We have all had a vague sense that our world is being manipulated, informed and fed by various conscious manipulation tactics - influence on political campaigns on social media, culture wars, class wars, etc. But we can glean out the facts and figure out who is telling what story if we embrace a new discipline - Narrative Intelligence. Our guest this week is Joe Stradinger, Founder and CEO of EdgeTheory, who are out to understand and leverage the conversations that shape our world. Specifically,...
Dec 18, 2024•37 min•Transcript available on Metacast Howdy, y’all, and welcome to The Cyber Ranch Podcast! That’s Jon Green, an experienced CISO but also an experienced CTO. Jon is currently the CSO and CTO at HPE’s Aruba. He’s also a DefCon goon and a Team8 Villager. He’s done the marketing engineer side, the network engineer side… Quite a storied past. We are thrilled to be talking with him about the differences between CSO/CISO and CTO. Jon, thank you so much for joining us at the ‘Ranch! Tell us about your early career, did you start in securi...
Dec 11, 2024•33 min•Ep 201•Transcript available on Metacast Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest is Thomas Krane, Managing Director at Insight Partners. If you go to Thomas’ LinkedIn page, you will also see that he works with a number of cybersecurity scaleups (we'll define that term). As such, Thomas is uniquely qualified to speak to some trends in the industry. Drew asked Thomas to join us here at the ‘Ranch to discuss quite a few facets of the industry. Thomas, thank you for coming on down to the ‘Ranch! We see consolidation...
Dec 04, 2024•34 min•Transcript available on Metacast This week Allan attended the HIP Global conference in New Orleans, which happens to be Allan's favorite city in America. The conference was outstanding - no sales pitches, no nonsense, just many experts speaking on the topic of securing identity. Entra ID, Okta, AD folks all were present, and it was amazing. Allan got to interview some AMAZING guests from all walks of identity life, including one gentleman whose pedigree includes a rather critical national role right out the White House... Liste...
Nov 20, 2024•32 min•Transcript available on Metacast In this episode Allan and Drew consult Tim Rohrbaugh, who has done quite a lot of research and work on the practical applications, deployment, use cases and limits of GenAI and LLM. Flavors and incarnations of AI - GenAI, Expert Systems, ML... Biomimicry and Allan's weird sea cucumber references Practical LLM deployment - Tim's maxims Offline or online? Open or proprietary models? Precision, accuracy, asking the right questions in the first place Your smartest employee as your limiting factor Pr...
Nov 07, 2024•45 min•Transcript available on Metacast Howdy, y'all! With American presidential elections already under way, Allan and Drew decided that scrambling to get Kirsten Davies on the show for this week's show (the last one before formal Election Day) was paramount. Kirsten has been on our potential guest list for years now, as she is a multiple-times Fortune 500 CISO. But now Kirsten is CEO and Founder of The Institute for Cyber Civics, a non-partisan non-profit aimed at empowering poll workers and poll volunteers to recognize and deal wit...
Oct 30, 2024•33 min•Ep 197•Transcript available on Metacast Our guest today is Babbette Jackson, aka Technically__Rose of YouTube and Instagram fame! Babbette is in DLP and Insider threat analysis. She has worked in places as far flung as Edward Jones, Juniper Networks, and Bank of America. More importantly, Babbette is quite involved in the intersection of social media and community engagement. How do we use social media to engage others across generations and to and encourage community participation? Allan, Drew and Babbette discuss: We’ve been talking...
Oct 23, 2024•27 min•Transcript available on Metacast Who and what you are, your personality, your style, your thoughts... That’s all about to change. For one thing you are already a product on “free to use” social media. You don’t really own things you think you own (We're looking at you, Steam!) Even your intellectual property is up for grabs now in ways you can’t see coming. Hollywood actors are selling the rights to their digital likenesses, and meanwhile, others are stealing such rights via technological loopholes. All media exists, according ...
Oct 16, 2024•43 min•Transcript available on Metacast Jason Shockey, CISO of Cenlar FSB, and 25 year veteran of cybersecurity, has a formula for running an excellent cybersecurity program. He studied a great deal in his various cybersecurity roles before leaping into a CISO role, and the studying paid off! Jason and Allan and Drew discuss the following: Identifying Common Pitfalls Promoting Team Well-Being and Efficiency Engaging and Education the Board Strategies for Effective Program Design ALL in the span of one rapid-fire show! Do give it a lis...
Oct 09, 2024•36 min•Ep 194•Transcript available on Metacast Cyber as precursor to kinetic warfare? What about cyber AS warfare? And social media infiltration and propaganda? Join Allan and Drew as they invite Dave Schroeder, a renowned expert in this field, to discuss the active use of cybersecurity and social media as warfare between the Western World and China, Iraq, Russia and North Korea. They cover: Insertion of fake IT employees into key companies Political influence operations (divide and conquer) Precursors to kinetic war being the smallest tip o...
Oct 02, 2024•44 min•Ep 193•Transcript available on Metacast Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest today is Tim Brown. If you don’t’ know who Tim Brown is, he is the CISO at SolarWinds, and as such, is one of us. Or maybe in a way, he is all of us, really. Tim advises and has held various other roles in the past, including product roles, which our listeners know are well-respected skills down at the 'Ranch. The topic today is cyber regulation. It can range from self-regulation to associations, principles, practices, lobbying – al...
Sep 25, 2024•37 min•Transcript available on Metacast What can we established cybersecurity practitioners ACTUALLY do to help those new in the field besides blathering back and forth about the problem in the echo chamber that is LinkedIn? Drew got the clever idea of inviting three folks who are brand new to the field or barely started on their cyber journey, and, get this: ASKING them what they're experiencing and what they need! Clever, huh? It's an eye-opening show for a CISO. We are join on this week's episode by Amé Venter, May Ferreira, and Br...
Sep 18, 2024•43 min•Transcript available on Metacast Howdy, y’all! Our guest today is Wade Baker, cybersecurity researcher, entrepreneur, professor… Wade is a Board of Directors member of the FAIR Institute, was an Advisory Board Member at the RSA Conference, was VP of Strategy & Risk Analytics at ThreatConnect, and is now Co-Founder of Cyentia Institute, which aims to advance cybersecurity knowledge and practice through data-driven research. Wade joins Drew and Allan to talk about (go figure!) data-driven cybersecurity. The three smash throug...
Sep 11, 2024•41 min•Transcript available on Metacast Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest is Michael Santarcangelo, Founder and President at Security Catalyst. He’s a former podcaster – co-creator of Business Security Weekly, he even did a stint on Down the Security Rabbit Hole with Raf and James. True fact, hearing Santa (as his friends call him) and Paul Asadoorian on Business Security Weekly is what inspired Allan to become a podcaster in the first place! But "Santa" (as his friends call him) has done the practitioner...
Sep 04, 2024•48 min•Transcript available on Metacast Your organization runs on commercial software far more than it does open source. But all you are delivered is binaries. What is your technical control to ensure that you are safe from this software? Such software is composed of: Open source libraries Proprietary code 3rd-party proprietary libraries You need to be able to see it, understand it, probe it for malware, backdoors, corruption, CVEs, KEVs, etc. Well now you can. SBOMs are just the beginning... Allan and Drew are joined by Sasa Zdjelar,...
Aug 28, 2024•32 min•Ep 188•Transcript available on Metacast This is our third and final episode of this miniseries. In this episode we are joined by Ross Young, a well-established member of the cybersecurity community with a storied background and penchant for giving back via various means. Ross joins Allan and Drew in exploring the role of technology in the People, Process and Technology triad. Questions covered: The traditional triad of people, process, technology has been with us since 1964, from an era when digital systems were in their infancy and c...
Aug 21, 2024•40 min•Transcript available on Metacast Howdy, y'all! In part two of our three-part miniseries, we tackle Process with Malcolm Harkins. Malcolm is former CISO at Intel, a good friend of Allan's, former Cylance Chief Trust and Security Officer, member of the board of director over at TrustMAPP (where Allan used to be COO), and is now at Hidden Layer, working to secure AI. Hidden Layer did not sponsor this show. Allan, Drew and Malcolm discuss the following: People, process technology – what is the role of process in that triad? How do ...
Aug 14, 2024•33 min•Ep 186•Transcript available on Metacast Thanks for listening, y'all! Our next show is all about Process (we already did a show on People) and after that comes Technology. Y'all be good now!
Aug 07, 2024•13 sec•Ep 185•Transcript available on Metacast Jeremiah Roe has held many roles in cybersecurity: Field CISO, Red Teamer, Advisor, Consultant, Etc. He currently advises for OffSec, who provide quality cybersecurity training. Drew Simonis and Allan Alford determined that Jeremiah would be a great guest for launching a 3-part mini series - each of the three shows exploring People, Process and Technology respectively. The three cover the following topics in a lively conversation that journeys into several aspects of People as they relate to cyb...
Jul 31, 2024•39 min•Ep 184•Transcript available on Metacast Drew and Allan were skeptical about SABSA, as it is a model one CISO friend described as being "only good for a graduate student writing a paper!" Another CISO pointed out that SABSA was designed long before modern engineering practices. Andrew Townley, a long-term SABSA consultant, on the other hand, gets straight to the practicality of it. There is indeed an academic and theoretical foundation behind SABSA, but it is most definitely leveraged for one purpose - to achieve desirable business out...
Jul 24, 2024•38 min•Transcript available on Metacast Hang on to your saddle for this one! Drew Simonis joins Allan as his new co-host in a show where the two of them explore alternative models for selling and funding the cyber mission! You probably know about corporate social responsibility initiatives. Did you know that it's not a a new idea in the history of capitalism, but rather a throwback? Before shareholder capitalism, there was stakeholder capitalism: Stakeholder capitalism proposes that corporations should serve the interests of all their...
Jul 17, 2024•39 min•Transcript available on Metacast Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest toda is Tomer Schwartz, co-founder and CTO over at Dazz Yup! He’s a vendor! And OMG he’s a sponsoring vendor too! Whatever will we do? But wait, y’all know Allan's rule: Vendors are allowed on the show if and when they can add more value on a given subject vs. any practitioners in The Cyber Ranch network. Tomer fits that bill perfectly! Tomer has worked in the Microsoft Security Response Center, he’s the former Armis co-founder &...
Jul 10, 2024•29 min•Transcript available on Metacast If leadership exists in good and bad forms, so must followership. Leadership can exist both by designation, and dynamically, as manifested by folks who may not have an official leader title. And yet we don't measure followership, and our measurements of leadership leave something to be desired... Join Allan Alford as he flies solo this week exploring these topics and suggesting a better way forward. Y'all be good now!
Jul 03, 2024•30 min•Transcript available on Metacast Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest is Nathan Case, who is a previous guest from a multi-guest show. Nate has been a CISO, CTO, Strategist, consultant, CEO, and all kinds of other things. His career is as colorful and varied as Allan's – maybe even more so. Nat's chosen topic is “There is no such thing as security!” So without further ado, let’s dive in! What do you mean when you say “There is no such thing as security!”? Nate outlines declares it as way to judge risk...
Jun 27, 2024•41 min•Transcript available on Metacast In this show, Allan interviews seven guests and asks them questions from a list of 21: Omkhar Arasaratnam “How do we leverage LLMs for our own use in cybersecurity?” "How do you challenge your own precepts and assumptions to stay current in your role?" Ofer Klein “How do you describe what you do in cybersecurity to someone at a cocktail party who knows nothing about cyber?" "How do you explain to the business the value you bring and the risks you solve?" Rick Doten "What message do you have for ...
Jun 19, 2024•29 min•Transcript available on Metacast In this show, Allan interviews seven guests and asks them questions from a list of 21: Chris "Cpat" Patteson “Why do so many CISOs think cybersecurity insurance is snake oil?” Johann Balaguer “People, process, technology - Which is the most important and why?” "What do you want your fellow community of CISOs to know?" Lee Krause “What are we still doing wrong in cybersecurity?" Ken Foster “What are we still doing wrong in cybersecurity?" "How do we articulate risk to the business?" Marty Momdjia...
Jun 12, 2024•34 min•Ep 177•Transcript available on Metacast In this show, Allan interviews nine guests and asks them questions from a list of 21: Dr. Deanna Caputo “How do you measure and articulate risk to the business?” “People, process or technology?” Carlos Guerrero “How do we foster community in cybersecurity?” Elliott Franklin “Governance, Risk Management, and Compliance – Which of the three is most important?” “What does progress look like in cybersecurity?” Corey Bodzin “With regards to AI & LLM, what is the impact to infrastructure?” Evgeniy...
Jun 05, 2024•41 min•Transcript available on Metacast Howdy, y’all, and welcome to The Cyber Ranch Podcast… AND The Audience 1st Podcast! What you are about to hear was recorded LIVE! at the CISO XC conference in Dallas-Fort Worth, Texas (my very favorite conference!) I am your host, Allan Alford, CEO of Alford & Adams Consulting. I have co-host on this episode, Dani Woolf, of the Audience 1st podcast! On her show, Dani interviews security buyers so vendors can more efficiently market and sell to them without ruffling their feathers (or piss th...
May 29, 2024•39 min•Transcript available on Metacast Howdy, y’all, and welcome to The Cyber Ranch Podcast… AND The Audience 1st Podcast! What you are about to hear was recorded LIVE! at the CISO XC conference in Dallas-Fort Worth, Texas (my very favorite conference!) I am your host, Allan Alford, CEO of Alford & Adams Consulting. I have co-host on this episode, Dani Woolf, of the Audience 1st podcast! On her show, Dani interviews security buyers so vendors can more efficiently market and sell to them without ruffling their feathers (or piss th...
May 22, 2024•29 min•Transcript available on Metacast Howdy, y’all, and welcome to The Cyber Ranch Podcast! That’s Drew Simonis, CISO @ Juniper Networks, former CSO @ Hewlett Packard Enterprise, former CISO at Willis – you get the idea. Drew’s posts on LinkedIn are pure fire – not in the hot takes way, but because of the quality of the thinking behind them. Drew has also been on the show a couple of times now, and we keep inviting him back because he’s always worth hearing from. Drew and Allan were chatting this afternoon about the idea that oftent...
May 16, 2024•33 min•Transcript available on Metacast 
