An Interview with Arun Sood, CEO of SCIT Labs Cyber Security Dispatch: Season 3, Episode 2 Show Notes: Welcome back to the Cyber Security Dispatch. This is the first in the new series of interviews focused on innovative technology in cyber security where we talk about new solutions to protect our data and systems. Today on the show we welcome Arun Sood, CEO of Self Cleansing Intrusion Tolerance (SCIT) Labs. He is the co-inventor of all six SCIT technology patents that are based on the research u...
Jan 29, 2019•Transcript available on Metacast Key Points From This Episode: How Christian came to study both Medieval History and Computer Science. Learn more about Christian’s unique PhD in German Mysticism. Christian shares his unique passion for global cyber security theory. Are their links between Medieval history and what is happening with the internet today? Discover more about the balkanization of the internet and net neutrality. Parallels between Medieval social connections and internet social connections. Christian’s view on open s...
Jan 03, 2019•56 min•Transcript available on Metacast Key Points From This Episode: How Stephanie ended up in the cyber security profession. An introduction to the challenges that face cyber security in the healthcare sector. The intersection of the individual, the governmental and the business sectors. Major differences between GDPR and HIPAA. The competitive element to the monetization of data across industries. Interstate influence with regards to healthcare regulation. Building uniform national and international standards for healthcare data. I...
Sep 10, 2018•36 sec•Ep 12•Transcript available on Metacast Key Points From The Episode: Erfan’s professional background and how this sets him apart. The problem with businesses’ drive towards interconnectivity. Creating a hardened, layered defense as opposed to merely a perimeter. How these concerns fit into a real life utility configuration. The importance of institutional architecture beyond personnel. Shifting common mental models of security and how it relates to confidentiality. The benefits of prioritizing ‘hyper-quiet’ networks. The influence of ...
Aug 29, 2018•52 min•Ep 11•Transcript available on Metacast Key Points From This Episode: An introduction to the work of Michael and Digital Shadows. Explaining the dark web and how it functions. Recent developments in the dark web market places. The service that Digital Shadows offers to its clients. Looking at file storage and the problems that these services create. How Michael’s organization goes about protecting other organizations from threats. Removing the criminal value of identifiers such as SS numbers. Some of the interesting ways customers are...
Jul 11, 2018•26 min•Transcript available on Metacast Key Points From This Episode: Find out more about Scott and his background in the industry. Using newer technologies to mitigate risk issues. The importance of measuring vulnerability and patch programs. Speaking in business terms versus technical terms. Addressing patching and hardening caused performance issues. Resolving a CISO’s mandate versus the line of business mandate. What are the guiding principles of organization collaboration? Getting the business to realize that they are the brakes ...
Jul 02, 2018•Transcript available on Metacast Key Points From This Episode: Vendor tools: Who should we be routing detections to? The importance of giving the right information to the right people. Tips for dealing with technical superiority and buzz word trends. How small companies can establish their own technical superiority. Why no one really believes how great you tell them you are. What the next generation of software programmers are looking at. How cyber security has become a cross-disciplinary concern. What it takes to educate the n...
Jun 29, 2018•24 min•Transcript available on Metacast Key Points From This Episode: Martin’s background and the current climate of privileged access management. Managing the changing roles of privileges within hierarchical organizations. How the inevitable shift to the cloud is changing cyber security concerns. Who watches the watchers? What is the freedom of a super-user? Points of friction within and without organizations around admin roles. The increasing space of AI and what that means for job creation. The lack of development in cyber security...
Jun 27, 2018•22 min•Transcript available on Metacast Key Points From This Episode: Learn more about phishing for awareness and what this entails. How Joe helps companies set up phishing engagements against their employees. Incident response and why phishing attempts are never going to be 100% effective. Assuring those who have been phished that their credentials aren’t necessarily useable. The difference between pen testing and red teaming in light of Haroon Meer’s work. Why less black box pen testing and more white box red teaming could be the wa...
Jun 15, 2018•24 min•Transcript available on Metacast Key Points From This Episode: The current privacy landscape and an introduction to GDPR. Unpacking GDPR and what it will mean. The future of terms, conditions and consent forms. Locating the issue of privacy within a larger context of human rights. The privacy issue and the distance it has to go to catch up with other social concerns. The role of industry in the progress of the privacy issue. Imagining an affirmative, multifaceted approach towards privacy. Privacy’s relationship to identity and ...
Jun 12, 2018•25 min•Transcript available on Metacast Key Points From This Episode: An introduction to our guests and their roles at ESET. What brings our guests to RSA. High detection, low maintenance and avoiding false positives. Resistance to the cloud and what the slow migration means for security. The obvious relationship between cyber security and the Internet of Things. Practical and safe application of IOT in the home. Targeted attacks and specific ransomware. Looking at how these products in our homes can be leveraged by cyber criminals. T...
Jun 07, 2018•30 min•Ep 4•Transcript available on Metacast Key Points From This Episode: The beginnings of ShieldX and the time leading up to this. The arrival of the cloud and the effect of ‘east-west’ security. Implications for the lack of orchestration for traditional systems. Reducing the total cost of ownership in addressing these scenarios. Transferring the security of on-premise systems to the larger, cloud scale. The logistics of migrating your security to any of the large cloud services. The futility of an agent based approach to cloud security...
Jun 04, 2018•32 min•Transcript available on Metacast Key Points From This Episode: Learn more about the 2012 KPN hack and its impacts on cyber security today. Riding the security rollercoaster: How to sustainably manage vulnerabilities and incidents. Dealing with the known knowns, the known unknowns and the unknown unknowns… How KPN works to reduce the window of opportunity for a potential hack to take place. How does KPN ensure that security becomes embedded in different organizations. Jaya shares more about the impact of cyber security when it c...
May 30, 2018•20 min•Transcript available on Metacast Key Points From This Episode: An introduction to Gary and his professional life. The tragic turn that Gary’s company took after it was hacked from the inside. How Gary and his wife handled the crimes that were committed against their company. The change of career that followed the downfall of the company. The hacks that persisted ten years after Gary left his original career. The decision to turn his lack of cyber knowledge into a lesson for anyone. The birth of the Cyber Heroes comic! Looking a...
May 29, 2018•47 min•Transcript available on Metacast Key Points From This Episode: Discover how Lisa entered the field of cyber security. How Lisa came to work as a “bureaucracy hacker” at the Pentagon. Learn more about the aims and direction of the DARPA program. Lisa shares more about DARPA’s flagship program titled PlanX. Find out more about the intricate links between Cybercom and the NSA. Hear what Lisa believes is the problem with standards and compliance. How to ensure mature cyber security ecosystems today? Lisa’s thoughts. Hacking the Pen...
May 15, 2018•37 min•Ep 15•Transcript available on Metacast Key Points From This Episode: The latest product John and King & Union have launched called Avalon. Avalon’s target market and the space it occupies in security operations. What differentiates Avalon from other similar products. Entering a crowded market and integrating into existing systems. The architecture of securing information for a large company. Housing these systems and the cloud services Avalon uses. The experience of venture capitalism and the start-up game. Building the team at K...
May 14, 2018•12 min•Ep 14•Transcript available on Metacast Key Points From This Episode: David’s current position at Nuix and his background in the US Secret Service. Some information on the Black Report and it’s defining characteristics. The biggest realizations David has had working for Nuix. Underestimating the human factor in current cyber attacks. Better understanding the profiles and motivations of hackers. The evolution of the mind of the attacker and how things stay the same. Possible ways to go about testing and preparing for attacks. David est...
May 11, 2018•23 min•Transcript available on Metacast Key Points From This Episode: Learn more about Mike, his background in the industry and his role at ZeroFOX. Find out why security never appears to be top of mind when it comes to social. Are people more welcoming of digital intruders versus in-person intruders? Mike shares his views on social interaction from an enterprise perspective. How ZeroFOX assists companies who are being harmed by behavior on social. Why is crypto mining such a big issue right now and are consumers at a security risk? I...
May 09, 2018•12 min•Transcript available on Metacast Key Points From This Episode: Some of Simon’s background and the areas in which he has worked. The work Simon did at Bloomberg the and role of financial services in security. The rising value of data and how this fits into an organization’s security. The continuous role of a CISO in maintaining security over time. Balancing risk preparation with cost effectiveness. The easy ways to make sure your company is not very exposed to attack. Matching your security practices to your company and it’s cus...
May 07, 2018•25 min•Transcript available on Metacast Key Points From This Episode: Arthur’s background in International Relations and role in the Obama administration. The new challenge that cyber security poses to the state commission. Highlights from the important process of Connecticut cyber security report. The meetings that followed this report process and what contributed to its success. Differences between public utilities and the general business sector. Responding to the ongoing and evolving challenge of cyber crime. The idea of cyber res...
May 07, 2018•38 min•Transcript available on Metacast Key Points From This Episode: • Dr. Ross’ job specifics and NIST’s role in cyber security. • The current climate of cyber danger and how this relates to the internet of things. • Cyber resiliency as compared with the idea of cyber security. • Counter measures and tactics that typify cyber resiliency. • The characteristics of diversity and homogeneity in security systems. • The idea of dece...
May 01, 2018•58 min•Ep 9•Transcript available on Metacast On today’s episode we host a conversation with Roberto Clapis and Stefano Zanero from Secure Network in Milan. We tackle the issue of IOT device security and try to break down just where companies and users are at with this issue currently. We get a background to Stefano and Roberto’s work and their interest in security as well as little peak inside their presentation from The Black Hat Convention. One of the main takeaways from the discussion is the idea of communication between security and ot...
Apr 06, 2018•28 min•Ep 8•Transcript available on Metacast In this episode, Air Gaps Are Like Unicorns, we talk with Galina Antova. One of the co-founders of Claroty, a fast growing security startup in the world of industrial control systems. She shares her experience working to protect these critical systems and the journey that led her to found Claroty.
Mar 26, 2018•21 min•Transcript available on Metacast Key Points From This Episode: Justin’s studies, consulting work and path to his current role at Zenefits. Calculating risk return for defense and attack and how Justin approaches this. Why better general security at other companies benefits everyone. Justin’s approach to defending against advanced persistent threats. Why security needs to talk more about the less sexy sides of their work. The hottest new strategies and technologies according to Justin. The role and appropriate time for automatio...
Mar 05, 2018•34 min•Transcript available on Metacast Well Rick, thanks for joining us. Just introduce yourself. My name is Rick Moy. I'm the chief marketing officer at a company called Acalvio Technologies. We are a Deception 2.0 company. We are creating a distributed deception platform that brings automated deceptions at scale and authenticity to organizations of any size. The goals is to make it easy to manage, deploy, and implement deception strategies in the network in order to do a better job of detecting attackers who have gott...
Feb 28, 2018•16 min•Transcript available on Metacast Key Points From This Episode: Andrea's journey from academia to cyber security. Why cyber security is also a retention challenge. How companies can protect their employees from burnout. What happened to the utopian idea of the internet? State sovereignty and the balkanize internet or splinter net. The implications of China’s new social credit system. Learn more about GDPR and the control over your own data. Does Russia’s internet look different to the rest of the internet? The effects of the cry...
Feb 12, 2018•26 min•Transcript available on Metacast Key Points From This Episode: • Learn more about Joe Slowik and his non-traditional CS Background. • Joe gives his overview of the current thought around industrial controls. • Find out how we defend industrial control systems today. • How can attacks be actualized to impact an ICS environment? • Script locking and reevaluating credential storage and credential use. • Adopting a strategic ...
Feb 07, 2018•28 min•Transcript available on Metacast In this interview, we talk with Steve Orrin, CTO of Intel Federal and take a deep dive into how government agencies are speeding up and changing their process for adopting new technology.
Feb 02, 2018•27 min•Ep 2•Transcript available on Metacast Paul's perspective having been leading some of the efforts that shaped how the modern internet works today. We talked about how such complex and multi partied ecosystem is always going to create problems and issues we couldn't imagine and how we as a global community are still struggling to solve them.
Jan 20, 2018•30 min•Transcript available on Metacast 
