120 Pioneering Threat Intelligence Before It Had a Name
Our guest today is Larci Robertson. She’s a senior manager in cyber threat intelligence at Epsilon, a marketing and advertising firm in Irving, Texas. Larci got started in threat intelligence right after college when she joined the U.S. Navy, back before the term “threat intelligence” had been coined. She eventually left the service and worked with a number of defense contractors, before moving to the private sector as a senior cyber threat analyst at PepsiCo, and ultimately to her current position with Epsilon. She shares her career journey, her strategies for protecting her organization and managing resources, and her insights from nearly two decades in the threat intelligence business.
16 Aug 2019
052 7 of the Top 10 Vulnerabilities Target Microsoft
Researchers at Recorded Future recently published a report titled, “The Top 10 Vulnerabilities Used by Cybercriminals.” The report reveals that seven out of the top 10 most exploited vulnerabilities in 2017 targeted Microsoft products. We’ve got pair of experts from Recorded Future to take us through their findings. Scott Donnelly, vice president of technical solutions, looks at the technical side of the research and what the findings represent in terms of trends. A little later in the podcast we’ll hear from Adrian Porcescu, EMEA professional services manager, for his take on the practical implications of the report’s findings, and how organizations can use this information for setting priorities and planning their defenses.
16 Apr 2018
075 Dr. Johannes Ullrich and the SANS Internet Storm Center
The SANS Institute is a well-known and respected cooperative research and education organization. Since its founding in 1989, it’s worked with over 165,000 security professionals around the world, providing training and certification. It also provides free access to a huge library of research documents about information security, and it runs the Internet Storm Center, which it describes as the internet’s early warning system. Our guest today is Dr. Johannes Ullrich, and he’s responsible for that early warning system. He’s a popular public speaker and host of the ISC StormCast daily podcast, a daily briefing of cybersecurity news that professionals around the world rely on to stay up to date.
24 Sep 2018
063 Protecting Critical Infrastructure
Our guest today is Joe Slowik. He works in adversary hunting and threat intelligence at Dragos, a company specializing in securing industrial control systems and critical infrastructure. He shares the story of his unconventional path to a career in security, including time in the U.S. Navy and at Los Alamos National Labs, where protecting scientists, engineers, and researchers presented its own unique set of challenges. He shares his informed opinions on threat intelligence, with tips on how, in his view, many organizations could benefit from adjusting their focus and their approach.
2 Jul 2018
Most Popular Podcasts
072 Russia's Vulnerability Database Focuses Inward
Researchers from Recorded Future’s Insikt Group have previously analyzed both the U.S. and Chinese national vulnerability databases, examining the speed of publication of cybersecurity vulnerabilities, and how each respective country considers its NVD in the broader context of the national mission of cyber defense and operations. Recorded Future’s research team recently set their investigative sights on Russia’s vulnerability database to see how it compares. Priscilla Moriuchi is director of strategic threat development at Recorded Future, and she joins us to share what they found.
4 Sep 2018
112 Making the Most of the NIST Cybersecurity Framework
The NIST Cybersecurity Framework has become a valuable tool for evaluating security across a variety of business sectors. Originally published in 2014 and targeting critical infrastructure, the framework continues to evolve to meet the changing needs of organizations in the U.S. and around the world. Its popularity stems from its thoroughness, applicability, and approachability. Our guests today are Ken Durbin, senior strategist for global government affairs and cybersecurity at Symantec, and Allan Liska, senior solutions architect at Recorded Future. They’re going to walk us through the NIST Cybersecurity Framework and help us understand how to make the most of it within our own organizations.
17 Jun 2019
067 Quantifying Cyber Risk
This week we’re joined by Alexander Schlager, executive director of security services at Verizon. He has experience in both the technical and sales sides of the communications and security worlds, having gained experience in a variety of positions around the globe. Our conversation focuses on his belief that organizations need to concentrate on quantifying their cyber risk, and using what they learn to evaluate and plan their security programs. He explains why Verizon invests in reports like the DBIR and the Verizon Risk Report, and of course, we’ll get his take on the importance of threat intelligence.
30 Jul 2018
062 Securing the C-Suite
In this episode of the Recorded Future podcast, we explore the unique challenges associated with securing your C-Suite executives. Not only are they attractive targets for scammers and fraudsters, when it comes to security, they’re often afforded a level of flexibility and deference not given to other employees. What’s the most effective approach for educating executives on the critical role of security, and how do you extend that behavior beyond the office walls? In a world where business email compromise and phishing run rampant and attacks happen at the hardware DNA level, translating security strategy to the common language of risk management can be an effective approach. Joining us once again to address these questions is Dr. Christopher Pierson, CEO at Binary Sun Cyber Risk Advisors.
25 Jun 2018
010 Becoming an Analyst Part 1: Insights From Former Government Analysts
In this episode of the Recorded Future podcast, we introduce you to two threat intelligence analysts, Lauren Zabierek and Alex Walker. They both have previous experience with threat analysis for the U.S. government – Lauren was formerly in the Air Force, and, inspired to serve after 9/11, took part in missions in Afghanistan. Alex came out of college and joined NSA, where he worked as an intelligence analyst. They share their insights on their day-to-day challenges as analysts at Recorded Future and how they help turn raw data into threat intelligence. This is the first in an occasional series of behind-the-scenes looks at Recorded Future. Over the next few months we’ll drop in from time to time on some of the Recorded Future team members, to find out what it is they do, how they do it, what made them choose their careers, along with some advice for anyone considering the field. They’ll share their stories, in their own words.
12 Jun 2017
077 Threat Intelligence by the Book
The Recorded Future team is proud to have recently published its first book, “The Threat Intelligence Handbook — A Practical Guide for Security Teams to Unlocking the Power of Intelligence.” The book aims to provide readers with the information they’ll need to integrate threat intelligence into their organizations, to ensure that it’s actionable, and to put it in the hands of people who can most effectively make use of it. Joining us once again is Recorded Future’s Chris Pace, who served as editor of the new book. He’ll take us through the process he and his colleagues went through to organize and write it, and why he believes the book is valuable for those both new to threat intelligence and the more experienced readers as well.
8 Oct 2018
022 Follow the Money: Threat Intelligence for Financial Institutions
When you’re responsible for safeguarding the money, not to mention the personal financial information of your clients, what are your specific needs when it comes to threat intelligence? Where do you begin, and how do you get the best bang for your buck? Is open source intelligence enough, or should you invest in a paid solution from the outset? What about regulators? And how do you get buy-in from the board? Here to answer these and many other questions is Dr. Christopher Pierson. He’s chief security officer and general counsel at Viewpost, an electronic invoice, payment, and cash management company. He also serves as a special government employee on the Department of Homeland Security Data Privacy and Integrity Advisory Committee and Cybersecurity Subcommittee, and is a distinguished fellow of the Ponemon Institute.
5 Sep 2017
003 It’s Cheap, It’s Easy, It’s Dangerous: Karmen Ransomware Hits the Criminal Black Market
Over the last two years, Ransomware has become the hottest commodity in the criminal black market. And we do mean commodity—it's getting cheaper and more accessible to crooks, even the unskilled ones. On March 4th of this year, a leading cybercriminal, who goes by the name “Dereck1,” mentioned that there was a new ransomware variant out called “Karmen.” But Dereck1 wasn't the one hawking this in the criminal market. Instead, it's a Russian speaker who goes by the name of “DevBitox.” The first infections seem to go back to December of 2016, with victims in Germany and the United States reporting infection. DevBitox is no cryptographic ace—by his own admission, he was involved only with web development and control panel design, the criminal customer's user experience. But Karmen is interesting not only because it's dangerous, but because it's cheap, and because it affords some insight into the way criminal markets function. Joining us to talk about Karmen is Andrei Barysevich, Director of Advanced Collection at Recorded Future.
24 Apr 2017
066 Securing Your Firmware
These days, most of us have a pretty good handle on protecting the software our computers run from viruses and other types of malware. We’re careful about downloading and installing software from unknown, insecure sources, and run antivirus applications to help keep everything safe. But what about the system-level code that runs deep within the devices we rely on every day? What about the firmware? Our guest today is Terry Dunlap. He’s CEO and co-founder of ReFirm Labs, a tech startup that’s focused on firmware — analyzing the code and helping manufacturers, organizations, and governments ensure their devices haven’t been compromised. He’s got a colorful history that includes teenage hacking, time at the NSA, and the founding of several companies.
23 Jul 2018
037 2017 Cybersecurity in Review and Predictions for the New Year
Whether you felt 2017 flew by or you just couldn’t wait for it to be over, from a cybersecurity point of view there’s no question it was an interesting year. There was something for everyone, including ransomware, botnets, major data breaches, IoT issues, as well as business and policy concerns. Our guest today is Dr. Chris Pierson. He’s the CEO and founder of Binary Sun Cyber Risk Advisors, and a familiar voice for those of us who follow cybersecurity. Dr. Pierson serves on the Department of Homeland Security’s Data Privacy and Integrity Advisory Committee and Cybersecurity Subcommittee and is a distinguished fellow of the Ponemon Institute. Together, we’ll take a look back at 2017 and try to make sense of what it all means as we head into the new year, what 2018 may have in store for the cybersecurity industry, and how best to prepare.
2 Jan 2018
004 Going Dark: Fact vs. Fiction on the Dark Web
Mention the dark web and many people summon imagery of a massive, mysterious online criminal underground, where all manner of products and information are bought, sold and traded, hidden away from the prying eyes of the public and law enforcement. But, is that really what it’s like, or is that just cyber security marketing hype? In this episode, we take a tour of the dark halls and back alleys of the dark web with the aim of separating fact from fiction. We’ll learn the truth about the people and products on the dark web, and find out the part it plays in threat intelligence today. Our tour guides are Andrei Barysevich, Director of Advanced Collection at Recorded Future, and Emily Wilson, Director of Analysis at Terbium Labs.
1 May 2017
039 Protecting Philips Healthcare From Cyber Threats
Philips is a company with a long, storied history, going back over 120 years, and many technological achievements to brag about. From light bulbs to radios, consumer devices like electric shavers, the compact cassette, and the co-invention of the compact disc along with Sony, they’ve been an innovative, influential company for generations. These days, Philips primarily focuses on healthcare, and they employ over 100,000 people in 60 countries. Praveen Sharma is one of those employees, and our guest today. She’s the director of the cyber research and development center at Philips Healthcare, where she leads a team responsible for developing in-house tools and concepts that help Philips rapidly detect and respond to existing and emerging threats. She is also responsible for looking at the cyber technologies that are on the horizon and the risks of these technologies to Philips.
15 Jan 2018
035 Predicting Future Threats With Machine Learning
In this episode, we take a closer look at some of the specifics of artificial intelligence and machine learning, and how cybersecurity professionals can benefit from including these tools in their threat intelligence arsenals. We’ll discuss clustering, natural language processing or NLP, and supervised learning, and we’ll find out why combining the talents of humans with the speed and analytical capabilities of computers, the so-called digital centaurs, could provide even more powerful solutions in the future. Joining us are two experts in machine learning. Christopher Sestito is manager of threat intelligence at Cylance, a company that’s all-in when it comes to AI technology, and Staffan Truvé, co-founder and chief technology officer at Recorded Future. 4 Ways Machine Learning Is Powering Smarter Threat Intelligence By Staffan Truvé https://go.recordedfuture.com/machine-learning
11 Dec 2017
011 Building a Threat Intelligence Company
In the first 10 episodes of the Recorded Future Podcast, we’ve taken some deep dives into many important threat intelligence topics. Of course, there are many more topics to cover in the weeks ahead, but we thought it might be helpful to share a little bit of Recorded Future’s backstory. In this episode, we’ll talk about how the company made its transition from the virtual garage to an international company with offices around the world. Along the way, we’ll touch on issues important to any growing cyber security startup, like establishing and nurturing a diverse corporate culture, attracting the right people, building teams, and doing it all while you are tackling the critical challenges facing the security world today. It’s our hope that this episode will not only provide some context as you hear from Recorded Future analysts and experts throughout the year, but for those looking to build their own companies or threat intelligence teams, we hope to provide some useful lessons. Joining us today are Recorded Future Chief Executive Officer and Co-Founder Christopher Ahlberg, and Andy Palmer, one of Recorded Future’s founding board members.
19 Jun 2017
029 Why Does the U.S. Lag Behind China in Vulnerability Reporting?
The U.S. National Vulnerability Database, or NVD, is, in part, a collection of security-related reports. Software vulnerabilities are assigned CVE numbers, which stands for common vulnerabilities and exposures, which help track the issues and provide a common reference for referring to a specific flaw. China has a database of their own, the Chinese National Vulnerability Database, or CNNVD. Our guest today is Dr. Bill Ladd, chief data scientist at Recorded Future. His team noticed that publicly known vulnerabilities were showing up more quickly in China’s database than in the U.S., quite often taking days instead of weeks. This not only has the potential to put U.S. defenders at a disadvantage, it could also give black hats the upper hand. In this episode we’ll learn why the NVD lags behind the CNNVD, why it matters, and what could be done to correct it.
30 Oct 2017
136 Threat Hunting, Mentoring, and Having a Presence
Our guest today is O’Shea Bowens. He’s CEO of Null Hat Security and a SOC manager for Toast, a Boston-area firm, where he focuses on threat hunting, incident response, SOC operations, and cloud computing. O’Shea shares his early beginnings as a teenage hacker learning the ropes, his career path, and why he believes it’s important to be a role model, a mentor, and to have a presence in the security community.
2 Dec 2019