Hacker Valley Studio
Episode 150 - Making a Difference Mindfully with Natasha Barnes

Episode 150 - Making a Difference Mindfully with Natasha Barnes

June 15, 2021

In this episode, we talk to our special guest, Natasha Barnes. Natasha is the Associate Director and the CEO Action for Racial Equity Fellow of Protiviti. She is a certified mindfulness workplace facilitator and mindfulness-based stress reduction. 

Natasha is part of a movement to answer the question of does corporate America have a role to play in advancing racial equity within our nation, and essentially improving our overall societal well-being. 

Technology serves as a way to propel the conversation forward, and recognizing global interconnectedness.

Listen in for all of Natasha’s insights!

 

Key Takeaways:

 

1:02 Welcome back

2:16 Natasha shares her background

3:11 Natasha’s journey through wellness

4:23 Mindfulness purpose

6:28 Instructing others 

10:27 Corporate role 

10:52 Four pillars

15:06 Her journey

17:24 Creating solutions

19:24 Progress

21:39 Equity through mindfulness and technology

26:48 Impact

 

Natasha on LinkedIn

CEO Action for Diversity & Inclusion

Support Hacker Valley Studio on Patreon.  Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Sponsored by ByteChek

Episode 149  - Permission to Launch with Kelsey Hightower

Episode 149 - Permission to Launch with Kelsey Hightower

June 8, 2021

In this episode, we've brought in a special guest, Kelsey Hightower.  Kelsey is Principal Engineer at Google, and also co-author of Kubernetes: Up and Running: Dive into the Future of Infrastructure. 

To start the show, Kelsey shares he considers himself a self-taught engineer. He started his life out as a small business owner and then moved to a system administrator. Now, he is at Google.

Kelsey’s fascination with cyber started post High School. Rather than go to college, he jumped into, tech support, consulting, dropping cat five cable, but about 2004ish he really digs into the world of open source and all the things that you can do with it as a user and as a contributor.

When it comes to community and customers, Kelsey felt they were one in the same.  However, in the last five years or so, he has kind of changed that a little bit, thinking everyone is probably in your community. The willing the ones that are willing to pay you money, we call those customers.

And then the conversation turns to comedy, and his journey through comedy management and performances.  Along with this comes discussion about acquiring skills.  

Finally, Kelsey shares advice to listeners!

 

Key Takeaways:

 

1:00 Welcome back

2:18 Kelsey shares his background

3:31 Community and customers

4:40 Professional purpose

6:00 Retirement thoughts

10:31 Journey in comedy

14:35 Getting better

16:28 Propelling forward

20:12 Minimalism

22:18 Immersion journey

25:25 Don’t miss the moment

27:00 Exceeding expectations

37:56 It’s ok to start!

39:25 How to keep up to date with Kelsey

Kelsey on Twitter

Support Hacker Valley Studio on Patreon.  Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Sponsored by Attack IQ

Attack IQ Academy

 

Episode 148 - Immersed in Cybersecurity with James Hadley

Episode 148 - Immersed in Cybersecurity with James Hadley

June 2, 2021

In this episode, have James Hadley, CEO of Immersive Labs, and we talk about the best ways to learn in cybersecurity. 

James starts the show with his background and what he is doing today, which is Immersive Labs.  But, he spent a lot of time in different organizations prior to that.  

When it came to education, James found he had quite a poor memory, so he would always learn better through doing things rather than reading about things. Things would go in one ear and out the other.

In addition to learning styles, they all discuss measuring education.  When it comes to measuring academics, for James it is all about the outcomes you want people to achieve. 

They all agree that storytelling is incredibly powerful.  James shares a few of his own drawing back on his incredible journey.  And, of course, they round out the show with how to stay in touch and up to date with James.

 

Key Takeaways:

1:02 Welcome back

2:24 James’ background

5:06 Education experience

5:46 Changes

7:18 Measuring education

9:14 Balancing in testing

11:40 Biggest a’ha

13:14 Feedback

15:54 Learner vs. learner

17:37 Skill behind catching the bad guys

19:20 Applying knowledge

21:53 Geeks in the basement

23:47 The best job in cyber

26:30 Advice

27:58 How to stay in touch with James

 

Links:

James on Immersive Labs

James on LinkedIn

Support Hacker Valley Studio on Patreon.  Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 147 - Learning Cybersecurity Until You Get It Right with John Strand

Episode 147 - Learning Cybersecurity Until You Get It Right with John Strand

May 25, 2021

In this episode, we brought back fan-favorite, John Strand.  He is owner of Black Hills Information Security, a SANS instructor, and a mentor to many in the industry. 

Johns starts the show sharing a little bit about his background and what he is doing today.

Ron and Chris dive a little bit deeper into John’s earlier life asking what his personal superpower, personal or professional, and when did that power really came about in his life?

John shares his experiences with failure, which he feels are key to where he is at today.  How everyone needs to get comfortable with struggles, failures and hardships.  On top of that, one needs to be able to laugh at themself.  

 

Key Takeaways

 

1:02 Back with fan favorite John Strand

2:21 John shares his background

3:38 John’s superpower

5:51 Going through the grind to learn

8:30 Partnerships

11:44 Getting a head start

14:58 The entertainment factor

16:36 Journey through being an instructor

19:35 Pay what you can concept

25:53 Education systems

29:18 Advice from John

 

Links:

John Strand blog.

John Strand on Twitter.

Support Hacker Valley Studio on Patreon.  Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Hacker Valley Blue Season 2 Finale

Hacker Valley Blue Season 2 Finale

May 18, 2021

This is the finale of Know Thyself. What an incredible journey, we feel like this entire experience flew by so fast, we got to talk to so many incredible people about knowing yourself, knowing your team, knowing your tech stack, knowing your environment, and even knowing your story.

Make your organization better make your security posture better, strive for impact, what are the most high leverage things that you can do today to make everybody's lives easier, or more safe, and then yield the feedback, there might be some things that you might be missing, you might need to ask questions, ask for feedback, get some information from your stakeholders, what what are you thinking about that I might not be thinking about? asking these different things is how you know thyself. And this is how you get to know the people that are around you, your peers, your stakeholders, the more knowledge you have got started with that Sun Tzu quote, in the very beginning of the podcast, if you know yourself and you know your enemy, you need not fear the results of 100 battles. So if you really understand yourself, and you have good threat intelligence, understanding the externals, you have good vulnerability management that understands the externals and the internals, if you mash all that information together, I think you'll be able to do great things with your cybersecurity program.

 

Key Takeaways

0:02 Introduction to the show

0:49 Our Sponsor, Axonius 

2:09 Welcome back

2:31 Reflecting on Know Thyself

3:17 Recap This Seasons Guest

3:22 Marcus Carey

4:17 John Strand

5:05 Aaron Reinhart & Jamie Dixon

5:54 Chaos Engineering

7:12 Lenny Zeltser, asset inventory

7:54 Kevin Allison, Storytelling is a soft skill

10:19 John Strand

12:13 Can we do better?

13:54 What kind of leader are you?

14:26 Do you have unsupported devices?

17:34 Ask yourself these questions

13:33 Go back to the EASY Framework

21:50 Learning

23:29 Exploration

24:00 Immersion

27:28 Reach Hacker Valley

 

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ron Eddings on Twitter

Follow Chris Cochran on Twitter

Supported by Axonius

 

Hacker Valley Blue S2 Episode 7 - Kevin Allison

Hacker Valley Blue S2 Episode 7 - Kevin Allison

May 18, 2021

In this masterclass of HVB season 2 we brought in a master story teller in Kevin Allison. The biggest thing is to get a person to understand, don't just summarize, don't just walk us through a Wikipedia like where you're just giving us a broad overview. And you're explaining; it’s important to remember sensory details that will help us see almost like movie scenes, what was happening between people. That is what brings the story alive. So that's a good case right there where the bones of the story were incredible. Like that's just on paper and an incredible overview of a story, but it's not going to work unless you can fill in all those sensory details that bring it alive and make it emotional for us.

Storytelling is a soft skill that offers the ability to contextualize cybersecurity in a manner that any organization can understand to allow their business to stay safe.

 

Key Takeaways:

 

0:00 Previously on the show

2:37 Kevin introduction

3:20 Episode begins

3:39 Where Kevin is today

7:58 Kevin’s origin story

12:04 Cybersecurity is performing

17:08 Storytelling for business

21:00 Engineering a story

26:12 Authentic storytelling

34:54 Speaking isn’t perfect

41:02 Where to find Kevin

 

The Story Studio

RISK!: True Stories People Never Thought They’d Dare To Share

RISK! Podcast

Twitter

Facebook

Instagram

Risk Show Podcast

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ron Eddings on Twitter

Follow Chris Cochran on Twitter

Sponsored by Axonius

Hacker Valley Blue S2 Episode 6 - John Strand

Hacker Valley Blue S2 Episode 6 - John Strand

May 18, 2021

If want to get into computer security, you're going to learn to love it, you're going to have to be successful, because a lot of computer security isn't just about bits and bytes, it's really about effectively communicating what needs to be done to the right people.

In this episode wet have the incredible John Strand. Organizations need to become more proactive, and see where those weak spots are to protect themselves from something like ransomware. You need to run a pen test because you can have somebody literally launch those attacks, and identify those weaknesses in those vulnerabilities before the bad people do.

What's the gap that we can all learn from? It's passwords. By and large for most users, passphrases are the way to go. And, multi-factor authentication is actually a very sound strategy.

If you look at one key tenant of computer security, complexity is the enemy of computer security. And security is constantly trying to catch up and protect against yesterday's attacks. So, the future is more connected, it's more complicated. And the problem is, we still have people that use weak passwords, we still have people that click on links from strangers. And ultimately, when we're looking at that future, you're going to see the exact same problems that we've always had complicated on a much, much, much, much, much larger scale. As things get more and more pushed to the cloud. There'll be no shelter here, the front line is everywhere. World of computer security. 

 

Key Takeaways:

0:00 Previously on the show
2:02 John introduction
2:44 Episode begins
2:47 What John is doing today
3:45 John’s core tenets
5:51 How pen testing is “Blue”
6:17 Why understanding fundamentals matters
8:55 Ransomware
10:41 Organizations need to be prepared
11:58 Password gap
13:37 Password philosophy
17:07 Multi-factor authentication
21:40 What to do today
24:24 New problems
26:44 Learn your own network
28:26 Where to find John

 

John Strand on Twitter

John Strand on LinkedIn

Black Hills Information Security

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ron Eddings on Twitter

Follow Chris Cochran on Twitter

Sponsored by Axonius

Hacker Valley Blue S2 Episode 5 - Jamie Dicken and Aaron Rinehart

Hacker Valley Blue S2 Episode 5 - Jamie Dicken and Aaron Rinehart

May 18, 2021

In this episode, we brought in two exceptional guests that are no stranger to chaos. In fact, they've identified ways to engineer for chaos. In the studio, we have Aaron Rinehart, CTO, and founder at Verica. We also have Jamie Dicken, former manager of applied security at Cardinal Health and current director at Resilience. These two are also authors of Security Chaos Engineering. If you haven't read that book it's already out, you should check it out. 

Chaos engineering is the technique of introducing turbulent conditions into a distributed system to try to determine the conditions that cause it to fail before it actually fails. So they simplify it. What we do with chaos engineering is learn about the system without experiencing the pain of an outage or an incident. You learn to trust your gear by testing.

The biggest impact really came once we understood how security chaos engineering fits into the bigger security picture. It's not about just being a part of the latest and greatest techniques and having the excitement of doing something that's cutting edge, but security chaos engineering at the end of the day. It's useless unless what you've learned drives change. 

 

Key Takeaways:

0:00 Previously on the show

1:40 Aaron Rinehart and Jamie Dixon introduction 

2:08 Episode begins

2:59 What Jamie and Aaron are doing today

3:13 What Jamie is doing

4:13 What Aaron is doing

5:00 Discuss chaos engineering

9:26 Importance of chaos engineering

10:16 Myths of chaos engineering

12:55 Chaos engineering customer impacts

17:34 Learning to trust the test and end result

19:03 Reader and customer feedback

22:21 Chaos engineering gone wrong

27:39 Implementing change in cybersecurity

28:11 Building a team of experts

39:08 Getting involved in chaos engineering 

41:09 Tools for listeners

43:25 Keeping up with Aaron and Jamie

 

 

Aaron Rinehart on Twitter

aaron@verica.io

Jamie Dicken on Twitter

Verica on LinkedIn

Verica Free Book 

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ron Eddings on Twitter

Follow Chris Cochran on Twitter

Sponsored by Axonius

Hacker Valley Blue S2 Episode 4 - Lenny Zeltser

Hacker Valley Blue S2 Episode 4 - Lenny Zeltser

May 18, 2021

In this episode, we brought back our good friend Lenny Zeltser.  Lenny is Chief Information Security Officer at Axonius.  He's developed a mindset of looking at security components as building blocks to create a holistic security environment. To this day, even while operating as an executive, he has wisdom that anyone can learn from.

Quite often, the less sexy aspects of information security are ignored, when in reality, you need to understand what resources you're supposed to protect, which assets are compromised, and the infrastructure for your organization.  People jump right into fighting the big fires, and as you know, there is a reason why there are so many day-to-day urgent activities. 

To start moving in a positive direction, Lenny shares this advice, “Understand what the major data sources you can tap into rather than thinking ‘let me create this one new way of serving everything I have are.’”  The information is there. Think about three sources of information that might get you the biggest bang for the buck!

 

Key Takeaways:

 

0:00 Previously on the show

1:40 Lenny introduction

2:05 Episode begins

3:10 What Lenny is doing today

5:35 The evolution of Lenny’s career

8:30 Parallels between beginning and now

10:38 Journey and growth of REMnux

13:00 Challenges Lenny has faced

15:21 Collaboration surprises

17:18 Horror stories

20:18 Enforcing policies

23:34 Asset management

26:08 New tech and trends

28:45 Biggest discovery about self

32:38 Advice for others

34:24 Keeping up with Lenny

 

 

Links:

 

What Lenny Does

 

Lenny on the Web

 

Follow Lenny on Twitter

 

Lenny on LinkedIn

 

Learn more about Hacker Valley Studio

 

Support Hacker Valley Studio on Patreon

 

Follow Hacker Valley Studio on Twitter

 

Follow Ron Eddings on Twitter

 

Follow Chris Cochran on Twitter

 

Sponsored by Axonius

Hacker Valley Blue S2 Episode 3 - Chani Simms

Hacker Valley Blue S2 Episode 3 - Chani Simms

May 18, 2021

In this episode of Hacker Valley Blue, we brought in a guest who has been on a journey of transformation of self and technology.  Our guest is Chani Simms, managing director of Meta Defence Labs.  We talk about what is essential for cybersecurity.  If there was a magic box that could solve an issue, what problem would Chani want solved? “People!”  They need to be trained, and care, and have buy in.  They must be devoted to what they’re doing.  They need cultural awareness and support – it isn’t easy and the hardest job.  

When it comes to leadership, organizations need to use people already in the organization.  It is important to know what they’re trying to do.  You have to use security as an enabler.  Leadership is responsible for communicating objectives and goals.  

 

Key Takeaways

0:00 Previously on Hacker Valley Blue

1:36 In this episode

3:10 Background and day job

5:37 Cyber essentials

13:46 Keeping up to date

15:26 Access control

17:07 Security hygiene

19:48 Magic box

21:32 Leadership fundamentals

26:22 Formula 1 analogy

28: 46 Wrap up

 

Links:

Chani on LinkedIn

Chani on Twitter

Email: info@metadefencelabs.com

Sponsored by Axonius

Hacker Valley Studio

Chris Cochran on LinkedIn

Ron Eddings on LinkedIn