Microsoft Azure adoption with cybersecurity first principle strategies. The cloud revolution is here. How well can we implement our first principle strategies within each environment? Do we need to embrace other security platforms to get it done? In this session, Rick and the Hash Table review Microsoft Azure through the lens of first principle thinking. They review how Azure supports, or doesn’t support, strategies of resilience, zero trust, intrusion kill chains, and risk assessments. The Hash...
Mar 21, 2022•21 min•Season 4Ep. 36
Microsoft Azure adoption with cybersecurity first principle strategies. The cloud revolution is here. How well can we implement our first principle strategies within each environment? Do we need to embrace other security platforms to get it done? In this session, Rick discusses Microsoft Azure through the lens of first principle thinking. He reviews how Azure supports, or doesn’t support, strategies of resilience, zero trust, intrusion kill chains, and risk assessments. Cybersecurity professiona...
Mar 14, 2022•20 min•Season 4Ep. 35
Two members of the CyberWire’s Hash Table of experts, Gary McAlum, USAA CSO and Don Welch, Penn State CIO, join Rick Howard to discuss the SolarWinds attack. Resources: S1E6: 11 MAY: Cybersecurity first principles. S1E7: 18 MAY: Cybersecurity first principles: zero trust. S1E8: 26 MAY: Cybersecurity first principles: intrusion kill chains. S1E9: 01 JUN: Cybersecurity first principles: resilience. S1E11: 15 JUN: Cybersecurity first principles: risk assessment. S2E7: 31 AUG: Identity Management: a...
Mar 07, 2022•23 min•Season 4Ep. 34
Rick discusses if the first principles theories prevent material impact in the real world, such as the latest SolarWinds attack. Previous episodes referenced: S1E6: 11 MAY: Cybersecurity First Principles S1E7: 18 MAY: Cybersecurity first principles: zero trust S1E8: 26 MAY: Cybersecurity first principles: intrusion kill chains. S1E9: 01 JUN: Cybersecurity first principles - resilience S1E11: 15 JUN: Cybersecurity first principles - risk S2E3: 03 AUG: Incident response: a first principle idea. S2...
Feb 28, 2022•23 min•Season 4Ep. 33
Two members of the CyberWire’s Hash Table of experts: Gary McAlum, USAA CSO Zan Vautrinot, Air Force Major General (retired), Board Director Wells Fargo, Battelle, and City of Hope discuss where the CISO and CSO should fit into the organization. Resources: “ Changing CISO's Reporting Structure: Why The Debate Is Back? ” BY CIO&Leader, 3 July 2019. “ Does it matter who the CISO reports to? ” By Josh Fruhlinger, CSO, 30 April 2019. Learn more about your ad choices. Visit megaphone.fm/adchoices...
Feb 07, 2022•23 min•Season 3Ep. 32
Rick describes where the CISO fits into the corporate organizational structure and why it came to be that way. Resources: “ CIO Hall of Fame: Max D. Hopper ,” By Richard Pastore, CIO, 15 September 1997. “ Concept of the Corporation ,” by Peter F. Drucker, published Routledge, 1946. “ Durant Versus Sloan – Part 1 ,” by steve blank, 1 October 2009. “ EVOLUTION OF THE CISO ,” by Thomas Borton, ISACA Conference, 13 March 2014. “ Max Hopper: Modernized information technology at American Airlines ,” b...
Jan 31, 2022•13 min•Season 3Ep. 31
Three members of the CyberWire’s Hash Table of experts: Rick Doten Kevin Ford Kevin Magee discuss SOAR tools. Resources: “ A Brief History of SIEM ,” by Stephen Gailey, CyberSecurity Magazine, 19 January 2020. “ Cybersecurity First Principles: DevSecOps. ” by Rick Howard, CSO Perspectives, The CyberWire, 8 June 2020. " Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains ,” by Eric Hutchins, Michael Cloppert, Rohan Amin, Lockheed Mart...
Jan 24, 2022•22 min•Season 3Ep. 30
Rick explains the network defender evolution from defense-in-depth in the 1990s, to intrusion kill chains in 2010, to too many security tools and SOAR in 2015, and finally to devsecops somewhere in our future. Resources: “ Cybersecurity First Principles: DevSecOps. ” by Rick Howard, CSO Perspectives, The CyberWire, 8 June 2020. “ FAQ ,” RSA Conference, 2020. " Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains ,” by Eric Hutchins, M...
Jan 17, 2022•18 min•Season 3Ep. 29
Two members of the CyberWire’s hash table of experts: Bob Turner: University of Wisconsin at Madison CISO Roselle Safran: KeyCaliber’s CEO & Founder discuss security concerns around containers and serverless functions. Resources: “ Cybersecurity first principles: intrusion kill chains ,” By Rick Howard, CSO Perspectives, the Cyberwire, 26 May 2020. “ Race Flag Meanings ,” by Go Ahead Take the Wheel, 2020. “ What Copernicus Knew About Cybersecurity Operations ,” by Robert Turner, UW-Madison I...
Jan 10, 2022•23 min•Season 3Ep. 28
Rick explains what containers and serverless functions are, why they are related, why they are the latest development in the evolution of the client server architecture, why you need to secure them, and how. Resources: “ 5 ways to secure your containers ,” by Steven Vaughan-Nichols, CEO, Vaughan-Nichols & Associates, 23 April 2019. “ 8 technologies that will disrupt business in 2020 ,” by Paul Heltzel, CIO, 26 August 2019. “ A Brief History of Containers: From the 1970s Till Now ,” by Rani O...
Jan 03, 2022•17 min•Season 3Ep. 27
Two members of the CyberWire’s hash table of experts: Steve Winterfeld: Akamai’s Advisory CISO Paul Calatayud: Palo Alto Networks’ Chief Security Officer for the Americas discuss SD-WAN architecture and security. Resources: “ A History of SD-WAN ,” by CATO. “ Broadband history ,” by Dani Warner, USwitch, 19 July 2018. “ SD-WAN: What’s the big deal for security leadership? ” by Rick Howard, CSO Perspectives, The CyberWire, 10 October 2020. “ The 6 Biggest SASE Buys of 2020 (So Far) ” by Tobias Ma...
Dec 27, 2021•33 min•Season 3Ep. 26
Rick discusses the history of enterprise connectivity, the benefits of SD-WAN, and the security obstacles to avoid when enterprises deploy SD-WAN today. He also makes the case for a coupling of SD-WAN and SASE. Resources: “ A Brief History of the Enterprise WAN: How little has changed in the last 15 years ,” by By Andy Gottlieb, Network World, 6 April 2012. “ Bandwidth Key Words: DS1, T-1, DS2, T-2, DS3, T-3, DS4, T-4, OC-1, OC-3, OC-12, OC-48, ATM, Bandwidth Resources, MPLS, Satellite, Internet...
Dec 20, 2021•16 min•Season 3Ep. 25
Rick presents the highlight reel of season 2. Learn more about your ad choices. Visit megaphone.fm/adchoices
Nov 15, 2021•31 min•Season 2Ep. 24
Two members of the CyberWire’s hash table of experts, Tom Quinn: CISO - T. Rowe Price Rick Doten: CISO - Carolina Complete Health discuss red team blue team operations in the real world. Learn more about your ad choices. Visit megaphone.fm/adchoices
Nov 08, 2021•29 min•Season 2Ep. 23
Rick discusses this history of red teaming as a concept, the inclusion of penetration tests for the early mainframe computers, and the evolution into team-on-team cyber exercises. Learn more about your ad choices. Visit megaphone.fm/adchoices
Nov 01, 2021•15 min•Season 2Ep. 22
Three members of the CyberWire’s Hash Table of experts Helen Patton - CISO - Ohio State University Suzie Smibert - CISO - Finning Rick Doten - CISO - Carolina Complete Health discuss the things they worry about when it comes to data identity management. Learn more about your ad choices. Visit megaphone.fm/adchoices
Oct 25, 2021•26 min•Season 2Ep. 21
Rick discusses this history of identity management up to the current state. Learn more about your ad choices. Visit megaphone.fm/adchoices
Oct 18, 2021•18 min•Season 2Ep. 20
Four members of the CyberWire’s hash table of experts: Tom Quinn - CISO - T. Rowe Price Associates Nikk Gilbert - CISO - Cherokee Nation Businesses Dawn Cappelli - VP of Global Security and CISO for Rockwell Automation Gary McAlum - CSO- USAA discuss the things they worry about when it comes to data loss protection. Learn more about your ad choices. Visit megaphone.fm/adchoices
Oct 11, 2021•36 min•Season 2Ep. 19
Rick discusses data loss protection as a first principle strategy using NIST and Forrester as a guide. The new thing to consider is running a deception network. Learn more about your ad choices. Visit megaphone.fm/adchoices
Oct 04, 2021•16 min•Season 2Ep. 18
Four members of the CyberWire’s hash table of experts: Jerry Archer - Sallie Mae CSO Ted Wagner - SAP National Security Services CISO Steve Winterfeld - Akamai Advisory CISO Rick Doten - Centene CISO discuss the things they worry about when it comes to incident response. Learn more about your ad choices. Visit megaphone.fm/adchoices
Sep 27, 2021•30 min•Season 2Ep. 17
Rick discusses incident response as a best practice for the network defender community, talks briefly about Zoom and how well their communications plan worked earlier this year when the network defender community called their web conferencing app out on several security issues, and how poorly OPM handled their incident response when the Chinese stole the PII of every person that worked in the U.S. government. Finally, he talks about the birth of incident response and the most influential cyberse...
Sep 20, 2021•24 min•Season 2Ep. 16
Four members of the CyberWire’s Hash Table of experts: Don Welch: Interim CIO of Penn State University Helen Patton: CISO for Ohio State University Bob Turner: CISO for the University of Wisconsin at Madison Kevin Ford: CISO for the State of North Dakota discuss SOC Operations in terms of intrusion kills chains, defensive adversary campaigns, insider threats, cyber threat intelligence, zero trust, SOC automation, and SOC analyst skill sets. Learn more about your ad choices. Visit megaphone.fm/ad...
Sep 13, 2021•29 min•Season 2Ep. 15
For the 20th anniversary of 9/11, Rick Howard, the Cyberwire’s CSO, Chief Analyst, and Senior Fellow, recounts his experience from inside the Pentagon running the communications systems for the Army Operations Center. Learn more about your ad choices. Visit megaphone.fm/adchoices
Sep 11, 2021•31 min•Season 2Ep. 4441
The idea of operations centers has been around as far back as 5,000 B.C. This show covers the history of how we got from general purpose operations centers to the security operations centers today, the limitations of those centers, and what we need to do as a community make them more useful in our infosec program. Learn more about your ad choices. Visit megaphone.fm/adchoices
Sep 06, 2021•18 min•Season 2Ep. 14
This is the eighth and final essay in this series that discusses the development of a general purpose cybersecurity strategy for all network defender practitioners - be they from the commercial sector, government enterprise, or academic institutions - using the concept of first principles. Learn more about your ad choices. Visit megaphone.fm/adchoices
Jul 12, 2021•27 min•Season 1Ep. 13
This is the seventh show in a planned series that discusses the development of a general purpose cybersecurity strategy for all network defender practitioners - be they from the commercial sector, government enterprise, or academic institutions - using the concept of first principles. First principles Zero trust Intrusion kill chains Resilience DevSecOps Risk assessment We are building a strategy wall, brick by brick, for a cyber security infosec program based on first principles. The foundation...
Jul 05, 2021•30 min•Season 1Ep. 12
This is the sixth episode in a planned series that discusses the development of a general purpose cybersecurity strategy for all network defender practitioners-- be they from the commercial sector, government enterprise, or academic institutions-- using the concept of first principles. Learn more about your ad choices. Visit megaphone.fm/adchoices
Jun 28, 2021•19 min•Season 1Ep. 11
This is the fifth essay in a planned series that discusses the development of a general purpose cybersecurity strategy for all network defender practitioners-- be they from the commercial sector, government enterprise, or academic institutions-- using the concept of first principles. Learn more about your ad choices. Visit megaphone.fm/adchoices
Jun 21, 2021•26 min•Season 1Ep. 10
This is the fourth show in a planned series that discusses the development of a general purpose cybersecurity strategy for all network defender practitioners - be they from the commercial sector, government enterprise, or academic institutions - using the concept of first principles. The first show explained what first principles are in general and what the very first principle should be for any infosec program. The second show discussed zero trust. The third show covered intrusion kill chains. ...
Jun 14, 2021•19 min•Season 1Ep. 9
This is part three in a series that Rick Howard, CyberWire’s Chief Analyst, is doing about building an infosec program from the ground up using a set of first principles. This episode, he talks about why intrusion kill chains are the perfect companion strategy to the passive zero trust strategy he talked about last week. The key takeaway here is that we should be trying to defeat the humans behind the campaigns collectively, not simply the tools they use independently with no context about what ...
Jun 07, 2021•29 min•Season 1Ep. 8
