mnemonic security podcast

For this episode, Robby is joined by Levi Gundert, Chief Security Officer at the cybersecurity company Recorded Future and author of the book The Risk Business – what leaders need to know about intelligence and risk-based security.

Levi shares from his decades of experience in the threat and risk space – and Robby picks his brain about a broad set of security topics ranging from telling the risk story and categorising risk, to darknet monitoring and infiltration, and using chatbots for security analysis and risk management.

Ethical social engineering

Even the best pentesters out there can be fooled by a social engineering attempt under the right circumstances. But how do we treat the ones that have been tested and failed?

Ragnhild «Bridget» Sageng, Senior Security Advisor at Norwegian Customs, has several years of experience from the IT and cybersecurity industry, and hands-on experience working as an ethical hacker specialising in social engineering.

In her conversation with Robby, she shares what goes through her head during social engineering  assignments, and discusses the importance of company culture and management expectations when doing these kinds of assessments.

Ragnhild is particularity interested in the other side social engineering and how we should meet the humans that are involved in these assignments. During this episode she explores what ethical responsibilities we have, what a pentester should demand from a company before accepting an assignment, and what a company should demand back from a pentester.

How will AI impact the next generation of people working with computer science?

This question is probably relevant for anyone making their way through school now, in all fields of study. Without looking for a definite answer, but to help him navigate this question, Robby has invited two people with quite different backgrounds: Richard Stiennon, author of Security Yearbook 2023 and Founder and Chief Research Analyst at IT-Harvest, and High School Junior, Athena Contos. 

Athena was recently visiting colleges, together with her father Brian Contos, a long-time veteran of the mnemonic security podcast. They both noticed a lot of excitement and concern regarding AI amongst those about to embark on their higher education, and questions about how AI will impact their choices of schools, majors, careers, and ultimately their future.

In this episode, Athena and Richard share their perspectives on AI’s potential in education, the ethics of using AI in this context, and how we can go from combating the use of AI in the classroom to making it a useful tool for learning.

How does cybersecurity play a part in ensuring food security?

As part of the ISACA series of the mnemonic security podcast, we’re welcoming Karianne Kjønås, Cyber & Privacy Associate at PwC Norway. Karianne recently won the ISACA master’s thesis award with her thesis on how cybersecurity incidents can affect Norwegian food production.

During her conversation with Robby, she shares some of her major research findings, and how data, automation, IoT and AI play an important role in food production these days.

They also discuss the state of cybersecurity in farming technologies and some of the most common cybersecurity threats to the food supply chain.

Conflictual coexistence

Today’s guest, Raymond Andrè Hagen, holds over 20 years of experience in cybersecurity and information security, and is currently researching advanced persistent threats for his PhD in Computer and Information Systems Security. 

He also has experience as a Security Specialist at the Norwegian Digitalization Agency (Digdir), including being Chief Security Officer at Altinn, the Norwegian authorities' solution for reporting and dialogue with business and industry.

In his conversation with Robby, Raymond shares from his threat research on predicting APT attack behaviour, including his hypothesis, prediction models and some preliminary findings.

 Raymond and Robby also discuss conflictual coexistence between nation states, especially US-China and US-Russia relationships, and how this has affected the cyber landscape historically, and will continue to affect it in the future.

To join Robby for this episode on Russian cybercrime and ransomware, we’re welcoming Sam Flockhart, Cyber Threat Intelligence Manager at Santander UK.

Sam has a background in military intelligence from the British army, where he has spent a large part of his career looking at Russian influence in Eastern Europe. Including experience from the British army’s support mission to Ukraine.

Sam goes through his presentation “From Russia with ransomware” presented at FS-ISAC EMEA Summit last month. Robby and Sam discuss ransomware groups with direct relationships with Russian intelligence services, their tactics, and how likely it is that ransomware will be used as a weapon in the short – medium term.

To watch Sam’s presentation, visit the video episode on our YouTube channel: youtube.com/mnemonic

Metaverses

Have you been to the metaverse yet? And are you among the 78% that believe the metaverse will provide a significant value to their organisation in the future?

To join Robby for this episode, we’re welcoming Julia Hermann, Senior Technology and Innovation Manager at Giesecke+Devrient, where she works on identifying opportunities in the metaverse.

Julia shares what companies are utilising metaverses well, and where she sees the most opportunities in enterprise, commercial and industrial metaverses. They also talk about ethical dilemmas in, and fair and equal access to metaverses. As well as limitation to the current metaverses, and their technical challenges and cybersecurity risks.

Defending EVE Online

How does combatting botting, hacking, and fraud in a virtual game relate to fighting real cybercrime?

To share his take on this, Maksym Gryshchenko joins us to share how he works as a Security analyst at CCP Games, a leading game developer based in Iceland, and the developers behind the sci-fi role-playing game EVE Online.

EVE Online is known for having an immensely complex market economy system for the game's internal industry and trade between players, and Maks explains to Robby how he and his team works to maintain the integrity of this economy and the game itself. And in the case of EVE, this means more than catching cheaters.

Last year, threat researchers all over the world got a sneak peek into the inner workings of the Russian defence contractor NTC Vulkan. 

The Vulkan files leak provided an interesting behind the scenes look at Russian cyber capabilities and scalability, and the ways state sponsored organisation work. 

Joe Slowik, managing threat intelligence at the cybersecurity company Huntress, joins Robby to talk about how he worked through the hundreds of pages of data from the leak, and what he learned from them.

Cryptology is fundamental for the way the internet works today. But what exactly is modern cryptology, and what are the most common areas in which it’s being used?

To guide us through this complex area, Robby’s joined by Bor de Kock, PhD. in Cryptology and Assistant Professor at NTNU.

They talk about some of the main challenges to cryptology these days, encryption security and its limitations, and how Bor expects quantum computing to affect cryptology.

Bor also shares what makes him both optimistic and pessimistic when it comes to the future of internet security.

Physical penetration testing | ISACA series

For this episode that is part of our ISACA series, we’re joined by Rob Shapland, Ethical Hacker/Head of Cyber Innovation at Falanx Cyber.

Rob talks about what he’s learned from his 15 years of testing physical and cyber security for his clients, including more than 200 building intrusions assignments. He explains how these kind of testing assignments work, what usually does work – and what happened the one time he actually didn’t get in.

Robby and Rob talk about the evolution of security testing, and how testing techniques have had to adapt and become more subtle especially the last five years. They also go into the importance of training after assignments like these.

Artificial intelligence (AI) and machine learning (ML) models have already become incorporated into many facets of our lives. In this episode, we discuss what happens if these models are attacked.

How can the models that AI and ML are built upon be attacked? And how can we defend them?

Eoin Wickens, Senior Adversarial ML Researcher at HiddenLayer, an organisation doing security for AI and ML, joins Robby to talk about this often overlooked aspect of AI.

During the episode, they also discuss the power AI/ML has to augment how we work in security, and the amount of community collaboration within these fields. 

Eoin also shares what he spends the majority of his time talking to customers about today, and what he believes he will be using most of his time on in the future.

What do you really know about your vendors? And about your vendors' vendors?

To talk about supply chain attacks, and how to best mitigate and meet these risks, Robby is joined by a pair with a lot of experience on this topic: Roger Ison-Haug, CISO of StormGeo, and Martin Kofoed, CEO of Improsec.

Martin and Roger discuss what a supply chain attack looks like these days, how to prepare for when a compromise happens, and how to get an overview of your organization's exposure. They also highlight the importance of knowing what happens if someone accesses your infrastructure, and fixing your basics.

How to succeed with bug bounties

Responsible disclosure and vulnerability reporting have come a long way in recent years, and have gone from being feared and even something you took legal action against, to something that is appreciated for its value.

Ioana Piroska, Bug Bounty Program Manager at Visma, joins Robby to share how Visma has succeeded with their bug bounty program. She talks about Vismas’ approach to these kind of programs, and the actual value they receive from them.

Ioana and Robby discuss the difference between penetration testing and a bug bounty program, and how they complement each other. And how Visma also uses their live hacking competitions and public responsible disclosure program to improve their vulnerability detection capabilities. 

Video version (with presentation) available on our YouTube channel!

Influencing the board

What are some of the most effective methods of gaining a board’s support, and how do you maintain this trust and improve it over time?

Our guest today has worked with a lot of boards, and joins us to share his experiences providing boards with the tools to ask the right questions when it comes to cybersecurity, and conveying to them why cybersecurity is important for their organisation.

Roger Ison-Haug has worked in IT for close to 30 years and is now working as the CISO & DPO at the data science and weather intelligence provider StormGeo. He is also currently working on his PhD in cybersecurity and leadership.

Roger and Robby discuss the most common challenges that boards experience, and what kind of questions they usually ask. They also talk about what it’s actually like being a board member, Roger’s best advice to security people wanting to influence a board, and what kind of questions security people usually aren’t very good at answering – but should be.

KraftCERT trusselvurdering 2023 | In Norwegian only

Our podcast guest this week is Espen Endal, previous mnemonic colleague and currently OT Security Analyst at the Norwegian energy sector CERT: KraftCERT/InfraCERT.

InfraCERT is an ISAC (Information Sharing and Analysis Center) and an IRT (Incident Response Team). Mainly working to update their members about relevant vulnerabilities and threats to make them able to better detect and respond to digital attacks. They are also part of the Norwegian national response organisation. 

During their conversation, Robby and Espen discuss KraftCERT/InfraCERT's annual threat report, what they consider the most serious threats for their member organisations, both long term and short term, and what techniques they often see being used against their members.

Espen also talks about the push to the cloud, the trade-off this entails particularly in these sectors, as well as the impact NIS and eventually NIS2 will have on their members.

Avoiding overload and managing stress in cybersecurity

For today’s episode, Robby’s joined by Lisa Ventura, Cybersecurity Specialist, Author, and qualified Mental Health First Aider. After many years of experience from the industry, she’s become particularly interested in the human aspects of cybersecurity, especially when it comes to mental health issues, stress, and burnouts.

During their conversation, Lisa explains how common stress and burnouts are in InfoSec and cybersecurity, and discuss how the pandemic impacted these numbers. As well as what the main factors contributing to stress and burnout in our industry is, and how these symptoms manifest themselves.

She also shares some advice on how to combat overload and stress both on an individual and organisational level.

If you’d like to also see Lisa’s presentation, feel free to visit our YouTube channel to watch the full recording of the episode.

Asset Intelligence

Imagine a scenario where your organisation discovers that a threat actor currently possesses more knowledge about your environments than you do. Let’s find a way to make sure we don’t end up there - but how?

For this episode, Robby is joined by a serial entrepreneur and serial guest at the mnemonic security podcast. For the fourth time, we’re welcoming Brian Contos. Today, to discuss his latest role as Chief Strategy Officer at Sevco, a company specialising in asset intelligence.

Brian talks about the importance of having an accurate and comprehensive understanding of your assets' security and compliance status, especially in the governance, risk, and compliance (GRC) landscape. As well as how asset intelligence is gaining renewed attention in the industry.

Operationalising Threat Intelligence

What can you do to get the most out of your threat intelligence initiatives?

A good place to start, is picking Kyle Wilhoit’s brain. Kyle’s the Director of Threat Research at Palo Alto Network's Unit 42, and author of the book Operationalizing Threat Intelligence: A guide to developing and operationalizing cyber threat intelligence programs.

During his chat with Robby, he provides some advice on how organisations should be handling their threat intelligence, what you can leverage from your vendors and partners, and what you need to do yourself to achieve full value from your threat intelligence.

He also shares the major trends that Unit 42 are seeing when it comes to hacking tools, attack frameworks, campaigns, malware, and ransomware.

Crypto Finance

How does a crypto finance agency work with security?

To answer this question, and provide insight into security in the world of crypto, we’re joined by Dr. Dominik Raub. He has more than 10 years of experience from the financial industry, a Doctor of Sciences in Cryptography, and works as CISO at Crypto Finance AG, an organisation providing crypto and blockchain services to institutional clients.

Dominik talks about the threat landscape they are in, the adversaries in the space, and what he’s learned about their TTPs. As well as the mechanisms his organisation uses to help them distinguish bad transactions and stop large-scale issues.

Robby and Dominik also discuss the recent developments in the crypto finance market, and Dominik shares what he predicts will happen in the market in the years to come.