Future of Threat Intelligence
Welcome to the Future of Threat Intelligence podcast, where we explore the transformative shift from reactive detection to proactive threat management. Join us as we engage with top cybersecurity leaders and practitioners, uncovering strategies that empower organizations to anticipate and neutralize threats before they strike. Each episode is packed with actionable insights, helping you stay ahead of the curve and prepare for the trends and technologies shaping the future.
Episodes
Thursday Sep 05, 2024
Thursday Sep 05, 2024
In our latest episode of the Future of Threat Intelligence podcast, David chats with Rafal Los, Head of Services Strategy & GTM at ExtraHop and the creative force behind the Down the Security Rabbithole podcast. Rafal discusses his journey from curiosity-driven exploration to a professional career in cybersecurity and the lessons he’s learned along the way.
Rafal shares his extensive experience in cybersecurity, offering insights on transitioning from technical roles to strategic leadership positions. He also talks about common misconceptions in strategic advisement, the importance of understanding the business context, and actionable advice for aspiring leaders. Throughout the conversation, Rafal's practical tips and seasoned perspectives make this episode a must-listen for anyone looking to elevate their career in cybersecurity and threat intelligence.
Topics discussed:
Transitioning from technical roles to strategic leadership positions in the cybersecurity industry.
Common misconceptions in strategic advisement and how to avoid these pitfalls.
The importance of understanding the business context to improve strategic decision-making in cybersecurity.
Actionable advice for aspiring leaders in threat intelligence and cybersecurity.
How to bridge the gap between technical language and business objectives effectively.
Practical tips on assessing risks, impacts, and having a clear strategy for cybersecurity initiatives.
Key Takeaways:
Understand the broader business context to make more informed strategic decisions in cybersecurity.
Listen to and comprehend the challenges faced by different stakeholders to improve strategic advisement.
Develop a clear, actionable strategy for cybersecurity initiatives, focusing on both technical and business aspects.
Be skeptical of the information you read to stay critical and informed about industry trends and developments.
Engage in continuous learning by consuming content from diverse sources to broaden your cybersecurity knowledge.
Assess risks and impacts critically to prioritize cybersecurity efforts effectively.
Bridge the gap between technical language and business objectives to enhance communication and decision-making.
Prepare for potential failures by understanding how systems can fail and creating contingencies.
Network with industry professionals to gain different perspectives and insights into cybersecurity challenges.
Seek to understand the experiences and needs of your team and stakeholders to create more effective security strategies.
If you’re interested in Team Cymru’s latest research, download our “Voice of a Threat Hunter 2024” report here: https://www.team-cymru.com/voth2.0
Friday Aug 30, 2024
Friday Aug 30, 2024
In our latest special episode of the Future of Threat Intelligence podcast, David chats with cybersecurity expert Jeff Man at the Black Hat conference. Jeff is the Sr. Information Security Consultant at Online Business Systems, and he shares his extensive insights on the evolving landscape of cybersecurity and the importance of fundamental security practices to protect sensitive data.
Jeff emphasizes the role of security evangelists in educating organizations and fostering a culture of security awareness. He also explores the implications of AI in cybersecurity, addressing both its potential benefits and challenges.
Topics discussed:
The importance of understanding fundamental security practices to effectively protect sensitive data in organizations.
How the cybersecurity landscape is filled with numerous solutions, but clarity on essential objectives is crucial for effective security.
How security evangelists play a key role in educating clients about their specific security needs and corporate culture challenges.
How AI is a significant buzzword in cybersecurity, but its potential benefits and risks require careful consideration and understanding.
Why organizations often mistakenly believe that implementing the right technology alone is sufficient for comprehensive security measures.
The necessity of fostering a culture of security awareness among employees to enhance overall protection.
How mentorship and exposure to various cybersecurity roles are vital for individuals looking to enter or transition within the industry.
Key Takeaways:
Educate your team on fundamental security practices to enhance their understanding of protecting sensitive data effectively.
Assess your organization’s current cybersecurity solutions to identify gaps and ensure alignment with essential security objectives.
Engage with a security evangelist to gain tailored insights and strategies that fit your corporate culture and specific challenges.
Explore the implications of AI in your cybersecurity strategy, weighing both its potential benefits and associated risks.
Implement a culture of security awareness by providing ongoing training and resources to all employees within your organization.
Document security processes and standards to ensure repeatability and compliance with industry regulations like PCI.
Experiment with different cybersecurity roles and responsibilities to find areas where team members can excel and contribute effectively.
If you’re interested in Team Cymru’s latest research, download our “Voice of a Threat Hunter 2024” report here: https://www.team-cymru.com/voth2.0
Thursday Aug 29, 2024
Thursday Aug 29, 2024
In our latest special episode of the Future of Threat Intelligence podcast, Wade Wells, Cybersecurity Threat Detection Engineer & Expert at a Fortune 50 company, shares his insights from the Black Hat conference. He highlights the promising advancements in blue team technologies, particularly in AI applications and deception strategies.
Wade also discusses the importance of community networking for aspiring cybersecurity professionals and reflects on the lessons learned from recent security incidents, including the implications of relying on specific security vendors.
Topics discussed:
The transformative potential of AI technologies in enhancing threat detection and operational efficiency for blue team cybersecurity efforts.
The importance of effective email security solutions and their role in protecting organizations from phishing and other email-based threats.
Observations on SentinelOne’s Purple AI, which demonstrates the potential of AI in threat hunting and incident response scenarios.
The importance of networking within local cybersecurity communities, which can provide valuable resources and job opportunities for newcomers.
How the CrowdStrike incident highlighted vulnerabilities in widely used security solutions and the need for diverse strategies.
Insights on the critical role of kernel security mechanisms in protecting systems and the challenges associated with managing kernel-level vulnerabilities.
Advice for aspiring professionals to leverage existing resources and community knowledge instead of reinventing the wheel in detection engineering.
The evolving responsibilities of blue teamers in cybersecurity, including focusing on proactive measures and collaboration with red teams for improved security.
Key Takeaways:
Investigate and evaluate AI-driven cybersecurity tools to enhance your blue team’s threat detection capabilities and improve incident response times.
Prioritize the deployment of robust email security tools to protect against phishing attacks and safeguard sensitive organizational information.
Stay informed about emerging Endpoint Detection and Response (EDR) solutions to find innovative products that can strengthen your security posture.
Integrate deception technologies into your security framework to mislead attackers and gather intelligence on their tactics and techniques.
Actively participate in local cybersecurity communities to build connections, share knowledge, and discover job opportunities in the field.
Analyze recent security incidents to identify vulnerabilities and adapt your security strategies accordingly.
Focus on hardening kernel security mechanisms to mitigate risks associated with kernel-level vulnerabilities and improve overall system security.
Foster collaboration between blue and red teams to improve threat detection and response strategies through shared insights and experiences.
If you’re interested in Team Cymru’s latest research, download our “Voice of a Threat Hunter 2024” report here: https://www.team-cymru.com/voth2.0
Thursday Aug 29, 2024
Thursday Aug 29, 2024
In our latest episode of the Future of Threat Intelligence podcast, Krista Case, Research Director of Cybersecurity at The Futurum Group. Krista shares insights from recent research revealing that 50% of organizations plan to adopt new cybersecurity vendors in 2024, highlighting the evolving threat landscape and the expanding attack surface that organizations face today.
Krista also emphasizes the importance of resilience and strategic thinking for CISOs, providing valuable guidance on how to effectively address key vulnerabilities and stay ahead of cyber adversaries.
Topics discussed:
The critical need for innovation in cybersecurity to address evolving threat vectors and expanding attack surfaces.
How cybersecurity is now a board-level concern, driven by increasing cyberattacks making headlines and raising organizational awareness.
Why advanced threat hunting capabilities are essential for organizations to keep pace with malicious attackers and enhance security posture.
The importance of resiliency and focusing on recovery and minimizing data loss from cyberattacks and other outages.
The value of independent research and peer connections for CISOs seeking third-party advice on cybersecurity solutions.
Key Takeaways:
Evaluate your current cybersecurity tool chain to identify gaps and opportunities for innovation in response to evolving threat vectors.
Engage with board members to elevate cybersecurity as a critical organizational concern, ensuring alignment with business objectives.
Implement advanced threat hunting capabilities to proactively identify and mitigate potential security risks before they escalate.
Prioritize resiliency strategies that focus on recovery processes and minimizing data loss following cyberattacks or system outages.
Connect with independent research firms to gain insights into the latest cybersecurity trends and effective solutions for your organization.
Participate in peer advisory groups or forums to share experiences and strategies with other CISOs facing similar cybersecurity challenges.
Adopt a strategic approach to cybersecurity by identifying key vulnerabilities that align with your organization’s overall business goals.
Monitor industry developments and emerging technologies to stay informed about innovative solutions that can enhance your security posture.
If you’re interested in Team Cymru’s latest research, download our “Voice of a Threat Hunter 2024” report here: https://www.team-cymru.com/voth2.0
Tuesday Aug 27, 2024
Tuesday Aug 27, 2024
In our latest special episode of the Future of Threat Intelligence podcast, Brett Stone-Gross, Senior Director of Threat Intelligence at Zscaler, joins us at the Black Hat conference. He shares their uncovering of the largest ransomware payment in history — $75 million — made by a Fortune 50 company to the Dark Angels group.
Brett explains the group's unique approach, which involves stealing vast amounts of data without encrypting files, and their preference for low-volume, high-impact attacks to evade media scrutiny. He also highlights essential cybersecurity measures, such as implementing two-factor authentication and adopting a zero-trust architecture to protect against such threats.
Topics discussed:
How the Dark Angels group executed the largest ransomware payment in history, totaling $75 million.
How, unlike typical ransomware attacks, the group stole data without encrypting files, exfiltrating approximately 100 terabytes of sensitive information.
How their operational model is low-volume, focusing on individual companies to avoid media attention and maintain a low profile.
The importance of basic IT hygiene practices, such as two-factor authentication, which are crucial for preventing significant data breaches and ransomware attacks.
How implementing a zero-trust architecture can help organizations limit lateral movement and enhance overall cybersecurity defenses against threats.
Key Takeaways:
Implement two-factor authentication to enhance security and reduce the risk of unauthorized access to sensitive corporate data.
Monitor network traffic for anomalous behavior, especially large data transfers, to quickly identify potential data exfiltration attempts.
Adopt a zero-trust architecture to limit lateral movement within your network and ensure users only access necessary resources.
Limit user privileges, ensuring that users have only the access necessary for their roles.
Stay informed about emerging ransomware trends and tactics to proactively adjust your cybersecurity strategies and defenses.
If you’re interested in Team Cymru’s latest research, download our “Voice of a Threat Hunter 2024” report here: https://www.team-cymru.com/voth2.0
Tuesday Aug 27, 2024
Tuesday Aug 27, 2024
In our latest special episode of the Future of Threat Intelligence podcast, recorded at the Black Hat conference, we caught up with Jeffrey Wheatman, SVP, Cyber Risk Strategist at Black Kite. Jeffrey highlights the importance of aligning cybersecurity strategies with business objectives and understanding risk appetite.
He emphasizes the need for scenario planning to help decision-makers visualize potential risks and their impacts. Jeffrey also discusses the evolving landscape of cyber risk quantification, highlighting how improved communication of technology value can facilitate better business decisions.
Topics discussed:
Understanding risk appetite is crucial for organizations to align cybersecurity strategies with overall business objectives and decision-making processes.
Scenario planning enables decision-makers to visualize potential risks, fostering informed discussions about risk management and mitigation strategies.
Cyber risk quantification is evolving, allowing organizations to better assess and communicate the impact of cybersecurity measures on business performance.
Engaging with business leaders helps cybersecurity professionals understand what keeps them awake at night and prioritize risk management efforts.
Regular assessments of vendor cybersecurity postures can help organizations manage risk more effectively and ensure compliance with their risk appetite.
Building causal linkages between cybersecurity actions and business outcomes enhances the understanding of risk impact on organizational goals.
Cybersecurity is fundamentally a business problem, requiring collaboration between technical teams and business leaders to limit risk exposure.
Key Takeaways:
Define your organization's risk appetite to align cybersecurity strategies with business goals and facilitate informed decision-making.
Implement scenario planning exercises to visualize potential risks and their impacts on business processes and objectives.
Utilize cyber risk quantification tools to measure and communicate the business impact of cybersecurity investments and decisions.
Establish a framework for causal linkages between cybersecurity actions and business outcomes to enhance risk management discussions.
Facilitate tabletop exercises with decision-makers to simulate risk scenarios and improve organizational preparedness for potential cyber incidents.
Gather data from vulnerability scans and security reports to support risk appetite discussions and inform risk management strategies.
Promote a culture of collaboration between technical teams and business leaders to ensure cybersecurity is viewed as a business priority.
If you’re interested in Team Cymru’s latest research, download our “Voice of a Threat Hunter 2024” report here: https://www.team-cymru.com/voth2.0
Tuesday Aug 27, 2024
Tuesday Aug 27, 2024
In our latest special episode of the Future of Threat Intelligence podcast, David catches Christopher Steffen, VP of Research, Information Security at Enterprise Management Associates, at the Black Hat conference. They discuss the current landscape of cybersecurity, emphasizing the need for CISOs to focus on foundational technologies rather than getting caught up in the hype of AI.
Chris highlights the value of open-source solutions in addressing real-world challenges like API and data security, noting their responsiveness compared to traditional vendors. He also provides practical advice for evaluating new technologies, encouraging listeners to consider innovative smaller companies that are driving change in the industry.
Topics discussed:
The importance of foundational technologies over the hype surrounding AI in cybersecurity solutions.
How open-source solutions are becoming viable for enterprise-class problems, offering responsiveness and cost-effectiveness compared to traditional vendors.
How the cybersecurity landscape is evolving, with a focus on addressing real-world challenges like API security and data protection.
How CISOs should prioritize technologies that solve immediate problems rather than relying on aspirational features from vendors.
The value of evaluating new products through documented use cases to ensure they meet organizational needs effectively.
How smaller, innovative companies are driving significant advancements in cybersecurity, offering unique solutions that larger vendors may overlook.
Key Takeaways:
Evaluate new cybersecurity technologies based on documented use cases to ensure they address your organization's specific needs effectively.
Prioritize foundational technologies over the latest AI trends to tackle immediate cybersecurity challenges in your organization.
Leverage open source solutions to enhance API security and data protection, taking advantage of their responsiveness and low cost.
Engage with smaller, innovative companies that are driving advancements in cybersecurity, as they often provide unique and effective solutions.
Focus on automation within your SOC to streamline alert management and reduce the burden on your team.
Monitor compliance requirements regularly to ensure your cybersecurity strategies align with evolving regulations and standards.
Collaborate with your team to identify core technological problems that need immediate attention, rather than getting distracted by aspirational features.
If you’re interested in Team Cymru’s latest research, download our “Voice of a Threat Hunter 2024” report here: https://www.team-cymru.com/voth2.0
Thursday Aug 22, 2024
Thursday Aug 22, 2024
In our latest episode of the Future of Threat Intelligence podcast, we speak with Drew Simonis, Chief Information Security Officer at Juniper Networks. Drew shares his insights into the evolving landscape of cybersecurity, emphasizing the crucial role of empathy and humility in effective leadership.
He also explores the transformative potential of AI in cybersecurity and offers practical advice on aligning security efforts with business objectives. Drew provides actionable insights, making our chat a must-listen for anyone involved in risk management, cybersecurity strategy, or leadership roles.
Topics discussed:
The importance of empathy and humility as foundational traits for effective cybersecurity leadership.
The evolving landscape of cybersecurity and how it has changed over the past 20 years.
The role of AI and automation in transforming cybersecurity practices and enhancing risk management.
Practical advice on aligning cybersecurity efforts with overarching business objectives to create impactful strategies.
The significance of conducting thorough team assessments to identify skill gaps and improve overall performance.
Insights into building a balanced cybersecurity team that includes both deep technical experts and broad, cross-functional connectors.
Drew's actionable advice for aspiring leaders on becoming experts in their business and understanding their colleagues' perspectives.
Key Takeaways:
Model empathy and humility in your leadership approach to build trust and collaboration within your cybersecurity team.
Stay updated on the latest advancements in AI and automation to enhance your cybersecurity practices and risk management strategies.
Align your security efforts with the overall business objectives to ensure that your initiatives have a meaningful impact.
Conduct regular team assessments to identify skill gaps and areas for improvement, fostering a culture of continuous development.
Engage with other departments to understand their perspectives and how cybersecurity can support their goals more effectively.
Standardize on a common vocabulary within your team to improve communication and ensure everyone is on the same page.
Participate in business meetings and listen to leadership presentations to better understand the strategic direction of your organization.
Encourage your team to step out of their comfort zones and take on new challenges to foster professional growth.
Implement practical risk management practices by saying "how" instead of just "yes" or “no” to ensure responsible and sustainable security measures.
Monitor your cybersecurity roadmap and ensure that your team is executing priorities that support the organization's goals.
Thursday Aug 08, 2024
Thursday Aug 08, 2024
In our latest episode of the Future of Threat Intelligence podcast, Andrew Gontarczyk, CISO at Pure Storage, dives into the world of cybersecurity leadership. Andrew shares his invaluable insights on the importance of blending technical expertise with a strong understanding of business priorities.
He recounts his professional journey, highlighting key lessons he’s learned along the way. Andrew offers unique value by addressing common industry pitfalls, the significance of effective communication, and strategies for building and leading successful cybersecurity teams. This episode is a treasure trove of practical advice for both aspiring and established cybersecurity professionals.
Topics discussed:
The importance of being highly technical while understanding broader business contexts for effective cybersecurity leadership.
Strategies for assembling and managing successful cybersecurity teams, emphasizing competence, communication, and problem-solving.
Common mistakes in cybersecurity and how to avoid them, focusing on understanding business priorities and effective communication.
Leveraging industry standards to accelerate progress and build credibility within cybersecurity initiatives.
Techniques for distilling complex technical information into concise, meaningful reports for executive and board-level audiences.
The necessity of collaboration and communication across departments to meet customer expectations and achieve security goals.
Key Takeaways:
Understand the balance between technical expertise and business context to make informed decisions in cybersecurity leadership.
Leverage industry standards to accelerate cybersecurity initiatives and build credibility within your organization.
Communicate effectively with executive leadership by distilling complex technical details into concise, meaningful reports.
Build strong cybersecurity teams by prioritizing competence, communication, and problem-solving skills.
Avoid common industry pitfalls by understanding broader business priorities and maintaining effective communication across departments.
Engage stakeholders by encouraging them to bring security ideas and strategies to the table, fostering a proactive security culture.
Reflect on your cybersecurity strategies by considering the broader business context and avoiding creating "shelfware" strategies.
Collaborate with other departments to meet customer expectations and achieve comprehensive security goals.
Emphasize the importance of understanding business priorities to help prioritize and negotiate cybersecurity tasks effectively.
Stay updated with industry trends and developments to keep your cybersecurity practices relevant and effective.
Headed to Black Hat? Visit us at booth #4428 for a free demo. Until then, try Pure Signal Scout Insight™ free for 30 days by signing up here.
Thursday Aug 01, 2024
Thursday Aug 01, 2024
In our latest episode of the Future of Threat Intelligence podcast, Joe Mariscal, Director of Cybersecurity and Compliance at Ryerson, shares his expertise in building hybrid cybersecurity teams and managing metals-industry-specific cyber risks. Joe shares invaluable insights from his extensive career, offering a unique look at the challenges and strategies within the metals industry.
He discusses the importance of specialized outside services, common oversights in cybersecurity practices, and the critical need for strong partnerships and team collaboration. Joe provides listeners with actionable advice and a fresh perspective on effective risk management and team building in the ever-evolving field of cybersecurity.
Topics discussed:
Challenges and unique cyber risks in the metals industry and Ryerson's response strategies.
Building hybrid cybersecurity teams utilizing specialized outside services and in-house skills.
Common cybersecurity mistakes and oversights observed in the industry.
Effective risk management strategies and maintaining strong partnerships within the organization.
The future of cybersecurity at Ryerson and general industry trends, including the integration of new technologies.
Key Takeaways:
Evaluate skill gaps in your team to determine whether to utilize in-house resources or specialized outside services for cybersecurity needs.
Build strong partnerships with other business units to ensure a cohesive approach to cybersecurity and compliance.
Stay informed about unique cyber risks specific to your industry to tailor your defensive strategies effectively.
Conduct after-action reports regularly to learn from incidents and improve your cybersecurity posture.
Focus on continuous learning and training to keep your team's skills up-to-date in the ever-evolving field of cybersecurity.
Engage in open conversations with business leaders you might not frequently interact with to build stronger organizational relationships.
Avoid being a blame-avoidance leader; instead, focus on understanding what went wrong and how to improve.
Implement zero trust or constant validation methodologies to strengthen your cybersecurity controls.
Seek management and company support that aligns with your professional goals and provides ample training opportunities.
Stay vigilant about the tools and technologies you use, ensuring they are up-to-date and fully utilized for maximum security.
Your Title
This is the description area. You can write an introduction or add anything you want to tell your audience. This can help potential listeners better understand and become interested in your podcast. Think about what will motivate them to hit the play button. What is your podcast about? What makes it unique? This is your chance to introduce your podcast and grab their attention.