Instilling a culture of continuous learning in cybersecurity and the tips for breaking into cybersecurity with Special Guest, Naomi Buckwalter

Rachel Tobac, the CEO of Social Proof Security, takes us on a remarkable journey into the realm of cybersecurity and social engineering. Her introduction to the world of hacking came at Defcon, where she was initially hesitant to participate in a social engineering competition. Despite her lack of experience, Rachel's determination and "try-hard" attitude led her to secure second place, sparking her passion for cybersecurity. Throughout her engaging narrative, Rachel sheds light on the challenges that companies encounter in defending against social engineering attacks, emphasizing the need for updated security measures. Her insights into leveraging AI and verifying identities provide actionable strategies for fortifying defenses. With a compelling blend of storytelling and expertise, Rachel encourages a mindset of "polite paranoia," empowering individuals to be vigilant in the face of evolving threats. Rachel's journey serves as an inspiration, showcasing the transformative power of passion and perseverance in the cybersecurity landscape.

Social engineering is like a fast childhood pet. We'll say a dog, not a hamster, because it's going to run really fast. So a fast childhood dog that runs away from you, and you have to spend a lot of time looking for it in the neighborhood, but you love this dog, and it's really fun to be around, but, man, does it know how to jump over the fence.
- Rachel Tobac

Connect with Rachel Tobac

• LinkedIn: https://www.linkedin.com/in/racheltobac/
• Twitter: https://twitter.com/RachelTobac
• Rachel on 60 Minutes:  https://www.cbsnews.com/news/how-con-artists-use-ai-apps-to-steal-60-minutes-transcript/?linkId=215644785

Connect with us

Website: securitymasterminds.buzzsprout.com

KnowBe4 Resources:

• KnowBe4 Blog: https://blog.knowbe4.com
• James McQuiggan - https://www.linkedin.com/in/jmcquiggan
• Anna Collard - 
• Javvad Malik: https://www.linkedin.com/in/javvad
• Music Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.com
• Announcer: Sarah McQuiggan - https://www.sarahmcquiggan.com

Show Notes created with Capsho - www.capsho.com
Sound Engineering - Matthew Bliss, MB Podcasts.
If you'd like to ask Matt what he can do for your podcast, visit https://www.mbpod.com and schedule a consultation today! 

Get ready to challenge your assumptions about security awareness as Julie Haney, head of Human Centered Cybersecurity at NIST, reveals the hidden struggles and attitudes of security professionals and non-experts. Just when you think you understand the root causes of cybersecurity challenges, a shocking twist leaves everything in doubt. 
Tune in to find out.

Julie Haney, an esteemed leader at the National Institute of Standards and Technology, heads the Human Centered Cybersecurity program. With a wealth of experience in computer science and over two decades in the field, Julie's expertise lies in understanding the human aspect of cybersecurity. She delves into the struggles, experiences, and attitudes of all participants within an organization, aiming to uncover the root causes of security issues rather than just addressing the surface symptoms. Julie's passion for bridging the gap between research and practice makes her a valuable resource for cybersecurity professionals looking to gain deeper insights into the human element of cybersecurity.

We need to give our professionals a taste of that so that they're at least thinking about it. They may not be experts in it, but they at least know that they need to think about it.

In this episode, you will be hear about:

• Unveiling the Importance of the Human Element in Cybersecurity: Discover how human behavior impacts cybersecurity and why it's crucial for professionals to understand this dynamic.
• Empowering People in Cybersecurity: Explore strategies to empower individuals within the cybersecurity landscape, leading to a more robust and secure environment.
• Addressing Security Fatigue in Cybersecurity: Learn how to combat security fatigue and its detrimental effects on cybersecurity practices, ensuring sustained vigilance and awareness.
• Developing Skills Needed for Future Cybersecurity Professionals: Uncover the essential skills required for future cybersecurity professionals to thrive in a rapidly evolving digital landscape.
• Harnessing Non-technical Skills in Cybersecurity: Delve into the significance of non-technical skills in cybersecurity and their pivotal role in fostering a well-rounded approach to security.

Connect with Julie Haney

• LinkedIn: https://www.linkedin.com/in/julie-haney-037449119/

Connect with us

Website: securitymasterminds.buzzsprout.com

KnowBe4 Resources:

• KnowBe4 Blog: https://blog.knowbe4.com
• James McQuiggan - https://www.linkedin.com/in/jmcquiggan
• Jacqueline "JJ" Jayne - https://www.linkedin.com/in/jacquelinejayne/
• Javvad Malik: https://www.linkedin.com/in/javvad
• Music Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.com
• Announcer: Sarah McQuiggan - https://www.sarahmcquiggan.com

Show Notes created with Capsho - www.capsho.com
Sound Editing - James McQuiggan
Sound Engineering - Matthew Bliss, MB Podcasts.
If you'd like to ask Matt what he can do for your podcast, visit https://www.mbpod.com and schedule a consultation today! 

Feeling the frustration of constantly battling memory-related vulnerabilities in your code? What if I told you there's an unexpected twist in the story that could change everything? Join me as we explore the captivating journey of transitioning to memory-safe languages in programming, and uncover the game-changing solution that awaits. But that's a story for another time...

Our special guest is Loren Kohnfelder and joined by Roger Grimes.

Loren Kohnfelder, a distinguished figure in the realm of cybersecurity, is widely regarded as a trailblazer in the development of PKI (Public Key Infrastructure). His significant contributions to the RSA algorithm and its application in real-world scenarios have solidified his position as a thought leader in digital security. With extensive expertise in encryption and network systems, Loren offers a wealth of knowledge for developers seeking to navigate the transition to memory-safe languages. His pioneering work serves as a cornerstone in understanding the complexities of cybersecurity and the pivotal role of memory-safe languages in fortifying software against vulnerabilities. Loren's profound insights and experiences make him an exceptional guest, providing a comprehensive understanding of the evolution of digital security and its relevance to memory-safe languages.

I think if there are specific pieces of code that are well contained and you can rewrite those in a memory safe language, that's a fine thing to do. But, for example, if you've got a library that's in the middle of a bunch of memory unsafe language code, and you write that into memory safe code, you're going to have bridge code connecting across that boundary, because you obviously can't just slip from memory safe land into memory unsafe land, where you're now taking on risk without managing those borders. 
- Loren Kohnfelder

In this episode, you will be able to:

• Uncover the secrets of PKI with Loren Kohnfelder.
• Learn the benefits of transitioning to memory-safe languages.
• Overcome the challenges of rewriting large codebases.
• Explore the feasibility of adopting memory-safe languages in programming.

Connect with us

Website: securitymasterminds.buzzsprout.com

KnowBe4 Resources:

• KnowBe4 Blog: https://blog.knowbe4.com
• James McQuiggan - https://www.linkedin.com/in/jmcquiggan
• Roger Grimes: https://www.linkedin.com/in/rogeragrimes/
• Erich Kron - https://www.linkedin.com/in/erichkron
• Jelle Wieringa - https://www.linkedin.com/in/jellewieringa
• Javvad Malik: https://www.linkedin.com/in/javvad
• Music Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.com
• Announcer: Sarah McQuiggan - https://www.sarahmcquiggan.com

Have you ever heard these myths about supply chain security, product security, and getting hired in cybersecurity? Myth #1: Supply chain security is not important unless you're a large organization. Myth #2: Product security is solely the responsibility of the manufacturer. Myth #3: Getting hired in cybersecurity requires a technical degree. Stay tuned as our guest, Naomi Buckwalter, reveals the truth behind these myths and offers valuable insights in our upcoming discussion.

Naomi Buckwalter is a cybersecurity professional with a wealth of experience in the industry. With a background in computer engineering and a diverse career spanning roles in application development, security architecture, and leadership, Naomi brings a unique perspective to the field. She gained valuable insights from a challenging experience early in her career, which led her to reevaluate her approach and embrace continuous learning. Naomi's journey has shaped her belief that anyone can succeed in cybersecurity with the right mindset and a willingness to learn. She emphasizes the importance of focusing on fundamental security practices and leveraging data to drive decision-making. Naomi's expertise in product security and supply chain security make her a valuable resource for professionals seeking to enhance their skills and knowledge in these areas.

We're chasing those things that make us feel good, but at the end of the day, not the right things. - Naomi Buckwalter

Connect with Naomi Buckwalter

• LinkedIn: https://www.linkedin.com/in/naomi-buckwalter

Connect with us

Website: securitymasterminds.buzzsprout.com

KnowBe4 Resources:

• KnowBe4 Blog: https://blog.knowbe4.com
• Erich Kron - https://www.linkedin.com/in/erichkron
• Jelle Wieringa - https://www.linkedin.com/in/jellewieringa
• James McQuiggan - https://www.linkedin.com/in/jmcquiggan
• Javvad Malik: https://www.linkedin.com/in/javvad
• Music Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.com
• Announcer: Sarah McQuiggan - https://www.sarahmcquiggan.com

Show Notes created with Capsho - www.capsho.com
Sound Editing - James McQuiggan
Sound Engineering - Matthew Bliss, MB Podcasts.
If you'd like to ask Matt what he can do for your podcast, visit https://www.mbpod.com and schedule a consultation today! 

Discover the untold dangers of AI in cybersecurity as expert Clint Bodungen uncovers the dark side of generative AI. Is our reliance on technology putting us at risk? Find out in this eye-opening discussion that will leave you questioning the future of cybersecurity.

"Technology, as much as we need it, enables complacency. The technology enables that complacency, and we've seen the consequences. We need a proper cybersecurity culture that aligns with our natural desire to do the right thing and help others. "
- Clint Bodungen

• Discover how AI is revolutionizing cybersecurity and gain insights into its impact on threat detection and response.
• Explore the relationship between organizational culture and cybersecurity practices, uncovering strategies to foster a security-conscious environment.
• Unlock the potential of AI in cybersecurity and uncover innovative ways to enhance your organization's defense against cyber threats.

Connect with Clint Bodungen

• LinkedIn: https://www.linkedin.com/in/clintb/
• Twitter: https://twitter.com/R1ngZer0
• Email: clint@threatgen.com
• Organization: threatgen.com
• CyberSuperHuman - AI Courses - https://cybersuperhuman.ai

Connect with us

Website: securitymasterminds.buzzsprout.com

KnowBe4 Resources:

• KnowBe4 Blog: https://blog.knowbe4.com
• Erich Kron - https://www.linkedin.com/in/erichkron
• Jelle Wieringa - https://www.linkedin.com/in/jellewieringa
• James McQuiggan - https://www.linkedin.com/in/jmcquiggan
• Javvad Malik: https://www.linkedin.com/in/javvad
• Music Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.com
• Announcer: Sarah McQuiggan - https://www.sarahmcquiggan.com

Show Notes created with Capsho - www.capsho.com
Sound Editing - James McQuiggan
This episode was edited by Matthew Bliss of MB Podcasts. If you'd like to ask Matt what he can do for your podcast, visit https://www.mbpod.com and schedule a consultation today! 

Discover the critical role of a Business Security Officer in aligning security with business goals. But what happens when this vital bridge between security and the organization finds themselves facing unexpected challenges? Find out in this intriguing episode of the Security Masterminds podcast.

Nicole Dove, a cybersecurity expert with an intriguing career path, helps businesses navigate the intersection of risk and technology. Starting her career on Wall Street, she transitioned into risk management consulting and auditing before eventually shifting gears into cybersecurity. As a Business Information Security Officer (BISO), Nicole focuses on aligning business and security, advocating for both to the benefit of the organizations she serves. Her business-first approach to security, understanding of diverse business units, and innate curiosity make her a critical asset in identifying and managing organization-wide threats.

Security is like really a team sport and you can't wait until game day to practice and think you're going to win. - Nicole Dove

Connect with Nicole Dove

• LinkedIn: https://www.linkedin.com/in/jnicoledove/
• Twitter:  https://twitter.com/IssaUrbanGirl
• Urban Girl Podcast: https://podcasts.apple.com/us/podcast/urban-girl-corporate-world/id1502039142

Connect with us:

Website: securitymasterminds.buzzsprout.com

KnowBe4 Resources:

• KnowBe4 Blog: https://blog.knowbe4.com
• Erich Kron - https://www.linkedin.com/in/erichkron
• Jelle Wieringa - https://www.linkedin.com/in/jellewieringa
• James McQuiggan - https://www.linkedin.com/in/jmcquiggan
• Javvad Malik: https://www.linkedin.com/in/javvad
• Music Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.com
• Announcer: Sarah McQuiggan - https://www.sarahmcquiggan.com

This show's sound is edited by ProPodcastSolutions -https://propodcastsolutions.com/
Show Notes created with Capsho - www.capsho.com

Protecting data in the age of cyber threats, cybersecurity expert Ian Garrett ignites a battle against ignorance, as he harnesses the power of AI and zero trust to defend organizations of all sizes from the lurking dangers of the digital world.

Today's guest is Ian Garrett, the CEO and co-founder of Phalanx. With a background in computer science, he became an early adopter of AI application in cybersecurity and has been making waves in the industry ever since. Ian's ability to combine AI rapid data processing with a human understanding of nuanced threats exemplifies cutting-edge cybersecurity practices that help ensure data protection and privacy.

Don't ignore the data outside of secure places. Even drafts and email attachments can be vulnerable. Take a comprehensive approach to data security. - Ian Garrett

In this episode, you will be able to:

• Gain insights into how AI and Zero Trust model can reinforce your data protection strategies.
• Learn from industry connoisseurs about typical data security blunders to be avoided.
• Identify the hurdles in managing multicloud data and the solutions to counter these challenges.
• Delve into the potent dangers presented by AI and chatbots and how to keep them at bay.
• Understand the practical application and multiple influences of the Zero Trust architecture on your business.

Ian Garrett, CEO and co-founder of Phalanx, with a background in computer science, he became an early adopter of AI application in cybersecurity and has been making waves in the industry ever since. Ian's ability to combine AI rapid data processing with a human understanding of nuanced threats exemplifies cutting-edge cybersecurity practices that help ensure data protection and privacy.

Don't ignore the data outside of secure places. Even drafts and email attachments can be vulnerable. Take a comprehensive approach to data security. - Ian Garrett

Connect with Ian Garrett

• LinkedIn:  https://www.linkedin.com/in/ianygarrett/
• Twitter: @ianygarrett - https://twitter.com/ianygarrett
• Organization: phalanx.io - https://www.phalanx.io/

Connect with us:

Website: securitymasterminds.buzzsprout.com

KnowBe4 Resources:

• KnowBe4 Blog: https://blog.knowbe4.com
• Erich Kron - https://www.linkedin.com/in/erichkron
• Jelle Wieringa - https://www.linkedin.com/in/jellewieringa
• James McQuiggan - https://www.linkedin.com/in/jmcquiggan
• Javvad Malik: https://www.linkedin.com/in/javvad
• Music Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.com
• Announcer: Sarah McQuiggan - https://www.sarahmcquiggan.com

This show's sound is edited by ProPodcastSolutions -https://propodcastsolutions.com/
Show Notes created with Capsho - www.capsho.com

Check us out on our new LinkedIn Page!  - https://www.linkedin.com/company/security-masterminds-podcast/

Does this sound familiar? You've invested in threat intelligence data and spent countless hours analyzing it, yet you still feel vulnerable to cyber threats. Maybe you were told that having the data alone would be enough to protect your organization. But the reality is, simply having the data without knowing how to turn it into actionable insights leaves you exposed and frustrated. The pain of constantly worrying about cyber attacks and feeling powerless to stop them is all too real. In this episode, we'll show you how to transform your threat intelligence data into actionable intelligence, giving you the tools to defend against even the most sophisticated cyber threats.

In this episode, you will be able to:

• Realize the urgency of embracing cybersecurity for your business's sustained success.
• Explore how actionable threat intelligence can augment your defenses against cyber adversaries.
• Absorb the advantages of using a joint and innovative approach to stay on top of evolving digital dangers.
• Discern the impact of robust communication and leadership skills in fostering a secure digital environment.
• Appreciate the role of attack simulation technology in unveiling security blind spots and improving protection.

My special guest is

Bryson Bort is an accomplished cybersecurity veteran with more than two decades of experience under his belt. As the founder of Scythe, Bryson has cultivated a platform that empowers professionals in the cybersecurity space to effectively address and combat cyber threats. Simultaneously, he co-founded ICS Village, a non-profit that aims to increase knowledge and awareness of industrial control system security. With a strong background in both offensive and defensive security, Bryson's drive for constant improvement and growth has made him an influential figure within the cybersecurity community.

Connect with Bryson Bort!

• Linkedin: https://www.linkedin.com/in/brysonbort/
• Twitter: https://twitter.com/brysonbort
• Scythe: https://scythe.io/
• ICS Village: https://www.icsvillage.com/

Testimonial for Scythe  https://scythe.io/library/purple-team-approach-boosts-cybersecurity

Connect with us:

Website: securitymasterminds.buzzsprout.com

KnowBe4 Resources:

• KnowBe4 Blog: https://blog.knowbe4.com
• Erich Kron - https://www.linkedin.com/in/erichkron
• Jelle Wieringa - https://www.linkedin.com/in/jellewieringa
• James McQuiggan - https://www.linkedin.com/in/jmcquiggan
• Javvad Malik: https://www.linkedin.com/in/javvad
• Music Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.com
• Announcer: Sarah McQuiggan - https://www.sarahmcquiggan.com

This show's sound is edited by ProPodcastSolutions -https://propodcastsolutions.com/
Show Notes created with Capsho - www.capsho.com

Check us out on our new LinkedIn Page!  - https://www.linkedin.com/company/security-masterminds-podcast/

Are you struggling to raise cybersecurity awareness despite following the same old advice? Discover the power of storytelling and engagement in transforming cybersecurity training and arming your workforce against message fatigue and over-reliance on technology.

In this episode, you will be able to:

• Delve into the connections between storytelling, engagement, and effective cybersecurity training.
• Gain insight into striking the perfect balance between factual content and captivating storytelling.
• Find out how relying too much on technology can jeopardize cybersecurity efforts.
• Master techniques for countering message fatigue in the cybersecurity industry.
• Explore the power of humor and entertainment in raising security awareness levels.

Rob McCollum, a versatile voice actor with a background in sales, marketing, acting, and improv comedy, has lent his talents to over 300 anime roles and a plethora of corporate training videos. Joining forces with Twist & Shout, a KnowBe4 company, Rob ventured into corporate storytelling and cybersecurity training, working on projects for major companies such as Barclays Bank, AT&T, Warner Brothers, and Sony. His unique approach to storytelling and engagement in cybersecurity training has revolutionized the industry, keeping viewers intrigued and eager for more.

About Rob McCollum

• LinkedIn - https://www.linkedin.com/in/robert-mccollum-23b1a86
• Rob McCollum Facebook Anime Fan Page: https://www.facebook.com/RobertMcCollumFanPage

Show Notes:

• The Inside Man Series: https://info.knowbe4.com/inside-man-ga
• Favorite Books: 
• After On, Year Zero, by Rob Reid - https://www.amazon.com/stores/author/B000AP8X36/allbooks?ingress=0&visitId=3058ab80-2f93-42c9-9be8-a1d49c3fec86&store_ref=ap_rdr&ref_=ap_rdr

Connect with us:

Website: securitymasterminds.buzzsprout.com

KnowBe4 Resources:

• KnowBe4 Blog: https://blog.knowbe4.com
• Erich Kron - https://www.linkedin.com/in/erichkron
• Jelle Wieringa - https://www.linkedin.com/in/jellewieringa
• James McQuiggan - https://www.linkedin.com/in/jmcquiggan
• Javvad Malik: https://www.linkedin.com/in/javvad
• Music Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.com
• Announcer: Sarah McQuiggan - https://www.sarahmcquiggan.com

This show's sound is edited by ProPodcastSolutions -https://propodcastsolutions.com/
Show Notes created with Capsho - www.capsho.com

Check us out on our new LinkedIn Page!  - https://www.linkedin.com/company/security-masterminds-podcast/

Are you tired of the same old ineffective methods for GRC optimization and AI integration for cybersecurity? Do you feel like no matter what you do, you can't seem to get the results you need? Come join us in this episode to learn the latest and greatest techniques for enhancing your GRC processes and AI integration for cybersecurity success.

Stas Bojoukha is a cybersecurity expert with over 20 years of experience in the industry. He has a deep passion for automation and making security consumable for everyone. Stas began his career as a computer technician, later progressing through various roles such as systems engineer, infrastructure engineer, and chief security officer. His diverse background has allowed him to gain valuable insights into a wide range of IT disciplines. Today, Stas is the CEO and founder of Compyl, an information security and compliance automation platform designed to streamline processes and improve efficiency in managing compliance requirements.

The resources mentioned in this episode are:

• Look into Stas Bojoukha's company, Compyl, an information security and compliance automation platform that helps organizations automate their cybersecurity programs and reduce risk.
• Prioritize making security and compliance understandable for non-technical staff members, as this will help improve overall security awareness and adherence to policies.
• Remember that compliance does not necessarily guarantee security; focus on implementing security measures that go beyond compliance requirements to ensure a more robust security posture.

About Stas Bojoukha

• LinkedIn - https://www.linkedin.com/in/stas-bojoukha/
• Email: stas@compyl.com
• Social Media:  https://twitter.com/thestas1
• Compyl: https://compyl.com/

ShowNotes

• SIM City 2000 - https://www.ea.com/games/simcity/simcity-2000
• SOC Analyst link from CISA - https://niccs.cisa.gov/education-training/catalog/cyber-range-solutions-inc/intro-soc-analyst
• 
  

Connect with us:

Website: securitymasterminds.buzzsprout.com

KnowBe4 Resources:

• KnowBe4 Blog: https://blog.knowbe4.com
• Erich Kron - https://www.linkedin.com/in/erichkron
• Jelle Wieringa - https://www.linkedin.com/in/jellewieringa
• James McQuiggan - https://www.linkedin.com/in/jmcquiggan
• Javvad Malik: https://www.linkedin.com/in/javvad
• Music Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.com
• Announcer: Sarah McQuiggan - https://www.sarahmcquiggan.com

This show's sound is edited by ProPodcastSolutions -https://propodcastsolutions.com/
Show Notes created with Capsho - www.capsho.com