Hacker Valley Studio

In this episode of the Hacker Valley Studio podcast, Ron and Chris are joined by Tia Hopkins, Founder of Empow(H)er Cybersecurity with the focus of empowering mentoring, educating, and providing opportunities for women of color. Tia is also VP, Global Solutions Engineering at eSentire.

The episode begins by Tia describing her early interests in technology. She began exploring her interest by taking apart her family computer - After her mom found out that she disassembled the computer, she quickly learned that she had to reassemble it before there were consequences. Early in Tia’s career she worked at phone companies installing DSL, IT operations, and managing technology focused teams. Tia has always been a doer and problem solver which led to resistance when first being called to become a leader. She was initially concerned that if she wasn’t hands-on with technical issues that she wouldn’t be as effective as a leader. However, she discovered that as a leader she can leverage her experience to have a broader impact through her team. 

As the episode progresses, the cast chat about “Happy Accidents”. Tia had the opportunity to get involved with the Social Movement project by a coincidental conversation with a stranger at a cybersecurity conference many years ago. The premise of the project is 4 days to change the world. Tia’s challenge during the project was to solve racism issues by bringing brilliant minds together. Tia mentions that the challenge is a tall order but great minds in the world can solve any problem.

During COVID-19, a lot has changed for Hacker Valley Studio - Ron and Chris used to record in the same studio but now record separately due to the lockdown. Despite this difference in production, HVS has been able to scale and grow by dividing and conquering tasks. Tia can relate to this sentiment because without COVID-19 she likely would have not started Empow(H)er Cybersecurity. In addition to starting her foundation, Tia has also started a PhD program. When asked her about her superpower, Tia describes her ability to get things done. As a former athlete, Tia has a growth mindset and is determined to accomplish her goals.

 

Meaningful moments in the podcast:

0:00 - Intro

1:51 - Tia Hopkins on Hacker Valley Studio Podcast

2:39 - Tia’s background and start in technology

4:24 - Tia’s perspective on being a leader

7:17 - Induction in the American Football Hall of Fame

9:01 - Social Movement Season 2

14:30 - Developing and working on your craft

16:50 - What has changed since COVID-19

19:00 - Tia’s Superpower

24:13 - Personal resiliency techniques

28:47 - How to stay in touch with Tia Hopkins

 

Links:

Connect with Tia Hopkins on LinkedIn.

Follow Empow(H)er Cybersecurity on Twitter and LinkedIn

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor AttackIQ. 

In this episode of the Hacker Valley Studio podcast, Ron and Chris are joined by Chris Castaldo, Chief Information Security Officer at Crossbeam and author of Start-Up Secure: Baking Cybersecurity into Your Company from Founding to Exit. Throughout his career, Chris noticed that the same cybersecurity related problems surface but there are many different ways to solve them.

Chris has always been passionate about startups and has plans to one day start his own company. While going through lists of top 10 books for startups and entrepreneurs he didn’t find any that mentioned how to do cybersecurity at a startup. This a significant gap for startups, not baking in cybersecurity early results in expensive rework 4-10 years after the startup is founded. This led to Chris writing Startup Secure - his goal was to create a guide and methodology for startup founders to avoid the expensive mistake of not baking cybersecurity into the startup in the beginning.

As the episode progresses, Chris highlights the difference in challenges for startups that are B2B (Business-to-Business) vs B2C (Business-to-Consumer). Cybersecurity startups must weigh the risks of building a product and building a secure company. It’s easier to implement all of the security controls offered by a solution when the startup is 20 employees or less because there is less impact on users and business functions. When cybersecurity startups are selling to organizations with cybersecurity teams, the startup is asked tough questions. For example:

• What is your vendor review process?
• Is your startup leveraging cloud security controls?
• What is your privacy policy?

 

As a cybersecurity professional, Chris emphases the importance of networking with other professionals. There is an increase in virtual conferences and adoption of LinkedIn. Asking questions to the leaders in the field and providing mentorship to others both provide a significant impact while cultivating your career. Chris also highlights the importance of following up on conversations to build relationships and securing opportunities. 

When transitioning from engineer to CISO, Chris found that being intentional and purposeful with his time was impactful in his transition. He developed these skills by reading books about stoicism. He found that focusing on “the right thing to do” was tough because of constant distractions but being purposeful was the solution to distraction. Instead of focusing on all the things that were on his plate he would break down his goals into smaller chunks and give them his undivided attention for a specific amount of time.

 

Moments During This Podcast:

0:00 - Intro

1:57 - Chris Castaldo on Hacker Valley Studio Podcast

2:47 - Chris’ start in cybersecurity as a red team member

3:50 - Why did Chris write his book Startup Secure

6:58 - Challenges of implementing cybersecurity at a startup

9:56 - What excites Chris about cybersecurity

13:35 - How do you immerse yourself in learning about cybersecurity?

17:33 - Surprises when transitioning from engineer to CISO

22:43 - Core tenants of solving hard problems

25:53 - Protecting the crown jewels at an organization during a breach

33:38 - Advice on sharing knowledge with the world

 

Links:

Pre-order Start-Up Secure: Baking Cybersecurity into Your Company from Founding to Exit

Learn more about Chris Castaldo and connect with him on LinkedIn.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

The tables have turned on Ron and Chris this episode and they are interviewed by guest host, Carole Theriault! Besides being a two-time guest on the Hacker Valley Studio Podcast, Carole is producer and host of the Smashing Security Podcast and Sticky Pickles podcast. Carole put together 7 serious questions and 7 funny questions to interview Ron and Chris.

 

Question #1 - How did you get into podcasting?

Ron - describes his entry into podcasting as a surprise. Ron had set up a studio at his home in San Jose, California with the intention to create YouTube videos. When Chris relocated to the area, he suggested that the two get on the microphones and have a conversation to see where it goes - Where the two began speaking about Cybersecurity Alchemy. 

Chris - Before moving to Silicon Valley, Chris experimented with content creation on Instagram and worked with professionals to document his weight loss journey. This experiment went well but left Chris hoping to make a greater impact through content creation.

 

Question #2 - What are the most surprising lessons you learned from podcasting

Carole begins by describing her most surprising lesson is the sheer amount of work.

Chris was surprised about all of the aspects that go into a quality production. For example, mastering the sound of the podcast.

Ron describes the most surprising lesson being the work that goes into show notes and the conversion of full-length topics into bite sized nuggets.

 

Question #3 - What trait do you like most in your podcast partner

Ron - Chris’ accountability and availability. We meet together daily during the week to discuss goals, challenges, and collaboration opportunities. When help is needed, Chris is consistently there to help.

Chris - Ron’s calm, understated competitiveness nature. The competitive nature pushes both of us to get better everyday. 

 

Question #4 - What do you worry most about when creating an episode of Hacker Valley Studio?

Chris - Capturing great quality audio. During post-production, we can fix nearly everything like “ahs”, “ums”, awkward pauses but not poor quality audio. Carole can relate to this technical difficulty as she has experienced difficulties with hearing feedback from internal microphones on her podcasts

Ron - HVS has had over a hundred episodes and around 10% of the guests have never been on a podcast. When recording with the 10% that have not been on a podcast before Ron’s main goal and concern is to ensure that the guest is comfortable. Creating an environment where guests can share their story and as.king great questions creates raving fans of our content through our listeners and guests

 

Question #5 - Who does more of the work on the podcast?

Ron - Chris is the GOAT for the HVS podcast. In the very beginning, Ron said that he did most of the work. In the beginning Ron was editing the video and audio for the podcast but at some point, Chris became curious about the audio editing process and fell in love with the process and built a strong foundation for rapidly increasing the quality of Hacker Valley Studio content.

 

Follow up to Question #5 - Chris do you appreciate about Ron’s contribution to the podcast?

Chris - Our chemistry. Episode one shows our chemistry because even though we did not have any experience podcasting, we still had a great conversational flow. It didn’t take anytime for us to build this chemistry up because Ron is able to read expressions and see where I’m going with questions and answers. Ron has always been able to pick up where I left off and bring up topics that I may forget.

 

Question #6 - Which episode of HVS sticks out most in your mind and why?

Chris - Episode 40 with Daniel Meade. This episode started out with us speaking with Daniel about AppSec but had many turns where we got to experience Daniel’s authentic humor and moments of growth throughout his life. This episode helped shape the future of Hacker Valley Studio.

Ron - Episode 104 with Robin Black. This episode has very little connection with technology and cybersecurity but focuses on the auxiliary skills that make practitioners at any craft great. Robin is fascinated with his work and crossing the chasm to gain expertise from similar or related fields.

 

Question #7 - What does success mean for Hacker Valley Studio?

Ron - Having fun during the process. Chris and I are extremely successful at this point because we’ve been enjoying creating the process everyday. We are lucky enough to speak to experts, work with vocal coaches, and learn how to make quality productions each week.

Chris - The impact on the listener. We’ve received emails and messages on social media from listeners that have thanked us for helping them get into cybersecurity and promoted within their field. We’ve been able to create our own journey and be part of others journeys.

 

Moments During the Podcast

 

0:00 - Intro

1:22 - Carole Theriault takes over Hacker Valley Studio! 

2:50 - How Chris and Ron got into podcasting

5:06 - Would you rather be 8 foot tall or have eight feet?

5:55 - What are the most surprising lessons you learned from podcasting?

8:13 - If you were on a desert island, what luxury item would you bring?

9:10 - What trait do you like most in your podcast partner?

11:17 - What's your favorite thing to do outside of work and family responsibilities?

14:07 - What do you worry most about when creating an episode of Hacker Valley Studio?

18:55 - What is one thing any friend or family member could do to make you laugh or smile?

20:28 - Who does more of the work on Hacker Valley Studio podcast?

24:50 - Who would play you in a movie?

27:30 - Which episode of HVS sticks out most in your mind and why?

37:16 - How would you define success for Hacker Valley Studio?

 

Links:

Our guest host Carole Theriault

Carole’s podcast - Smashing Security and Sticky Pickles

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek. 

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview Patrick Coughlin, Co-Founder and CEO of TruSTAR. Patrick began his career as a security analyst in Washington D.C. and the middle east. By working with government contractors, multinational corporations, and counter-terrorism units, Patrick learned that the biggest challenge that security analysts have is retrieving the needed information from disparate data sources. This discovery led Patrick to founding TruStar. Patrick’s focus is to help organizations automate the collection and curation of threat intelligence data.

Patrick’s analytical prowess originated from working at Booz Allen Hamilton where he learned a fundamental skill that all cybersecurity analysts should have - how to put together a slide deck. This skill helped Patrick articulate the importance of threat intelligence to leaders in the government and private sector. 

As the episode progresses, Patrick details the differences between threat intelligence requirements for national security and enterprise. For enterprise threat intelligence programs, the goal is to accelerate automation of detection and rarely attribution. Patrick also mentions automation is only as effective as the data is cleaned, normalized, and prioritized. 

What about the good, bad, and ugly of threat intelligence? Patrick describes that an organization can thrive by leveraging internal intelligence. This can be overlooked when organizations are fixated on buying threat data feeds and subscribing to ISAC feeds. Most enterprise organizations have a detection and response stack that is constantly providing information about threats relevant to their organization - which serves as great threat intelligence data.

Chris and Ron ask Patrick about the science vs art aspects of cybersecurity and threat intelligence. Patrick describes that there is room for both art and science in threat intelligence. While new concepts are being discovered, there is art in finding the needle in the haystack. However, at some point, intuition can be described into steps that a machine can repeat. For example, after years of analytical practice an analyst can describe how and why they are tagging threat intelligence related data in such a way that can be repeated by other analysts or automation. 

This episode covers an abundance of tactics and techniques for threat intelligence analysts. Patrick describes the best place to begin automating threat intelligence is detection. An analyst can ask the question, “How do I get sources of known bad indicators into my detection stack so that I could drive high fidelity detections?”. As false positives decrease, your mean time to detection (MTTD) and resolution (MTTR) decrease which makes your threat intelligence and security operation team members more effective.

 

0:00 - Intro

1:53 - This episode features Patrick Coughlin, Co-Founder and CEO of TruSTAR

2:30 - Patrick’s background and start as a security analyst

5:19 - How to automate threat intelligence while reducing analyst fatigue

7:05 - How Patrick cultivated his analyst prowess

8:43 - Articulating threat intelligence to government and enterprise organizations

11:09 - Can a threat intelligence program be automated?

17:21 - Patrick’s experience of “good” and “bad” threat intelligence programs

20:31 - Logic vs Intuition in threat intelligence

27:04 - Artificial Intelligence and Machine Learning to make threat intelligence decisions

28:42 - Where to start when automating threat intelligence

30:02 - How to stay in touch with Patrick Coughlin

 

Links: 

Connect with Patrick Coughlin on LinkedIn

Link to Patrick’s company TruSTAR

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek. 

Take our FREE course for building threat intelligence programs by visiting www.hackervalley.com/easy

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview Neil Bearden, storytelling expert and founder of The Story School and Plot Wolf Ltd. Neil originally started his career by teaching statistics and behavioral economics but had an astonishing introduction to storytelling by a stranger in San Francisco.

The episode begins by Neil sharing that he began his career in academia by completing a PhD in psychology which led to him teaching statistics, behavioral economics and behavioral decision-making. At some point, Neil found that he had a passion for storytelling and started the first MBA course at our INSEAD university on storytelling called storytelling workshop. Teaching storytelling at university helped Neil discover that the storytelling market is the entire world! Which ultimately led to his recognition and founding companies that help individuals tell their greatest stories. 

While completing his postdoctoral studies at Duke University in 2005, Neil attended a neuroscience conference in San Francisco where he decided to go for a walk and ran into a stranger that asked him, “Would you like to hear some poetry young man?”. After Neil agreed, the man said:

“They’re latent semantics embedded deep down inside these rambles; these aren't the ravings of a madman alone, the dark with candles. 

These are my notes, the underground they were sent to me from the year 2012

Dusky as he said to a beat these lyrics, they were pinned in a prison cell

Caught up with a knife, sent to the compression of vacuum tubes that articulate expressions 

Are readily answered with a question. 

A rhythm that's progressing

It keeps the head nodding like you agreeing with the lesson

Your freedom, It's called the question - Free will. That's obsolescent. 

It's a myth from long ago. It's no longer relevant to the present. 

So you must obey then all your thoughts young man, you must replace them with this prism. You’re plugged into the system. You too are now in prison. 

In the matrix of your mind known as walls, ancient wisdom in a system of symbols, encrypted and deeply hidden 

In the depths of your unconscious as if it were forbidden from outside awareness, by the id who does its bidding”

The man introduced himself as Osiris, a poet. For several hours, Neil and Osiris shared life experiences together while Osiris recited poems at his own accord throughout the night. After departing, Neil never had the opportunity to meet Osiris again but did attempt to track him down years later with no luck.

After the introduction to Osiris, Neil made a commitment that he’d begin writing poetry and cultivate the courage to share his stories publicly. Neil learned that he could halt beer bottles from clinking, discussions happening, and have listeners lean in while telling a great story. This compelled Neil to pivot from teaching statistics at university to teaching storytelling. After teaching storytelling for many years, Neil realized that he wanted to make a bigger impact and become an entrepreneur and teach storytelling to anyone who needs it.

Today, Neil helps companies and individuals add spice to their stories by extracting the details of a story that helps listeners internalize and visualize the nutrient rich details of a story. Neil is often humbled by the fact that he was able to pivot to a psychology PhD to storyteller organically and is able to help so many through having conversations. 

As the podcast progresses, Neil highlights the difference between a story and a “crappy little speech”. While telling a story, the presenter needs to invoke a visual experience for the audience and provide a mental movie. Providing description of looks, taste, and feel helps build a mental model for the audience when being told a story. Everyone has experiences and knowledge that is story worthy.

 

0:00 - Intro

2:52 - This episode features Neil Bearden, founder of The Story School and Plot Wolf Ltd

3:57 - Neil’s introduction to storytelling by Osiris, the poet.

12:20 - The search for Osiris after 2005

15:09 - How Neil helps companies and individuals with storytelling
18:03 - Difference between a story and a crappy little speech

23:51 - Shaking the dust off of a story and making it great

26:00 - Using previous experience from statistics to tell stories

36:36 - Advice for beginning to tell your story

41:00 - How to stay in touch with Neil Bearden

 

Links: 

Connect with Neil Bearden on LinkedIn

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.