No Password Required

Summary

The conversation discusses the extradition case of Julian Assange and the role of the US prison system in the decision. It also explores Tanya Janca's role at Semgrep and her passion for affordable cybersecurity education. Additionally, it touches on Tanya's experience in election security and the importance of transparency in the process. Tanya discusses her volunteer work with the Canadian government, where she helps educate students about cybersecurity. She talks about the importance of teaching young people about privacy, protecting digital devices, and understanding cyber threats. Tanya also mentions her involvement in the Cyber Titan competition and her efforts to promote cybersecurity as a career. She shares her experience writing the book 'Alice and Bob Learn Application Security' and her unique approach to making technical concepts accessible through stories and different learning styles. Tanya also talks about the importance of mentoring and how she has benefited from mentors throughout her career.

Keywords

Julian Assange, extradition, US prison system, cybersecurity education, Semgrep, election security, transparency, volunteer work, Canadian government, cybersecurity education, privacy, digital devices, cyber threats, Cyber Titan, promoting cybersecurity, career, Alice and Bob Learn Application Security, technical concepts, stories, learning styles, mentoring

Takeaways

• The extradition case of Julian Assange highlights the differences in prison systems between the US and other Western democracies.
• Tanya Janca's role at Semgrep involves community management and education in the field of cybersecurity.
• Affordable cybersecurity education is crucial for organizations to effectively use security tools and integrate them into their programs.
• Election security requires centralization, knowledge sharing, and transparency to ensure public trust in the process. Volunteer work with the Canadian government focuses on educating students about cybersecurity, including topics like privacy and protecting digital devices.
• Promoting cybersecurity as a career is important, and initiatives like the Cyber Titan competition help engage high school students in learning about cybersecurity.
• Tanya's book 'Alice and Bob Learn Application Security' uses stories and different learning styles to make technical concepts accessible.
• Mentoring is valuable for personal and professional growth, and Tanya has both benefited from mentors and become a mentor herself.

Titles

• The Importance of Transparency in Election Security
• Cybersecurity as a Career: The Cyber Titan Competition
• The Value of Mentoring: Tanya's Experience as a Mentor and Mentee

Sound Bites

• "I am head of community and education, which is a role they made up just for me."
• "They decided, I think in 2017, we need to make a task force to make sure they know cyber."
• "Defenders need to understand attacks or they can't be good at defending, right? Like we're teaching them ethics as we teach them how to hack."
• "Alice and Bob are going to learn secure coding this time."

Chapters

00:00 The Extradition Case of Julian Assange

08:18 Affordable Cybersecurity Education at Semgrep

30:40 Tanya's Volunteer Work with the Canadian Government

31:35 Promoting Cybersecurity as a Career

34:02 Making Technical Concepts Accessible: 'Alice and Bob Learn Application Security'

39:45 The Value of Mentoring

Summary

Roman Sanikov, is the president of Constellation Cyber and specializes in cyber threat intelligence. In this episode, Roman discusses the importance of collaboration and transparency in the cybersecurity industry, particularly in combating ransomware attacks. He also emphasizes the need for a holistic approach to cybersecurity, involving education and empowerment for both employees and consumers. In this episode, Roman Reinhart shares his experiences as an undercover agent in the cybercrime world. He discusses maintaining a persona, dealing with forum behavior, and memorable arrests. He also emphasizes the importance of redemption and second chances. Roman also talks about his involvement with Helpster USA, an organization dedicated to providing life-saving treatment to young people in developing economies. He shares his hobbies of mushrooming and highlights the satisfying moments at work. Finally, he reflects on the cultural differences he experienced after moving overseas.

Takeaways

• Pig butchering schemes are a significant cause of financial losses globally, and it is important to approach the topic with compassion and nuance.
• Many scammers involved in these schemes are forced into this life against their will, either through human trafficking or being lured into it with false promises.
• Collaboration and transparency are crucial in the cybersecurity industry to effectively combat ransomware attacks and mitigate their secondary and tertiary impacts.
• A holistic approach to cybersecurity, involving education and empowerment for employees and consumers, is necessary to create a more secure environment. Maintaining a persona in the cybercrime world requires careful observation and adaptation.
• Memorable arrests can lead to redemption and second chances for individuals involved in cybercrime.
• Helpster USA provides life-saving treatment to young people in developing economies.
• Mushrooming is a rewarding hobby that allows for outdoor exploration and collection.
• Satisfying moments at work include helping clients have eureka moments and making positive changes.
• Cultural differences, such as politeness, can take time to understand and adapt to.

Chapters

00:00 Introduction to Pig Butchering Schemes (opening conversation)

02:18 Online Scams and Exploitation

03:41 Forced Labor and Human Trafficking

04:41 Approaching Scams with Compassion

05:39 Guest Introduction: Roman Sanikov

07:01 Roman's Role at Constellation Cyber

08:22 Promoting Transparency in Ransomware Incidents

10:17 Mitigating Secondary and Tertiary Impacts of Ransomware Attacks

11:14 The Ripple Effect of Ransomware Attacks

13:10 The Importance of Collaboration in Cybersecurity

14:58 Roman's Career Path and Background

19:34 Educating and Empowering Employees and Consumers

21:28 Avoiding Victim-Blaming in Cybersecurity

24:16 The Need for Collaboration and Transparency in the Industry

25:10 Balancing Non-Traditional Pursuits with College

26:37 Undercover Work and Building Relationships

33:07 Maintaining a Persona

36:25 Dealing with Forum Behavior

38:18 Memorable Arrests

41:25 Redemption and Second Chances

45:13 Helpster USA

48:16 Eccentricities of NHL Players

50:56 Life's Unexpected Moments

56:19 The Joy of Mushrooming

58:43 Satisfying Moments at Work

01:01:04 Learning Politeness in America

Summary

Kenya's efforts to enhance its cybersecurity and technological progress through partnerships with the US and major tech companies. The focus is on responsible state behavior in cyberspace and addressing mobile app security. The role of public-private partnerships in promoting a robust digital economy and infrastructure. The conversation then transitions to an interview with Maretta Morovitz, a cybersecurity expert at MITRE, discussing her career path, the importance of mentorship, and the impact of ADHD on her work. The discussion also covers MITRE Engage, which focuses on cyber denial, deception, and adversary engagement, and highlights the use of simple yet effective techniques like decoy credentials. In this conversation, Maretta Morovitz discusses the importance of thinking creatively and outside the box when it comes to cybersecurity solutions, especially for organizations with limited budgets. She emphasizes the need for simplicity and proactive measures in cybersecurity. Maretta also highlights the value of interdisciplinary collaboration in the field, involving professionals from various backgrounds such as human behavioral scientists and graphic designers. She shares a successful collaboration between MITRE and HSBC in the field of deception operations. Maretta also talks about her passion for dance and her unique talent of reciting the alphabet backwards.

Keywords

Kenya, cybersecurity, technological progress, partnerships, responsible state behavior, mobile app security, public-private partnerships, digital economy, infrastructure, interview, Maretta Morovitz, career path, mentorship, ADHD, MITRE Engage, cyber denial, deception, adversary engagement, decoy credentials, cybersecurity, low budget solutions, simplicity, proactive measures, interdisciplinary collaboration, deception operations, dance, talent

Takeaways

• Kenya is forging partnerships with the US and major tech companies to enhance its cybersecurity and technological progress.
• The focus is on responsible state behavior in cyberspace and addressing mobile app security.
• Public-private partnerships play a crucial role in promoting a robust digital economy and infrastructure.
• Mentorship is important in career development, and having mentors who provide opportunities and support can be instrumental in success.
• ADHD can present challenges but also bring unique strengths to the workplace.
• MITRE Engage focuses on cyber denial, deception, and adversary engagement, using simple yet effective techniques like decoy credentials. Thinking creatively and outside the box is crucial in cybersecurity, especially for organizations with limited budgets.
• Simplicity and proactive measures are key in cybersecurity to effectively address threats.
• Interdisciplinary collaboration involving professionals from various backgrounds can bring new perspectives and solutions to the field.
• Deception operations can be a valuable tool in cybersecurity, and successful collaborations in this area have been seen between organizations like MITRE and HSBC.
• Passions and talents outside of cybersecurity, such as dance, can bring unique perspectives and skills to the field.

Sound Bites

• "Sometimes the real solution is something very low tech or just kind of outside the box, low budget."
• "Being proactive has to be simple."
• "We definitely need more of that interdisciplinary approach."

Chapters

00:00 Kenya's Cybersecurity Partnerships

03:24 Addressing Mobile App Security

07:13 Interview with Maretta Morovitz

11:35 Cyber Deception and Adversary Engagement

29:12 The Importance of Simplicity and Proactive Measures

30:07 Interdisciplinary Collaboration in Cybersecurity

31:06 Successful Collaboration in Deception Operations

34:44 Bringing Unique Perspectives and Skills to Cybersecurity

Follow Maretta Morovitz on LinkedIn: Maretta Morovitz

Follow MITRE on Twitter: @MITREcorp

Learn more about MITRE Engage:...

Summary

In this episode, Jack Clabby and Kayley Melton discuss the upcoming Sunshine Cyber Conference and their collaboration with Winn Schwartau. They also talk about the importance of diverse cybersecurity talent and their plans for a joint session at the conference. The hosts then interview Lisa Plaggemier, the executive director at the National Cybersecurity Alliance, who shares her career journey and the role of creativity and curiosity in cybersecurity. They also discuss the impact of COVID-19 on the cybersecurity industry and the importance of humor and satire in cybersecurity training. The episode concludes with a lifestyle polygraph segment. In this episode, the conversation covers various topics related to comedy, storytelling, and implementing change in organizations. The power of the internet is discussed, highlighting the potential consequences of online content. The guest shares her favorite comedy movies, emphasizing the comedic element in her expertise. The use of humor in training and awareness programs is explored, along with the challenges of implementing change in organizations. Dealing with roadblocks in security and the passion for security awareness are also discussed. The episode concludes with information on how to get in touch with the guest and a recap of what was learned.

Takeaways

• The Sunshine Cyber Conference features keynote speakers from the No Password Required podcast, including Winn Schwartau.
• The hosts will be doing their first on-site remote recording at the Sunshine Cyber Conference, featuring keynote speaker Tamiko Fletcher.
• The National Cybersecurity Alliance focuses on training and awareness, using creativity and humor to engage and educate people.
• Comedy movies, such as Monty Python and the Holy Grail, can be a source of expertise and inspiration.
• Humor can be effectively used in training and awareness programs to engage and educate participants.
• Implementing change in organizations can be challenging, but finding allies and overcoming roadblocks is essential.

Chapters

00:00 Introduction

01:28 Fishing for Potential, the RTFM Guide to Diverse Cybersecurity Talent

02:25 Live On-Site Remote Recording and Keynote Speakers

03:51 Sunshine Cyber Conference and Registration

04:46 Interview with Lisa Plaggemier

05:15 Background and Role at the National Cybersecurity Alliance

05:53 Transition to Security and Marketing Collaboration

06:22 Incident Response and Training and Awareness

07:20 Leadership and Skills in Cybersecurity

08:18 Kubikle Series and Creativity in Security

09:17 Curiosity and Creativity in Cybersecurity

10:48 Naming and Shaming in Pen Tests and Phishing Testing

11:41 DDoS Attack and Incident Response

12:38 Neurodiversity and Cybersecurity

13:21 Leading a Team During COVID-19

14:21 Creating Engaging Training Content

15:19 Global Data and Data Privacy Laws

16:18 Humor and Satire in Cybersecurity Training

18:47 Kubikle Series and Satire in Cybersecurity

20:41 Creating Kubikle Series and Future Plans

23:03Trust in Password Managers

24:22 The Importance of Curiosity in Cybersecurity

25:52 The Oh Behave Report and Behavioral Science

26:50 Communicating Security Information Effectively

28:44 Naming and Shaming in Phishing Testing

29:39 Accepting Risk and Escalation Plans

30:38 The Role of Security Teams and HR

32:35 Building Trust in Password Managers

33:32 Global Data and Cybersecurity Awareness

36:51 The Importance of Curiosity in Cybersecurity Hiring

40:03 The Underground Student-Led Newspaper

41:12 The Significance of Curiosity and Creativity in Career

50:44 The Power of the Internet

51:14 Favorite Comedy Movies

52:12 Using Humor in Training and Awareness

53:38 Implementing Change in Organizations

54:55 Dealing with Roadblocks in Security

55:45 Passion for Security Awareness

56:06 How to Get in Touch

56:37 What Was Learned

57:11 Closing Remarks

Summary

This conversation explores the U.S. Army's investment in cybersecurity compliance for small businesses, the importance of mentorship in the defense industry, and the unique career path of Sabrina McIntyre at KPMG. Sabrina discusses her transition from art to cybersecurity, the challenges of navigating compliance standards, and her advocacy for women in the field. The episode also touches on the intersection of art and cybersecurity, the vision for a cybersecurity museum, and fun personal insights from Zabrina's life.

Takeaways

• The U.S. Army is investing in small business cybersecurity compliance.
• Certification programs can help defense contractors meet compliance.
• Creating a secure environment for small businesses is essential.
• Mentorship programs are crucial for small business growth.
• Zabrina's career path showcases the value of diverse experiences.
• Understanding compliance standards like PCI DSS is challenging but necessary.
• Being open to new opportunities can lead to fulfilling career paths.
• Women in Cybersecurity is making strides in community building.
• Creativity is important in the cybersecurity field.
• Cybersecurity education should be accessible to all.

titles

• Investing in Cybersecurity for Small Businesses
• Navigating Compliance in the Cybersecurity Landscape
• Zabrina McIntyre: A Unique Career Journey
• Empowering Women in Cybersecurity

Sound Bites

• "Certification program for defense contractors"
• "Largest federal government mentor-protege program"
• "Cybersecurity maturity model is crucial"
• "Be your own best advocate in your career"
• "If you can see it, you can be it"
• "We need more creative people in cybersecurity"
• "Cybersecurity should be accessible to everyone"
• "Umbrellas don't work in Seattle"

Chapters

00:00 Introduction to the Next Generation Commercial Operations Program

02:51 The Importance of Cybersecurity Compliance for Small Businesses

05:45 Zabrina McIntyre's Role at KPMG

08:54 Zabrina's Unique Career Path

11:51 Navigating Cybersecurity Standards

14:48 Advice for Aspiring Cybersecurity Professionals

17:58 Women in Cybersecurity: Building Community

20:59 The Intersection of Art and Cybersecurity

24:04 Zabrina's Vision for a Cybersecurity Museum

27:02 Lifestyle Polygraph: Fun Questions with Zabrina

30:09 Key Takeaways and Closing Thoughts