
Dennis Underwood joins host Manoj Tandon in this episode of Security Confidential. Dennis shares about his military background and how he turned to cyber to help shape his career. He is an Veteran, Father, Cryptographer, Threat Hunting Expert, and Ransomware Expert. Among his 10 years of combat experience, Dennis also has over 20 years experience being an Entrepreneur.
00:00 Introduction
01:00 Military Background
10:50 A Career in Cyber
11:50 Ransomware
16:13 Executive perspective
21:46 The Cloud and How it affects you
25:30 Speed bump Security
27:07 Rate of Encryption
31:30 Cyber Crucible
39:00 Chaos Monkeys
42:40 B-Sides PGH
45:22 Outro
To learn more about Dennis visit https://www.linkedin.com/in/dennis-underwood/
Be sure to check out https://www.cybercrucible.com/
To learn more about Dark Rhino Security visit https://www.darkrhinosecurity.com
Aug 30, 2021
46 min

Mia Landsem joins host Manoj Tandon in this episode of Security Confidential. From Norway, Mia discusses how a series of unfortunate events led into an astonishing Career choice. Mia has used her skills in cybersecurity to help many people. She has focused her attention on image abuse which led to a nomination in 2021 as Cybersecurity Women of The Year. She is a best selling author, has numerous TV appearances, lectured at over 300 schools, and has helped train law enforcement on pursuing criminals posting pictures of minors.
00:00 Introduction
01:16 How Mia got into Cybersecurity
03:17 Making The Olympic Team
04:27 Learnings from sports training applied to cybersecurity
07:20 Advice on Cyberbullying
09:30 Law enforcement response to Cyberbullying
11:00 The Law and illicit pictures of minors
16:54 Using Cyber knowledge to stop Image Abuse
22:21 Changing the Laws on Image Abuse
24:14 Working with the Police
29:51 Cybersecurity Woman of the Year
31:03 Privacy rules and catching pedophiles
36:20 Moving forward
42: 45 How illicit pictures are propagated
53:23 Can pedophiles recover?
55:00 Contacting Mia
Aug 17, 2021
58 min

Laura Tich, founder of SheHacks_KE and Cybersecurity Women of The Year Nominee joins host Manoj Tandon on this episode of Security Confidential. Laura along with SheHacks_KE has helped over 400 people on their Cybersecurity Career journey. She discusses:
00:00 Introduction
01:30 What led to the nomination of Cybersecurity women of the Year?
03:27 Why focus on Information Security
05:40 High tech environment in Kenya
08:20 The work of SheHacks_KE
10:44 Cybersecurity threats Kenyan business face
13:30 Cybersecurity awareness in Kenya
15:16 Personal security challenges
17:14 The people impact of SheHacks_KE
18:37 Ransomware impacts in Kenya
22:00 Providing defense in depth to organizations in Kenya
26:15 Supporting SheHacks_KE
Aug 9, 2021
27 min

Sean Sweeney is a frequent author and speaker on cybersecurity. In this episode of Security Confidential Sean talks about cloud security. He has a deep background in cloud security.
Sean currently leads the Field CISO and Cloud Security Advisor group within Oracle North America Cloud Engineering. In his prior role Sean was with Microsoft where he was the Global Chief Security Advisor. Sean is a previous Chief Information Security Officer at the University of Pittsburgh, and Litigation Support Applications Manager for the U.S. Department of Justice. Sean began his career as a Database Administrator for ExxonMobil and the U.S. Department of the Interior.
00:09 Sean Sweeney’s Background
01:38 From DB Admin to CISO
05:00 Helping Dave Hickton prosecute cyber criminals
06:52 The future of cybersecurity
07:20 SAS, PAS, IAS-Your responsibilities in cloud cybersecurity
13:33 If IP is exfiltrated from the cloud app, whose responsible?
14:30 What gets popped in the cloud environment!
15:23 What is the difference between zero trust and SASE?
19:45 What is the order of implementing elements of SASE or Zero Trust
23:10 The role of MDM in BYOD
26:54 Too much friction is a risk
32:27 Should the CISO work for the CIO?
36:58 How do you secure hybrid cloud environment?
42:34 Accelerator Program at Oracle
45:49 Dealing with Ransomware
50:26 Struggling with vulnerability management
To learn more about Dark Rhino Security
Jul 26, 2021
55 min

#SecurityConfidential #DarkRhinoSecurity
Strategist and best-selling author Michele Wucker coined the term “gray rhino” for obvious, probable, impactful risks, which we are surprisingly likely but not condemned to neglect. The metaphor has moved markets, shaped financial policies, and made headlines around the world. It became a frame for the ignored warnings that led to the COVID-19 pandemic and a lyric in a hit BTS single about depression. Michele’s 2019 TED Talk has attracted 2.5 million views. She is the author of four books including the global bestseller THE GRAY RHINO: How to Recognize and Act on the Obvious Dangers We Ignore; and the new book YOU ARE WHAT YOU RISK: The New Art and Science of Navigating an Uncertain World. A former media and think tank executive who began her career writing about emerging market finance, Michele is founder of the Chicago-based strategic advisory firm, Gray Rhino & Company. She speaks regularly to high-level audiences on risk management, the global economy, and decision-making, and is quoted often in leading media. She has been recognized as a Young Global Leader of the World Economic Forum and a Guggenheim Fellow, among other honors. Visit her website at www.thegrayrhino.com or www.wucker.com; follow her on twitter @wucker.
00:00 Introduction
01:22 How the name Grey Rhino was coined
05:45 Why companies put off dealing with Risk
10:55 What is an individual’s risk fingerprint
12:26 Does nature or nurture win on defining One's risk fingerprint?
14:01 Are there one or two that stand out in shaping One's risk fingerprint?
21:28 Millennials and risk
24:58 The risk muscle
28:09 Building your risk muscle
34:05 Genetics and risk
40:00 How to change an organization's risk fingerprint
45:30 https:/Thegreyrhino.com
45:53 Newsletter Around my Mind
Jul 13, 2021
46 min

Naomi Buckwalter joins Security Confidential as a guest on this episode. Naomi has over twenty years of experience in Cybersecurity, two degrees from Villanova, and has worked at great companies like Vanguard. She brings her wealth of knowledge on Cybersecurity and discusses all the foundational elements of a great cybersecurity program from hiring the right people, Cybersecurity's effects on everyday life, shifting left in Cybersecurity to enhance it, using Cybersecurity as a revenue generator, all the way to quantifying risk and explaining it to the C-Level. There is something in this discussion for everyone interested in Cybersecurity.
00:00 Introduction
01:18 The demand gap in Cybersecurity for personnel
12:06 Cybersecurity bleeding into everyday life
19:11 Gatekeeper and created hindrances in Cybersecurity
19:45 Crafting a defense in depth architecture
23:00 The importance of explaining of the why in Cybersecurity to people
25:00 Christian Espinosa The Smartest Person in the Room: The Root Cause and New Solution for Cybersecurity
25:46 Diversity of thought
28:00 Convincing executives to take on fresh Cybersecurity talent
32:00 Is being a women in Cybersecurity is a plus?
37:20 Shifting left in Cybersecurity-what is that?
44:10 Quantifying and communicating cyber risk to the c-level
46:14 Understanding corporate revenue channels and their importance to Cybersecurity
47:37 Using Cybersecurity as a revenue generator
51:38 Cybesecuritygatebreakers.org
Jul 6, 2021
54 min

#SecurityConfidential #DarkRhinoSecurity
Charles Herring, CTO of witfoo, joins this episode of Security Confidential. Charles started his career in Information Security in 2002 with the US Navy, serving as the Network Security Officer at the US Naval Postgraduate School. Charles has been a contributing product reviewer for InfoWorld Magazine and spent 7 years running Herring Consulting a firm dedicated to process orchestration. Charles is dedicated to maturing the craft of Infosec.
00:00 Introduction
02:12 Getting a start in Cybersecurity and transition to civilian life
13:22 7 unstable conversations in Cybersecurity
14:40 Establishing a unit of work-increasing deterrence
20:04 Law Enforcement success with cyber crimes-Sharing Information
24:34 How to vet the quality of Threat Intelligence
26:47 Dealing with the Unknown-Unknowns-Zero Day Attack
33:26 1st unstable conversation-understanding all the data from the toolsets
36:36 2nd unstable conversation-managing the investigators
37:28 3rd unstable conversation-security practice communicating with the business
40:23 4th unstable conversation-security vendors lie
41:42 5th unstable conversation-challenges in sharing information by orgs
42:00 6th unstable conversation-law enforcement sharing information
42:04 7th unstable conversation-law enforcement lacks evidence to prosecute
43:30 What is witfoo?
48:24 https://www.logfibber.com
50:10 Breaking in Bad
Jun 28, 2021
52 min

Manoj Tandon, one of the founders of Dark Rhino Security, appeared on Pittsburgh Technology Council's TechVibe Radio on ESPN 970. This is a complete repost of the show which is wholly owned and operated by the Pittsburgh Technology Council. The Mythbusting in Cybersecurity starts at time marker 15:55. Please subscribe and leave your comments.
Jun 21, 2021
29 min

#SecurityConfidential #DarkRhinoSecurity
Fredrik Oedegaardstuen joins Dark Rhino's Security Confidential to discuss Open Source software in cybersecurity. Fredrik the is the CEO of Shuffle, an automation platform. He has been a software engineer and has extensive experience in SOC operations in an MSSP environment. Fred discusses many topics ranging from monetizing open source software, myths with open source, architecture and design, silver bullets in cybersecurity, and provides cautionary advice.
02:34 Why Tokyo
04:13 Open source and cybersecurity
06:37 Monetizing Open Source Software
12:17 Myth of Open Source tools being not that secure
13:29 Shuffle-The security automation platform
18:40 Architecture of Shuffle inspired from the NSA
26:21 Integration of disparate systems
32:26 Tools and Silver Bullets in Cybersecurity
34:09 Does the role of the analyst change with Shuffle?
40:04 Cautionary advice on automation
Frikkylikeme is Fredrik's Twitter Handle
Jun 14, 2021
46 min

Hans Vargas Silva joins this episode of Dark Rhino Security's Security Confidential Podcast and Videocast. Hans is a leader in cybersecurity leader. He has extensive experience in the field. Hans has worked with Sallie Mae and is currently with Marathon Petroleum. He has a great academic background with degrees and certificates from Purdue, MIT, and Harvard. He provides his thoughts and experiences on protecting critical infrastructure from cyber intrusions, compliance and cybersecurity, giving back to the community and much more.
01:13 How Hans got into Cybersecurity
04:00 How education shapes a career in Cybersecurity
08:56 Critical Infrastructure and Cybersecurity
19:40 Compliance is a low bar for Cybersecurity
23:57 Incomplete deployments of Cybersecurity solutions
24:49 How to communicate cyber risk
29:58 The dilemma of regulators
34:44 Sharing security information with the Federal Gov’t
39:20 Contributions to infosec from academia
42:25 Giving back and volunteering
To learn more about Team Rubicon
Jun 7, 2021
51 min
Load more
