No Password Required

A new school in San Antonio called Nukudu offers a paid training program followed by a guaranteed job in cybersecurity. The program aims to address the shortage of cyber jobs and provides hands-on training to ensure candidates are prepared for the workforce. 

Our guest, Dr. Thomas Hyslop, an assistant professor at the University of South Florida, shares his experience in law enforcement and the importance of interagency collaboration in combating cybercrime. He also discusses the Master of Science in Cybercrime program at USF, which focuses on digital forensics and criminal investigation. The future of cybercrime is concerning as large criminal organizations are becoming more sophisticated and mimicking nation states in their capabilities. Investigating international cybercrime is challenging due to the need for cooperation between countries and the slow response times. Changes in international treaties and agreements are needed to expedite investigations. Dr. Highslip ran a museum of vintage technology and is looking for a place to house it permanently. He enjoys swimming in Mirror Lake, biking on Champs-Elysees, and running in DC for his ideal triathlon. His favorite junk food treat is Bit-O-Honey and he loves all kinds of pies. Guns N' Roses is his favorite hair metal band and his favorite song is Paradise City. He enjoys playing metal songs at social gatherings and believes that Appetite for Destruction is a timeless album. Dr. Highslip has what it takes to join the fantasy cybersecurity squad and is a force multiplier with his expertise in incident response and alternative theories for obtaining information from foreign governments.

takeaways

• Nukudu offers a paid training program followed by a guaranteed job in cybersecurity to address the shortage of cyber jobs.
• Interagency collaboration is crucial in combating cybercrime, and federal law enforcement plays a significant role in stopping cybercriminals.
• The Master of Science in Cybercrime program at the University of South Florida focuses on digital forensics and criminal investigation.
• Team building and collaboration are essential skills in cybersecurity and are emphasized in the education of future cybersecurity professionals. Large criminal organizations are becoming more sophisticated and mimicking nation states in their cyber capabilities.
• Investigating international cybercrime is challenging due to slow response times and the need for cooperation between countries.
• Changes in international treaties and agreements are needed to expedite investigations.
• Dr. Highslip ran a museum of vintage technology and is looking for a permanent location to house it.
• His ideal triathlon includes swimming in Mirror Lake, biking on Champs-Elysees, and running in DC.
• His favorite junk food treat is Bit-O-Honey and he loves all kinds of pies.
• Guns N' Roses is his favorite hair metal band and Paradise City is his favorite song.
• Dr. Highslip has what it takes to join the fantasy cybersecurity squad and is a force multiplier with his expertise in incident response and alternative theories for obtaining information from foreign governments.

titles

• The Role of Interagency Collaboration in Combating Cybercrime
• Emphasizing Team Building and Collaboration in Cybersecurity Education Indulging in Junk Food: Bit-O-Honey and Pies
• Challenges in Investigating International Cybercrime

Sound Bites

• "Nukudu offers a paid training program followed by a guaranteed job."
• "Dr. Thomas Hyslop led a DCIS undercover operation."
• "The Master of Science in Cybercrime program focuses on digital forensics and criminal investigation."
• "The future of cybercrime is concerning as large criminal organizations are becoming more sophisticated and mimicking nation states in their capabilities."
• "Investigating international cybercrime is challenging due to slow response times and the need for cooperation between countries."
• "Dr. Highslip ran a museum of vintage technology and is looking for a permanent location to house it."

Chapters

00:00 Nukudu: A New School Offering Paid Training and Guaranteed Job Placement in Cybersecurity

06:21 The Role of Interagency Collaboration in Combating Cybercrime

19:07 The Master of Science in Cybercrime Program at the University of South Florida

25:48 Emphasizing Team Building and Collaboration in Cybersecurity Education

26:42 The Future of Cybercrime

27:11 Investigating International Cybercrime

31:25 Preserving Vintage Technology

37:30 The Ideal Triathlon

43:03 Indulging in Junk Food

45:23 Rocking Out with Guns N' Roses

49:11 Dr. Highslip: A Valuable Addition to the Fantasy Cybersecurity Squad

Summary

Kenya's efforts to enhance its cybersecurity and technological progress through partnerships with the US and major tech companies. The focus is on responsible state behavior in cyberspace and addressing mobile app security. The role of public-private partnerships in promoting a robust digital economy and infrastructure. The conversation then transitions to an interview with Maretta Morovitz, a cybersecurity expert at MITRE, discussing her career path, the importance of mentorship, and the impact of ADHD on her work. The discussion also covers MITRE Engage, which focuses on cyber denial, deception, and adversary engagement, and highlights the use of simple yet effective techniques like decoy credentials. In this conversation, Maretta Morovitz discusses the importance of thinking creatively and outside the box when it comes to cybersecurity solutions, especially for organizations with limited budgets. She emphasizes the need for simplicity and proactive measures in cybersecurity. Maretta also highlights the value of interdisciplinary collaboration in the field, involving professionals from various backgrounds such as human behavioral scientists and graphic designers. She shares a successful collaboration between MITRE and HSBC in the field of deception operations. Maretta also talks about her passion for dance and her unique talent of reciting the alphabet backwards.

Keywords

Kenya, cybersecurity, technological progress, partnerships, responsible state behavior, mobile app security, public-private partnerships, digital economy, infrastructure, interview, Maretta Morovitz, career path, mentorship, ADHD, MITRE Engage, cyber denial, deception, adversary engagement, decoy credentials, cybersecurity, low budget solutions, simplicity, proactive measures, interdisciplinary collaboration, deception operations, dance, talent

Takeaways

• Kenya is forging partnerships with the US and major tech companies to enhance its cybersecurity and technological progress.
• The focus is on responsible state behavior in cyberspace and addressing mobile app security.
• Public-private partnerships play a crucial role in promoting a robust digital economy and infrastructure.
• Mentorship is important in career development, and having mentors who provide opportunities and support can be instrumental in success.
• ADHD can present challenges but also bring unique strengths to the workplace.
• MITRE Engage focuses on cyber denial, deception, and adversary engagement, using simple yet effective techniques like decoy credentials. Thinking creatively and outside the box is crucial in cybersecurity, especially for organizations with limited budgets.
• Simplicity and proactive measures are key in cybersecurity to effectively address threats.
• Interdisciplinary collaboration involving professionals from various backgrounds can bring new perspectives and solutions to the field.
• Deception operations can be a valuable tool in cybersecurity, and successful collaborations in this area have been seen between organizations like MITRE and HSBC.
• Passions and talents outside of cybersecurity, such as dance, can bring unique perspectives and skills to the field.

Sound Bites

• "Sometimes the real solution is something very low tech or just kind of outside the box, low budget."
• "Being proactive has to be simple."
• "We definitely need more of that interdisciplinary approach."

Chapters

00:00 Kenya's Cybersecurity Partnerships

03:24 Addressing Mobile App Security

07:13 Interview with Maretta Morovitz

11:35 Cyber Deception and Adversary Engagement

29:12 The Importance of Simplicity and Proactive Measures

30:07 Interdisciplinary Collaboration in Cybersecurity

31:06 Successful Collaboration in Deception Operations

34:44 Bringing Unique Perspectives and Skills to Cybersecurity

Follow Maretta Morovitz on LinkedIn: Maretta Morovitz

Follow MITRE on Twitter: @MITREcorp

Learn more about MITRE Engage: MITRE Engage

Summary 

The conversation discusses the extradition case of Julian Assange and the role of the US prison system in the decision. It also explores Tanya Janca's role at Semgrep and her passion for affordable cybersecurity education. Additionally, it touches on Tanya's experience in election security and the importance of transparency in the process. Tanya discusses her volunteer work with the Canadian government, where she helps educate students about cybersecurity. She talks about the importance of teaching young people about privacy, protecting digital devices, and understanding cyber threats. Tanya also mentions her involvement in the Cyber Titan competition and her efforts to promote cybersecurity as a career. She shares her experience writing the book 'Alice and Bob Learn Application Security' and her unique approach to making technical concepts accessible through stories and different learning styles. Tanya also talks about the importance of mentoring and how she has benefited from mentors throughout her career.

Keywords 

Julian Assange, extradition, US prison system, cybersecurity education, Semgrep, election security, transparency, volunteer work, Canadian government, cybersecurity education, privacy, digital devices, cyber threats, Cyber Titan, promoting cybersecurity, career, Alice and Bob Learn Application Security, technical concepts, stories, learning styles, mentoring

Takeaways

• The extradition case of Julian Assange highlights the differences in prison systems between the US and other Western democracies.
• Tanya Janca's role at Semgrep involves community management and education in the field of cybersecurity.
• Affordable cybersecurity education is crucial for organizations to effectively use security tools and integrate them into their programs.
• Election security requires centralization, knowledge sharing, and transparency to ensure public trust in the process. Volunteer work with the Canadian government focuses on educating students about cybersecurity, including topics like privacy and protecting digital devices.
• Promoting cybersecurity as a career is important, and initiatives like the Cyber Titan competition help engage high school students in learning about cybersecurity.
• Tanya's book 'Alice and Bob Learn Application Security' uses stories and different learning styles to make technical concepts accessible.
• Mentoring is valuable for personal and professional growth, and Tanya has both benefited from mentors and become a mentor herself.

Titles

• The Importance of Transparency in Election Security
• Cybersecurity as a Career: The Cyber Titan Competition
• The Value of Mentoring: Tanya's Experience as a Mentor and Mentee

Sound Bites

• "I am head of community and education, which is a role they made up just for me."
• "They decided, I think in 2017, we need to make a task force to make sure they know cyber."
• "Defenders need to understand attacks or they can't be good at defending, right? Like we're teaching them ethics as we teach them how to hack."
• "Alice and Bob are going to learn secure coding this time."

Chapters

00:00 The Extradition Case of Julian Assange

08:18 Affordable Cybersecurity Education at Semgrep

30:40 Tanya's Volunteer Work with the Canadian Government

31:35 Promoting Cybersecurity as a Career

34:02 Making Technical Concepts Accessible: 'Alice and Bob Learn Application Security'

39:45 The Value of Mentoring

Summary

In this episode of the No Password Required podcast, host Jack Clabby and co-host Kayley Melton interview Tamiko Fletcher, the CISO at Kennedy Space Center. Tamiko shares her journey from a small town in South Carolina to working at NASA and discusses her role as a CISO. She emphasizes the importance of mentorship, outreach, and diversity in the cybersecurity field. Tamiko also talks about the unique challenges of cybersecurity at NASA, such as patching during launches and balancing innovation with security. 

She emphasizes the need to know and learn about individuals' strengths, interests, and motivations in order to effectively place them on teams and utilize their skills. Tamiko also shares her experiences working at NASA and the changes she has witnessed over the years, including the evolution of IT and the increasing diversity at the Kennedy Space Center. She highlights the excitement and pride she feels when witnessing a launch and the impact of NASA's work on the world.

Keywords

NASA, cybersecurity, CISO, career trajectory, mentorship, outreach, diversity, patching, innovation, security, NASA, Kennedy Space Center, cybersecurity, teamwork, understanding people, IT evolution, diversity, launches, personal experiences, imposter syndrome, work-life balance, advocating for oneself, UFOs

Takeaways

• Tamiko Fletcher shares her journey from a small town in South Carolina to working at NASA as the CISO at Kennedy Space Center.
• She highlights the importance of mentorship, outreach, and diversity in the cybersecurity field.
• Tamiko discusses the unique challenges of cybersecurity at NASA, such as patching during launches and balancing innovation with security.
• She emphasizes the need for flexibility and adaptability in the ever-changing cybersecurity landscape. Understanding and valuing people is crucial in the workplace, as it allows for effective team placement and utilization of individual skills.
• The evolution of IT and the increasing diversity at NASA's Kennedy Space Center have been significant changes over the years.
• Witnessing a launch at NASA is an exciting and prideful experience, reminding employees of the impact of their work.
• Advocating for oneself and setting boundaries is important for maintaining work-life balance and overall well-being.

Sound Bites

• "I'm from a small town called Manning, South Carolina. If you look it up on the map, it's near Travel America. It's probably the best thing we got going for it, honestly."
• "Success stories like yours are common at NASA. And it's also based on one's definition of success, right? So everyone has their own definition of what success is for them."
• "I try to actually know and learn people... because I want to understand what makes them tick so I know where to place them on a team."
• "We are human first and then we are who our job is. And I want to be able to utilize that person, that whole person, what makes them happy, what makes them excited to come in every day."
• "I have a vast variety of folks on the team who help get cyber done."

Chapters

00:00 Introduction and Welcome to the Podcast

08:00 Education and Career Trajectory

25:48 Challenges and Innovations in Cybersecurity at NASA

34:4 8Building a Team and Emphasizing Diversity

41:30 The Diversity of the Cyber Team at NASA

54:25 Instilling Values in Teams to Change the Work Environment

Summary

Roman Sanikov, is the president of Constellation Cyber and specializes in cyber threat intelligence. In this episode, Roman discusses the importance of collaboration and transparency in the cybersecurity industry, particularly in combating ransomware attacks. He also emphasizes the need for a holistic approach to cybersecurity, involving education and empowerment for both employees and consumers. In this episode, Roman Reinhart shares his experiences as an undercover agent in the cybercrime world. He discusses maintaining a persona, dealing with forum behavior, and memorable arrests. He also emphasizes the importance of redemption and second chances. Roman also talks about his involvement with Helpster USA, an organization dedicated to providing life-saving treatment to young people in developing economies. He shares his hobbies of mushrooming and highlights the satisfying moments at work. Finally, he reflects on the cultural differences he experienced after moving overseas.

Takeaways

• Pig butchering schemes are a significant cause of financial losses globally, and it is important to approach the topic with compassion and nuance.
• Many scammers involved in these schemes are forced into this life against their will, either through human trafficking or being lured into it with false promises.
• Collaboration and transparency are crucial in the cybersecurity industry to effectively combat ransomware attacks and mitigate their secondary and tertiary impacts.
• A holistic approach to cybersecurity, involving education and empowerment for employees and consumers, is necessary to create a more secure environment. Maintaining a persona in the cybercrime world requires careful observation and adaptation.
• Memorable arrests can lead to redemption and second chances for individuals involved in cybercrime.
• Helpster USA provides life-saving treatment to young people in developing economies.
• Mushrooming is a rewarding hobby that allows for outdoor exploration and collection.
• Satisfying moments at work include helping clients have eureka moments and making positive changes.
• Cultural differences, such as politeness, can take time to understand and adapt to.

Chapters

00:00 Introduction to Pig Butchering Schemes (opening conversation)

02:18 Online Scams and Exploitation

03:41 Forced Labor and Human Trafficking

04:41 Approaching Scams with Compassion

05:39 Guest Introduction: Roman Sanikov

07:01 Roman's Role at Constellation Cyber

08:22 Promoting Transparency in Ransomware Incidents

10:17 Mitigating Secondary and Tertiary Impacts of Ransomware Attacks

11:14 The Ripple Effect of Ransomware Attacks

13:10 The Importance of Collaboration in Cybersecurity

14:58 Roman's Career Path and Background

19:34 Educating and Empowering Employees and Consumers

21:28 Avoiding Victim-Blaming in Cybersecurity

24:16 The Need for Collaboration and Transparency in the Industry

25:10 Balancing Non-Traditional Pursuits with College

26:37 Undercover Work and Building Relationships

33:07 Maintaining a Persona

36:25 Dealing with Forum Behavior

38:18 Memorable Arrests

41:25 Redemption and Second Chances

45:13 Helpster USA

48:16 Eccentricities of NHL Players

50:56 Life's Unexpected Moments

56:19 The Joy of Mushrooming

58:43 Satisfying Moments at Work

01:01:04 Learning Politeness in America

Summary

In this episode, Jo Anna joins Carlton Fields P.A. Jack Clabby and KnowBe4’s VP of Remote Publishing Teams Kayley Melton to tell the story of how her career has changed since starting at Rice University 17 years ago. From her early days as a receptionist at a hair salon to her current role as a security analyst, Jo Anna shares her journey in the cyber world and her fascination with artificial intelligence, stemming from her compliance-related responsibilities. Emphasizing a realism-based view on AI, she passionately advocates for a comprehensive understanding of AI, emphasizing that it’s neither inherently good nor bad.

Takeaways

• Stolen recordings from popular artists can sell for high prices on the black market.
• Cyber criminals are involved in various illegal activities, including stealing cryptocurrency and trading stolen, unreleased rap recordings.
• Law enforcement plays a crucial role in investigating and apprehending cyber criminals, and these crimes can have real-life consequences.
• The intersection of cybersecurity and AI presents challenges in assessing the risks associated with AI technologies.
• Community outreach and education are important in promoting cybersecurity awareness and encouraging more people to pursue careers in the field.

Chapters

00:00 Stolen Recordings and Cyber Criminals

01:29 Arrest of a Florida Man and Stolen Rap Recordings

02:27 The Allegations and Nicknames

03:26 The Connection Between Cyber Crime and Rap Music

04:23 Real-Life Consequences of Cybersecurity Crimes

05:52 The Role of Law Enforcement in Cybersecurity Crimes

06:50 Introduction of Guest Joanna Parker-Martin

07:18 Joanna's Role at Rice University

08:15 Protecting Data at Rice University

09:08 Joanna's Journey into Cybersecurity

10:04 Overcoming Challenges and Changing Career Paths

18:14 Joanna's Interest in Artificial Intelligence

19:22 The Intersection of Cybersecurity and AI

20:46 The Challenges of Assessing AI Risk

21:13 The Inevitability of AI

22:37 The Risks of Facial Recognition Technology

27:26 Joanna's Involvement with WiCys

29:48 Community Outreach and Cybersecurity Education

30:10 Misconceptions About Cybersecurity Professionals

32:32 The Lifestyle Polygraph

43:35 Joanna's Preference for Sponge Cake in Strawberry Shortcake

SummaryThe conversation discusses the arrest of Ola Segun Simpson Adagorin, a Nigerian national facing US federal charges for a business email compromise scheme. The collaboration between the FBI and Ghana is highlighted, along with the role of the legal attache job in solving crimes with international impact. The scheme and indictment details are explored, emphasizing the sophistication of the attack. Dr. Diana Burley, Vice Provost for Research and Innovation at American University, shares insights on cybersecurity education and workforce readiness. The importance of understanding human behavior in cybersecurity is discussed, along with strategies for engaging in conversations and addressing the search for cyber unicorns. In this episode, the importance of password security and the various methods to enhance it are discussed. The conversation covers common password mistakes, the use of password managers, multi-factor authentication, biometric authentication, and the future of password security.

Takeaways

• Collaboration between law enforcement agencies is crucial in solving cybercrime cases with international implications.
• Understanding human behavior is essential in addressing cybersecurity challenges and shaping effective policies.
• Digital literacy and foundational cybersecurity skills should be integrated into education across disciplines.
• Creating a culture of cybersecurity requires a balance between rules and creativity, and a focus on psychological safety.
• Engaging in conversations with strangers can be facilitated by finding common interests and making personal connections. Create strong and unique passwords for each online account.
• Avoid common password mistakes such as using personal information or easily guessable patterns.
• Consider using a password manager to securely store and generate passwords.
• Enable multi-factor authentication whenever possible for an added layer of security.
• Biometric authentication, such as fingerprint or facial recognition, can provide convenient and secure access to devices and accounts.
• Passwordless authentication methods, such as biometrics or hardware tokens, may become more prevalent in the future.
• Stay informed about emerging technologies and best practices in password security.

Chapters

00:00 Introduction and Arrest of Ola Segun Simpson Adagorin

01:24 Collaboration between FBI and Ghana

03:15 Scheme and Indictment Details

04:44 Legal Attache Job and Collaboration

06:10 Deterrence and Sealed Indictments

07:36 Introduction of Dr. Diana Burley

08:31 Dr. Burley's Background and Role at American University

09:23 Interest in Cybersecurity and Technology

10:21 American University's Role in Educating Policymakers

12:15 Engaging with Leaders and Shaping Policy

13:36 Engaging with Students and Future Leaders

14:28 American University's Focus on Policy and Research

15:27 Misconceptions about the Cybersecurity Workforce

16:23 Digital Literacy and Foundational Cybersecurity Skills

18:45 Retaining Skilled Members in the Academic Environment

19:43 Benefits of Engaging as a University Faculty Member

20:37 Understanding Human Behavior in Cybersecurity

22:05 Insights from Research on Human Behavior

23:25 Understanding Employee Behavior in Cybersecurity

24:47 Creating a Culture of Cybersecurity

27:08 Strategies for Initiating Conversations with Strangers

31:50 The Cyber Unicorn Project

35:08 Addressing the Search for Cyber Unicorns

41:45 Lifestyle Polygraph

50:57 Understanding Irrational Behavior and Self-Awareness

53:37 Engaging in Conversations with Strangers

02:30 The Importance of Password Security

10:15 Common Password Mistakes

18:45 Password Managers

27:10 Multi-Factor Authentication

35:40 Biometric Authentication

44:20 Passwordless Authentication

52:30 Future of Password Security

58:21 Conclusion

Summary

In this episode, Jack Clabby and Kayley Melton discuss the upcoming Sunshine Cyber Conference and their collaboration with Winn Schwartau. They also talk about the importance of diverse cybersecurity talent and their plans for a joint session at the conference. The hosts then interview Lisa Plaggemier, the executive director at the National Cybersecurity Alliance, who shares her career journey and the role of creativity and curiosity in cybersecurity. They also discuss the impact of COVID-19 on the cybersecurity industry and the importance of humor and satire in cybersecurity training. The episode concludes with a lifestyle polygraph segment. In this episode, the conversation covers various topics related to comedy, storytelling, and implementing change in organizations. The power of the internet is discussed, highlighting the potential consequences of online content. The guest shares her favorite comedy movies, emphasizing the comedic element in her expertise. The use of humor in training and awareness programs is explored, along with the challenges of implementing change in organizations. Dealing with roadblocks in security and the passion for security awareness are also discussed. The episode concludes with information on how to get in touch with the guest and a recap of what was learned.

Takeaways

• The Sunshine Cyber Conference features keynote speakers from the No Password Required podcast, including Winn Schwartau.
• The hosts will be doing their first on-site remote recording at the Sunshine Cyber Conference, featuring keynote speaker Tamiko Fletcher.
• The National Cybersecurity Alliance focuses on training and awareness, using creativity and humor to engage and educate people.
• Comedy movies, such as Monty Python and the Holy Grail, can be a source of expertise and inspiration.
• Humor can be effectively used in training and awareness programs to engage and educate participants.
• Implementing change in organizations can be challenging, but finding allies and overcoming roadblocks is essential.

Chapters

00:00 Introduction

01:28 Fishing for Potential, the RTFM Guide to Diverse Cybersecurity Talent

02:25 Live On-Site Remote Recording and Keynote Speakers

03:51 Sunshine Cyber Conference and Registration

04:46 Interview with Lisa Plaggemier

05:15 Background and Role at the National Cybersecurity Alliance

05:53 Transition to Security and Marketing Collaboration

06:22 Incident Response and Training and Awareness

07:20 Leadership and Skills in Cybersecurity

08:18 Kubikle Series and Creativity in Security

09:17 Curiosity and Creativity in Cybersecurity

10:48 Naming and Shaming in Pen Tests and Phishing Testing

11:41 DDoS Attack and Incident Response

12:38 Neurodiversity and Cybersecurity

13:21 Leading a Team During COVID-19

14:21 Creating Engaging Training Content

15:19 Global Data and Data Privacy Laws

16:18 Humor and Satire in Cybersecurity Training

18:47 Kubikle Series and Satire in Cybersecurity

20:41 Creating Kubikle Series and Future Plans

23:03Trust in Password Managers

24:22 The Importance of Curiosity in Cybersecurity

25:52 The Oh Behave Report and Behavioral Science

26:50 Communicating Security Information Effectively

28:44 Naming and Shaming in Phishing Testing

29:39 Accepting Risk and Escalation Plans

30:38 The Role of Security Teams and HR

32:35 Building Trust in Password Managers

33:32 Global Data and Cybersecurity Awareness

36:51 The Importance of Curiosity in Cybersecurity Hiring

40:03 The Underground Student-Led Newspaper

41:12 The Significance of Curiosity and Creativity in Career

50:44 The Power of the Internet

51:14 Favorite Comedy Movies

52:12 Using Humor in Training and Awareness

53:38 Implementing Change in Organizations

54:55 Dealing with Roadblocks in Security

55:45 Passion for Security Awareness

56:06 How to Get in Touch

56:37 What Was Learned

57:11 Closing Remarks