Security Unfiltered

Send us a text

Ever wondered how a psychology degree can lead to a cybersecurity career? Join us as Richard Cassidy reveals his remarkable journey from a teenage computer enthusiast to a leading expert in IT and cybersecurity. Richard shares intimate stories from his early days, including how he transitioned from psychology to an apprenticeship at a major American bank in London, where he started with simple tasks like replacing toner cartridges before quickly advancing into more complex roles in networking and firewall management. His career evolution over 26 years, culminating in a significant presence in the vendor space, underscores the importance of hands-on experience and continuous learning in this dynamic field.

In this episode, we'll uncover the vital aspects of data security and disaster recovery that every organization should prioritize. Richard delves into the limitations of traditional security methods and emphasizes the necessity for modern solutions like zero trust, immutability, and data observability, particularly those offered by Rubrik. Through compelling anecdotes, he highlights the dire consequences of relying on outdated systems, such as an obsolete tape backup setup, and advocates for cloud-based disaster recovery plans that ensure business continuity and quick recovery from ransomware attacks. This discussion serves as a crucial reminder that comprehensive data security strategies are non-negotiable in today's threat landscape.

Lastly, we tackle the unique cybersecurity challenges faced by healthcare organizations, especially under financial constraints. Richard discusses the complexities of integrating multiple technologies and the critical need for robust recovery processes, including manual fallback plans that are rigorously tested. Drawing insights from the Rubrik Zero Labs report, he highlights the often-overlooked pitfalls and encourages connecting with like-minded professionals to share knowledge and best practices. Tune in to gain valuable perspectives on navigating cybersecurity in the healthcare sector and beyond, ensuring resilience against ever-evolving threats while focusing on customer needs.

Support the show

Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today

Send us a text

What if you could pivot from a career in intelligence analysis to becoming a cybersecurity expert, all by leveraging self-taught skills and open-source intelligence? Join us as Scott Small reveals his inspiring journey, transitioning from dealing with physical security threats to mastering cybersecurity. He shares the invaluable role of supportive hiring managers and highlights how programming in Python opened doors in the private sector, showcasing the diverse paths available in this dynamic field.

Creating your own opportunities is crucial in technical fields, and Scott emphasizes the power of initiative. From starting a blog to contributing to community repositories, he offers practical advice for building a robust portfolio. We also discuss the importance of networking, the impact of geopolitical events on cyber threats, and how storytelling bridges gaps within the security sector. Scott’s insights provide a roadmap for aspiring professionals eager to break into cybersecurity.

Artificial intelligence is revolutionizing cyber threat intelligence, but it comes with its own set of challenges. Scott and I delve into the complexities of AI-generated data, the necessity of rigorous validation, and the importance of frameworks like MITRE ATT&CK. We explore enhancing detection capabilities and the role of consistent practice in writing and data visualization for professional growth. Whether you’re a seasoned expert or just starting out, this episode is packed with actionable insights to help you navigate the evolving landscape of cybersecurity.

Support the show

Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today

Send us a text

What if the smallest oversight in software could have catastrophic consequences? Join us as we uncover the remarkable journey of Jake, a visionary engineer who has made significant strides in the tech industry. From his days at the University of Michigan to influential positions at Boeing, Amazon, and Google, Jake's story is a testament to the power of curiosity and relentless problem-solving. Discover how he pioneered Quay, the first private Docker registry, and positioned himself at the cutting edge of security and containerization.

Ever wondered about the stringent processes behind aviation software? Jake takes us through his meticulous work at Boeing, where creating safety-critical software is both a science and an art. He shares the rigorous testing and standards like DO-178B and MCDC that ensure the fail-safe operation of flight systems. Jake's insights illuminate how even the smallest IT services can have profound impacts on safety, offering a rare glimpse into the interconnected world of aviation technology and its regulations born from past tragedies.

As we wrap up, we venture into the realm of high availability software and evolving security technologies. Jake draws parallels from the aviation industry to illustrate the importance of redundancy and robust planning against failures. He discusses the benefits of unified authorization services and modern models, providing practical advice for handling software downtimes and authorization challenges in today's dynamic IT environments. Finally, listeners can learn how to connect with Jake and explore his current venture, Authzed, gaining further insights into innovative security solutions. This episode promises invaluable takeaways for tech enthusiasts and professionals alike.

Support the show

Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today

Send us a text

What if you could protect your organization's data as effortlessly as sending an email? Join us for an enlightening conversation with Matt Howard, a veteran IT professional whose career spans the dawn of the application service provider model to the forefront of open-source software and application security. Matt’s experience at tech conferences like DEFCON and Black Hat offers a firsthand look at the evolution of IT security. From his early days navigating the chaotic tech landscape to mastering the full technology stack, Matt’s journey reveals critical insights for anyone aspiring to excel in the field of IT.

Discover the future of data security architecture as Matt delves into the complexities of securing data within the finance industry and beyond. Learn how adopting a granular security architecture, similar to microservices in software development, can revolutionize secure data sharing across organizational boundaries. Through real-world applications, such as military alliances needing instantaneous and secure information exchange, Matt emphasizes the importance of dynamic, policy-driven access controls. His insights paint a picture of a more interconnected and securely collaborative world, one where data protection adapts to the demands of the moment.

Trace the historical milestones of data security with Matt, from the emergence of thin client computing to the rise of cloud services and microservices. Hear about key developments like Lotus Notes and the vital role of cryptography, as well as the modern-day necessity of encryption. Learn about Virtru’s innovative approach to simplifying data security with user-friendly encryption tools integrated into everyday platforms like Gmail and Outlook. Lastly, Matt introduces us to the Trusted Data Format (TDF) and the OpenTDF project, shedding light on how they provide granular security benefits and regulatory compliance. As we conclude, Matt shares the privacy-centric philosophy of Virtru’s founders and how you can connect with him for further insights.

Support the show

Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today

Send us a text

Ever wondered what it takes to stay one step ahead of cybercriminals? This episode, featuring cybersecurity expert Chris Hale, promises to unravel the complexities of safeguarding digital fortresses while sharing invaluable lessons from the frontlines. Chris’s journey from a help desk technician to the founder of his own cybersecurity firm is nothing short of inspiring. His early interest in computers, paired with a dual major in Exercise Sport Science and Computer Information Systems, laid the foundation for a career that would see him tackling email viruses at Sports Authority and defending against sophisticated malware and ransomware attacks.

The conversation shifts to the high-stakes world of incident response teams, where Chris recounts a harrowing ransomware incident caused by the absence of two-factor authentication on a global admin account. The relentless effort required to handle such crises, including long hours and meticulous post-mortem analyses, underscores the critical role of managed service providers (MSPs) and managed security service providers (MSSPs) in maintaining robust security practices and compliance. Chris’s firsthand experiences highlight the importance of hands-on training and continuous learning, offering listeners a realistic glimpse into the demands and rewards of a career in cybersecurity.

We also navigate the evolving threat landscape, discussing the necessity of quarterly audits, penetration testing, and consistent security practices across global enterprises. Chris shares insights into the importance of continuous cybersecurity training for all organizational levels, using tools like Breach Secure Now to keep security awareness sharp. The episode wraps up with a discussion on the recent CrowdStrike update debacle and the challenges of choosing reliable Endpoint Detection and Response (EDR) solutions. Through Chris’s expert lens, listeners gain a comprehensive understanding of the current issues and best practices in cybersecurity, making this episode a must-listen for anyone invested in protecting their digital assets.

Support the show

Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today

Send us a text

What happens when a seasoned American cybersecurity expert navigates the intricate world of European data privacy? Richard Hollis, with over three decades in the cybersecurity industry, shares his captivating journey from Washington DC's government projects to leading Risk Crew in London. Listen as Richard emphasizes the critical role of process over products in cybersecurity and offers a wealth of insights into the ever-changing threat landscape. Along the way, he recounts the unique challenges and personal experiences of living and working in Europe, shedding light on the cultural contrasts that shape global cybersecurity practices.

Imagine the personalized service of a cigar lounge in Germany and the stringent protections of GDPR — a stark contrast to American business practices and views on data privacy. This episode unpacks the cultural differences between Europe and America with vivid anecdotes and eye-opening discussions. We explore how European values around data privacy influence business operations and consumer rights, offering a fresh perspective on what Americans might learn from these practices. Richard’s insights help bridge the gap, revealing the importance of robust data protections in today's interconnected world.

Our conversation also delves into the urgent need for enhanced data privacy and cybersecurity regulations, drawing parallels to past safety improvements in other industries. Richard shares his candid thoughts on the influence of big tech companies and the current inadequacies in data protection measures. Reflecting on personal stakes and the emotional disconnect many professionals have with data security, we highlight the broader implications for both individuals and businesses. Don’t miss this engaging episode that combines expert insights with a unique cross-cultural perspective, offering valuable lessons for listeners on both sides of the Atlantic.

Chapters

00:00 Introduction and Appreciation for the Podcast
00:52 Richard's Background in Cybersecurity
05:45 Living in Europe and Cultural Differences
12:09 Being an American in Europe
16:00 Data Privacy and GDPR
20:12 The Lack of Federal Regulation for Data Protection in the US
25:14 The Historical Context of Europe Compared to America
31:20 The Impact of America's Size on Data Privacy Laws
34:16 The Need for a Ralph Nader for Data Privacy
36:07 Monetization of Personal Data and Lack of Accountability
41:37 Differences in Mindset: Americans vs Europeans on Data Privacy

Support the show

Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today

Send us a text

Have you ever wondered how drastically your media consumption could change just by crossing state lines? During a recent family vacation to Nashville, I experienced firsthand how my YouTube and social media feeds were manipulated to present opposing political views. This episode exposes the unnerving reality of regional media targeting, especially as we approach election season. By exploring the ease with which these platforms can alter our perspectives based on location, we uncover the potential for significant influence on public opinion.

As we navigate through today’s politically charged environment, it's more critical than ever to question the information presented to us. We discuss the alarming trend of historical facts being twisted or forgotten, drawing parallels to the propaganda tactics of the past. This episode underscores the importance of verifying sources and staying vigilant against misinformation. With election season on the horizon, our focus is on fostering awareness and preparedness to resist the unprecedented levels of targeted media influence aimed at swaying our opinions. Join us in this vital conversation about maintaining the integrity of our perspectives in the face of sophisticated propaganda techniques.

Support the show

Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today

Send us a text

How does a mischievous high school curiosity evolve into a rich, multifaceted career in IT and security? This episode promises a deep dive into Michael Goldstein's fascinating journey from tinkering with school computers to becoming an influential figure during the PC revolution. Learn from Michael's transition from mainframe to PC environments and his crucial role in an early managed service provider, all while absorbing the lessons of adaptability and foresight that have marked his professional life. Michael's story is not just a tale of technological advancement but a guide for anyone looking to carve their own path in IT and security.

Ever wondered how to break into the world of IT and security? Michael offers actionable insights, emphasizing the foundational role of help desk positions and the vital troubleshooting skills necessary to thrive. The episode delves into the mental fortitude required in security roles, painting a picture of seasoned professionals who tackle complex problems with strategic independence. Through personal anecdotes and professional reflections, we underscore the importance of teamwork and versatility, drawing comparisons to the multifaceted skill sets needed for success in various IT roles.

In your quest for success in the tech industry, what entrepreneurial lessons can you glean from a seasoned professional? Michael shares his entrepreneurial journey, discussing the challenges of adapting to industry changes and the importance of staying ahead with emerging technologies like AI and cybersecurity. Gain insights into forming the right team and treating customers with genuine respect, while also exploring the transformative applications of AI in business operations. Michael's conversation offers real-world examples and thought-provoking topics, making this episode a must-listen for anyone interested in the current and future landscape of technology.

Support the show

Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today

Send us a text

Imagine the bustling energy of DEF CON suddenly shifting from Caesars to the Las Vegas Convention Center. How will this change impact the magic of one of the world's most renowned cybersecurity events? Join us as we share personal experiences from past DEF CONs, consider the logistical hurdles, and discuss the potential financial implications for local resorts. Our guest, Rui Ribeiro, brings his invaluable insights into how such changes can alter the attendee experience, setting the stage for a deep dive into his impressive professional journey in cybersecurity.

As we navigate the realm of client-side security, we uncover the fascinating story behind the founding of Chase Prep. From the chaotic days of the early internet boom to a pivotal meeting with Cloudflare's CEO, we explore the transformative power of JavaScript and the intricate parallels between telecom and banking industries. Rui and I emphasize the critical need for clear communication of security requirements to decision-makers, particularly in emerging markets, highlighting the often-overlooked technical challenges and opportunities in this niche field.

Our conversation also tackles the evolving landscape of cybersecurity with a focus on balancing technical and soft skills. We discuss strategies for embedding security into everyday processes, the importance of adaptive security measures, and how rapid advancements like those during COVID-19 have reshaped business practices. From insurance risks and evolving security models to the joy of building a safer digital world, this episode covers the passion and practicalities that drive us in the field of cybersecurity. Join us for an enlightening discussion that promises to leave you with fresh insights and actionable takeaways.

Support the show

Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today

Send us a text

In this insightful interview, Joe sits down with cybersecurity expert Mr. Jeff Man to delve into his extensive background in security and his impactful tenure at the National Security Agency (NSA). They explore how Jeff embarked on his security career, the critical mission of the NSA, and the agency's compartmentalized structure. Jeff recounts his experiences working on significant projects at the NSA and underscores the importance of compartmentalization for security. The discussion also highlights the challenges of government work and the stringent entry requirements for agencies like the NSA.

The conversation spans various topics, including the complexities of handling different telecom and operating systems, the advanced technology at the NSA, the pioneering days of hacking and network security, and the formation of the first red team. Jeff shares his motivations for staying at the NSA and the circumstances that led to his departure. Additionally, he talks about his current work in PCI compliance and his active participation in the security community through conferences and podcasts. Don't miss this deep dive into the world of cybersecurity from a seasoned expert.

00:00 Introduction and Podcasting
03:47 Getting into Security
10:47 Jeff's Background and Entry into the NSA
15:58 The Mission of the NSA
22:27 Challenges of Working in the Government
29:07 Overlapping Projects and Duplication of Efforts
31:02 Technological Advancement at the Agency
36:47 The Early Days of Hacking and Network Security
51:42 Reasons for Staying at the Agency
54:20 Leaving the Agency and the Significant Incident
57:06 Current Work in PCI Compliance and Involvement in the Security Community

Support the show

Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today