Rank #1: 120 Pioneering Threat Intelligence Before It Had a Name
Our guest today is Larci Robertson. She’s a senior manager in cyber threat intelligence at Epsilon, a marketing and advertising firm in Irving, Texas. Larci got started in threat intelligence right after college when she joined the U.S. Navy, back before the term “threat intelligence” had been coined. She eventually left the service and worked with a number of defense contractors, before moving to the private sector as a senior cyber threat analyst at PepsiCo, and ultimately to her current position with Epsilon.
She shares her career journey, her strategies for protecting her organization and managing resources, and her insights from nearly two decades in the threat intelligence business.
Aug 16 2019
Rank #2: 112 Making the Most of the NIST Cybersecurity Framework
The NIST Cybersecurity Framework has become a valuable tool for evaluating security across a variety of business sectors. Originally published in 2014 and targeting critical infrastructure, the framework continues to evolve to meet the changing needs of organizations in the U.S. and around the world. Its popularity stems from its thoroughness, applicability, and approachability.
Our guests today are Ken Durbin, senior strategist for global government affairs and cybersecurity at Symantec, and Allan Liska, senior solutions architect at Recorded Future. They’re going to walk us through the NIST Cybersecurity Framework and help us understand how to make the most of it within our own organizations.
Jun 17 2019
Rank #3: 100 The grugq Illuminates Influence Operations
To celebrate one hundred episodes of our show, we’ve got a special guest this week. The grugq is well-known in hacker and information security circles around the world, and a respected voice at conferences and on social media. He’s a bit mysterious, preferring to keep his real name under wraps. The grugq joins us this week to discuss influence operations — their history, why they work, and how recent examples like the Russian meddling in the 2016 U.S. elections might be a sign of things to come.
Mar 25 2019
Rank #4: 052 7 of the Top 10 Vulnerabilities Target Microsoft
Researchers at Recorded Future recently published a report titled, “The Top 10 Vulnerabilities Used by Cybercriminals.” The report reveals that seven out of the top 10 most exploited vulnerabilities in 2017 targeted Microsoft products.
We’ve got pair of experts from Recorded Future to take us through their findings. Scott Donnelly, vice president of technical solutions, looks at the technical side of the research and what the findings represent in terms of trends. A little later in the podcast we’ll hear from Adrian Porcescu, EMEA professional services manager, for his take on the practical implications of the report’s findings, and how organizations can use this information for setting priorities and planning their defenses.
Apr 16 2018
Rank #5: 104 Information Security Is Not an IT Risk, It's a Business Risk
Our guest today is Brian Haugli. He’s a partner at Side Channel Security, a consulting firm in the Boston area. Prior to forming Side Channel Security, he was chief security officer for The Hanover Insurance Group. Earlier in his career, he held civilian leadership positions at the Pentagon, helping organizations in the Department of Defense implement cybersecurity best practices.
Today, he helps organizations of all sizes to evaluate their security using a risk-based approach, while taking advantage of his own expertise in threat intelligence implementations and strategic organizational initiatives.
Apr 22 2019
Rank #6: 099 Chinese Charm Attempts to Alter American Political Opinion
There’s an increasing awareness of foreign influence on American institutions through social media. U.S. intelligence agencies have asserted that Russians made a concerted effort to disrupt and influence the 2016 presidential election, and there’s widespread evidence that Russia continues to sow the seeds of discord with the aim of eroding Westerners’ trust and confidence in their political systems and social norms.
Recorded Future’s Insikt Group recently published findings from their research into Chinese efforts to sway public opinion via social media, and how their goals and tactics are markedly different from those of the Russians.
We welcome back Recorded Future’s Priscilla Moriuchi to the show. She shares Insikt Group’s findings and helps put it all into broader perspective.
Mar 18 2019
Rank #7: 131 Never Underestimate Threat Actors' Persistence
Our guest this week is Jöerg Schauff. He’s a principal consultant at Symantec, focusing on cyber and threat intelligence. He shares his insights on the challenges he sees his clients facing in Germany and how their experiences inform proper defenses internationally. We’ll discuss the differences between run-of-the-mill thieves and nation-state threat groups, as well as how organizations can best make use of threat intelligence and set themselves up for success.
Oct 28 2019
Rank #8: 053 The Importance of Adversarial Focus
Our guest today is Greg Reith. Greg began his career with U.S. Army Special Forces with a specialty in operations and intelligence. His experience includes counter intelligence, analysis, and collection at both tactical and strategic levels. At the end of his career in the military, he transitioned into Information Technology and was an information systems security officer. Most recently, Greg led the T-Mobile threat intelligence team as a senior security engineer and developed the T-Mobile threat intelligence strategy.
We’ll learn about his career, get his thoughts on leadership and assembling teams, and how he’s learned to integrate threat intelligence into his work. He’ll also describe a technique called “adversarial focus.” We’ll learn what that is and why it’s important to understand.
Apr 23 2018
Rank #9: 096 Ransomware Trends to Watch in 2019
2018 was an interesting year for ransomware — there were more documented ransomware campaigns than the year before, but there was also a feeling that the focus had shifted to other forms of cybercrime, like cryptojacking.
Our guest today is Allan Liska, senior solutions architect at Recorded Future. He’s the author of a recently published blog post, “4 Ransomware Trends to Watch in 2019.” We discuss the growth of the ransomware market, its impact (or lack thereof), the most effective avenues for ransomware infection, how one strain has found success by bucking the trends, and the increasingly fuzzy line between criminal groups and nation-state actors.
Feb 25 2019
Rank #10: 111 The Threat Intelligence Value Proposition
Joining us today is John TerBush, senior threat intelligence researcher at Recorded Future. John is an instructor with the SANS Institute, currently teaching a course on open source intelligence that he helped develop. Before joining Recorded Future, he was a senior cyber threat intelligence analyst and subject matter expert with consulting firm Booz Allen Hamilton’s Cyber4Sight, and before that he worked for Symantec as a security operations center analyst. Earlier in his career, he worked as a researcher and private investigator.
Our conversation explores the value proposition of threat intelligence, and how organizations can dial in how they use it to manage risk, keep their business leaders informed, and get the best bang for their cybersecurity buck.
Jun 10 2019
Rank #11: 110 Advocating OWASP, Securing Elections, and Standing Your Ground
Our guest today is Tanya Janca. She’s a senior cloud advocate at Microsoft, where she specializes in application security. She’s a popular speaker at security conferences around the world, evangelizing software security and advocating for developers. And she’s a leader in the Open Web Application Security Project (OWASP) community, as well as an advocate and mentor for underrepresented communities in the security industry.
She discusses her journey from software developer to security practitioner, how “security is everybody’s job” and why that makes strong communication between teams so important, and the need for diversity in the IT industry today.
Jun 03 2019
Rank #12: 109 Applying Threat Intelligence Throughout Your Organization
Threat Intelligence is a wide ranging term, and it can mean different things to different people as they consider the variety of ways to best integrate it into their organization’s cyber defense strategies. In today’s show, we’re exploring the possibilities for leveraging threat intelligence throughout your organization, from the SOC to the board room, from incident response to fraud protection, and much more.
Joining us to guide our journey is Recorded Future’s Mike Petronaci. Before joining Recorded Future, Mike spent time working in the U.S. Department of Defense, as well as with industry leading organizations like Akamai and Cybereason.
May 28 2019
Rank #13: 108 Investing in Technology, Innovative Leaders, and Yourself
Our guest today is Niloofar Razi Howe. She’s a respected technology executive, entrepreneur, board member and investor, having served as Chief Strategy officer for Endgame and, later, RSA Security. She’s a life member of the Council on Foreign relations, and a Recorded Future board member.
Our conversation touches a range of topics, from her start as an attorney and entrepreneur, her shift to venture capital, and her executive level assignments as chief strategy officer. We’ll get her take on where she thinks the VC money will be headed in cyber security, as well as her thoughts on why it’s important to make time for giving back.
May 20 2019
Rank #14: 103 Business Outcomes and the CISO's Success
Joining us today is Dana Pickett. He’s CISO for Edwards Performance Solutions, as well as a principal for the cybersecurity services they offer. With over three decades in the industry, Dana has witnessed the inception and evolution of cybersecurity, from mainframes to the IoT.
He shares his thoughts on what it takes to be a successful CISO, the importance of focusing on business outcomes, effective communication with the board, proactive versus reactive threat intelligence, the utility of frameworks, and the value of peer groups.
Apr 15 2019
Rank #15: 070 Chinese Espionage Activity Tracks Economic Development Efforts
Researchers from Recorded Future’s Insikt Group have been tracking new malware targeting the Tibetan community, continuing an ongoing effort by the Chinese state to use cyberespionage to keep tabs on perceived domestic threats. They’ve uncovered a sophisticated new backdoor with some peculiar characteristics, and also concluded that many of these activities are being originated from servers located at a major Chinese research university.
Winnona DeSombre and Sanil Chohan, threat intelligence researchers at Recorded Future, are co-authors of the report “Chinese Cyberespionage Originating from Tsinghua University Infrastructure,” along with their colleague Justin Grosfelt. Winnona and Sanil are our guests today, and they’ll take us through what they’ve learned.
Aug 20 2018
Rank #16: 061 How to Empower Teams With Threat Intelligence
In this episode of the Recorded Future podcast, we examine how threat intelligence applies to a variety of roles within an organization, and how security professionals can integrate it to empower their team to operate with greater speed and efficiency. How does threat intelligence apply to SOCs, to incident response, or vulnerability management? And how do corporate leaders make the case that threat intelligence is a worthwhile investment?
Joining us to address these questions is Chris Pace, technology advocate at Recorded Future.
Jun 18 2018
Rank #17: 113 Being Courageous, Curious, and Thoughtful in Cybersecurity
Our guest today is Tracy Maleeff. Before earning a position as a cyber analyst at a Fortune 500 company, she ran her own firm, providing information security and competitive intelligence research. Prior to that she worked as a Library Resources Manager for a major law firm.
Tracy shares the story of her unusual career journey from library science to cyber security, her advice for getting up to speed after a mid-career course change, as well as her thoughts on team building and the importance of diversity throughout an organization.
Jun 24 2019
Rank #18: 095 The Challenges of Authentication at Scale and Quantifying Risk
This week, we welcome back Levi Gundert, Recorded Future’s vice president of intelligence and risk. In a wide-ranging conversation, we discuss Insikt Group’s research into APT10, the challenges of authentication at scale, the importance of framing communication in terms of quantifying risk, and what it means to be an ethical hacker. Levi also shares the potential trends he’ll be following in the coming year.
Feb 18 2019
Rank #19: 063 Protecting Critical Infrastructure
Our guest today is Joe Slowik. He works in adversary hunting and threat intelligence at Dragos, a company specializing in securing industrial control systems and critical infrastructure. He shares the story of his unconventional path to a career in security, including time in the U.S. Navy and at Los Alamos National Labs, where protecting scientists, engineers, and researchers presented its own unique set of challenges. He shares his informed opinions on threat intelligence, with tips on how, in his view, many organizations could benefit from adjusting their focus and their approach.
Jul 02 2018
Rank #20: 060 Optimizing the Intelligence Cycle at Optum
Our guest today is Vince Peeler. He’s the manager of cyber intelligence services at Optum, one of the largest healthcare and services providers in the world. He shares his unlikely journey from a career as a naval aviator to cybersecurity, and how lessons he learned in the military help inform his approach to cyber threats today. We’ll also focus on the intelligence cycle, and the role it can play in organizing and focusing the efforts of cybersecurity teams. He offers tips on integrating threat intelligence, and making the most of automation to enable your analysts to maximize their effectiveness.
Jun 11 2018