Enterprise Security Architecture Most organisations find it challenging to protect themselves against the ever-evolving list of risks and threats. The fact that most of us do this with a limited set of resources makes this even more complicated. Knowing what you should spend your time and efforts on is far from straight forward. But hopefully this episode on enterprise security architecture can give some guidance on where to start mapping out the best path for your organisation. We’re joined by ...
Jan 09, 2023•29 min
Azure monitoring & hardening What is the best way to build and automate security in the world of Azure? For this episode, Robby has invited someone that spends all their time doing exactly that, or more specifically, identifying all the things that can go wrong within the Microsoft ecosystem; Rik van Duijn, Hacker & Co-Founder of the Dutch cybersecurity company Zolder B.V. They discuss what’s beneficial for organisations to manage themselves – and what the realistic expected workload is....
Dec 19, 2022•37 min
Who are the people helping us to keep the lights on? And what are our adversaries doing to get in the way of this? This episode of the mnemonic security podcast is directing some love and attention toward the people working with Operational Technology (OT) / Industrial Control Systems (ICS). To help him navigate this field, Robby is joined by Michael Weng, Senior Security Consultant OT/ICS at the security company WithSecure (formerly known as F-Secure for Business). They talk about cyber warfare...
Dec 05, 2022•26 min
What does mobile security mean in 2022? And what are defenders doing to keep the bad guys out of our pockets? To provide some insight into these questions, Robby has invited someone who has worked his entire career in Android security; Dario Durando, Android Malware Analyst at the Dutch security company ThreatFabric. During their conversation, they chat about the top attack vectors in this space, and Dario shares his thoughts about why mobile security isn’t getting more attention. They also go i...
Nov 15, 2022•44 min
As a follow up from last week’s episode on the malicious use-cases of drones with Mario Bartolome Manovel, Robby chats with Pablo Ruiz Encinas, Security Consultant at mnemonic. He recently did a course on drone security – the Drone Security Operations Certificate (DSOC) by DroneSec - and hence has a lot to say on the subject. Pablo did not only bring with him his drone certification to the recording, but also had something that caught Robby’s eye; a Flipper Zero (a dolphin looking device, that m...
Oct 24, 2022•15 min
Drones: malicious use-cases and how to counteract them. As unmanned aerial vehicles (UAVs), or drones, are growing in popularity commercially, their use-cases are also growing in numbers. To discuss them from a security professional’s view point, Robby has invited Mario Bartolome Manovel, Offensive Security Engineer at Telefonica. Mario talks about how drones are regulated these days, their potentially malicious use-cases and how to counteract them. (And If you’re interested in seeing what the d...
Oct 19, 2022•30 min
Application Programming Interfaces (APIs) Why is Gartner predicting that API-based attacks will become the most frequent attack vector for applications? Although APIs deserve the credit for a lot of digital transformation and innovation, they’re also an attractive target for bad actors. To explain how APIs are being used these days, and why they are getting more attention as an attack vector, Robby has invited Sunil Dutt from Salt Security. Sunil talks about the evolution of APIs, the techniques...
Oct 10, 2022•28 min
From the 14th to the 16th of November, the annual Industrial Security Conference will take place in Copenhagen, Denmark. Are you interested in Operational Technology and Industrial Control System security, and wonder what's going on in that part of our industry? Or just curious about the conference, and some of the speakers that will be there? Robby’s caught up with a few of them to get a sneak peak into what you can expect from their presentations and demonstrations during the conference. In th...
Sep 26, 2022•24 min
Securing LinkedIn For this episode, Robby welcomes the CISO, and VP of Engineering for LinkedIn, Geoff Belknap. Geoff has more than 20 years of experience in security and network architecture, and has previously also held the CISO positions at Slack and Palantir. He shares some advice on navigating the security job market, and reflects on his role at LinkedIn, the challenges of his organisation, and the journey his team has been through the last few years. Send us a text...
Sep 12, 2022•35 min
Lessons learned from a real incident: Nordic Choice Hotels What can we learn from the Nordic Choice Hotels supply chain attack of December 2021, and how it was handled? For this episode, we’re happy to welcome Kari Anna Fiskvik, Vice President Technology at Nordic Choice Hotels, that will share some of her lessons learned from being at the centre of attention as Nordic Choice had to shut their systems down at one of their most busy times of the year. Kari Anna has 20 years of experience with Tec...
Aug 22, 2022•30 min
Threat Intelligence-Based Ethical Red-teaming In most organisations, there’s more to security than preventive measures. This means that testing your capabilities within detection, investigation and containment can be just as relevant as looking at preventive capabilities. One way of doing so, is by following the Threat Intelligence Based Ethical Red-teaming (TIBER) framework, and simulating a real adversary and how you organisation would do against such a threat. To explain how a TIBER test is p...
Aug 08, 2022•38 min
Security leadership essentials for managers What knowledge base should a CISO have? And what is the best approach to shaping the next generation of security leaders? Our guest today is better equipped than most to answer these questions. Frank Kim, former CISO of and currently a Fellow and Curriculum Director at SANS Institute, joins Robby to discuss leadership essentials for security managers. Frank shares how SANS and their classes approach teaching strategic leadership in security, and how th...
Jul 11, 2022•39 min
Zero trust vs. castle and the moat What does zero trust have to do with electric cars? For this episode, Robby is joined by Tony Fergusson CISO – EMEA at Zscaler. Tony has more than 25 years of experience in IT networking and security in Manufacturing, Information Technology and Financial Services, and even more importantly, he loves talking about zero trust – and has done so for more than a decade. Tony chats with Robby about his article “What IT can learn from Tesla about disrupting the status...
Jun 27, 2022•44 min
Security of things “IoT security today is like what IT security was in the early 90s”. This is how our returning guest introduces this episode’s topic; IoT security, and how it affects organisations and companies. For the third time, Robby is joined by Brian Contos, serial security entrepreneur and now Chief Security Officer at Phosphorus Cybersecurity, a company providing IoT and OT defense solutions for enterprise customers. Brian explains the meaning behind his not so uplifting statement abov...
Jun 13, 2022•40 min
mnemonic, all government agencies and the majority of organisations in the security community advise against paying ransom to the criminal groups behind ransomware extortions. There are also legal considerations that need to be considered depending on the country or industry you are operating in. There is however, a value in knowing more about how these criminal groups work. To shed some light on this, we’ve invited someone that often has been faced with the dilemma of whether or not to pay the ...
May 30, 2022•36 min
Encrypted traffic management TLS, SSL, HTTP, keys, authentication, clients, servers and ciphers - encryption is complicated. To help shed some light on how enterprises can remove the "blind spot" of encrypted network communication, we’ve invited David Wells, co-founder of Netronome, who is a pioneer in the SSL/SSH inspection space. David explains why being able to see and analyse encrypted traffic is necessary in order to gain full security value out of your network data, and shares his experien...
May 09, 2022•34 min
What can we actually learn about cybercrime and what really goes on inside of criminal organisations from the Conti leaks? This episode we welcome Sergey Shykevich, who has more than a decade of experience within threat intelligence and defence. He’s currently leading the threat intelligence research group in Check Point, and Robby has invited him to share his findings after examining the data leaks from the predominantly Russian-based double extortion group Conti. The large data leak included m...
Apr 25, 2022•37 min
The science of SOAR Is cybersecurity automation and orchestration actually complicating, instead of reducing, the human workload it is meant to relieve? Joining us, to discuss this and more, we have Dr. Vasileios Mavroeidis, Cybersecurity scientist at the University of Oslo, specialising in security automation and cyber threat intelligence representation, inference, and sharing. He explains how he defines cybersecurity automation, and what he sees as the opportunities but also the limitations wh...
Apr 11, 2022•29 min
Control Validation & Cyber Insurance How can private-sector cyber insurers accurately understand and price risk? To discuss this and the critical role insurance can play in risk mitigation strategy, we’re joined by Levi Gundert, Senior Vice President of Global Intelligence at the cybersecurity company Recorded Future. Levi shares from his vast experience from the industry, from previous roles as VP of Cyber Threat Intelligence at Fidelity Investments, Technical Leader at Cisco Talos, Princip...
Mar 28, 2022•35 min
For this episode, we’re welcoming Frank Fransen, Senior Scientist - Cyber Security, and Reinder Wolthuis, Senior Consultant and Program Manager - Cyber Security, from the Dutch not for profit research and consultancy organisation, TNO. They joined Robby to talk about the SOCCRATES research project, where TNO, mnemonic and seven other European organisations are combining efforts to build a platform for security operations centres (SOCs) and incident response teams, to help them be more efficient,...
Mar 14, 2022•37 min
What caused a nation like Norway to become amongst the first pioneers of satellite-based communications? To explore this, Robby is joined by Ronny Klavenes, CISO at Space Norway, a company building and investing in space related infrastructure, especially focusing on critical infrastructure. Space Norway was established on an initiative from The Norwegian Space Agency, a government agency promoting the development of national space activities. Among other things, Space Norway owns the underwater...
Mar 07, 2022•32 min
Deception technology Deception as an attack tactic has been used in many forms, for many years. Both on the battleground in the physical world, and in the digital sphere. For this episode on deception technology, Robby is joined by Ofer Israeli, Founder & CEO of Illusive, a cybersecurity company aiming to remove the vulnerable connections that enable attackers to move undetected, and replace them with deceptive versions that reveal the attacker’s presence. Ofer explains how he suggests movin...
Feb 21, 2022•31 min
How does one of the world’s largest cybersecurity companies collect and share their Threat Intelligence? For this episode, Ryan Olson, Vice President of Threat Intelligence (Unit 42) at Palo Alto Networks, joins Robby for a chat about Palo Alto Networks’ telemetry pool and how Threat Intelligence has evolved over the last decade. His team, Unit 42, are responsible for collecting, analysing and producing intelligence for a large number of organisations worldwide, and Ryan shares what goes on in t...
Feb 07, 2022•35 min
Insider threats | In Norwegian only Where should organisations start to protect themselves from insider threats? For this episode on insider risks, Robby is joined by Frode Skaarnes, COO at Lørn, a startup creating digital learning programs, with long experience from The Norwegian National Security Authority (NSM), as well as Kristian Haga from mnemonic’s Governance Risk and Compliance department. They share from their experience working to help organisations minimise their risks of insider thre...
Jan 25, 2022•30 min
Does your managed SOC suck? Are you fighting today’s war with yesterday’s weaponry? Morten Munck, Engagement Manager at the cybersecurity advisory company Improsec, joins Robby to discuss his much-shared article “Does your managed SOC suck?” with the top ten red flags suggesting that your managed SOC provider should step up their game. Morten has a background from finance and telecommunication and holds a strong profile within Blue Teaming - particularly SIEM, SOC and detection engineering, and ...
Jan 10, 2022•39 min
Project 2030: Future trends in security To share the findings from his new report and webseries called Project 2030, Rik Ferguson, the Vice President of Security Research at Trend Micro, chats with Robby about what role cybersecurity will play in year 2030. Rik has used his over twenty-five years of experience in information security looking forward, sharing what he’s found when trying to anticipate the next ten years of technology, and what opportunities that will mean for cybercriminals. As we...
Jan 03, 2022•37 min
CMMC: Cybersecurity Maturity Model Certification Your security reflects your maturity. For this episode, Robby is joined by two of mnemonic’s security experts from our Governance, Risk and Compliance department to talk about CMMC and the alphabet soup that comes with it. Both of them have experience preparing organisations for what CMMC actually means for them. Anders Hval Olsen as an Information Security Management Implementation subject-matter expert, and Kenneth Crawford, using his long exper...
Dec 27, 2021•38 min
The business of cyber security: Mergers & Acquisitions What separates the acquisitions that go well from those that don’t? To discuss the business side of security, Robby is joined by Brian Contos; returning guest, fellow podcast host, serial security entrepreneur and CISO & Vice President of Mandiant Security Validation. Mandiant Security Validation, previously known as Verodin, was acquired by Mandiant little over two years ago. In this episode, Brian shares from his experience going t...
Dec 20, 2021•45 min
Initial Access Brokers (IABs) The growth and professionalisation of the Initial Access Market has fascinated many in recent years. Few know as much about who the threat actors operating in these markets are, and how the market of providing others with remote access to corporate networks work as Dmitry Shestakov, Head of Cybercrime Research at the cyber intelligence company Group-IB. In his conversation with Robby, Dmitry shares some of his findings after researching these underground communities...
Dec 06, 2021•38 min
Communicating threat intelligence to management For this episode, Robby has invited someone with a unique expertise of the threat landscape in the finance industry. Freddy works as a Senior Threat Intelligence Analyst at the Nordic Financial CERT, a nonprofit organisation owned by the financial institutions in Norway, Sweden, Demark, Finland and Iceland. By receiving data from and supporting their 220 member financial institutions on tasks like incident response, anti-fraud and threat intelligen...
Nov 29, 2021•47 min
