The Cyber Jack Podcast

Cyber defense is complex and easy to get wrong. Threat-informed defense is an approach to cybersecurity that involves gathering and utilizing information about potential threats and adversaries to enhance an organization's security posture. It focuses on understanding the tactics, techniques, and procedures (TTPs) employed by threat actors and using that knowledge to develop proactive defense strategies.

In this episode, we sat down with Jon Baker, Director of the Center for Threat-Informed Defense at MITRE, to discuss the importance of threat-informed defense, the work MITRE is doing around this area, and how organizations can leverage its resources to bolster their cyber strategy. 

All this and more on The Cyber Jack Podcast. 

When individuals with different backgrounds, perspectives, and experiences come together, they bring unique insights and approaches to problem-solving, leading to more robust and effective cybersecurity strategies. 

Larry Whiteside Jr., CISO at RegScale and Co-Founder and President of Cyversity, joins us to talk about the importance of diversity of thought in cybersecurity, how leaders can help accelerate diversity in the field, and how the non-profit Cyversity is making an impact. 

All this and more on The Cyber Jack Podcast.

MITRE, #1 on our 2022 Cyber Top 20 list, is known for frameworks like MITRE ATT&CK® and MITRE D3FEND™ -- but the organization's scope is far greater.  We spoke with Wen Masters, Vice President of Cyber Technologies, MITRE, to learn more about how the not-for-profit organization brings critical resources and frameworks to CISOs and the security community at large. We also discuss how MITRE is thinking about the cyber talent shortage and other big challenges the industry faces.

All this and more on The Cyber Jack Podcast.

Malicious or 'bad' bots are all the rage now.  Cybercriminals and scammers use them to hurt users and companies' bottom line. As bot capabilities advance and become more rampant in e-commerce, businesses need to become savvier about their defenses in order to protect their customers. We sat down with Antoine Vastel, Head of Research at DataDome, to discuss the evolution of malicious bots, the impact on e-commerce, and how businesses can defend themselves. All this and more on The Cyber Jack Podcast. 

Identity-related breaches remain a continual threat to organizations, with 84% experiencing a breach in the last year. We spoke with Julie Smith of the Identity Defined Security Alliance (IDSA) about these new research findings, the importance of securing digital identities in the new connected world, and what the IDSA is doing to rally companies and individuals to fight against a growing identity threat landscape. All this and more on The Cyber Jack Podcast.

Software and app security have been black boxes for too long.  The attacks on SolarWinds and Colonial Pipeline gave the US federal government more urgency to push for transparency across cybersecurity - from software bill of materials (SBOMs) and mandates. We spoke with Jeff Williams, Co-Founder and CTO of Contrast Security, about what makes software and app security so difficult, why even the largest organizations still have insecure code, and your human right to security transparency. All this and more on The Cyber Jack Podcast. 

The economy is shifting, and budgets are tightening. Cybersecurity must shift with it. We sit down with Marcus Bartram, General Partner, Telstra Ventures, to discuss cybersecurity investment in this economic climate, identity-based threats, and what cyber issues CISOs and the industry should keep their eyes on in 2023. All this and more on The Cyber Jack Podcast.

Guest Tony Anscombe, Chief Security Evangelist, ESET brought some data with him. According to ESET's research, key stats around malware and ransomware have declined, and that's great, but that doesn't tell the full threat story. Apple products have an aura of impenetrability, but a back door in MacOS was recently discovered by ESET.  And finally, we check in on the Russia-Ukraine war cyber implications.  All this and more on The Cyber Jack Podcast.

There's a global talent shortage in cybersecurity. So when we hear about an Army veteran's success in security story, we get excited.  Tom Gorup, VP of Security Operations at MDR provider Alert Logic, dives into the OCOKA military strategy and how he's applied what he learned from his deployments in Iraq and Afghanistan to his leadership role in security operations. All this and more on The Cyber Jack Podcast. 

Cloud security is complicated. But it doesn't have to be. Ruvi Kitov, CEO, Tufin, urges organizations to think differently about cloud security by embracing the 'multiverse' and the power of automation. Ruvi also dives into visibility as a security killer and enabler. All this and more on The Cyber Jack Podcast.

The cyber industry is notorious for merger and acquisition activity. Some go well, some come with collateral damage  -- loss of employees, poor technology integration and leadership friction.  Getting it right is a sweet science.

Sue Graham Johnston, VP & GM of AI-Driven SD-WAN at Juniper Networks, talks with us about coming over from an acquisition and how she and the Juniper team have navigated the M&A waters successfully to benefit network security technology innovation, customers, partners and employees.  

Consumer security online has become increasingly more complicated - thanks to mass data breaches and hackers understanding that social media can be used as a malicious tool. Petros Efstathopoulos, Global Head of Research at NortonLifeLock, discusses how consumers can keep their sensitive data secure online and what the future might hold for cybersecurity in the metaverse. 

CISOs face a huge list of challenges on a daily basis, but what are the most common ones that we can ban together on and attack?  Amol Kulkarni, Chief Product Officer at CrowdStrike dives into how complexity is killing effective security and how new, innovative solutions -- like extended detection and response (XDR) -- can help simplify and harden cyber for organizations. Amol also shares his view on what top cyber challenges we could be faced with in the new year ahead.

The cyber workforce has drastically changed over the past 5 years.  Talent shortage aside, we now have individuals entering the new cyber workforce with specific degrees in cybersecurity.  In this episode of The Cyber Jack Podcast, we sat down with Ryenn White, Triage Security Analyst Intern at Arctic Wolf, to dive into what it's like to be up-and-coming in the cyber industry, cyber education, the opportunity to grow as an intern, and how generational diversity will change the industry for the better. 

The notion of a 'cyber war' has been talked about many times by leaders and mainstream media. But are we thinking about the term in the right way? And is the U.S. doing enough to prepare for what the future might hold? How has our passive consumer culture of data sharing impacted how we think about cyber preparedness?  We spoke with Jennifer Tisdale, Senior Principal, Cyber-Physical Systems at GRIMM about all of this and more. 

Supply chain security has become a hot topic over the past couple of years -- thanks to the complexities of the cloud and a widened attack surface for adversaries to exploit. Matthew Chiodi, Chief Security Officer, Public Cloud at Palo Alto Networks, dives into key insights from a recent supply chain security report and staggering Red Team engagement results from Unit 42, Palo Alto Networks' elite security research arm. 

In this episode, Adam Darrah, Director of Intelligence Services at ZeroFox shares insights on the U.S. government's cybersecurity response to recent cyber-attacks, nation-state cyber tensions, and how fragile critical infrastructure security can be.  Come get plugged in to cyber. 

Ransomware attacks have skyrocketed in the past couple of years - and they've been lucrative for cybercriminals. Major attacks from organized ransomware gangs on the supply chain have companies scrambling for protection. But what should organizations be prepared for? Will ransomware get worse before it gets better? Are the U.S. government's actions against the criminal use of cryptocurrency making any kind of difference? John Hammond, Senior Security Researcher, Huntress dives in. 

The role and responsibilities of the CISO in organizations have shifted dramatically over the past few years. CISOs aren't just CISOs anymore. We sat down with Vanessa Pegueros, Chief Trust and Security Officer at OneLogin to discuss what is expected of CISOs today, the pressures of the job, and what threats CISOs should be focused on in today's environment. 

Cybersecurity employee burnout is very real. We spoke with Karen Worstell, VMware Carbon Black, who has been studying employee burnout and diversity and inclusion in cyber for the past 10 years. She provides her insights on how cyber companies can beat burnout and create a culture of inclusion.