Everyone working in cybersecurity is inundated with stories of breaches, threats, and new acronyms. But beyond the next fire drill, what’s actually top of mind for infosec professionals?
Join us for a weekly standup featuring brilliant guests from all over the industry. Keep up with current events, get career insights, and hear what’s relevant for security leaders.
Cybersecurity Standup is a weekly podcast powered by Uptycs. Hosted by: Bronwen Hudson
📻 Siste episoder av Cybersecurity Standup
Her er de nyeste episodene tilgjengelige via RSS-feeden:
Zero Trust Masterclass with Jason Garbis (00:14:32)
Hey everyone, welcome back to "Cybersecurity Stand Up," your favorite spot for all things cybersecurity. Today, we’re coming at you live from the lively Tics Booth at South Moscone. We've got the amazing Jason Garbis with us, and trust us, you don’t want to miss this!
Jason’s the go-to guy for all things Zero Trust. He’s been at it for nearly a decade, and he's here to drop some serious knowledge. We'll chat about the Secure by Design initiative, striking the right balance between compliance and actual security, and his two must-read books on Zero Trust.
Unmasking AI: Demystifying Cybersecurity with Jax Scott (00:20:57)
Welcome back to "Cybersecurity Stand Up"! In this engaging episode, Brown Hudson interviews the dynamic Jax Scott, co-host of the "Two Cyber Chicks" podcast and VP of Cybersecurity at Pearson Vue. Jax brings her extensive experience from the military to the forefront of the cybersecurity industry, discussing the nuances of AI, machine learning, and large language models.
Jax breaks down complex topics, making AI and cybersecurity accessible and understandable. She shares her personal journey, including her significant contributions through the Jax Act, aimed at supporting female special operators.
The conversation also touches on the exciting and overwhelming experiences at the RSA Conference, the latest AI trends, and the importance of security by design.
Navigating the Cyber Expo: Insights from Industry Experts (00:25:57)
Welcome back to Cybersecurity StandUp! In this episode, we're joined by George and George from the "Bare Knuckles and Brass Tacks" podcast. Broadcasting from the RSA Conference show floor, they emphasize the importance of meaningful relationships over sheer volume of contacts in the cybersecurity industry.
Tune in as they discuss the value of quality interactions, community engagement, and practical advice for navigating trade shows. They also introduce their "Ally Armband" initiative, aimed at creating safe spaces within the industry, and share exciting upcoming projects.
Listen to the full audio of our engaging conversation with George and George, and learn how to build a sustainable, people-focused career in cybersecurity.
Channel Chief Wisdom: Keys to Success in Cybersecurity (00:34:58)
Tune in to this insightful episode featuring a captivating discussion between two seasoned cybersecurity professionals. Mark Fitzmaurice dives into his journey, where they unravel his career trajectory spanning notable companies like Infoblox and IronScales while sharing invaluable insights on staying relevant through continuous learning.
Mark also provides practical security tips, such as regularly reviewing accounts and adopting a zero-trust approach. Learn about Uptick's hybrid cloud approach and how it enhances visibility across different environments. Explore strategies for building effective channel partnerships, focusing on selective recruitment and delivering value.
This episode covers various topics, including career development, communication skills, personal security habits, and hybrid cloud security, offering valuable insights for cybersecurity professionals at all levels.
The Evolution of Zero Trust: Insights and Best Practices with Jason Garbis (00:41:44)
Prepare to transform your view of network security with Jason Garbis, an expert in zero trust architecture with over 35 years of experience.
In this episode, learn how to tailor zero trust to fit various roles within a company, from executives to IT staff. Discover valuable tips for convincing stakeholders about the benefits of zero trust and how it aligns with DevOps practices.
Explore the role of automated policies in enhancing security during continuous deployment. Plus, understand the importance of starting small and growing strategically when implementing zero trust in different organizational settings.
Join us for actionable insights and a glimpse into the future of secure data management, led by a prominent expert in zero trust security.
Ready, Set, Cyber! HACKERverse CEO Mariana Padilla is Challenging the Status Quo (00:39:21)
Tired of boring slogans and lengthy sales cycles? Meet Mariana Padilla, the proverbial fairy godmother of cybersecurity who's on a mission to revolutionize the industry. As CEO of HACKERverse, she's building a marketplace and gaming platform that lets you test drive tools instantly, with no sales pitch required.
In this candid conversation, Mariana shares how her outsider perspective led her to disrupt cybersecurity's archaic processes. She'll also unveil her plans to protect the unprotected by reaching small businesses often ignored by vendors.
Through infectious energy and creative problem-solving, Mariana is creating a new standard of community and fun in a space desperate for fresh air. Tune in to get inspired and learn her secrets for standing out in a crowded field through unique branding and thinking differently.
A CISO’s Cup of Tea: Cybersecurity Empathy and Methodology (00:51:38)
From hacking mainframes to leading in the industry, Chris Roberts has seen it all. But how does this seasoned security veteran still stay passionate after decades?
In this no-holds-barred conversation with Bronwen, Chris shares wild tales like invading countries alongside serious strategies over an unfiltered cup of Yorkshire gold.
From hijinks in his decades-long career to refreshing views on bridging divides, he offers thought-provoking perspectives on building awareness through empathy.
Plus get a glimpse into the hectic daily life of this top cyber leader wearing many hats. Don't miss these candid insights perfect for any professional striving to improve in this industry.
It's an entertaining and enlightening cyber confab not to be missed - so pull up a chair and join the chaotic cyber chat over a cuppa!
All Risk is Human Risk” - Rethinking Security Through Behavioral Science with Sarah Aalborg (00:50:41)
Tired of technical jargon and one-size-fits-all solutions? This episode is for you. Meet Sarah, the unconventional CISO securing Denmark's most beloved amusement park, Tivoli.
Beyond technical skills, Sarah has an unusual background in psychology and behavioral science. She'll show you how understanding human evolution is key to cybersecurity success. Hear how she applies neuroscience to strengthen awareness and predict risk.
Whether you're a seasoned pro or just starting out, Sarah's refreshing people-first approach will get your mind buzzing. From passwords to parenting, you'll walk away with practical tips. But that's not all - her upcoming book and revolutionary ideas may change the game.
This episode has it all: amusement park hijinks, brain science bombshells, and a truly inspiring career journey. One listen and you'll see security with new eyes - are you ready to think differently about risk?
Connect with Sarah on LinkedIn for more.
https://www.linkedin.com/in/sarah-aalborg-bb348a1
Beyond the Technical: Skills That Make or Break Cybersecurity Professionals (00:56:16)
Have you ever wondered how someone breaks into the high-pressure world of cybersecurity leadership without a technical background? Are you looking to avoid burnout down the line but still advance your career? In this episode, veteran CISO Olivia Rose shares her unconventional path from a marketing role to the C-suite, along with battle-tested advice on developing crucial "soft" skills, aligning security with business goals, and maintaining balance even in the face of constant stress and change.
Through candid stories and actionable recommendations, Olivia provides a rare insider's perspective on building resilience, fostering invaluable connections, and carving out success on your own terms - whether as a seasoned professional or a newcomer to the industry. Walk away with proven strategies for navigating challenges, communicating value to any audience, and optimizing your career in cybersecurity for the long haul.
“Cyber Broke Into Me”: From Investigative Journalism to InfoSec with Becky Gaylord (00:47:37)
Becky Gaylord found her calling in cybersecurity after her small business fell victim to a data breach over a decade ago. Now an advocate for accessibility and empowerment, she shares battle-tested tips for protecting yourself online.
Learn how simple steps like adding a PIN to your phone account can thwart hackers seeking to steal your identity. Discover strategies for outsmarting social engineers trying to trick you into handing over access.
Most importantly, gain insight into making cybersecurity relevant without riling fear or overwhelm. Becky details how to bridge technical and non-technical divides to build understanding and community.
Whether a novice or a pro, this episode delivers actionable advice alongside an inspiring message of resilience, advocacy, and hope for a digitally safer future for all.
A Cyber Prodigy's Non-Traditional Path to Consultancy (00:29:05)
With classic ethical hacker chutzpah, Quinn Varcoe has a story to tell. She landed her first SOC job as a teenager without a degree or experience. Now a CEO and consultant Quinnlan's unconventional journey has led to innovative security solutions.
Hear how she went from bussing tables at the restaurant to a cybersecurity expert with no degree, just a strong drive. Quinn also shares insider threat-hunting tactics and why empathy is key to building elite cyber teams.
For an entertaining and insightful look at achieving success off the beaten path, don't miss this episode to be inspired by Quinn's story of perseverance and passion paving her way in cybersecurity.
Inside The Cyber Builders Mind: Navigating Business Realities With Ross Haleliuk (00:35:07)
Ross Haleliuk, the author of 'Cyber for Builders,' dives into the essentials of starting a cybersecurity business in his book. Tailored for industry veterans and curious minds alike, the book sheds light on the business dynamics, key players, and evolving trends in cybersecurity.
Ross doesn't just stop at literature; he shares real-world insights on product management, the pitfalls of the 'hero culture' in cybersecurity, and the unique challenges small businesses face in this domain. He advocates for straightforward, user-friendly security solutions and underscores the significance of continuous learning and customer understanding in driving the industry forward.
'Cyber for Builders' is a practical guide for anyone stepping into the world of cybersecurity startups. Ross Haleliuk unpacks the business side, showing how the industry works and what challenges small businesses face. He emphasizes learning, understanding customers, and moving away from the unhelpful 'hero culture.' The book is a go-to for startup builders and sheds light on the need for clear, user-friendly security solutions.
Stay Ahead of Evolving Cyber Threats: A Summary of QoQ Threat Research (00:01:52)
As cyber threats grow more advanced, it's crucial to understand the evolving attack landscape. In this must-watch episode, experts from Uptycs analyze key findings from their 2023 QoQ Threat Report.
Discover the most targeted operating system and sneaky new techniques used by hackers last year. Gain insights on how threat actors are "living off the land" to hide their activities.
With new SEC regulations in effect, learn how to rapidly assess incidents and meet tight disclosure deadlines. Uptycs reveals how their platform helps organizations comply while detecting threats early.
By reviewing the past 12 months of cybersecurity data, this episode arms you with critical insights to protect your assets in 2024. Don't miss this opportunity to stay one step ahead of sophisticated hackers on the prowl.
CSU Threat Research News Bulletin (00:03:51)
Don't Get Scammed this Holiday Season! Learn About the Elaborate 'Smishing' Campaign
Listen to Dan Verton as he details a worrisome new 'smishing' campaign impersonating the US Postal Service. Discover how threat actors based in China are using over 1,000 fake websites and text messages to trick people into handing over private data during the busy shipping season.
Find out how the scam works, get tips on verifying suspicious messages, and learn steps you can take, such as installing anti-malware, to protect yourself and your loved ones. Tune in to receive valuable security advice from these cybersecurity experts on staying safe from online holiday package scams
Get the full scoop here: https://www.uptycs.com/blog/usps-smishing-scam-2023
Keeping Pace in Cyber: Josh Lemon on Incident Response and Building Teams (00:44:23)
Josh Lemon, Uptycs MDR Director, DFIR Consultant, and SANS Instructor & Author, has been on the front lines of cybersecurity for years. As a seasoned incident responder, he's seen attacks from all types of threat actors - from simple cybercriminals to sophisticated nation-state hackers.
In this episode, Josh shares valuable lessons learned over his career battling breaches. He discusses practical advice for building skilled security teams that can respond quickly before damage is done. Josh also reveals tactics that worked on real cases, like how to contain threats faster than they can spread. For any organization looking to strengthen its defenses, this episode provides battle-tested strategies from a cybersecurity veteran.
The Wonder Woman of Cyber: Dorota Kozlowska on Not Saying No to Yourself (00:26:03)
Dorota was a shy teen who loved hacking movies but doubted she could make it in the male-dominated field of cyber. After getting sick, she used her recovery to teach herself cyber skills and prove the doubters wrong. She landed her dream job as a penetration tester, and has now become a leader in the industry.
But adversity struck again when a serious illness left Dorota hospitalized. She channeled her experience into a mission to secure healthcare cyber defenses. Now an in-demand speaker, Dorota shares how she conquered fears, followed her passion, and refused to let anything hold her back.
Hear Dorota's incredible journey from doubting teen to renowned cyber expert nicknamed "Wonder Woman." Discover her best advice for breaking into cyber, owning your career, and never doubting your potential to achieve your dreams.
Breaking Down to Build Up: Effective Communication in Cybersecurity with Aaron Kraus (00:37:29)
From an accounting degree to authoring top security certification books, this cyber veteran has seen it all over two decades in the field. Hear his unconventional path into the industry and lessons learned adapting to constant disruption.
Discover his approach to demystifying complex topics and building a supportive community across diverse backgrounds. Explore strategies for navigating ever-changing technologies, communicating effectively to varied audiences, and embracing disruption to stay ahead of emerging threats.
For fascinating insights on evolving practices and an insider's perspective on strengthening security through connection, this episode provides a must-listen for all cyber professionals.
Follow Aaron on LinkedIn here: https://www.linkedin.com/in/aaronck/
Or get a copy of The Official (ISC)2 CCSP CBK Reference book here: https://www.wiley.com/en-us/The+Official+%28ISC%292+CCSP+CBK+Reference%2C+4th+Edition-p-9781119909033
From Tech Support to Published Author: Kim Crawley's Journey in Cybersecurity and Writing (00:36:49)
Have you ever wondered how someone breaks into the cybersecurity field and becomes a published author?
Tune in to hear the fascinating story of Kim Crawley - from her early days removing malware at a rural ISP help desk, to authoring books on hacking culture, cloud security testing, and more.Kim shares invaluable lessons learned over 15+ years in cyber, from getting her first writing gigs to juggling two book deals at once.
Discover tips for communicating security priorities to executives and learn how to get your foot in the door even without formal qualifications. You'll also get a rare behind-the-scenes look at Kim's process for prepping her CISSP while managing multiple writing projects. Don't miss this insightful and entertaining conversation with a true cybersecurity veteran who proves you can have an impact no matter your career path. If you’re interested to learn more, you can get her books:
"Zero Trust Architecture in Kubernetes"
"Hacker Culture A to Z" (coming out November 2023)
"Cloud Penetration Testing for Red Teamers" (coming out November 2023)
or contact her here - https://linktr.ee/kimcrawley
Kubernetes and Container Security: Abhinav Mishra Predicts the Future (00:30:49)
Want to get a glimpse into the future of Kubernetes security from one of the leading experts?
Listen to an insider discuss his fascinating career journey and dive deep into the evolving challenges surrounding Kubernetes and Container Security.
From supply chain risks and misconfiguration to operational challenges at scale, Abhinav Mishra shares invaluable insights and gives listeners an exclusive sneak peek at some of the cutting-edge solutions Uptycs will unveil at KubeCon. For an inside look at this fast-moving world from an industry insider, this episode is a must-listen.
Thinking Like a Threat Actor: Insights from Director of Cloud Security Andre Rall (00:32:29)
Don't become another cybercrime statistic!
In this riveting episode, Andre Rall, Uptycs security leader, pulls back the curtain on the shady tactics used by hackers to steal your data. You'll discover the mentality and methodologies behind techniques criminals rely on to break into major companies.
Learn how even teenagers are infiltrating billion-dollar cloud accounts, and get realistic advice on how to get inside the mind of an attacker, to protect your online life.
This candid conversation is a must for anyone worried about the growing compromised credentials crisis and will leave you feeling empowered in the ongoing cyber arms race.
Get Andre’s best strategies for protecting yourself, your family, and your business online today!
Hacker, Educator, CISO: a Conversation with Alyssa Miller (00:51:21)
Want to Know the Real Secret to Success as a CISO? It's Not What You Think.
Most people assume the CISO's job is all about technical skills. But this episode reveals a surprising insight - what really separates the top performers is a skill more important than security know-how. Tune in as one award-winning CISO spills the secret: to excel in the role, you need to wear your "educator hat" as much as your technical hat.
Hear her unconventional rise from hacker to the C-suite. Discover why effective communication, not just expertise, unlocked new opportunities. Learn her simple tactic for overcoming resistance that left executives actually wanting to invest in security.
Walk away with concrete strategies you can start using tomorrow to resonate with any audience. The real secret is out - to maximize your impact, a CISO must focus on teaching others as much as enforcing controls. Don't miss this game-changing episode that will have you seeing the role in a whole new light.
Embracing Neurodiversity in Cybersecurity Communications with Becca Chambers (00:45:35)
Want to gain a fresh perspective on the intersection of security, innovation, and neurodiversity?
Tune in as Becca Chambers shares her unconventional journey from sports PR to respected cybersecurity communications leader. You'll gain insights into her experience as a neurodivergent professional. You’ll hear how her neurodivergent mindset helped fuel creative solutions throughout her career.
Becca is also sharing her candid insights on mainstreaming discussions around neurodiversity. Her passion for advocating alternative pathways to success is inspiring and encouraging.
Becca also dives into the exciting potential of generative AI, from both opportunities and risks and how security professionals can help shape its development responsibly from the start.
Don't miss this exciting conversation that's sure to spark some new ideas.
Solving Cybersecurity Mysteries Like Sherlock: A CISO’s Detective Skills (01:01:39)
With investigative skills rivaling Sherlock Holmes, this CISO cracks the case on securing the cloud!
Discover the career journey of Kevin Paige from his start in military security to becoming CISO of multiple companies.
Kevin shares lessons learned about communicating cyber risk across different teams and the importance of taking a holistic view of security that bridges cloud, assets, and people. He also offers insights on building resilience as a CISO dealing with constant crises and the importance of psychology in his job. We discuss why this role deserves a seat at the executive table and help in making strategic decisions from a security perspective.
Join us and hear how Kevin’s unconventional journey and diverse background help him tackle today's complex challenges and problems with a well-rounded perspective.
Password Security, Memes, and MFA with Evil Mog (00:14:42)
Is it wise for newcomers to immediately dive into cybersecurity, or should they take a different path?
Discover the intriguing origin of Dustin Heywood, aka evil_mog, and how he became an industry standout.
The episode begins with a thought-provoking debate on whether cybersecurity aspirants should enter the field directly or gain foundational experience in general IT roles. Our guest, Dustin Heywood, offers a unique perspective, emphasizing the value of a strong IT foundation before transitioning into cybersecurity.
We also delve into the captivating backstory of Dustin's online persona, evil_mog, from its gaming origins to its prominence in the cybersecurity community through humor and dad jokes.
Join us for this insightful discussion that challenges conventional career paths and provides guidance for those aspiring to enter the world of cybersecurity.
Cloud Detection and Response (CDR) Explained (00:26:49)
CDR? Another acronym?
We know - it’s pretty soupy out here. But CDR–Cloud Detection and Response–is one CISOs and their teams should know, and be familiar with… even if there are a lot of differences in opinion about what CDR actually encompasses.
This week on Cybersecurity Standup, we’re answering your burning 🔥 questions about CDR:
↔️ Does CDR include XDR, or vice versa?
🌩️Is CDR just XDR, with a cloud twist?
🛠️What can CDR tools accommodate that other tools can’t?
And… how can CDR capabilities address the unique challenges and risks associated with cloud environments and ensure a robust security posture for organizations leveraging cloud services?
#CISO #DevSecOps #CDR #XDR #ShiftUp
