Info

Bill Murphy's RedZone Podcast | World Class IT Security

World Class IT Security – Strategic and Tactical Thought Leadership, Advanced Topics for Top IT Leaders: Innovation, Ideas, Creativity, Neuroscience of Optimal Performance – Fearlessness Living Principles.
RSS Feed Subscribe in iTunes
Bill Murphy's RedZone Podcast | World Class IT Security
2017
July
June
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


Categories

All Episodes
Archives
Categories
Now displaying: 2015
Dec 18, 2015

Today I had an interesting conversation with Ken Westin. Ken is commonly referred to as ‘The Good Hacker’ and has spent the past 15 years working with law enforcement and research teams to analyze current and emerging threats to determine how our everyday products and gadgets can mitigate these threats.

He is regularly reached out to as a subject matter expert in the area of security, privacy and surveillance technologies.

In our industry people do a lot of talking about how they want to stop cyber security threat, developing technologies they hope will stop threats, but rarely do you actually come in contact with people actually demonstrating a track record of success thwarting, mitigating and bringing people to justice.

This episode is sponsored by the CIO Scoreboard

What you will learn from this interview:

  1. The secret lives of applications that live on our phones. What information are these apps gathering that we’re not aware of and where exactly is that information going? How can this information be used against us and why are these data harvesting protocols not mentioned in the privacy policy or terms of conditions of many apps?
  2. Black Hat tools and where to find them to see what your adversary sees about YOU!
  3. Questions that Boards should ask about what information that they are tracking about customers
  4. The importance of education and security
  5. Efficacy and relevance of Cyber Liability Insurance
  6. The Cybersecurity elephant in the room: companies tracking and selling our private information
  7. Orchestrating threat intelligence by automating and tracking compliance workflows
  8. The importance of Data Security Analytics
  9. If you are not investing in a product or app then you are the product

How to get in touch with Ken:

Twitter

LinkedIn

About me Profile

RSA Profile

RSA Conference Session – Killing the Kill Chain

LinkedIn Published Articles

Ken Podcast I enjoyed at Tripwire site

BBC article – “I’m a professional cyberstalker”

Mobile Privacy articles

Defcon Talk: Confessions of a Professional Cyber Stalker

Resources Mentioned:

USBhacks

ID Experts – Radar product – Helps with hi profile breach cleanup cases

Kali Linux Distribution

Offensive Security

Tripwire– Automation of Security Compliance + Workflow

OpenDNS

Passive Reconnaissance

Maltego

Tripwire

STIX

TAXII

FS-ISAC

Soltra

Bill’s interview with Aharon Chernin, CTO of Soltra

 

Summarized Show Notes:

  • How Ken got started in the technology world and different technology he developed to aid in theft recovery
  • Empowering people with technology. Criminals take the fun out of technology, dealing with hackers in particular. Ransomware - impact on business. Consumers are now able to defend themselves in a hostile environment
  • Being knowledgeable about what is possible and raising people’s awareness makes a difference.
  • One of the biggest threats right now is marketing departments that develop spyware and gather information through apps, ad libraries. A lot of information is being harvested from our phones
  • If you’re not paying for the product, you are the product
  • Hackers are not the ones that collected the information from people. So how can we secure the information? We need to ask ourselves - what information do we need to collect in order to do business? Companies are collecting information with immunity. If you are collecting that information - you need to be responsible for what you do with it.
  • Mobile software for tracking stolen devices and camera recovery, there’s always a trace
  • Passive Reconnaissance – it’s amazing how much information you can gather through this without touching the network. Can scan network for vulnerabilities without touching it. Just through DNS records, could map Infrastructure, IP ranges, harvest information through LinkedIn. From there, he could identify the technologies he would run into when inside the network.
  • Hackers involved in the Target breach – they did their homework, they could identify who their business partners were and send phishing emails
  • How can one map the network without touching it, inside the firewall?
  1. Identify the IP ranges they are dealing with
  2. Through DNS records - identify 3rd party vendors - HR Services, subdomains for special one off projects, marketing projects, Salesforce etc.
  3. Trusted business partners and vendors
  • Maltego - tool for open source intelligence gathering and threat intelligence integrations
  • Recommendations for a security beginner trying to understanding an external view
  • Offensive security and penetration testing tools and training resources, videso and tools for open source intelligence gathering
  • Key points: awareness and security training in general
  • In security, we like to learn, that’s why we’re good at what we do and I think everyone in the business needs to take that on. Ignorance is no longer an excuse especially on the business side
  • We’re seeing a lot more boards care about security, investors and startups caring about security
  • Boards asking about cyber liability insurance
  • With cyber liability insurance, there isn’t a lot of data, a lot of it is guessing and with that, a lot of exclusions that get included from these policies and now with the breaches
  • With the recent breaches we’ve seen, between Target and Sony, they’re seeing that the cost of a data breach is higher than originally thought when you start to think about lawsuits and identify theft insurance. Insurance companies are starting to put a cap on how much they’re liable for.
  • Need to secure your infrastructure before you get your cyber liability insurance
  • Marrying real security rules - configuration of compliance and real security.
  • Data Analytics - Security Analytics is key. Being able to correlate the data is the challenge to identify the real threat to the environment.
    • Starting to see more correlation between vendors, more open source for threat intelligence
  • Vendors bringing in data scientists with the data they collect and making it easier on the clients to identify anomalies and the signal to noise ratio
  • How does Ken see the space maturing to a point which is meaningful to a small to medium business? Tools such as Open DNS, taking complexity away from the businesses. But business can leverage the big data and threat intelligence. Larger businesses will have to have their own teams. Make sure to identify what's happening in their own network.
  • STIX/TAXII integration – more and more vendors will start to use this and businesses need to ask their vendors if they are compliant with STIX and TAXII
  • A lot of industry clout with Soltra and FS-ISAC. Mitigate threats and share information. 46:36
  • The devil's in the data. Being able to make sense of the data. Harvest the data. There is data there telling you a story, just a matter of you finding it. Harvest the data.

This episode is sponsored by the CIO Scoreboard

All methods of how to access the show are below:

Leave a podcast review here

How do I leave a review?

Bill Murphy is a world renowned IT Security Expert dedicated to your success as an IT Business Leader. Follow Bill on LinkedIn and Twitter.

Dec 16, 2015

This episode is sponsored by the CIO Scoreboard

I have never been particularly impressed with people who achieve meteoric results in business if other areas of their lives are going in exactly the opposite direction or are stagnant. What good is it to satisfy shareholders if your kids see you rarely or they see you but you are not present with them? Or you achieve business goals but skip your thirties with exercise because you feel that you can’t afford to take the time.

Since my twenties, my bigger fascination has been to find models of success that incorporate all areas of life (business, family, relationships, health and spirituality) as a vision of success. My interest has been to find and learn from well-rounded people who have a mission and focus on positive impact in all major areas of life. They are far more interesting and usually get great business results as well.

Notably, one of the patterns of highly self-actualized people that I have observed is that they have some combination of experts, trainers, coaches, thought leaders, mastermind groups, etc around them to help them reach the highest levels of performance and to ‘be’ the best expressions of themselves multiple areas of life.

Some Fortune 500 companies invest in Executive Coaches for top level executives in order to make sure that their investments in critical leaders and the teams and assets they lead are optimized for performance. There is quite a lot riding on peak performance. The better a corporate leader performs, the better the company does. It is quite simple. Leaders need coaches just like athletes.

I asked myself - what do top Executive Coaches do with their clients to achieve great results? I wanted to know so I asked Gail.

Gail is super impressive. She has been working with top leaders of American businesses now for the better part of 25+ years in the areas of Executive Leadership Development, Lifestyle Management, Wellness, Succession Planning, and Strategic Business Planning. She is one of the best at optimizing business executives in all areas of life.

Her level of professionalism and insight is off the chart. I stumbled into her while reading her gem of a book All Together Now: Vision, Leadership, and Wellness and as a result reached out to her since I couldn’t stop taking notes as I read it. She approaches business and personal performance as one and the same and believes they are intricately linked.

I am on a mission to get you to operate at the highest levels you can in all areas of life. In this episode we discuss:

  1. The force multiplying power of integrating vision, leadership and wellness at a corporate and personal level.
  2. The importance of high degrees of executive self-awareness so you can be observant of how your behavior impacts others.
  3. The impact of clarity and vision within an executive’s company and family.
  4. We explore asking yourself the question “Why” and how, when you ask yourself why?, It develops clarity around a vision.
  5. Why the Biggest hurdle for IT Leaders is Emotional Intelligence EQ.
  6. Why being proactive with our own health is imperative and what to ask yourself in order to prepare for a doctor visit.
  7. The importance of meditation, mindfulness and forgiveness and how learning these skills can help access reserves of resilience.

Gail Voisin is the CEO of her coaching and consulting practice in Toronto, Canada, She is an international Executive Coach and trusted advisor to corporate executives in North America and globally. She is an author of her Book - The All Together Now Advantage™, which is a proven success. With her unique background and combination of skills, she integrates and links Vision, Leadership and Wellness to strategic plans and organizational objectives to measure Return On Investment (ROI).

How to get in touch with Gail:

Website

LinkedIn

All Together Now: Vision, Leadership, and Wellness

Resources Mentioned:

Summarized Show Notes:

  • The genesis of Gail bringing health and wellness into corporate strategies and key breakthroughs. When working for a Fortune 1000 - go across to hire different staff. Staff were working long hours and had no place to exercise and at the same time women in the test kitchen were taste testing and gaining weight giving way to Gail being a pioneer, or suffragette and convinced president to allow them to study fitness. At the time many executives were skeptical and said “what does fitness have to do with productivity”. Healthier employees - improvement in productivity and processes. Wellness and health are critical aspects of success.
  • Gail has worked with executives in top companies in North America. What is a business executive coach? A coach coaches in areas in vision, leadership and wellness and integrate these into their business plans. To maximize performance whilst achieving a balance of wellness in their lives. Why so successful? She’s developed an integrated solution with a compelling brand. Value added coach that works. About the profound power of integrating vision, leadership and wellness. The integration piece is powerful.
  • New global world has many challenges for CEO. Requires a unique set of skills. They are accomplishing more but expending less energy. To be highly successful - high level of self-awareness, and understand how their behavior impacts others.
  • Details regarding coaching: what does this structure look like? Mechanics of coaching relationship at highest level. Has to be a chemistry and initial meetings have to be face to face.
  • Is it high degrees of motivation that people approach coaching or companies mandating it?
  • It leaders in the world - unique challenges. Why is connecting with personal vision so important? Vision needs to be so clear and laser focused that your passion is ignited. Values are foundation for the vision.
  • The more you explore the WHY - helps develop clarity around personal vision. Purpose for living - ignites passion. Personal vision has to be in line with corporate vision.
  • Leadership programs linked to neuroscience, that’s where the future is going.
  • Bringing the whole individual to bear on their life and not segmenting.
  • There are six key leadership competencies:
  1. strategic thinking,
  2. communication,
  3. emotional intelligence,
  4. negotiation and conflict management,
  5. managing energy and time,
  6. mastering lifestyle management and overall wellness.
  • Biggest hurdle for IT executives is communication skills and Emotional Intelligence (EQ) - Most IT executives are extremely bright with good intentions. But their natural inherent skills are more on the technical and IT side of the business and not enough on the communication and emotional intelligence side, In other words, the IT skills come more natural to them then to others, yet the softer interpersonal skills, the communication seem to be more of a challenge. Similar to engineers.
  • IT executives have so much to significantly contribute to the organization, so when these competencies can be enhanced, it takes the organization to a whole new level.
  • When an executive can utilize their logical and analytical business sense alongside a highly developed EQ, they are much more likely to achieve extraordinary success. If an executive's EQ is low, it is a distinct disadvantage. Can't improve IQ but you can improve EQ. 26:35
  • Results are not only life changing to executives, but to the families around the individual.
  • Demonstrating the link, the EQ has a direct impact on work, but also the spouse and children.
  • How do we fully qualify, and how to approach health in general for an executive. Need to be an advocate for our own health. Your health is your wealth. The healthier the more productive you can be. Be connected in your community, to network and find out.
  • Concept and power of Mindfulness - Meditation and Forgiveness. Forgiveness first - as an IT executive you can be blamed for things that go wrong. If things go well it is silent, and if not, then everyone hears about it.
  • Forgiveness, just like meditation is becoming more and more important for people to understand.
  • It is important to not be so hard on ourselves. "Big part of forgiveness is key to our health". Dr Bernard Jensen "Forgive others who offended, and say I'm going to love you whether you like it or not." William Dyer: "Who am I to judge you or anyone? Given the conditions of your life, you did what you knew how to do. You can’t ask anymore of anyone. "
  • Meditation and Mindfulness: Mindfulness - Jon Kabat-Zinn, PhD - MBSR - mindfulness-based stress reduction. Meditation is the practice and process of paying attention and focussing on your awareness. Over the past 20 years slow shift happening and meditation is becoming more popular. In the past, executives became used to meditation to overcome a crisis. Change the perception of meditation in the corporate world. Different types for different executives - depending on their needs. Mindfulness is being present in the moment. Can be very helpful to connect to what happens.
  • Practical mindfulness can be practiced in every-day life. Practice mindfulness while you wait. Whether waiting in a line or stuck in traffic. Mindfulness and Meditation can help the IT executives access the reserve of resilience.
  • It’s not a competition, it’s a journey. Mind triggered into flight or fight response. If we can’t establish dominion over the world, then it will affect our health.

This episode is sponsored by the CIO Scoreboard

 

All methods of how to access the show are below:

Leave a podcast review here

How do I leave a review?

Bill Murphy is a world renowned IT Security Expert dedicated to your success as an IT Business Leader. Follow Bill on LinkedIn and Twitter. Subscribe below for weekly podcast, CIO Mastermind and CISO Mastermind updates delivered to your inbox easily and effortlessly.

Dec 2, 2015

This episode is sponsored by the CIO Scoreboard

In this episode I interviewed Tyler Cohen Wood who has an impressive amount of experience in Cyber security, and Digital Forensic Security - in addition to helping the White House, the Department of Defense, The Intelligence Community, Federal Law enforcement and even NASA.

In our discussion on security, we talk about the different protections available on Social media and the different types of cookies and how to ensure that you are protecting yourself and your family to the maximum. Read further for more information as we discuss the following important points:

  • The best protection is knowledge of how things work
  • Super cookies, zombie cookies, flash cookies
  • The importance of turning off Exit data on photos that will be uploaded to social media sites
  • Downloading Apps - Understanding what you are doing and what you are potentially giving away to companies
  • How do others perceive you online? How to research yourself online and see how others perceive you
  • Be aware of your individual personal “brand”
  • Executive Travel - posting your travel plans and location of working from home or working from a coffee shop
  • How to understand online deception and vette people.
  • How to become a human lie detector with statement analysis
  • Teach your kids how to use a checklist to keep themselves safe online

As a business leader who wants to be fluent on the impact of current privacy and security challenges, you will find Tyler’s message educational on both the personal, work, and family areas of your life.

Tyler Cohen Wood is an expert in social media and cyber issues. She was a senior officer and a Senior Leader and Cyber Branch Chief for the Defense Intelligence Agency. She was a cyber branch chief for the Defense Intelligence Agency (DIA) within the Department of Defense (DoD) where she makes decisions and recommendations significantly changing, interpreting, and developing important cyber policies and programs affecting current and future DoD and Intelligence Community policies. She previously worked for the Department of Defense Cyber Crime Center as a senior digital forensic analyst, using her expertise in intrusion, malware analysis, and major crimes to bring about many successful prosecutions.  Before joining the DoD Cyber Crime Center, she was employed at IBM and NASA as a senior forensic analyst.

She wrote the book Catching the Catfishers, where she explores the digital footprints that we all leave behind, whether we realize it or not. The book sheds light on a comprehensive set of online security components and teaches readers how to best protect their personal information from being put out and circulated on the web.  She co-authored the textbook Alternate Data Storage Forensics and was featured in Best Damn Cybercrime and Digital Forensics Book Period.

How to contact Tyler:

Website

LinkedIn

Twitter

Facebook

You Tube

Vimeo

Books:

Catching The Catfishers: Disarm the Online Pretenders, Predators and Perpetrators Who Are Out To Ruin Your Life

Alternate Data Storage Forensics

Resources Mentioned:

Spokeo

EU regulations

Rogue Base stations

Stingray

Statement Analysis

Exif Data

Cyber Dust

Summarized Show Notes:

  • “The best protection is knowledge of how things work”. You don’t have to become a coder, but think outside the box and how things can be a threat to you, your family and corporation.
  • Understanding the impact of a company like Spokeo. Thoughts on personal privacy – do we have any anymore? Even if you never go on Social media or don’t use a smart phone. But there are other people posting things about you. You have a digital presence. When you read the Terms of service on apps, they will tell you what they are collecting and how they are collecting.
  • We should try to secure companies with data like Spokeo. The book is about what we can do individually to take control. EU regulations - will be interesting to see what happens to see how companies can work around data.
  • Photos - takeaways regarding privacy settings on this. Exif data. Pinpoints the exact geographic location from where the photo was taken. When you are dealing with a predator after your child, you don’t want too much information being taken from your child. Bad guys - are really good at what they do. But you can turn it off.
  • Knowledge is empowerment. Understanding what you are doing and what you are potentially giving away to companies. Decisions can be made on what you want to do to use it.
  • Cookies - obscuring identity through proxy systems. Super Cookies, Zombie Cookies and Flash Cookies. Cookies have a format - you can delete cookies. Usually used to auto-login to a site. But now - different companies are getting smarter and using zombie cookies that are harder to remove. To find out more about you to sell you stuff. Things you can do if you want to protect yourself. Don’t use applications as much, try to use the websites. Sometimes the cookies are polymorphic.
  • Insurance companies and health companies - building profiles on us, with automated tools. Powerful tools - building up a story about us online.   Sometimes people are more realistic about who they are on social media, sometimes not. IRS - utilizing this technology. This is stuff we have chosen to put out. When you take the posts from the perspective of an HR person would to find out about you - you might find out a lot about you to find out who you are. If you never post things, but you like a certain persons posts. That will tell us a lot about who we are as people.
  • How do we assert some sovereignty over our life? What would an observer see about ourselves? You want to research yourself online. Sometimes privacy settings change. Do you want employers seeing this and a bunch of strangers seeing this? It’s a perception. Perceptions become reality.
  • Think about it as your brand. When you post about your children and how your children are doing. Privacy settings can and will change. If you are posting things which you think is private. Someday that information might be available to college boards or recruiters. Set up a private group if you want to talk to a private group.
  • As an executive, it’s very easy to find your address. Very easy to set up things like man in the middle attacks targeting that particular person. Rogue Base Station, Stingray, IMSI catcher. Those people can put updates through malware that given them control of your device. Base station you put in that your phone will connect to as the strongest signal that may be in a coffee shot. You will go through the rogue base station instead of the actual provider signal. People learning your pattern of life.
  • Catching the Catfisher - what does it mean? What is purpose of the book? Teach people how to understand Wild West domain and empower themselves in ways that are easy to understand. To read deception in the online domain. Understand if those you are talking to are really who they say they are.
  • Value in the book from purely understanding deception and becoming a human lie detector. Statement analysis. Deception techniques are important.
  • Having a checklist is a way to engage your kids in the security instead of them feeling attacked
  • Browsers can take control – Tyler personally uses Chrome. Added security features. Depends on what you want to use.
  • Instant messaging - cyber dust. IMs. Context of messaging versus transport of messaging. Cyber dust - it disappears. If traversing through a network and network is keeping those packets it can always be re-constituted. There are low tech solutions to high tech issues. Someone can take a photograph of what you sent and send that around.
  • As society we have to be aware of what we are putting out there because we don’t know where we’ll be 5-10 years from now.
  • If there’s something that you want to do, don’t let anybody tell you that you can’t. If there’s something you want to do and you know it’s right, go for it, because you can do it.

This episode is sponsored by the CIO Scoreboard

All methods of how to access the show are below:

Leave a podcast review here

How do I leave a review?

Bill Murphy is a world renowned IT Security Expert dedicated to your success as an IT Business Leader. Follow Bill on LinkedIn and Twitter. Subscribe below for weekly podcast, CIO Mastermind and CISO Mastermind updates delivered to your inbox easily and effortlessly.

 

Nov 25, 2015

As a leader, how can you be immensely present in the moment with people, both at work and in your personal life and in any situation?

In my insightful and humorous discussion with Shawn Hunter we discuss his book Out Think: How Innovative Leaders Drive Exceptional Outcomes and the wisdom gleaned from interviewing hundreds of thought leaders and executives from all walks of life.

Shawn not only writes about this topic as an author, but has also had to live it as an entrepreneur who has built and sold a company which was acquired by Skillsoft. He has interviewed so many successful people that he can see patterns of success and achievement that might take us 100 – 200 books and years to learn.

In this interview ideas come fast and you will surely want to capture them. Take notes. Shawn shares numerous anecdotes and stories throughout the interview and every one of them will present a teaching moment for you. Here are 10 of the highlights:

  1. One of the best questions to ask yourself this coming year “What am I capable of becoming in a year?”
  2. The impact of Energizers and De-energizers in a company and what to do about them.
  3. The importance of strategic storytelling for a business.
  4. Does happiness precede success, or do we have to be happy first to be successful?
  5. Lack vs Surplus mentality - Wanting what you have vs wanting what you don’t have.
  6. What is the difference between a person who is creative vs innovative vs inventive. The buzz word is that people have to be more creative. Well what does this mean vs innovative?
  7. Why as a leader you need to be Immensely present in the moment with people and in situations. Examples of how leaders do this.
  8. How to scale and grow leadership.
  9. An expectation of excellence - This is an honor, it’s a gift. When you believe that those around you have the capacity to do their best, automatically they start performing to match that expectation.
  10. As a Leader and Manager, how do you create the right conditions for people you lead to have a sense of “flow” and sense of “excellence” in performing their work?

Shawn is an author and the Executive Producer & Vice President for Leadership Development Channel at Skillsoft. He has been interviewing and writing about amazing leaders from around the globe for over ten years. Skillsoft provides cloud-based solutions for customers worldwide, who range from global enterprises, government and education customers to mid-sized and small businesses. He originally co-founded Targeted Learning Corporation with his father Hal Hunter, Ph.D., which was acquired by Skillsoft in February 2007. He has a degree in Political Science and Government from St. Andrews Presbyterian College.

As quoted from Shawn’s website eloquently , “We’ve entered a new era. Call it the age of imagination, ideation, conceptualization, creativity, innovation – take your pick. Creativity, mental flexibility, and collaboration have displaced one-dimensional intelligence and isolated determination as core ingredients of competitive advantage. Creative people who can bring innovation to the world are our greatest capital now and with the right leadership and inspiration, creativity and execution can be nurtured in everyone. In any field, expertise is not only expected – it is given. Success for workers and companies centers on being nimble, creative and having the initiative to bring unique solutions to unexpected problems. "

Books

Out Think: How Innovative Leaders Drive Exceptional Outcomes

New Book: Transform. Behaviors Mind-sets as a leader you need to make up. Available for sale Fall of 2016.

Huffington Post Article: Signs of an Impending Bozo Explosion

How to get in touch with Shawn
ShawnHunter.com

Facebook

LinkedIn

Twitter

Resources Mentioned

Dan Coil – The Talent Code

Theresa Amabile

ProgressPrinciple.com

Shawn Achor - The Happiness Advantage: Linking Positive Brains to Performance

Shawn Achor - Before Happiness

Stephen Kotler "flow"

Angela Duckworth and the Research on 'Grit'

Bob Sutton – Energizers and De-Energizer research PhD Stanford

Scott Eblin – Overworked and Overwhelmed - The Mindfulness Alternative

Douglas Conant TouchPoints: Creating Powerful Leadership Connections in the Smallest of Moments

Timberland Company Story

Skillsoft

Mindscaling.com

Summarized Show Notes

  • Very unique quotes throughout the book that Shawn collected
  • Innovation comes from mashing up – putting different disparate ideas together to make new values and combinatory thinking
  • Difference between creativity, innovation and invention.
  • Coach people to do little small micro changes. Large changes take small incremental progress over time. To coach someone to become more innovative – you coach people to be more creative – you conceptually create. Then you recognize where you take action.
  • Sense of wellbeing and contribution at work– comes from your intrinsic motivation. Sense of meaningful, incremental progress in your work.
  • The Happiness Advantage: The Seven Principles of Positive Psychology that Fuel Success and Performance at Work by Shawn Achor- start with lack of something or feeling good about what you’ve achieved.
  • Happiness comes from the success you have enjoyed and what you have achieved; as if our own competence creates confidence. Big fan of gratitude thinking and journaling, and competence in your work, it creates a higher level of confidence. Practice, hard work, tenacity.
  • Does happiness precede success, or do we have to be happy first to be successful? Happiness precedes success. The notion of the impostor syndrome, notion that you feel like you are a fraud and you will be revealed as an impostor. You don’t deserve the bonus, job etc. Maya Angelou was afflicted with deep sense of self doubt that she was a fraud. Kate Winslet is another example. The more success you enjoy – the more you are surrounded with more successful people which compounds the problem which brings in more self-doubt. The key to the problem is to stop comparing - it is a form of self-sabotage. When you let go, you find more self-satisfaction in what you are doing
  • If you assume the very best in yourself, capabilities and deservedness - then by extension - you do this with other people, that they have the best intentions.
  • An expectation of excellence: when you believe that those around you have the capacity to do excellent work, they automatically start performing to match that expectation. That can get you over your head. Ability and challenge - there is an intersection where the challenge and skill meet, this sweet spot known as flow. The key with finding flow is very personal.
  • Shawn speaks about effort and grit and the way of coaxing out creativity and performance. Evidence based theory – Angela Duckworth. When you tell someone that they are brilliant. They will get that heroic status. They will adopt of status of brilliance. Inversely when you give people this status they also believe it is hard work that got them there and not their brilliance. They will choose for themselves harder challenges because of the reward system. To build in natural growth. IF they think they are naturally brilliant they will choose tasks within their sweet spot and will be less likely to be challenging themselves.
  • Matthew May - innovation workshop session - importance of transparency. To create a sense of transparency in the organization. During the workshop - game where you have to have the right balance of ingredients for a trip to the moon. There is actually a correct answer for the equation for the game. Unbeknownst to anyone else, he took the most junior member of the team at table and he gave them the key code to answer the puzzle. They could do anything to say that they had the answer without saying they had the correct answer. No one got it right, everyone lost.As a leader, or manager or boss - can you induce a sense of flow into someone else? No, but you can create the conditions for it. You can create the challenge and the circumstance. Push people outside of the comfort zone if it’s within the scope of their capacity.
  • Energizers and de-energizers in a company. Different people energy in a work environment. What does it mean to be fully engaged and present in a team? Power disparities in a workplace. When someone is newly elevated to a position of power. When someone leaves with you - do they leave confused, depressed, angry, annoyed. Or do you leave provoked to the point of encouragement, poised? These type of people tend to be talent attractors. In war for talent - you will never hear anyone say that they will stay irrespective of relationship with their boss. The Boss is the direct relation to their relationship with the company.
  • Whomever you are speaking with or interacting with, to give someone the gift of your time is a honor and an obligation. Leadership presence requires that you are present.
  • Scott Elbin - Mindfulness and bringing this back into the workplace.
  • Book by Douglas Conant (CEO of Campbell’s soup), absolutely practices what he preaches. In a room full of people he will be so patient and so thoughtful with every individual in the room.
  • Scaling leadership is by taking the time and being immensely present in the moment. How do you accomplish this from a practical point of view? It’s a conscientious choice. Stand up, close your computer - intentionally remove the distraction. The mere presence of a smartphone between us - distracts you. The anticipation - distracts your mind from the immediacy of the conversation. Be as present as you can.
  • The idea of a Digital Sabbath - starting Friday evening - until Sunday evening, turning everything off. Spend time together with your family. Control the technology and don’t let the technology control you.
  • What am I capable of becoming in a year? Aspiration. Envisioning clearly and with as much detail as possible is critically important to motivating you. Paint it with as much detail as you can.
  • Shawn’s recommendation - strategic stories. Stories with a purpose. Within many organizations, there’s a story where in the telling of the story conveys the value of the organization.
  • Story of Timberland’s annual conference - they choose cities with economic distress where they can provide some pro-social value and community building. Story of when they went to New Orleans after Katrina is inspiring.
  • Push forward. You deserve to be where you are in your life and take the next step.

This episode is sponsored by the CIO Scoreboard, reducing the complexity of your IT Security initiatives.

All methods of how to access the show are below:

Leave a podcast review here

How do I leave a review?

Bill Murphy is a world renowned IT Security Expert dedicated to your success as an IT Business Leader. You can find him online through LinkedIn and Twitter. Subscribe to weekly podcast updates and information about CIO Mastermind Discussion Topics here.

Nov 18, 2015

Today I am interviewing Eric Kaufmann. I asked Eric on the show to discuss his book Leadership as a Hero’s Journey – The Four Virtues for Transforming Uncertainty and Anxiety into Results and to share practical ideas and tools that deepen a leader’s ability to be efficient, effective and deliberate; a leader whom people are drawn to follow.

Eric’s journey contains 13 years of leadership consulting, management at Fortune 100 firms, degrees in business and psychology and a quarter century of Zen practice. He has also given a TED talk called Transformation Myths and Legends.

I am so glad to have Eric on the show because he gives a massively important message to us regarding ‘comfort’. As a leader you must explore your comforts with personal relationships, business relationships, and the results you are getting in every area of your life.

Are you ‘leaning into’ the problems and discomforts in your business and personal life? Or are you running away from or avoiding them?

The Western World can make us soft as men and women because we get mesmerized by external ‘things’ and ‘results’ and we forget that our results could be better if we got the INSIDE right first and this would drive the external results we so crave.

In my conversation with Eric we explore his work with Executives who are tackling their lives as a Hero would.

The Hero’s Journey (as popularized by Joseph Campbell) has three parts:

  1. Leaving the familiar in order to seek a valuable prize
  2. Encountering challenges and risks that demand personal sacrifices
  3. Sharing and teaching what you learn back with fellow men and women

The Hero’s journey as Eric describes it takes enormous courage and the resilience to deal with fear, discomfort, and uncertainty in new ways that you may not have considered before.

The segments of the modern day hero are developed in the following areas:

  • Focus – What are you creating?
  • Courage – What are you avoiding?
  • Grit – How do you sustain in the face of discouragement and fatigue?
  • Faith – What are you yielding to versus remaining rigid?

Please enjoy my conversation with visionary thought leader and executive coach Eric Kaufmann. There are additional resources and summarized show notes below.

Books

Leadership is a Hero’s Journey? What Does it Take to Evolve Into a Great Leader? - RedZone

Videos

3 steps toward Leadership as a Hero's Journey

Your FEAR and How it Manifests in your Behavior

Why Great Leaders Break the Rules

Leadership begins at the end of YOUR comfort zone

Motivation is a Drug

Keynote Speaker Video

Introduction to Sagatica Consulting

TEDx Talk Transformation Myths and Method

Blogs

Motivation - A Drug for Lazy Leaders

What EXACTLY is Coaching?

Eric's Recommended Books

Leadership is a Hero’s Journey? What Does it Take to Evolve Into a Great Leader? - RedZone

Getting in touch with Eric

LinkedIn

Twitter

www.Sagatica.com

Summarized Show Notes:

  • How do you answer the question of what do you do for work 00:29
  • Works 1:1 with executives, 1 to few, facilitate leadership groups, 1 to Many – Leadership development training. [04:27]
  • Eric’s book titled Leadership as a Hero’s Journey: 4 Virtues for Transforming Uncertainty and Anxiety into Results. It uses the metaphor of a hero’s journey – what was the origin of the title of the book? [05:30]
  • Joseph Campbell’s influence – what is common to all human beings, and fundamentally true to all human beings across the globe, the power of myth, the [05:50]
  • MONOMYTH – the singular structure of a story that informs all stories and the hero’s journey as the underlying narrative of the story. [06:06]
  • How do you introduce this concept of a journey of life, from a business point of view? [7:20]
  • Joseph Campbell introduced 10 phases to the story but Eric focuses on three basic components [07:44]
  • We live in a different world and we don’t need to be a traditional hero. How do you translate being a hero in a modern day world into something you can grasp? [09:44]
  • When people think of a “Hero” it’s almost always is Superman or Batman. This is not right. Hero is an Ordinary Human being that has to face the challenge, fear and uncertainty and adapt. [10:16]
  • Brains and bodies were not trained to handle discomfort – natural aversion to discomfort. [11:59]
  • We have really lowered our competence to replace comfort with safety. [13:01]
  • We have to realize that there are going to be discomforts and one of the greatest contributions we can make, is to be graceful and present in the face of discomfort because it opens the door to being exploratory. Discomfort of being wrong, rejected and ignored – learning to reside in that with grace is a superhuman power [13:58]
  • Eric’s definition of courage is defined as walking towards what you would rather run away from. Embracing it rather than rejecting it. [19:07]
  • Why is “what are you are creating?” an important question? [19:50]
  • No organization doesn’t have an emphasis on planning and strategy. We should have a focal point - something that gives meaning to our struggles and strife. We recognize at the organizational level that there is meaning to the struggle. Goals, objectives and strategy are therefore set. But if you don’t realize that you do this on a personal level then you are mistaken. [22:20]
  • Always creating something and engaged in a goal pursuit, whether consciously and unconsciously. But what are the unspoken goals and objectives that we have in our head. [23:30]
  • From a point of safety - you are operating from an operational rather than strategic side of business. [25:10]
  • What am I avoiding? Specific career objectives and other domains in their life. With courage, would you apply “What am I avoiding” to all domains? [27:10]
  • Practically impossible to navigate the journey of leadership without consistently staring into the taunting face of failure. The voice of failure is huge. [28:19]
  • Example of a Marketing vs. Sales meeting in which this grip of fear was getting in their way – using data to hide the fact that they were anxious and scared, rather than working together, working against one another. Had to get underneath that mask of professionalism to discover what was really going on [29:49]
  • Fearlessness is a marketing ploy. Fear is built into the physical structure of our brain. Fearlessness is not the objective. Fear is the physical reaction to the perception of threat. Fear is the underlying chassis of our brain. [30:58]
  • The issue is cultivating courage. The ability to walk towards what you are afraid of. Embracing it, naming it and moving towards it. [31:47]
  • How would you coach business leader’s that want to start looking at mindfulness and meditation [33:20]
  • Eric started a formal meditation practice in 1986. Also goes to silence retreats twice a year. How is it effective for a leader? The point of meditation is to sharpen the mind and to broaden the heart. [34:07]
  • If you are a leader and you can develop the ability to pay attention to something, on purpose, without judgment. This is a powerful contribution as a leader to have that amount of clarity and speed of decision. Competitive advantage. [35:47]
  • Individually tackling stilling and sharpening the mind. [37:06]
  • Thirteen seconds is the span of time that most people would take two full deep breaths. In that span you can pause. Create a space between the stimulus and the response. Rather than being at the animal level of reaction you become at the human level of analysis and application. Pause long enough to bring back your conscious self [37:21]
  • If you want to cultivate that more skilfully - do it for ten minutes, and just observe the nature of your breath. It sounds simple, and the ability to be still and observe your breath - it teaches the mind and the body to be attentive on purpose. Imagine if you go into a meeting and you can sit and be more attentive. [40:15]
  • Literally a chemical and neurological shift that happens for people who do this consistently. [41:16]
  • What you want from leaders is knowing that they are bringing their best self. [41:39]
  • Concept of the observer - a small version of you dispassionately noticing what's going on. Can access this almost like a bodycam, it is recording without emotion, just picking up the data. We can access that. It takes practice but it’s immediately accessible. It’s not as dramatically dimensional as my emotional self. Better decisions arise from that. This can be activated through meditation. [43:29]

This episode is sponsored by the CIO Scoreboard, reducing the complexity of your IT Security initiatives. Sign up for a demo here.

 

All methods of how to access the show are below:

Leave a podcast review here

How do I leave a review?

This episode is sponsored by the CIO Scoreboard, reducing the complexity of your IT Security initiatives. Sign up for a demo here.

Bill Murphy is a world renowned IT Security Expert dedicated to your success as an IT Business Leader. You can find him online through LinkedIn and Twitter. Subscribe to weekly podcast updates and information about CIO Mastermind Discussion Topics here.

Nov 11, 2015

Introduction

In this ground-breaking interview with Tony McFarland, we discuss how companies and regulators interpret and understand current legislation on how to monitor and manage the risks that companies face that can potentially harm the business, and even affect shareholders. We discuss the concept of a material breach and how to define corporate obligations to material breach and disclosure.

I loved my discussion with Tony McFarland. Tony is an attorney and one of the best in the United States at understanding the fast moving and ever evolving Data Security and Privacy Law landscape. Tony has a very unique perspective from the top (CEO and Board) as it relates to the CIO’s requirement to answer questions from the top that have not been asked before.

We also discuss how current decisions and precedents on the Safe Harbor rule will affect the way companies across the Atlantic will have to justify the protections used, and required for data transfers.

Biography

Tony is a partner at Bass Berry and Sims PLC, with more than 30 years of experience working with leaders at public and private companies, particularly those in the financial services and healthcare industries, in complex individual and class action business litigation and situations. He has experience in Data Security and Privacy matters including electronic information security best practices, data retention and data management. He is also the Chairman of the firm’s Technology Committee and chair-elect of the Lex Mundi Knowledge Management Subcommittee. He is a co-author of Bloomberg BNA Banking Practice Portfolio Series No. 401, Securities Law for Banks.

We discussed legal impacts of the following:

  • The Rise of the CISCO – the Chief Information Security and Compliance Officer (my favorite)
  • The SEC and what are the considerations of disclosing an IT Security Breach.
  • Safe Harbor and the EU – If you have offices in Europe you will find the discussion very, very interesting
  • Trends in Privacy – “the right to be forgotten vs the public’s right to know”. The First Amendment vs Europe’s perspective. We had a fascinating conversation about Data Privacy. Here is a link to the Spokeo Supreme Court case that is highly relevant and important in the US privacy debate.
  • The Top Questions a Board and CEO need to ask a CIO or CISO
    1. “Do we have a data breach response plan?”
    2. They need to ask themselves, “Do we have someone capable of handling this area?”
    3. “Is this person getting the support they need?”
  • Top 4 elements of a Board presentation
    1. Memorable
    2. Concise
    3. Succinct
    4. Understandable

Tony’s Published Work and Articles

Top CIOs and CISOs can learn a good deal by reading Tony’s published work in the following areas:

Summarized Show Notes

  • The ability and knowledge to understand and follow the developments in the entire field which runs across many regulatory fields and to understand the way the technology works so you can provide counsel to the CEO, CISO, CIO to the risk and what is an acceptable level of risk, particularly taking into the potential risk of a company. You have to make judgement calls. [06:25]
  • SEC said all filings - have to disclose if companies knew of a breach or had knowledge of a breach. What do public companies have to be aware of with the SEC moving forward [09:10]
  • Breach disclosure of large corporations seemed to be catastrophic. But number of breaches have increased. [10:20]
  • Judgement call area. Guidance: try to stay within the range of what other companies do. There is a range of acceptable disclosures. You don’t want to be outside the norm [11:19]
  • Meaning of Material in material breach – meaning, e.g. if you have company that has 200-300 employees and member of management is on a flight and loses a laptop with sensitive information and that could use material. [12:10]
  • Inconsistency in responses of various regulators.[13:23]
  • Concerned with brand impact and relationship with client than the dollars you are out of pocket to remedy the breach and especially difficulty with public companies because they are under obligations to material advance and disclosure. This could affect the share price. [15:55]
  • Is the dialogue about IF you get breached, or WHEN you get breached? [17:20]
  • You have to always plan as if you are going to be breached. From technology, process, procedure standpoint, the convention of wisdom, there are only two types of companies, those who have been breached and know it, and those who have been breached and who don’t know it. [17:38]
  • Insurance cover - what do you see happening in insurance arena on cyber security? [18:41]
  • Now insurance companies are more sophisticated with cyber liability insurance and more being purchased now, especially for amount of retention of deductable for catastrophic losses [20:22]
  • European Court of Justice - case decided - brought issue the safe harbor framework relied on by UK and US companies to pass confidential information from EU to US. [21:26]
  • Safe Harbor rule - get out of jail free card – a mechanism whereby if companies show they were operating within in the safe harbor compliance framework
  • Scope of personal data in EU is much broader than in the US covers medical history and data. [23:00]
  • EU has adopted some rules which have ‘The Right to be Forgotten’. European citizens can apply through Google to remove URLs to remove those pages and Google balances this with the individuals rights to privacy with the public right to know and there is also an appeal process through a local data protection agency on this. This does NOT happen in the US. Due to privacy according to the 1st Amendment - the public’s right to know clashes with the right to be forgotten - clashes due to guiding principles. [31:37]
  • The right to be that invasive in privacy didn’t exist 200 hundred years ago – from a lawyer’s perspective, how do you balance the right of the individual to privacy with the public's right to know. [33:23]
  • Do you rely on precedence for law decisions? Ideally, but practically NO. State laws and provincial laws, and either can apply. Lawyers say there is no guiding law. Try to best guide someone through the absence of rules or conflicting rules. Advise clients to act consistently.
  • Clear communication with the Board - Boards can’t deflect issues on Cyber Security. What you’re your observations with IT leader’s communication with Board and vice versa? [38:06]
  • 10 years ago CIO, CISO positions were rare except in larger companies. Prefers the term Data security rather than cyber security. Predecessors of CIO or CISO were more of an IT manager. [38:33]
  • Not much history for CIO or CISO to know how best to present technical information to the Board and for the Board to know how to receive the information. [40:01]
  • Extremely difficult situation – the communication needed is inadequate. It needs to be clear, concise, succinct, understandable and memorable. [40:50]
  • The CIO/CISO needs to convey to the board the different high level points that company has prepared and has planned its security and knows how to respond to a breach [41:54]
  • Board is capable of asking the right questions that are valid and useful for the business. But how are they being trained to ask questions in an area that are highly undefined? [42:20]
  • The SEC wants to see that the breach response is documented [44:15]
  • Top questions for a Board to ask their CIO/CISO [45:55]
  • Are Boards suffering from Ivory Tower Syndrome (ITS)? [48:40]
  • From the viewpoint of the SEC, someone needs to check if the information was right. If the Board are not capable of assessing the answer, then it’s more of a pro forma exercise, than check on adequacy of Cyber Security issues. [51:00]
  • Being an Eagle Scout - what has this given to Tony’s career. Trustworthy, loyal, helpful, friendly, courteous, kind, obedient, cheerful, thrifty, brave and reverent. As a Business Litigation lawyer, it’s similar – we’re known for knowing a little about a lot of things, but not a lot about anything [51:28]
  • Larger companies underestimate the importance of having a CIO and a CISO. Can’t think of data security without thinking of compliance and can’t focus on compliance aspects without taking into the commitment to data security. These two positions might eventually merge. Suggesting the term CISCO. [53:33]

 

This episode is sponsored by the CIO Scoreboard, reducing the complexity of your IT Security initiatives. Sign up for a demo here.

 

 

All methods of how to access the show are below:

Leave a podcast review here

How do I leave a review?

This episode is sponsored by the CIO Scoreboard, reducing the complexity of your IT Security initiatives. Sign up for a demo here.

Bill Murphy is a world renowned IT Security Expert dedicated to your success as an IT Business Leader. You can find him online through LinkedIn and Twitter. Subscribe to weekly podcast updates and information about CIO Mastermind Discussion Topics here.

Nov 4, 2015

In this phenomenal interview with The Iceman Wim Hof we discuss what I believe may be the edge and frontier of human potential. By studying Wim, who has achieved 21 Guinness World Records, scientists are building a knowledge base of what is possible for humans. As Wim trains others to do what he does, then he becomes less of an ‘outlier’ and ‘anomaly’.

This is why I asked him to talk with me. I am interested in learning how he accomplishes his feats so that I can apply his methods to my own life. My hope is that you will be able to take pieces of this interview and do the same with yourself, family, and business. We discuss:

  • Raising Kids
  • Teaching others to handle adversity - The science of the body mind connection – Cold Exposure and Breathing
  • Proof - Scientific findings and research
  • His vision for teaching kids how to control their health, strength, and happiness (mood)
  • Adjusting Mood (happiness) - The link between breath and mood state
  • Eliminating depression
  • The science behind his extraordinary feats
  • His mission and vision for kids
  • The benefits of cold immersion and breathing
  • His favorite Guinness World Record
  • His favorite experiment (performed on himself) to date

 

The Beginning of the Iceman

By the time Wim reached his teenage years, he was already running barefoot through the snow, comfortably. This was the beginning of a large series of confrontations with the cold, where every single time, limits were tested, and the outside world was stunned. Wim Hof is able to perform exceptionally, almost unnaturally, on what he is focused on during extreme situations. Due to our comfortable lifestyle today we are far removed from our natural body functions.

We breathe much more shallow which means that our body is not optimally supplied with oxygen. According to Wim, it’s not complicated at all: "What I am capable of, everybody can learn".

Control over your inner nature

Wim has taught himself how to control his heart rate, breathing and blood circulation. All this is regulated by the autonomic nervous system. Science says that the autonomic nervous system is a part of the body you just can´t control, yet Wim can, by steering his hypothalamus (an area in the brain which regulates the body temperature). While the body temperature of an untrained person drops dangerously after exposing it to extreme cold, Wim is able to retain his core temperature around 37 degrees Celsius, constantly. Even after 1 hour and 52 minutes sitting in ice, Wim’s core temperature stays the same. Scientists around the world are baffled by this exceptional capability.

21 Guinness World Records

He has accomplished 21 Guinness World Records with the most exceptional and unique performances. Here is a sampling of those:

  • Ice Endurance feat, which is set at 1 hour and 52 minutes
  • Running a marathon above the Arctic Circle in shorts (the video of this is extraordinary)
  • Running half a marathon barefoot above the Arctic Circle in only shorts
  • Officially swam under ice for 66 meters, unofficially swam under ice for 120 meters with one breath
  • Free climbing
  • Hanging on one finger at an altitude of 2,000 meters
  • Climbing the highest mountains on earth in only shorts (like Everest and Kilimanjaro)
  • Full marathon in Namib desert without water consumption

Teaching Others and Scientific Proof

In order to squelch ‘naysayers’, Wim has embarked on a journey to prove his capabilities and also to teach others to do what he does.

He proved this in what I think is his landmark study where he trained 12 people to do a remarkable experiment highlighted below. The experiment (also referenced below in the science section) is called “Voluntary activation of the sympathetic nervous system and attenuation of the innate immune system response in humans” done by Dr. Pikkers and Kox, where Wim trained subjects influenced the autonomic nervous and immune system (video from the doctors).

Scientific Research

Teaching Others - Resources from this episode:

Free Online Course

10 Week Course

Wim Hof Method Explained in Detail

VICE Documentary featuring Wim

 

Reference Sites for Wim Hof
Ice Man website
Wikipedia
Four Hour Work Week Interview
Vice Video Link
Hypothermics Site
The Clymb Site

Social Media for Wim Hof
Twitter Link
You Tube
Face Book
LinkedIn
Instagram

Books By Wim Hof
Koud Kunstje
Becoming Iceman

 

 

This episode is sponsored by the CIO Scoreboard, reducing the complexity of your IT Security initiatives. Sign up for a demo here.

All methods of how to access the show are below:

Leave a podcast review here

How do I leave a review?

Bill Murphy is a world renowned IT Security Expert dedicated to your success as an IT Business Leader. Follow Bill on LinkedIn and Twitter. Subscribe here for weekly podcast, CIO Mastermind and CISO Mastermind updates delivered to your inbox easily and effortlessly.

Summarized Show Notes:

  • How are we able to tap into different response systems such as the autonomic systems and nervous systems, and show (for the first time) that we are able to produce more adrenaline – as if someone is doing their first bungee jump.
  • How to tap into the Endocrine systems (controlling mood and hormones), and the Immune systems (controlling disease). With these techniques you are able to control the mood and the hormones, and tap into the endocrine systems. [8:50]
  • 230 million prescriptions filled out in the US alone for antidepressants, more than £3 Billion – and covers a complete spectrum – from light stress, and mild to severe depression. A combination of breathing and cold – and how it gets applied. [9:23]
  • Free course on the website – method consists of 3 lymphs - gradual cold triggers the vascular system. Second is breathing which brings about better oxygenation of the blood. And the 3rd are mind-set. This allows you to tap into the physiology of the endocrine systems which control the mood and hormones. Now you WILL feel that you have the power to intervene. Take a cold shower after a hot one. Breathe better. Thus you will be able to control the PH level bringing out to the natural system where it should be. Then you feel you have a sense of control and this affects your mindset. [10:03]
  • Learning, when going consciously into the body. If you are compare this to a situation of danger, your body is taking over. When you are in dangerous situations, and the body takes over, and you use the cold shower, it takes you to the breadth of your being. And it trains you to take control and have power over yourself. So when you are in a difficult situation, you are more able to control it. That is comfort, and it builds confidence. This is just to trigger and awaken the deeper physiology of yourself and learn some breathing. [13:06]
  • How this was founded on an internal belief, but then moved to science. A lot of world feats to gain attention. [15:12]
  • Wim’s favorite experiment in an ice bath [16:10]
  • Injecting endotoxins (E-coli bacteria) results in complete suppression of the cytokines and the inflammatory markers in the autonomic nervous system. [17:54]
  • Interest from Harvard Medical School starting studies with them. We have seen indications for possible healthcare solutions via a natural method. Able to tap into so much more power from within and tackle and prevent disease. Able to help people with arthritis, Crohn’s, etc. [20:44]
  • We found a way to reset the body and bring it to its natural state [23:03]
  • The parasympathetic nervous system, you get from doing mindfulness for a long time. During the day, consciously, deeper breathing – so you are in control. Shallowness in breathing patterns results in less oxygen in the cell and the cell is more acidic. We are able to store a whole lot more oxygen. [24:01]
  • If you are able to do this the cell is able to regenerate in peaceful level. Not when it is stress mode. The Neocortex, the upper layer of our brain, the daily live, action, and it takes energy. But if you know how to tap into the limbic system which this technique does. You get into the paralimbic system – to get more [25:44]
  • Only when we have more scientific proof can we help illnesses such as depression, arthritis, Crohn's, daily life. We need to have more confidence to tackle what life is all about. Peace and action. Our deeper parts of our being requires nature and we are now able to tap into this. [27:51]
  • Kids are the real goal. If we want to change the world, can’t have kids alienated from their inner physiology. If we love our kids, we want them strong, happy and healthy. We show that we are able to make people strong. [29:17]
  • Every morning, rise and do breathing exercises at 4 am. Tremendous peace and power. Rejuvenating and rehabilitating. Raising kids, being more of a child than themselves. On a deeper level, being busy, believing, believing, understanding, realizing. Breathing and Cold training. Never get sick and my kids never get sick. If something is wrong with me, - I change it. [31:50]
  • A possible solution for the food problem in the world. I am able to generate more cell activity, by thinking only. We need to do more studies, because these are BIG issues. We eat too much. Food is equivalent to energy. Food you need to process, but with breathing you do not need to process it all the time. It doesn’t use a lot of energy. [34:50]
  • Permanent change comes from insight. If the body doesn’t have the correct PH then you lose the mind body connection. Health, happiness….Strength! You have to deal with this consciously. Because of our behavior, we have lost this connection within. Right Consciousness. We have to compensate for the non-stimulative behavior. We have become conditioned, with the de-conditioned. [37:12]
  • The right information is motivational [39:10]
  • Of the 20 plus Guinness World Records which is the most meaningful? – Going under a meter of ice, deck and having to swim 50 m underneath. The day before, did rehearsal. I forgot to wear goggles. And I passed the hole. I tried to find the hole. I ended up swimming 130 meters underneath the ice deck. I never felt the agony to drown. Because of the breathing that I do to raise the PH levels. To cause the body to withdraw within. I lost my fear of dying there. So peaceful. [41:03]
  • We lost our connection with nature. We get disease. We get sick. Everybody is capable, is able to reconnect to the natural state of our physiology and be happy natural and healthy and control it. [45:39]
  • Connect with discomfort. Innate immune response. We are able to tap it. Enabling us to increase the quality of daily life. [46:25]
Oct 28, 2015

In this podcast episode I interview Bill Brenner, who is an expert at digesting threat intelligence information and making this information available to a wide pool of people from C-Suite Executives to coders and developers. Bill is a Senior Technical writer for Akamai and has been a writer for CSO Online, and Liquid Matrix Security Digest. Additionally, he created and writes in a blog called the OCD Diaries where he discusses mental health issues with IT Executives and staff within the technology industry.

Top 3 items for an IT Security Decision Maker to be concerned about moving forward:

  1. Super-vulnerabilities like Heartbleed, Shellshock, Poodle and OpenSSL - Identify the risks these pose your assets within your company and remediate them.
  2. Incident Response – Remember to develop a BCP/DR plan for IT Security Incidents
  3. Protect Your Brand – Which hacking groups don’t like your company or brand that leave you vulnerable to DDoS, cyber espionage, and ransomware style of attacks?

You will also learn some of the best sources for IT Security threat information:

Securosis

  1. Mike Rothman - Securosis
  2. Rich Mogull - Securosis
  3. Adrian Lane - Securosis

Blogs and Podcasts:

  1. Jack Daniel - Tenable
  2. Security Bsides movement
  3. NAISG – National Information Security Group
  4. CSO Online
  5. State of the Internet Security podcasts
  6. Security Kahuna podcasts

Vulnerability Information Sources:

  1. Threat Post
  2. CSO Online
  3. Security Ledger – Paul Roberts
  4. CSI Group
  5. SANS Institute - Internet Storm Center

Humanity in Security - Mental Health

The importance of good mental health in the IT Security profession as it relates to depression, anxiety, coping with stress, OCD, Asperger’s, Autism.

The OCD Diaries – An opportunity to destigmatize mental illness and to give people in our industry a life raft and share tools that can help them. Taking your mental disorders and turning them into super powers!

Additional Show Notes

  • Communicating what threat intelligence researchers are seeing directly to a more complex audience and hitting it at all levels - geared towards the larger security industry or community
  • What does alignment between product managers and the threat intelligence team mean? The data [Akamai] receives is coming from the deployment of their products in the field. “Taking what we are seeing from our technology deployments and sizing it up against what other companies see and you know at the end of it giving people a bigger picture so that they can take actions that they need to take.
  • Sharing of research is crucial – the benefits of information sharing between companies and how it helps keep out the bad guys. You can't take the information that you receive internally and makes proper sense of it without comparing it with what's going on elsewhere.
  • How can we get to the point where it’s actually actionable sharing?
  • What does it mean to have a third-party attack? A common platform like WordPress can have third-party widgets and plugins that they didn’t create and essentially those can be malware or exploit kits of some sort so we need to be aware that they can be leveraged. Be aware of where the vulnerabilities are.
  • The next step with SSL and moving towards TLS – pros and cons.

How to reach Bill Brenner:
LinkedIn
Facebook
Twitter
Akamai Blog
The OCD Diaries

Former Publications:
Liquid Matrix Security Digest
CSO Online

What is Your Plan for: Super-Vulnerabilities| Brand Take-down| & Incident Response| Humanity in Security - RedZone

This episode is sponsored by the CIO Scoreboard, reducing the complexity of your IT Security initiatives. Sign up for a demo here.

Leave a podcast review here

How do I leave a review?

Bill Murphy is a world renowned IT Security Expert dedicated to your success as an IT Business Leader. Follow Bill on LinkedIn and Twitter. Subscribe here for weekly podcast, CIO Mastermind and CISO Mastermind updates delivered to your inbox easily and effortlessly.

 

 

Oct 24, 2015

In this episode we discuss 6 different topics that you will definitely find highly interesting and relevant.

The Rise of Superman

  • Steven Kotler is a New York Times bestselling author, award-winning journalist, and cofounder and director of research for the Flow Genome Project. His books include The Rise of Superman, Abundance, A Small, Furry Prayer, West of Jesus, and The Angle Quickest for Flight.
  • He discusses the Concept of Flow [00:57]
  • As the Harvard Medical School Dr Ned Halliwell says – “Flow naturally catapults you to a point that you are not naturally in”
  • Flow can be triggered by public speaking and meditation and really is a state of mind in which grit, fortitude, determination, creativity, resilience and critical thinking, pattern recognition and hot decision making pops in.
  • Tracking Flow and Flow States – learning what activities break flow. Breaking patterns of breaking flow. BUT this is not just about getting more done, faster. This is about more than that. When people are in flow they are massively creative and massively efficient. Not to check email every 15 minutes as this breaks your flow and decreases efficiency [03:50]

 

The Most Bad Ass Navy Seal Ever – Jocko Willink

 

The Web’s Shadiest Neighborhoods by Blue Coat

TLD Article – Top Level Domains

  • Two years ago there used to be just 6 domains previously, and since 2013 there are now over 1,000 domains. [08:28]
  • Organized crime is hiding malware on these domains on these top-level domains (TLDS).
  • This is happening because of lax policies from ICANNs. There is a list of safe domains and unsafe neighborhoods to set your URL filters and spam filters [9:05]
  • DCS Don’t click plan – know what you are clicking before you click on it. Drive by malware is a huge entry point [10:28] – as you’ll see in my previous podcast with David Cross of Microsoft
  • Pay attention to your security equipment so that you can deal with this issue.
  • The web’s shadiest neighborhoods report
  • This is the site at ICANNs that lists the top level domains
  • Blue Coat

 

Gaming to Improve Your Speed as an Adult

  • Jane McGonigal’s research and TED Talks on the benefits of gaming
  • What assumptions have changed your mind in the past year?
  • This will surprise you but it has been found that game playing is healthy as long as it is under 21 hours a week. [11:53]
  • Physical resilience, mental willpower, social resilience mental stability are really important skills derived from game playing [12:30]
  • Playing a game with my son – before doing this research
  • Encouraging playing with daughters and sons, helps with bonding, collaborative problem solving and thinking creatively.
  • Collaborative problem solving, urgent optimism, the ability to act immediately to tackle an obstacle
  • Our avatar selves are trying to find the better version of oneself in these games [13:41]
  • The gaming mindset – helps with your team. What can you do with using repetitive tasks – making it a game and dive into flow and the willpower of game-playing.
  • Reference article on LinkedIn & RedZone

 

Hacks to Get More Sleep

  • We are being told by researchers that we need at least 8 hours sleep to perform optimally. We are not getting 8 hours of sleep. How do you hack sleep? How do you do it with products with lifestyle patterns and eating well?
  • Nick Littlehales details his techniques in the Guardian article [15:18]
  • He has practical ways to deal with that specially if you are travelling [15:30]
  • We are now exposed to artificial light stimulation and impacts on our health with depression. It potentially makes us fatter because our metabolisms are working as it should.
  • How to measure your sleep. How to have a dawn simulator and alarm clock. How to measure your sleep. How to sleep in sleep cycles. How to choose your bedding correctly. When you are travelling how to achieve perfect darkness [16:14]
  • It is important to see how he works with top athletes as they need to optimize recovery [16:44]
  • How can you be expected to perform optimally if your brain hasn’t fully recovered?
  • How to Recover from Lost Sleep - Ben Greenfield podcast - Nick Littlehales

 

Singularity University – Continuing Education

  • Executive program by Singularity University which concentrates on six exponentially growing fields each taught by world experts
  • Goal is to come away with knowledge of major disruptive innovations and their implications in the areas of Biotechnology, Bioinformatics, AI (Artificial Intelligence) and Robotics, Energy Environmental Systems, Medicine and Neuroscience, Networks and Computing Systems And Nanotechnology [18:30]
  • Finding what you are passionate about and taking it back into your specific expertise and add value [19:02]

 

This episode is sponsored by the CIO Scoreboard, reducing the complexity of your IT Security initiatives. Sign up for a demo here.

All methods of how to access the show are below:

Leave a podcast review here

How do I leave a review?

Bill is dedicated to your success as an IT Business Leader. Follow Bill on LinkedIn and Twitter. Subscribe here for weekly podcast, CIO Mastermind and CISO Mastermind updates delivered to your inbox easily and effortlessly.

Oct 17, 2015

If you have questions about Microsoft Azure Security you will love this interview with David Cross.

David Cross is the General Manager in charge of Security with Microsoft Azure. He has been the primary inventor of over 25 security patents and is the author of numerous publications and white papers. Prior to Microsoft, he served 5 years with the aviation electronic warfare community with the US Navy. He has a BS in CIS and a MBA.

One of the really fun parts of this interview is actually learning about his invention process as I was very curious about it since he has so many patents!

Oct 10, 2015

Are you a CIO, CSO, CISO, VP of IT, Dir of IT, SR VP of IT?

What does it cost you to manually examine threat intelligence information? Are you doing it at all?

If you are an IT decision maker you will want to listen to what Aharon Chernin, CTO of Soltra and I discuss related to Aharon’s expertise with STIX and TAXII. The STIX/TAXII standard is the future of IT Security as it relates to scaling access to actionable and relevant threat information that we can do something about versus being overwhelmed about yet more false positives. We discuss how sharing and teaching machines how to speak to each other about threat information is the vision of the future.

What if you could receive information from the FBI, DHS, and Cert for example and this could be ingested into your security machines, devices, software, etc and you didn’t need an analyst to make sense of the data? This is the vision of IT Security that I want you to consider. Only 1% of organizations have security analysts on staff. Why?....because humans are expensive and good ones are hard to scale to the level of threats all business from small to the mega-large are experiencing. Aharon is hard at work on this right now.w.

Oct 2, 2015

Ron is an expert in what it takes to develop the next generation of cyber security leaders.

• He is the Air Force Association US CyberPatriot 2013-2014 Mentor of the Year for his work with high school cybersecurity competitions.

• Ron Woerner is the Director of Cybersecurity Studies at Bellevue University. He has over 25 years of corporate and military experience in IT and Security

Resources for Cyber Security Team Competitions

1) Cyber Patriot Youth cyber security team competitions and explanations of the various levels of competition

2) ISC2/MITRE Cyber Challenge Academy Competitions – Capture the Flag

3) National Collegiate Cyber Defense Competition (CCDC)

4) Dr Dan Manson Cal State Pomona who created a single site to coordinate all cyber security competitions into one site called Cyber Security Federation - Single Site for information - Creating a sport out of cyber security competitions

Sep 23, 2015

Internationally acclaimed creativity expert Michael Michalko joins me today to discuss his creative thinking techniques that have inspired business thinkers around the world to create the innovative ideas and creative strategies they need to achieve unimaginable success in today's changing business environment of complexity and uncertainty. He says change the way you look at things and the things you look at change.

If you always think the way you’ve always thought, you’ll always get what you always got. The same old, same old ideas over and over again. The future belongs to those thinkers who embrace change, break new ground, forge new paths, and transform the way they think. Discover how to look at the same information as everyone else and see something different by using the creative thinking techniques and strategies that creative geniuses have used throughout history.

Sep 16, 2015

Uris is a leader in the world of research as it relates to IoT Security. This interview is a great learning tool to educate business leaders and your peers about where IoT is going and what it means to you and your business.

Sep 9, 2015

Mark is a world renowned expedition paddler and explorer and he has a powerful story to he shared about kayaking the entire length of the Amazon, Mississippi, Volga River (Europe’s largest river) and walking across Iran. My hope is that this interview will spur you on to try your own personal adventure or one with your family.

Sep 2, 2015

The CISO Should Not Report to the CIO |Assume you Have Been Hacked|6 Kill Chain Fundamentals You Must Know|How Can You Deny Command and Control Attacks| The Best Cyber Security Books - Hall of Fame|Alan Turing Should be a Hero|7 x ‘Must Ask and Prove’ Questions and CIO/CISO must ask about their Next Gen Firewall |Scaling Security with Real Cooperation|AI’s Role in Info Sec| The Beginnings of AI and Security

Aug 25, 2015

Two Ways to Avoid Being Perceived as a “Door Matt” and an “Order Taker” In Your Business. The Two Best Ways to Immediately Add Value to the Business, Converged Orgs Drive 4x More Profit, New Language for the CIO, Words that Really Matter, Projects and Investment Scoring.

 

Aug 19, 2015

Hacking-Back vs Attribution| APT Attack vs Targeted Attacks| Mobility and Virtualization| Leadership and Team Innovation| Ethics and the Selling of Vulnerabilities| The Best Zero Day definition Ever| Options of How to Avoid Poisoning Your Phone| Geo fencing| The One Question that you need to ask to Prevent Losing Your Job after a Breach Incident| Who has the Worse Cyber Criminals China or Russia?| Pinball Machines and Teaching Kids How Things Work Versus Consuming Things

Aug 6, 2015

Kayvan is an authentication expert. He gives a fascinating review of the old and future related to User Authentication Trends and Methods for Native Mobile Applications. Do you want to know pros and cons with various authentication methods of the future like IRIS, Selfie Based Authentication, Voice, Finger print, Face Recognition, Gesture and other Trends in Mobile Security ?

 

Jul 29, 2015

In the following interview Hadi and I discuss Big Data Security Topics like the Mosaic Effect, Mobile Security, The Demise of Passwords, IoT TOCTOU Attacks, Driverless Cars, Atomic Views of IoT, Orchestration Layers Limitations with Big Data Security, and what he describes as ‘Loose Membranes’ with IoT security

Jun 3, 2015

 

Are you and your team ready to make Leapfrog Steps or are you simply making Incremental Progress? 

 

How do you get hard things done? 

 

 

 

We are so often conditioned to look at the negative end of accomplishment. As human beings we tend to look at all the reasons something can’t be done versus listing all the reasons how it can be done. 

 

My discussion with Don Wiegner in many ways you have heard the message before, but this time around you are hearing it from someone who has just spent two years doing what others thought was impossible. He discusses how to accomplish insurmountable goals and do it in a way that brings people together under a common purpose. Have you had a defining moment in your career where your back was against the wall and you had to get the job done?

 

May 27, 2015

Alex Hutton major bank CISO, thought leader, influencer, presenter, award winning speaker, as he discusses with me inspiration he gets from the best sushi in the world and a having a vision of craftsmanship in his profession.

I have written about Craftmanship in the past and after talking with CISO Alex Hutton this was emphasized even more. Jiro Ono owns the most famous Sushi restaurant in the world. Similar to Jiro’s you can approach your profession as a master would.

The importance of IT Ops and Security being run as a craft is important because most CIOs and CISOs feel that their biggest value unfortunately is when there is a problem (data breach, failure of a system, etc)

Alex Hutton has served as CEO for Risk Management Insight. He served as a principal in the Risk Intelligence group for Verizon, involved in the development of the VDBIR. He is an avid security blogger, speaker and conference organizer. He brings a wealth of knowledge and experience on risk management and metrics to any discussion. He is a passionate and experienced public speaker

May 20, 2015

Jack Jones is widely considered a thought leader in risk management and information security, Jack has been employed in technology for the past thirty years; specializing in information security and risk management for twenty-four of those years. During this time he has garnered a decade of experience as a CISO, including five years for a Fortune 100 financial services company. His work has also been recognized by his peers and the industry, earning him the 2006 ISSA Excellence in the Field of Security Practices award, and the 2012 CSO Compass Award for Leadership in Risk Management.

Jack is the originator of the now industry standard risk management framework known as Factor Analysis of Information Risk (FAIR). FAIR has seen adoption globally, within organizations of all sizes, and is now regularly included in graduate-level university courses on information security and referenced by other industry standards. He also recently co-authored a book on FAIR entitled "Measuring and Managing Information Risk - A FAIR Approach".

 

Apr 29, 2015

You are really going to enjoy my interview with Mark Robnett, CIO Justice Federal Credit Union. Mark is a rising star in the Credit Union industry and I asked him to detail for you in this episode how he put together his presentation to his board regarding his IT security strategy and tactics. I have found that Justice FCU is about 1-2 years ahead of Credit Unions of its size. I would put them on par with firms many times their size. Mark also has the added pressure of having a very smart and technically savvy board. There is no hiding behind jargon and complexity with them because the board is comprised of individuals with backgrounds in FBI and Justice Department. What a challenge!

Apr 22, 2015

This interview was a lot of fun.

Enterprises frequently buy security products with the best of intentions, but they end up being abandoned. Sometimes the product never makes it out of the box and into the rack. What factors contribute towards security shelfware and what can be done by both vendors and enterprises to avoid this happening? If it has happened how can you reverse it?What are the top security products that end up on the shelf or marginally used?

1 2 Next »