COVID 19 observations
00:32:30 Cheryl's favorite books: Countdown to Zero Day by @KimZetter
00:34:55 Andy Greenburg's book "Sandworm”
00:37:20"The Shadow War" by Jim Sciutto
00:38:55 "Women in Tech" by Tarah Wheeler
00:39:42 Life Hacks
00:43:10 Toxic Behavior and Twitter
00:47:50 Closing thoughts

Jun 23 2020 · 49mins
Episode artwork

Cheryl Biswas: Diversifying Cybersecuity

Play
Read more

Cheryl Biswas: Diversifying Cybersecuity  

You better watch out

Oh, what you wish for It better be worth it So much to die for Hey, so glad you could make it Yeah, now you've really made it Hey, there's only us left now

 --Hole – 1997, Celebrity Skin

What if I told that… compared to men, higher percentages of women cybersecurity professionals are reaching some of the most sought after positions in security. Among the security workforce, the population of women in key spots is surging…

Chief Technology Officer

  • 7% of women vs 2% of men

Vice President of IT

  • 9% vs 5%

IT Director

  • 18% vs 14%

C-level / Executive

  • 28% vs 19%

Women in cybersecurity are generally more educated and younger than their male colleagues. 44% of men in cybersecurity hold a post-graduate degree compared to 52% of women. Also, nearly half of women cybersecurity professionals surveyed are millennials – 45% compared to 33% of men. By contrast, Generation X men make up a bigger percentage of the workforce (44%) than women (25%)

Now… what if I told you that the gender pay gap hasn't moved at all. Women still make less than men. according to the 2018 (ISC)2report, women make $5,000 less than men in security management positions.

It is this environment that spurred a group of women to create The Diana Initiative.

In this week’s episode of InSecurity, Matt Stephenson chats with Cheryl Biswas on why the time was right to co-create The Diana Initiative. Now, 4 years later, Diana has a new home and is key part of that stretch of August where the cybersecurity world convenes in Las Vegas to figure out how to save the world. Their mission is to encourage diversity and support women who want to pursue careers in information security, promote diverse and supportive workplaces, and help change workplace cultures.

About The Diana Initiative

It was the summer of 2015. Hackers from around the world had gathered in Las Vegas, NV for DEF CON 23. In the cafeteria tucked away in the basement of Bally’s and Paris, 9 women found themselves chatting and laughing about their experiences in the field of Information Security. They were all passionate about their challenging roles in the male-dominated field and began exchanging strategies for success in their challenging environments. It was then and there that they accepted their new mission: to create a conference for all those who identify as women/non binaries, and to help them meet the challenges that come with being a woman in Information Security with resilience, strength and determination.

The first event in 2016 began with a morning speaking track and an afternoon of lockpicking and badge soldering in a small suite at Bally’s, bringing attendees together in a collaborative, comfortable setting. Interest and attendance showed that demand for a woman-focused InfoSec conference existed.

In 2017, The Diana Initiative was formed and the conference expanded to cover almost 2 days – with speakers on the evening of the first day, as well as the entire second day. There was also a hands-on opportunity for learning about lockpicking, a Career village, and fun contests.

During the summer of 2018, The Diana Initiative conference soared in popularity. But with this incredible growth and popularity, the space still couldn’t meet the demand, as attendees were continuously turned away due to over capacity of all the suites.

For more information, make sure to follow them at @DianaInitiativeand keep up with them on LinkedIN and Facebook.

About Cheryl Biswas

Cheryl Biswas’s (@3ncr1pt3d) fascination with computers started with those blinking machines on the original Star Trek, and the realization that, if she could learn to work those things, then she could boldly go  – anywhere!  But Cheryl didn’t learn math like everyone else and found herself struggling. She mistakenly believed a few key people who convinced her that she couldn’t learn computers, so she didn’t take programming or comp sci. They were wrong, though. Curiosity and passion led Cheryl to technology through the back door and she taught herself computers.

Currently, Cheryl is a Threat Intel analyst on a cybersecurity team, researching, analysing, and communicating her discoveries to the team and to clients to keep them safe. GRC, privacy, APTs, best practices, evolving threats – the learning never stops. Cheryl is an active writer and speaker about threats to less-known but critical systems like ICS SCADA and Mainframes, Shadow IT and Big Data. 

You may have seen her present at some of the most important security conferences including BSides Las Vegas and Toronto, DEFCON, ShmooCon and SecTor.

About Matt Stephenson

Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV

Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come

Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.

Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, iTunes/Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!

Make sure you Subscribe, Rate and Review!

Jul 08 2019 · 1hr 3mins

Similar People

Katie Moussouris

Tracy Maleeff

Tanya Janca

Kim Crawley

Dave Kennedy

Chris Hadnagy

Paul Coggin

Georgia Weidman

Jessy Irwin

Gary McGraw

Phillip Wylie

Lesley Carhart

Jack Daniel

Adam Shostack

Jim Manico

Episode artwork

2018-036-Derbycon 2018 Audio with Cheryl Biswas and Tomasz Tula

Play
Read more

Derbycon is probably one of the best infosec conferences of the calendar year. The podcast always has so much fun meeting listeners, meeting new people, and getting some audio to share with folks who can't be there.

This year, we still got some audio, and it's great. We talked with Cheryl Biswas (@3ncr1pt3d) with her talks at #Derbycon and her work with the #dianaInitiative Check out her talks at the links on @irongeek's website...

Cheryl's Track talk: http://www.irongeek.com/i.php?page=videos/derbycon8/track-1-05-draw-a-bigger-circle-infosec-evolves-cheryl-biswas

Cheryl's Stable talk: http://www.irongeek.com/i.php?page=videos/derbycon8/stable-29-patching-show-me-where-it-hurts-cheryl-biswas

I saw Tomasz near the @log-md booth, it was his first Derbycon, and I was interested in hearing what he had to say about hypervisor introspection...

Tomasz Tuzel: http://www.irongeek.com/i.php?page=videos/derbycon8/track-4-18-who-watches-the-watcher-detecting-hypervisor-introspection-from-unprivileged-guests-tomasz-tuzel

Make plans for next year! Follow @derbycon on Twitter!

Check out our Store on Teepub! https://brakesec.com/store

Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com

#Brakesec Store!:https://www.teepublic.com/user/bdspodcast

#Spotify: https://brakesec.com/spotifyBDS

#RSS: https://brakesec.com/BrakesecRSS

#Youtube Channel:  http://www.youtube.com/c/BDSPodcast

#iTunes Store Link: https://brakesec.com/BDSiTunes

#Google Play Store: https://brakesec.com/BDS-GooglePlay

Our main site:  https://brakesec.com/bdswebsite

#iHeartRadio App:  https://brakesec.com/iHeartBrakesec

#SoundCloud: https://brakesec.com/SoundcloudBrakesec

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon

https://brakesec.com/BDSPatreon

#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM : https://brakesec.com/BDS-PlayerFM

#Stitcher Network: https://brakesec.com/BrakeSecStitcher

#TuneIn Radio App: https://brakesec.com/TuneInBrakesec

Oct 15 2018 · 39mins
Episode artwork

Security of Mainframes (with Cheryl Biswas & Tracy Maleeff)

Play
Read more

Security of Mainframes (with Cheryl Biswas & Tracy Maleeff)

Advanced Persistent Security Podcast

Episode 41

Guests: Cheryl Biswas and Tracy “Infosec Sherpa” Maleeff

April 5, 2018

If you enjoy this podcast, be sure to give us a 5 Star Review and “Love Us” on iTunes; Like us on Google Play, Stitcher, Sound Cloud, Spreaker, and YouTube.

NOTE: The opinions expressed in this podcast are ours alone and do not reflect those of our employers

Security of Mainframes (with Cheryl Biswas & Tracy Maleeff)

Show Notes

Segment 1

In this episode, Tracy and Joe interview Cheryl Biswas. We introduce Cheryl and she shares what she is seeing in industry from the mainframes and Industrial Control Systems (ICS) perspectives. Cheryl discusses her habits of reading all night and the passion that we all share for security. We share our origin stories. Joe showcases his authentic southern accent. Joe talks about the Navy’s mentorship mentality and how he applies it to security mentoring (what eventually will have gone onto become Through The Hacking Glass).

For “current events,” we discuss Vault 7. Joe details his “Workplace Crossfit” and “Workplace Yoga” programs in jest. Cheryl shares her insight as a Canadian regarding how the US Intelligence Community operates.

Segment 2

Cheryl begins to discuss the financial sector and how ransomware impacts it. Cheryl shouts out to Soldier of Fortran (@mainframed767) and Big Endian Smalls (@bigendiansmalls). Cheryl talks about the ability to access mainframes from the internet and the relation to another Stuxnet.

Examples as to how Nation States could exploit and disrupt operations using mainframes are explained. For the sake of entry level listeners, Cheryl explains the difference between servers and a mainframes. We get an education about the operating systems of mainframes – Z/OS and how it relates to commercial software like UNIX and Java. To learn about mainframes, Cheryl recommends we check out her blog, Cyber Watch/White Hat Cheryl, Big Endian Smalls’ Mainframe Security, and Soldier of Fortran’s Mainframe Hacking.

Cheryl talks about ransomware and how it is impacting banks. She talks about fileless ransomware and (the lack of) awareness programs. Joe gets on the user training soapbox regarding the lack of commitment. We agree that it will get worse before it gets better. Joe and Cheryl talk about virtualizing mainframes using Hercules. Joe attempts to sing a Cher cover regarding mainframes, TERRIBLY.

ABOUT Cheryl

Cheryl Biswas

Cheryl Biswas, aka @3ncr1pt3d, has landed her dream job as a Strategic Threat Intel Analyst with TD in Toronto, Canada. Prior to that she was a Cyber Security Consultant with KPMG and worked on GRC, privacy, breaches, and DRP. Her areas of interest include APTs, mainframes, ransomware, ICS SCADA, and building threat intel. She blames this on her ITIL certification and degree in Political Science.She actively shares her passion for security in blogs, online, via podcasts, and speaking at conferences.

Contacting Cheryl:

Twitter: @3ncr1pt3d
Blog: Cyber Watch/White Hat Cheryl

About Tracy:

Tracy Maleef

Tracy Z. Maleeff is a Cyber Analyst in the Security Operations Center for global pharmaceutical company GSK. She holds a Master of Library and Information Science degree from the University of Pittsburgh. She has 15+ years’ experience as a law firm librarian and also worked as an independent consultant who specialized in social media, research, and Information Security awareness training. Tracy received the Wolters Kluwer Law & Business Innovations in Law Librarianship Award in 2016 and the Information Systems Security Association Women in Security Leadership Award in 2017. Tracy has presented at a variety of conferences including the Special Libraries Association, Security BSides, O’Reilly Security, and DEF CON’s Recon Village.

Contacting Tracy:

Twitter: @infosecsherpa
Newsletter
Website: Sherpa Intel

Thanks for stopping by and checking out our podcast. We would appreciate if you could subscribe (assuming you like what you hear; we think you will). This is meant to be informative and to provide value to anyone who listens – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.

Enter your email address:
Delivered by FeedBurner

SUBSCRIBE TO OUR MAILING LIST

* indicates required Email Address *

First Name
Last Name

The post Security of Mainframes (with Cheryl Biswas & Tracy Maleeff) first appeared on Advanced Persistent Security.

Apr 05 2018 · 1hr

Most Popular

Elon Musk

Barack Obama

Bill Gates

LeBron James

Mark Cuban

Michelle Obama

Melinda Gates

Arnold Schwarzenegger

Kevin Hart

Terry Crews

Mike Tyson

Episode artwork

Show 133: Cheryl Biswas Discusses the Politicization of Cyber Security

Play
Read more
Listen as Gary and Cheryl discuss aligning security to work as a service for the business rather than an imposition for employees, trending cyber security political topics, work-life balance, and more.
Apr 27 2017 · 29mins
Episode artwork

2016-028: Cheryl Biswas discusses TiaraCon, Women in Infosec, and SCADA headaches

Play
Read more

Long time listeners will remember Ms. Cheryl #Biswas as one of the triumvirate we had on to discuss #mainframes and mainframe #security. (http://traffic.libsyn.com/brakeingsecurity/2016-008-mainframe_secruity.mp3)

I was interested in the goings on at BlackHat/DefCon/BsidesLV, and heard about #TiaraCon (@tiarac0n on Twitter). I went to find someone involved to understand what it was all about, and Ms. Cheryl reached out. She's an #organizer and was more than happy to sit down with me to understand why it was started. This is its inaugural year, and they already have some excellent schwag and sponsors. This is not just an event for ladies, but a way of #empowering #women, creating #mentorship opportunities, and assistance for people moving into the #infosec industry.

Also, since Ms. Cheryl's loves discussing #ICS and #SCADA problems and headaches, we got into the headaches, #challenges, and maybe some 'logical' solutions to fixing SCADA vulns... but does the logical approach work in a business sense?

TiaraCon official site:  http://tiaracon.org/

TiaraCon Dates: Thursday Aug 4 - Friday Aug 5

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-028-Cheryl_Biswas_Tiaracon_ICSSCADA_headaches.mp3

iTunes: https://itunes.apple.com/us/podcast/2016-028-cheryl-biswas-discusses/id799131292?i=1000372642921&mt=2

Youtube: https://www.youtube.com/watch?v=vsolDjsz5M4

SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FMhttps://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

Jul 17 2016 · 1hr