Today when computer systems fail, they can cause real, physical harm. In just the last few years, we've seen cyber attacks interfere with our food supply, tamper with city water supplies, and disrupt gas pipelines. While cheap consumer electronics often have poor security, medical devices like insulin pumps and pacemakers are also vulnerable to attack - and the consequences of failure can be lethal. The free market doesn't reward better security. Regulations are weak or nonexistent, regulators are understaffed and underfunded. Targeted organizations lack sufficient funding, training and personnel to prepare and respond. They need help. I Am the Cavalry aims to engage technologists and hackers to ride to the rescue.

Joshua Corman is VP of Cyber Safety Strategy at Claroty, Founder of I am The Cavalry, and formerly served as Chief Strategist for CISA regarding COVID, healthcare, and public safety.

Interview Links

I Am The Cavalry: https://iamthecavalry.org/ 

BSides 2022 Cavalry presentation: https://www.youtube.com/watch?v=aw3egJej7so 

The Cavalry Isn’t Coming (DEF CON 21 talk): https://www.youtube.com/watch?v=2kMGdkOMSK0 

Rugged Software Manifesto: https://github.com/rugged-software/rugged-software.github.io 

CISA Bad Practices: https://www.cisa.gov/BadPractices 

CISA Information Sharing and Awareness: https://www.cisa.gov/information-sharing-and-awareness 

Maslow’s Hierarchy of Needs: https://www.simplypsychology.org/maslow.html 

Click Here to Kill Everyone: https://www.schneier.com/books/click-here/ 

SBOM interview: https://podcast.firewallsdontstopdragons.com/2021/07/19/its-time-to-drop-the-sbom/ 

My Jeff Moss interview: https://podcast.firewallsdontstopdragons.com/2022/08/29/the-night-the-lights-went-out-in-vegas/ 

Further Info

300th episode promotion: https://fdsd.me/ep300 

Patron promotion: https://fdsd.me/coinpromo 

Send me your questions! https://fdsd.me/qna 

Subscribe to the newsletter: https://fdsd.me/newsletter

Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book 

Become a Patron! https://www.patreon.com/FirewallsDontStopDragons 

Donate directly with Monero! https://firewallsdontstopdragons.com/contact/ 

Would you like me to speak to your group about security and/privacy? http://bit.ly/Firewalls-Speaker

Generate secure passphrases! https://d20key.com/#/

Table of Contents

Use these timestamps to jump to a particular section of the show.

0:01:28: Giveaway and promotion update

0:02:46: Holiday gift ideas

0:03:59: Interview preview

0:08:35: How did I Am the Cavalry get started?

0:16:52: How does focusing on physical harms change your approach to cybersecurity?

0:20:33: Why is it so important to 'meet people where they are'?

0:23:40: How do you best help organizations that are target rich but cyber poor?

0:31:47: What is the crawl, walk, run progression?

0:34:33: Why is it so important to compartmentalize systems?

0:35:56: How do we do a better job of designing security in from the start?

0:39:01: Is it safer for small companies to use managed services?

0:42:17: What role should the government play here?

0:52:57: If I want to get help for my organization, where should I go?

0:58:18: What's next for the Cavalry and how can I get involved?

1:05:09: Interview wrap-up

1:06:35: Book recommendations

1:07:43: Preview of upcoming shows