The Cyber Ranch Podcast

This week Allan attended the HIP Global conference in New Orleans, which happens to be Allan's favorite city in America.

The conference was outstanding - no sales pitches, no nonsense, just many experts speaking on the topic of securing identity.  Entra ID, Okta, AD folks all were present, and it was amazing.

Allan got to interview some AMAZING guests from all walks of identity life, including one gentleman whose pedigree includes a rather critical national role right out the White House...

Listen in as Allan asks the following questions (one of which Drew answers too!)

Y'all be good now!

In this episode Allan and Drew consult Tim Rohrbaugh, who has done quite a lot of research and work on the practical applications, deployment, use cases and limits of GenAI and LLM.

• Flavors and incarnations of AI - GenAI, Expert Systems, ML...

It's a great show and you will most definitely learn a lot!  Thank you Tim, thank you, listeners!  Y'all be good now!

Howdy, y'all!  With American presidential elections already under way, Allan and Drew decided that scrambling to get Kirsten Davies on the show for this week's show (the last one before formal Election Day) was paramount.  Kirsten has been on our potential guest list for years now, as she is a multiple-times Fortune 500 CISO.

But now Kirsten is CEO and Founder of The Institute for Cyber Civics, a non-partisan non-profit aimed at empowering poll workers and poll volunteers to recognize and deal with cyber attacks on the voting process.

Hear about Kirsten's charter, mission, vision, goals and capabilities in this SPECIAL EDITION! episode!

Y'all be good now!

Our guest today is Babbette Jackson, aka Technically__Rose of YouTube and Instagram fame!

Babbette is in DLP and Insider threat analysis.  She has worked in places as far flung as Edward Jones, Juniper Networks, and Bank of America.  More importantly, Babbette is quite involved in the intersection of social media and community engagement.

How do we use social media to engage others across generations and to and encourage community participation?

Allan, Drew and Babbette discuss:

• We’ve been talking to others about how they arrived in and either struggled or flourished in Cyber.  What is your story?

It is a wonderful show, and Babbette is a wonderful guest who is willing to share the insights behind her success.  Y'all be good now!

Who and what you are, your personality, your style, your thoughts...  That’s all about to change.  For one thing you are already a product on “free to use” social media.  You don’t really own things you think you own (We're looking at you, Steam!)  Even your intellectual property is up for grabs now in ways you can’t see coming.  Hollywood actors are selling the rights to their digital likenesses, and meanwhile, others are stealing such rights via technological loopholes.  All media exists, according to Drew, to draw you towards the advertisements…  And your deepfake could be used to do just that to others.  Some of these fakes are good enough to fool yourself even.

Join Allan and Drew as they interview Sam Rad, a premier futurist and humanist, who freely admits that there is now an inherent tension between those two philosophies.

The conversations about the governance, ethics, and security of all this new media and technology are woefully behind the curve.

Many members of the TikTok generation has a 4-second attention span and require multiple simultaneous input streams at any given time to feel satisfied.  Is this a deliberate attack on the Western human nervous system?  Cyberattacks are certainly killing people already, why not go straight for their brains?

Are the peasants coming with pitchforks and torches to destroy Frankenstein’s newest monster?  How about the striking dockworkers?  The terrorists destroying 5G towers?  Do peasants with pitchforks ever win?  Ned (mistakenly called “Jason” by Allan)  Ludd and the Luddites failed in a big way to stop technology from replacing their jobs in the late 1700s (mistakenly referred to as the having happened in the Victorian era by Allan)

This show is peppered with others such historical and cultural references such as the cultures and economies in Second Life, Picasso’s mass production of his own paintings, Rousseau’s evolving concepts of property, Mary Shelly and her Frankenstein’s monster, Hegel’s model of “thesis, antithesis, synthesis”, the Butlerian Jihad from the “Dune” series, and William Gibson’s maxim that, “The street finds its uses for things”.

We’re not even coping with all of this, and now we have the AI conversation thrust upon us as well…  Your content is training data, and can be mimicked with uncanny accuracy as well.

Check out Sam’s book, “Radical Next” and her docuseries “Illicit Economies of the Shadowverse” to learn more about the positives and negatives of all of these trends in humanity.

Good luck out there.  Stay safe.  Who you are and what you own is irretrievably altered at this point.  Cybersecurity is really just “security” now.  But hopefully all this mess will create the next cultural and creative Renaissance.

Y'all be safe now...

Jason Shockey, CISO of Cenlar FSB, and 25 year veteran of cybersecurity, has a formula for running an excellent cybersecurity program.

He studied a great deal in his various cybersecurity roles before leaping into a CISO role, and the studying paid off!

Jason and Allan and Drew discuss the following:

• Identifying Common Pitfalls

ALL in the span of one rapid-fire show!  Do give it a listen, as you will learn about many valuable approaches and resources to help your program succeed.

Y'all be good now!

Cyber as precursor to kinetic warfare?  What about cyber AS warfare?  And social media infiltration and propaganda?  Join Allan and Drew as they invite Dave Schroeder, a renowned expert in this field, to discuss the active use of cybersecurity and social media as warfare between the Western World and China, Iraq, Russia and North Korea.  They cover:

• Insertion of fake IT employees into key companies

This one is very sobering and perhaps the most important show of the year...

Y'all be good now!

Howdy, y’all, and welcome to The Cyber Ranch Podcast!  Our guest today is Tim Brown.  If you don’t’ know who Tim Brown is, he is the CISO at SolarWinds, and as such, is one of us.

Or maybe in a way, he is all of us, really.  Tim advises and has held various other roles in the past, including product roles, which our listeners know are well-respected skills down at the 'Ranch.

The topic today is cyber regulation.  It can range from self-regulation to associations, principles, practices, lobbying – all the way up to full government regulation.  What works?  What’s required?

Topics covered:

• What is the case for regulation?

The call to action is ultimately this: If you don't have a seat at the table, folks will do things to you rather than with you.  So get involved!

Y'all be good now!

What can we established cybersecurity practitioners ACTUALLY do to help those new in the field besides blathering back and forth about the problem in the echo chamber that is LinkedIn?

Drew got the clever idea of inviting three folks who are brand new to the field or barely started on their cyber journey, and, get this: ASKING them what they're experiencing and what they need! Clever, huh? It's an eye-opening show for a CISO.

We are join on this week's episode by Amé Venter, May Ferreira, and Bryce Hill, who share their perspectives from their early stages in this field. It's a sobering perspective.

To a certain extent, they've all been lied to and led on, and that's all of our faults.

Key takeaways:

• Prodsec/Appsec might get you out of being a cost center in cybersecurity, but no intro programs seem to show folks how to get there.

CISOs, please listen to this show. Please re-think your hiring strategies!

Y'all be good now!

Howdy, y’all!  Our guest today is Wade Baker, cybersecurity researcher, entrepreneur, professor…  Wade is a Board of Directors member of the FAIR Institute, was an Advisory Board Member at the RSA Conference, was VP of Strategy & Risk Analytics at ThreatConnect, and is now Co-Founder of Cyentia Institute, which aims to advance cybersecurity knowledge and practice through data-driven research.  Wade joins Drew and Allan to talk about (go figure!) data-driven cybersecurity.  The three smash through a lot of assumptions and get to the heart of what is really going on in cybersecurity.

Questions covered:

1. What is the Information Risk Insights Study (IRIS)? (cyentia.com/iris/)

Y’all be good now!