Joining us this week is Javvad Malik, Security Awareness Advocate at KnowBe4. We cover an array of themes including the need to "protect the seams", understanding where risks are moving, how small interventions can deliver quick security wins, understanding people in the security equation and the importance of cybersecurity training, the AI debate, smishing attacks, and more! Javvad Malik is a Security Awareness Advocate at KnowBe4, a blogger event speaker and industry commentator who is possibl...
May 16, 2023•48 min•Ep. 233
Joining the podcast this week is Katie Arrington is the founder of LD Innovations, LLC Cybersecurity and the former Chief Information Security Officer for Acquisition and Sustainment (CISO(A&S)) to the Under Secretary of Defense for Acquisition and Sustainment (USD(A&S)). We cover many interesting themes in our lively discussion including Cybersecurity Maturity Model Certification (CMMC), the impact of a cyber mentality and culture, the National Cybersecurity Strategy, the CHIPS Act, ris...
May 09, 2023•32 min•Ep. 232
Joining the podcast this week is Katie Arrington is the founder of LD Innovations, LLC Cybersecurity and the former Chief Information Security Officer for Acquisition and Sustainment (CISO(A&S)) to the Under Secretary of Defense for Acquisition and Sustainment (USD(A&S)). We cover many interesting themes in our lively discussion including Cybersecurity Maturity Model Certification (CMMC), the impact of a cyber mentality and culture, the National Cybersecurity Strategy, the CHIPS Act, ris...
May 02, 2023•28 min
Joining the podcast this week is Katie Arrington is the founder of LD Innovations, LLC Cybersecurity and the former Chief Information Security Officer for Acquisition and Sustainment (CISO(A&S)) to the Under Secretary of Defense for Acquisition and Sustainment (USD(A&S)). We cover many interesting themes in our lively discussion including Cybersecurity Maturity Model Certification (CMMC), the impact of a cyber mentality and culture, the National Cybersecurity Strategy, the CHIPS Act, ris...
Apr 25, 2023•30 min•Ep. 230
Joining the podcast this week is Canauri founder and CTO, Greg Edwards. He gives us a deep dive view into deception technology including decoys, canaries, watcher files, deception technology defense, and how it helps organizations fare against ransomware attacks. We also discuss the growing ransomware problem and its recent designation by the White House as a "national security threat". And we hit on many of your favorite topics including educating Boards on security and how to define security s...
Apr 18, 2023•38 min•Ep. 229
Joining us this week is Jonathan Knudsen, Head of Global Research for the CyRC, cybersecurity research center, at Synopsys Inc. To understand the vulnerability landscape in software, you have to first understand how software is made. Jonathan shares insights on software development and where vulnerabilities (or many, many vulnerabilities) can be integrated in the final product. (Although software is never really, final, is it?) And as we round out March Madness for 2023, he shares some sobering ...
Apr 11, 2023•24 min•Ep. 228
Joining us this week is Jonathan Knudsen, Head of Global Research for the CyRC, cybersecurity research center, at Synopsys Inc. To understand the vulnerability landscape in software, you have to first understand how software is made. Jonathan shares insights on software development and where vulnerabilities (or many, many vulnerabilities) can be integrated in the final product. (Although software is never really, final, is it?) And as we round out March Madness for 2023, he shares some sobering ...
Apr 04, 2023•25 min•Ep. 227
We're excited to welcome back to the podcast Maria Roat, founder of MA Roat Consulting and former U.S. Deputy Federal Chief Information Officer. For our discussion we double click into the cyber workforce gap and how to attract diverse skillsets to the industry, introducing STEM earlier in education, understanding how to nurture non-traditional learners and the awesome experience veterans bring to supporting the cyber mission. She also shares insights from her decades of experience as an IT lead...
Mar 28, 2023•24 min•Ep. 226
We are excited to welcome back to the podcast Maria Roat, founder of MA Roat Consulting and former U.S. Deputy Federal Chief Information Officer. For our discussion we double click into the cyber workforce gap and how to attract diverse skillsets to the industry, introducing STEM earlier in education, understanding how to nurture non-traditional learners and the awesome experience veterans bring to supporting the cyber mission. She also shares insights from her decades of experience as an IT lea...
Mar 21, 2023•24 min•Ep. 225
Joining the podcast this week is Mishi Choudhary, SVP and General Counsel at Virtru. Mishi shares with us some legal perspective on the privacy discussion including freedom of thought, the right to be forgotten, end-to-end encryption for protecting user data, finding a middle ground between meeting customer privacy demands and complying with legal requirements, getting to a federal privacy regulation, and so much more! You won't want to miss what is a truly spirited and candid conversation – in ...
Mar 14, 2023•34 min•Ep. 224
Joining the podcast this week is Mishi Choudhary, SVP and General Counsel at Virtru. Mishi shares with us some legal perspective on the privacy discussion including freedom of thought, the right to be forgotten, end-to-end encryption for protecting user data, finding a middle ground between meeting customer privacy demands and complying with legal requirements, getting to a federal privacy regulation, and so much more! You won't want to miss what is a truly spirited and candid conversation – in ...
Mar 07, 2023•24 min•Ep. 223
Joining us this week is Jennifer Cook, Senior Director of Marketing at the National Cybersecurity Alliance and we discuss all the hot and trending online scams facing consumers today including the growing prevalence of romance scams ($1.3B in losses last year!), job seeker scams, tax fraud scams, sextortion, and the latest scam making the rounds – pig butchering scams. Jennifer shares insights on the many free resources available to consumers – and the awesome work being done by the National Cyb...
Feb 28, 2023•43 min•Ep. 222
This week joining the podcast is Anton (Tony) Dahbura, executive director of the Johns Hopkins University Information Security Institute and co-director of the Johns Hopkins Institute of Assured Autonomy. We deep dive into the realm of AI/ML technology and the exponential applications for it across every aspect of our lives. And the criticality of building trust, implications of bias, the realities of planning for "edge cases" that just can't be planned for, and the growing sophistication and pe...
Feb 21, 2023•47 min•Ep. 221
Joining the podcast this week is Brian Hajost, the founder and COO of SteelCloud. Brian shares insights on his concept of a Compliance Bill of Materials (CBOM). For those that have heard of Software Bill of Materials (SBOM) it's a similar concept. In addition to CBOM's, Brian also breaks down the challenges and opportunities in automating compliance as well as well frameworks organizations can leverage to help them achieve compliance. Compliance is a super hot topic for every organization! This ...
Feb 14, 2023•43 min•Ep. 220
For this week's episode, Casey Ellis, founder and CTO of Bugcrowd and co-founder of the http://disclose.io project., joins us to explore the risks and rewards of AI technology, including concerns around the notorious Chat GPT chatbot. As the global race to AI supremacy intensifies, Casey shares his thoughts on AI in the workplace, as a cyber defense, and the future of regulation and the ethics around determining AI liability. Casey is the Chairman, Founder, and Chief Technology Officer of Bugcro...
Feb 07, 2023•32 min•Ep. 219
This week, we welcome back Dustin Moody, a mathematician in the NIST Computer Security Division who teaches us about the risks posed by quantum computers and shares updates on the status of NIST's post-quantum cryptography standardization project. As quantum computers move from sci-fi to reality, Dustin elaborates on the functionality of quantum computing and shares best practices for protecting encrypted data to withstand evolving quantum capabilities. If you're interested in learning more abou...
Jan 31, 2023•28 min•Ep. 218
Joining us on the podcast this week is Joe Bielawski – founding member of StateRAMP and President of Knowledge Services – as well as StateRamp Executive Director Leah McGrath. If the name sounds somewhat familiar – like FedRAMP – it should because StateRAMP helps to meet the growing need in state and local government to manage third party risk and efficiently verify cloud security. The organization has an incredible wealth of resources and tools - such as security maturity assessment tool Securi...
Jan 24, 2023•46 min•Ep. 217
This week we welcome back to the podcast former co-host Eric Trexler, Senior Vice President, U.S. Public Sector at Palo Alto Networks. We examine some hot security topics for the year ahead including growing prevalence of AI/ML automation used for preventative security, continued evolution and impact of ransomware (Did you know the average dwell time is 28 days?!), increasing adoption of people/process/technology approaches, industry consolidation, state and local cybergrants coming online and t...
Jan 17, 2023•54 min•Ep. 216
Back from the archives! This week we're spotlighting one of our favorite episodes in Summer 2021 with The New York Times journalist Nicole Perlroth where she shares insights from her decade long research for her book "This is How They Tell Me the World Ends". (FORMERLY EPISODE 138) This week Nicole Perlroth, award-winning journalist for The New York Times and best-selling author of "This Is How They Tell Me The World Ends" joins the podcast to discuss her decade long journey covering cybersecuri...
Jan 10, 2023•52 min•Ep. 215
This week Ismael Valenzuela, Vice President of Threat Research & Intelligence at BlackBerry join the podcast to share perspective from the security threat frontlines. We explore zero day vulnerabilities and information stealers, differing risk appetites across organizations of every size, the criticality of information sharing to mitigate emerging threats, and breaking down the security basics that are key to shoring up defenses. We also touch on topics including cyberwar, naming the latest ...
Dec 27, 2022•45 min•Ep. 213
This week John Zangardi, President and CEO of Redhorse Corporation joins us on the podcast to talk about his remarkable career starting with his time in the Navy as a Naval Flight Officer, his many years on the frontlines of security - including his favorite professional role in government as Department of Homeland Security CIO – and shares perspective on bridging the security talent gap in government as well as the many talents veterans bring to the security industry. He also touches on the evo...
Dec 20, 2022•42 min•Ep. 212
This week we welcome Adam Levin to the podcast. He is a long-time consumer affairs advocate with more than 40 years of experience, author of the book Swiped and formerly Chairman and founder of CyberScout as well as co-founder of Credit.com. Adam joins us at the apex of the consumer security awareness time of year as holiday shopping, COVID, flu, RSV and many other health concerns run rampant in addition to the many ongoing geopolitical security concerns that are ever present. He shares insights...
Dec 13, 2022•29 min•Ep. 211
This week we welcome Adam Levin to the podcast. He is a long-time consumer affairs advocate with more than 40 years of experience, author of the book Swiped and formerly Chairman and founder of CyberScout as well as co-founder of Credit.com . Adam joins us at the apex of the consumer security awareness time of year as holiday shopping, COVID, flu, RSV and many other health concerns run rampant in addition to the many ongoing geopolitical security concerns that are ever present. He shares insight...
Dec 06, 2022•27 min•Ep. 210
Joining the podcast this week is Maria Roat, who has had an impressive career in both government and the private sector for more than 35 years. She shares insights from her time in government, among the many roles she held included Deputy Federal CIO and Small Business Administration CIO, and the opportunities she helped identify to change the system from the inside out. She shares perspective on operating the government as a very large enterprise and the challenges that come with managing singl...
Nov 29, 2022•47 min•Ep. 209
In honor of November as Infrastructure Awareness Month, we wanted to bring back this episode from our 2021 archives with Rob Lee, CEO and Co-Founder of Dragos. In this episode, Rob breaks down the OT challenge that many businesses are facing today including a lack of clarity on who within the business owns OT and defining what acceptable OT risk means within the business. He also shares perspective on multi-factor authentication as one of the universal controls, the industry + geopolitical aspec...
Nov 22, 2022•53 min•Ep. 208
Joining the podcast this week is Eric Mill, Senior Advisor on Technology and Cybersecurity to the Federal CIO in the Office of Management and Budget (OMB). We discuss some of the latest and impactful security initiatives, policies and technologies in U.S. Government today – and highlights from some that OMB is helping to drive. We cover topics spanning the Executive Order on Improving the Nation's Cybersecurity, the Technology Modernization Fund, Zero Trust and what it has come to mean today, FI...
Nov 15, 2022•49 min•Ep. 207
Joining us this week is Peter W. Singer, a New York Times bestselling author of books including Ghost Fleet, LikeWar and the techno-thriller Burn In. He shares details on the New America volunteer, non-profit organization and its awesome #SharetheMicinCyber program helping to bring diversity of thought to the cybersecurity front lines. We also discuss the future of social media, what defines a cyberwar, Ukraine's leverage of social media to garner global support this year, and the great work Use...
Nov 08, 2022•47 min•Ep. 206
This week we officially welcome Petko Stoyanov as the new co-host for the To The Point podcast. Petko shares perspective on how he found his way to cyber, the origin of the name "Petko", and differences in working in government and the private sector. We also discuss the state of cybersecurity landscape and the ongoing challenge of attribution – which is really asking the question, "Who is smarter" in executing cyber attacks. And we dive into the latest headlines on cybersecurity labels for IoT ...
Nov 01, 2022•33 min•Ep. 205
We're excited to welcome back Derek Weeks, recognized as the world's foremost researcher on the topic of DevSecOps and securing software supply chains, to the podcast! Derek shares insights on just how little has changed relative to securing software supply chains and using SBOMs in the two years since we last caught up with him. For those new to SBOMs, they are like the nutritional label on a cereal box except for open source software (OSS). We're we're seeing astronomical growth in organizatio...
Oct 25, 2022•46 min•Ep. 204
Joining the podcast this week is Eva Galperin, Director of Cybersecurity for the Electronic Frontier Foundation (EFF). She is also the co-founder of the Coalition Against Stalkerware and has long been a champion for providing privacy and security for vulnerable populations around the world. "What is stalkerware?" many may ask. Stalkerware is considered a more personal way of invading someone's privacy such as using malware to track a person's activity on a device. Eva shares insights from her ma...
Oct 18, 2022•49 min•Ep. 203
