Welcome back to the show! Hacker Valley Studio podcast features Host Ron Eddings, as he explores the world of cybersecurity through the eyes of professionals in the industry. We cover everything from inspirational real-life stories in tech, to highlighting influential cybersecurity companies, and we do so in a fun and enthusiastic way. We’re making cybersecurity accessible, creating a whole new form of entertainment: cybertainment.
Episodes
Tuesday May 18, 2021
Tuesday May 18, 2021
If want to get into computer security, you're going to learn to love it, you're going to have to be successful, because a lot of computer security isn't just about bits and bytes, it's really about effectively communicating what needs to be done to the right people.
In this episode wet have the incredible John Strand. Organizations need to become more proactive, and see where those weak spots are to protect themselves from something like ransomware. You need to run a pen test because you can have somebody literally launch those attacks, and identify those weaknesses in those vulnerabilities before the bad people do.
What's the gap that we can all learn from? It's passwords. By and large for most users, passphrases are the way to go. And, multi-factor authentication is actually a very sound strategy.
If you look at one key tenant of computer security, complexity is the enemy of computer security. And security is constantly trying to catch up and protect against yesterday's attacks. So, the future is more connected, it's more complicated. And the problem is, we still have people that use weak passwords, we still have people that click on links from strangers. And ultimately, when we're looking at that future, you're going to see the exact same problems that we've always had complicated on a much, much, much, much, much larger scale. As things get more and more pushed to the cloud. There'll be no shelter here, the front line is everywhere. World of computer security.
Key Takeaways:
0:00 Previously on the show
2:02 John introduction
2:44 Episode begins
2:47 What John is doing today
3:45 John’s core tenets
5:51 How pen testing is “Blue”
6:17 Why understanding fundamentals matters
8:55 Ransomware
10:41 Organizations need to be prepared
11:58 Password gap
13:37 Password philosophy
17:07 Multi-factor authentication
21:40 What to do today
24:24 New problems
26:44 Learn your own network
28:26 Where to find John
Black Hills Information Security
Learn more about Hacker Valley Studio
Support Hacker Valley Studio on Patreon
Follow Hacker Valley Studio on Twitter
Tuesday May 18, 2021
Tuesday May 18, 2021
In this episode, we brought in two exceptional guests that are no stranger to chaos. In fact, they've identified ways to engineer for chaos. In the studio, we have Aaron Rinehart, CTO, and founder at Verica. We also have Jamie Dicken, former manager of applied security at Cardinal Health and current director at Resilience. These two are also authors of Security Chaos Engineering. If you haven't read that book it's already out, you should check it out.
Chaos engineering is the technique of introducing turbulent conditions into a distributed system to try to determine the conditions that cause it to fail before it actually fails. So they simplify it. What we do with chaos engineering is learn about the system without experiencing the pain of an outage or an incident. You learn to trust your gear by testing.
The biggest impact really came once we understood how security chaos engineering fits into the bigger security picture. It's not about just being a part of the latest and greatest techniques and having the excitement of doing something that's cutting edge, but security chaos engineering at the end of the day. It's useless unless what you've learned drives change.
Key Takeaways:
0:00 Previously on the show
1:40 Aaron Rinehart and Jamie Dixon introduction
2:08 Episode begins
2:59 What Jamie and Aaron are doing today
3:13 What Jamie is doing
4:13 What Aaron is doing
5:00 Discuss chaos engineering
9:26 Importance of chaos engineering
10:16 Myths of chaos engineering
12:55 Chaos engineering customer impacts
17:34 Learning to trust the test and end result
19:03 Reader and customer feedback
22:21 Chaos engineering gone wrong
27:39 Implementing change in cybersecurity
28:11 Building a team of experts
39:08 Getting involved in chaos engineering
41:09 Tools for listeners
43:25 Keeping up with Aaron and Jamie
Learn more about Hacker Valley Studio
Support Hacker Valley Studio on Patreon
Follow Hacker Valley Studio on Twitter
Tuesday May 18, 2021
Tuesday May 18, 2021
In this episode, we brought back our good friend Lenny Zeltser. Lenny is Chief Information Security Officer at Axonius. He's developed a mindset of looking at security components as building blocks to create a holistic security environment. To this day, even while operating as an executive, he has wisdom that anyone can learn from.
Quite often, the less sexy aspects of information security are ignored, when in reality, you need to understand what resources you're supposed to protect, which assets are compromised, and the infrastructure for your organization. People jump right into fighting the big fires, and as you know, there is a reason why there are so many day-to-day urgent activities.
To start moving in a positive direction, Lenny shares this advice, “Understand what the major data sources you can tap into rather than thinking ‘let me create this one new way of serving everything I have are.’” The information is there. Think about three sources of information that might get you the biggest bang for the buck!
Key Takeaways:
0:00 Previously on the show
1:40 Lenny introduction
2:05 Episode begins
3:10 What Lenny is doing today
5:35 The evolution of Lenny’s career
8:30 Parallels between beginning and now
10:38 Journey and growth of REMnux
13:00 Challenges Lenny has faced
15:21 Collaboration surprises
17:18 Horror stories
20:18 Enforcing policies
23:34 Asset management
26:08 New tech and trends
28:45 Biggest discovery about self
32:38 Advice for others
34:24 Keeping up with Lenny
Links:
Learn more about Hacker Valley Studio
Support Hacker Valley Studio on Patreon
Follow Hacker Valley Studio on Twitter
Follow Chris Cochran on Twitter
Tuesday May 18, 2021
Tuesday May 18, 2021
In this episode of Hacker Valley Blue, we brought in a guest who has been on a journey of transformation of self and technology. Our guest is Chani Simms, managing director of Meta Defence Labs. We talk about what is essential for cybersecurity. If there was a magic box that could solve an issue, what problem would Chani want solved? “People!” They need to be trained, and care, and have buy in. They must be devoted to what they’re doing. They need cultural awareness and support – it isn’t easy and the hardest job.
When it comes to leadership, organizations need to use people already in the organization. It is important to know what they’re trying to do. You have to use security as an enabler. Leadership is responsible for communicating objectives and goals.
Key Takeaways
0:00 Previously on Hacker Valley Blue
1:36 In this episode
3:10 Background and day job
5:37 Cyber essentials
13:46 Keeping up to date
15:26 Access control
17:07 Security hygiene
19:48 Magic box
21:32 Leadership fundamentals
26:22 Formula 1 analogy
28: 46 Wrap up
Links:
Email: info@metadefencelabs.com
Sponsored by Axonius
Tuesday May 18, 2021
Tuesday May 18, 2021
Know thy organization is key! Wise words from the powerful Marcus J. Carey. Don’t be afraid to admit the bad stuff and be honest about the situation. Most of the time people get fired because they are scared to admit the failure.
You have to build a tight network of people you trust who will be brutally honest with you. You need those people who are going to tell you the truth. Other people will see your superpowers before you do. Superman didn’t know he was different, but others saw the differences and the strengths he didn’t even realize he had. Always pay attention to how people react to what you do, then you will figure out what you are really good at. We over emphasize what we suck at and ignore what we are good at. Don’t do that. You need to understand how amazing, awesome and beautiful you are. Double down and double down hard. Do not be afraid to show your talents and be confident in your superpower.
In security, there is a role for everybody.
Key Takeaways:
1:40 In this episode
2:12 Welcome
3:40 Marcus background
4:57 What lead Marcus to cyber
7:09 Self discovery
9:48 Creations and inventions
14:22 Gathering and retaining information
17:53 Auxiliary skill
21:35 Abilities and mission
25:26 Overlooked areas
31:44 Advice to others
35:41 Staying up-to-date with Marcus
Links:
Learn more about Hacker Valley Studio
Support Hacker Valley Studio on Patreon
Follow Hacker Valley Studio on Twitter