Hacker Valley Studio

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview Patrick Coughlin, Co-Founder and CEO of TruSTAR. Patrick began his career as a security analyst in Washington D.C. and the middle east. By working with government contractors, multinational corporations, and counter-terrorism units, Patrick learned that the biggest challenge that security analysts have is retrieving the needed information from disparate data sources. This discovery led Patrick to founding TruStar. Patrick’s focus is to help organizations automate the collection and curation of threat intelligence data.

Patrick’s analytical prowess originated from working at Booz Allen Hamilton where he learned a fundamental skill that all cybersecurity analysts should have - how to put together a slide deck. This skill helped Patrick articulate the importance of threat intelligence to leaders in the government and private sector. 

As the episode progresses, Patrick details the differences between threat intelligence requirements for national security and enterprise. For enterprise threat intelligence programs, the goal is to accelerate automation of detection and rarely attribution. Patrick also mentions automation is only as effective as the data is cleaned, normalized, and prioritized. 

What about the good, bad, and ugly of threat intelligence? Patrick describes that an organization can thrive by leveraging internal intelligence. This can be overlooked when organizations are fixated on buying threat data feeds and subscribing to ISAC feeds. Most enterprise organizations have a detection and response stack that is constantly providing information about threats relevant to their organization - which serves as great threat intelligence data.

Chris and Ron ask Patrick about the science vs art aspects of cybersecurity and threat intelligence. Patrick describes that there is room for both art and science in threat intelligence. While new concepts are being discovered, there is art in finding the needle in the haystack. However, at some point, intuition can be described into steps that a machine can repeat. For example, after years of analytical practice an analyst can describe how and why they are tagging threat intelligence related data in such a way that can be repeated by other analysts or automation. 

This episode covers an abundance of tactics and techniques for threat intelligence analysts. Patrick describes the best place to begin automating threat intelligence is detection. An analyst can ask the question, “How do I get sources of known bad indicators into my detection stack so that I could drive high fidelity detections?”. As false positives decrease, your mean time to detection (MTTD) and resolution (MTTR) decrease which makes your threat intelligence and security operation team members more effective.

 

0:00 - Intro

1:53 - This episode features Patrick Coughlin, Co-Founder and CEO of TruSTAR

2:30 - Patrick’s background and start as a security analyst

5:19 - How to automate threat intelligence while reducing analyst fatigue

7:05 - How Patrick cultivated his analyst prowess

8:43 - Articulating threat intelligence to government and enterprise organizations

11:09 - Can a threat intelligence program be automated?

17:21 - Patrick’s experience of “good” and “bad” threat intelligence programs

20:31 - Logic vs Intuition in threat intelligence

27:04 - Artificial Intelligence and Machine Learning to make threat intelligence decisions

28:42 - Where to start when automating threat intelligence

30:02 - How to stay in touch with Patrick Coughlin

 

Links: 

Connect with Patrick Coughlin on LinkedIn

Link to Patrick’s company TruSTAR

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek. 

Take our FREE course for building threat intelligence programs by visiting www.hackervalley.com/easy

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview Neil Bearden, storytelling expert and founder of The Story School and Plot Wolf Ltd. Neil originally started his career by teaching statistics and behavioral economics but had an astonishing introduction to storytelling by a stranger in San Francisco.

The episode begins by Neil sharing that he began his career in academia by completing a PhD in psychology which led to him teaching statistics, behavioral economics and behavioral decision-making. At some point, Neil found that he had a passion for storytelling and started the first MBA course at our INSEAD university on storytelling called storytelling workshop. Teaching storytelling at university helped Neil discover that the storytelling market is the entire world! Which ultimately led to his recognition and founding companies that help individuals tell their greatest stories. 

While completing his postdoctoral studies at Duke University in 2005, Neil attended a neuroscience conference in San Francisco where he decided to go for a walk and ran into a stranger that asked him, “Would you like to hear some poetry young man?”. After Neil agreed, the man said:

“They’re latent semantics embedded deep down inside these rambles; these aren't the ravings of a madman alone, the dark with candles. 

These are my notes, the underground they were sent to me from the year 2012

Dusky as he said to a beat these lyrics, they were pinned in a prison cell

Caught up with a knife, sent to the compression of vacuum tubes that articulate expressions 

Are readily answered with a question. 

A rhythm that's progressing

It keeps the head nodding like you agreeing with the lesson

Your freedom, It's called the question - Free will. That's obsolescent. 

It's a myth from long ago. It's no longer relevant to the present. 

So you must obey then all your thoughts young man, you must replace them with this prism. You’re plugged into the system. You too are now in prison. 

In the matrix of your mind known as walls, ancient wisdom in a system of symbols, encrypted and deeply hidden 

In the depths of your unconscious as if it were forbidden from outside awareness, by the id who does its bidding”

The man introduced himself as Osiris, a poet. For several hours, Neil and Osiris shared life experiences together while Osiris recited poems at his own accord throughout the night. After departing, Neil never had the opportunity to meet Osiris again but did attempt to track him down years later with no luck.

After the introduction to Osiris, Neil made a commitment that he’d begin writing poetry and cultivate the courage to share his stories publicly. Neil learned that he could halt beer bottles from clinking, discussions happening, and have listeners lean in while telling a great story. This compelled Neil to pivot from teaching statistics at university to teaching storytelling. After teaching storytelling for many years, Neil realized that he wanted to make a bigger impact and become an entrepreneur and teach storytelling to anyone who needs it.

Today, Neil helps companies and individuals add spice to their stories by extracting the details of a story that helps listeners internalize and visualize the nutrient rich details of a story. Neil is often humbled by the fact that he was able to pivot to a psychology PhD to storyteller organically and is able to help so many through having conversations. 

As the podcast progresses, Neil highlights the difference between a story and a “crappy little speech”. While telling a story, the presenter needs to invoke a visual experience for the audience and provide a mental movie. Providing description of looks, taste, and feel helps build a mental model for the audience when being told a story. Everyone has experiences and knowledge that is story worthy.

 

0:00 - Intro

2:52 - This episode features Neil Bearden, founder of The Story School and Plot Wolf Ltd

3:57 - Neil’s introduction to storytelling by Osiris, the poet.

12:20 - The search for Osiris after 2005

15:09 - How Neil helps companies and individuals with storytelling
18:03 - Difference between a story and a crappy little speech

23:51 - Shaking the dust off of a story and making it great

26:00 - Using previous experience from statistics to tell stories

36:36 - Advice for beginning to tell your story

41:00 - How to stay in touch with Neil Bearden

 

Links: 

Connect with Neil Bearden on LinkedIn

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek. 

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview the brilliant Dr. James Stanger, Chief Technology Evangelist at CompTIA and scuba diving aficionado.  The episode is a kind of journey through time - touching on the past, present, and future of cybersecurity.  

As the conversation begins, James looks to the past, sharing about himself and his background.  He studied English Literature, worked as a technical editor and then writer, worked in education, and finally made his way to a position with CompTIA.  All along, James demonstrated his propensity for combining aspects of his knowledge and experience, a propensity revealed most recently by the way in which his work for CompTIA merges education and cybersecurity.  James’ background has an incredible evolution to it, and has set him up to be a well-rounded and knowledgeable addition to the cybersecurity field.

And his knowledge comes in handy, as much of James’s work involves answering client questions.  James shares with Ron and Chris about current trends of questions he’s facing, as well as how he encourages agility in the face of emerging technology.  Further, he explains the term, “ambient computing” and its tie to emerging tech, concluding that we are entering a hyper- or post-information age in which data is collected at an incredible rate.  Data is in the air, captured, and processed, with massive stores of information about individuals available.  This fact raises questions about how to ethically manage the data, and how to make sure it is used well.  These questions, in turn, lead to considerations of business compliance, ramifications, and the like.  As the conversation winds down, James shares areas of opportunity he sees in approaching cybersecurity from a business perspective, and explores ways in which he’d like to see the future of cybersecurity take shape - including an uptick in IT hiring, a stronger focus on implications, and more!

0:00 - Intro

1:41 - This episode features Dr. James Stanger, who begins by sharing about his background.

5:25 - What kinds of questions are companies and individuals asking these days?

8:04 - How is Dr. Stanger advising companies to pursue agility in light of emerging tech?

11:19 - What is ambient computing?

13:43 - The conversation turns to ethics, understanding of ramifications, and business compliance.

17:02 - What areas of opportunity does James see in approaching cybersecurity from a business perspective?

21:01 - James shares about what he wants the future of cybersecurity to look like.

 

Links: 

Follow James Stanger on Twitter

Connect with James on LinkedIn

Learn more about CompTIA

Follow CompTIA on Youtube 

Learn more about Hacker Valley Studio

Support Hacker Valley Studio on Patreon

Follow Hacker Valley Studio on Twitter

Follow Ronald Eddings on Twitter

Follow Chris Cochran on Twitter

Learn more about ByteChek

Want to take the Introduction to EASY Framework Course with Ron and Chris? Take it for FREE here: www.hackervalley.com/easy

In this episode of the Hacker Valley Studio podcast, Ron and Chris are joined by Suzanne Falter, an author, motivational speaker, and podcaster who helps busy women find happiness through self care. In 2012, she ended her relationship, shut down her business, and her 22 year old daughter, Teal unexpectedly died. In the year that followed, she says she did nothing but take exceptional care of herself. Living in a friend’s guest room, she learned to slow down and practice self care.

Years later, Suzanne met the young woman who received Teal’s organs, and her mother, Debbie. Now, Debbie and Suzanne host the Back to Happy podcast together. Suzanne explains their instant chemistry, and how meeting them allowed pieces of life to fall together. These days in addition to the podcast, Suzanne has continued slowing down her life, working as an author and podcaster. She shares that she’s done this through choosing to slow down and practice meditation. She recommends taking a break from screens and starting to do small moments of life without them. It can be difficult, she says to start mindfulness from a healthy mental state, for those with depression or other mental health concerns, she says your first priority is to get help. Help can come in many forms, and it’s okay to reach out and ask for it. 

To keep your alignment in check, and be able to sit in stillness, Suzanne says you have to have strong boundaries. This means recognizing what is encroaching on you. Once you’ve identified it and set that boundary, you can sit and do nothing which takes your brain into default mode. Default mode is where creativity and problem solving happens. In the midst of the pandemic, this can be difficult. Suzanne recommends small tasks that keep your hands busy, but allow your brain to relax as a start. She says avoid telling yourself what you “should” do, and think about what the next right thing to do is instead - one step at a time. 

As the episode ends, Suzanne gives her advice to listeners for how to get back to happy.

0:00 - Intro

1:42 - Listeners are introduced to Suzanne and the episode ahead.

3:15 - Suzanne shares her background.

5:58 - How do you get back to happy after something tragic happens?

11:43 - Suzanne gives advice for how to slow down.

14:08 - Mindfulness practices.

21:53 - Suzanne explains the default mode.

24:42 - How can folks get back to happy in a pandemic?

32:41 - Suzanne’s advice to listeners.

 

Links:

Learn more about Suzanne Falter and connect with her on Twitter

Learn more about Suzanne’s books.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor Bytecheck.

In this episode of the Hacker Valley Studio podcast, Ron and Chris are joined by co-founders of Material Security, Ryan Noon and Abhishek Agrawal. They co-founded Material Security in 2017, today Ryan serves as the CEO, and Abhishek the CTO. Abishek has a background in engineering, infrastructure and analytics and his MBA from Harvard.  Ryan’s background is in engineering and data analysis, and holds multiple computer science and security degrees from Stanford. Before they moved on to creating their own company, they worked together at DropBox.

While they both have a strong engineering background, they are developing a security product. Ryan explains that coding and engineering is why he’s able to work in cyber security, all his years of engineering helped him make a reliable and effective product. Abhishek agrees that both their different backgrounds have carried over into the security industry and says the lessons he learned in productivity and engineering have been incredibly useful. Despite these diverse backgrounds, Ryan says going into security was an easy decision. “Go to where the problems are,” he says. Around the time of the founding of Material Security, there were a lot of problems with email. Abhishek agrees, and says he’s always been interested in email and how it’s being destroyed by threats. 

When hackers access your email, what are they looking for? Abhishek explains that they may be downloading all of its contents, or resetting passwords to services like Twitter or Instagram. Material Security works to ask those questions and stop the effectiveness of a breach in email security. This shifts the focus from all the ways someone may hack you, to the implications of that hack. Ryan likens it to a burglary, explaining that their security is less about all the doors and windows - ways to get into your home - but rather what someone may want once they’re inside.

There is a lot of hand wringing in startup land, Ryan says, but there is no one right way to do it. The startup can burn you out, and what made Material Security’s leadership work was the reliance on each other, both he and Abhishek and their third co-founder, Chris Park. For them, this was the magic answer, having a third person gives them a tie breaker and someone who could cut through the noise with clarity. Abhishek agrees, joking that they compliment each other by Ryan giving long detailed answers, and Abhishek can summarize his thoughts. In all seriousness, this balance of responsibility and strengths requires a level of trust and lack of ego but makes the team work smoothly. Having unique skill sets is important, but Abhishek explains overlap is important as well because you can speak the same language and push each other for the best solutions.

When you come from similar backgrounds, no one is the authority and ideas get pressure tested. One of the challenges is using this overlap of skills for good - not letting it paralyze you. Another challenge they faced is knowing where to question and press industry standards, versus where to accept and excel at current practices. When thinking over their challenges and journey they offer some advice to new founders. Ryan stresses, “stop trying to get into things.” People can fall into the trap of trying to get into college, programs, and industries, and end up giving up some of their productivity and creativity to others. He also encourages people to know their partners and communicate with them about everything. Abhishek says people should divorce the idea of leaving their job from starting a company. Instead you should decide if you’re ready to leave your current job and then if you want to go to a new company or start your own.

 

0:00 - Intro

1:40 - Listeners are introduced to co-founders of Material Security and the episode ahead.

3:05 - Ryan and Abhishek introduce themselves. 

5:38 - How do engineering and cyber security intersect?

8:39 - Why did Ryan and Abhishek decide to go into security?

14:28 - Ryan and Abhishek explain what hackers do when they’ve gotten into email.

18:08 - How do Ryan and Abhishek navigate their relationship?

24:19 - Ron asks Ryan and Abhishek about the challenges of the founder’s journey.

26:45 - What piece of advice do they have for new founders?

 

Links:

Learn more about Material Security.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.