Info

Bill Murphy's RedZone Podcast | World Class IT Security

World Class IT Security – Strategic and Tactical Thought Leadership, Advanced Topics for Top IT Leaders: Innovation, Ideas, Creativity, Neuroscience of Optimal Performance – Fearlessness Living Principles.
RSS Feed Subscribe in iTunes
Bill Murphy's RedZone Podcast | World Class IT Security
2017
July
June
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


Categories

All Episodes
Archives
Categories
Now displaying: October, 2015
Oct 28, 2015

In this podcast episode I interview Bill Brenner, who is an expert at digesting threat intelligence information and making this information available to a wide pool of people from C-Suite Executives to coders and developers. Bill is a Senior Technical writer for Akamai and has been a writer for CSO Online, and Liquid Matrix Security Digest. Additionally, he created and writes in a blog called the OCD Diaries where he discusses mental health issues with IT Executives and staff within the technology industry.

Top 3 items for an IT Security Decision Maker to be concerned about moving forward:

  1. Super-vulnerabilities like Heartbleed, Shellshock, Poodle and OpenSSL - Identify the risks these pose your assets within your company and remediate them.
  2. Incident Response – Remember to develop a BCP/DR plan for IT Security Incidents
  3. Protect Your Brand – Which hacking groups don’t like your company or brand that leave you vulnerable to DDoS, cyber espionage, and ransomware style of attacks?

You will also learn some of the best sources for IT Security threat information:

Securosis

  1. Mike Rothman - Securosis
  2. Rich Mogull - Securosis
  3. Adrian Lane - Securosis

Blogs and Podcasts:

  1. Jack Daniel - Tenable
  2. Security Bsides movement
  3. NAISG – National Information Security Group
  4. CSO Online
  5. State of the Internet Security podcasts
  6. Security Kahuna podcasts

Vulnerability Information Sources:

  1. Threat Post
  2. CSO Online
  3. Security Ledger – Paul Roberts
  4. CSI Group
  5. SANS Institute - Internet Storm Center

Humanity in Security - Mental Health

The importance of good mental health in the IT Security profession as it relates to depression, anxiety, coping with stress, OCD, Asperger’s, Autism.

The OCD Diaries – An opportunity to destigmatize mental illness and to give people in our industry a life raft and share tools that can help them. Taking your mental disorders and turning them into super powers!

Additional Show Notes

  • Communicating what threat intelligence researchers are seeing directly to a more complex audience and hitting it at all levels - geared towards the larger security industry or community
  • What does alignment between product managers and the threat intelligence team mean? The data [Akamai] receives is coming from the deployment of their products in the field. “Taking what we are seeing from our technology deployments and sizing it up against what other companies see and you know at the end of it giving people a bigger picture so that they can take actions that they need to take.
  • Sharing of research is crucial – the benefits of information sharing between companies and how it helps keep out the bad guys. You can't take the information that you receive internally and makes proper sense of it without comparing it with what's going on elsewhere.
  • How can we get to the point where it’s actually actionable sharing?
  • What does it mean to have a third-party attack? A common platform like WordPress can have third-party widgets and plugins that they didn’t create and essentially those can be malware or exploit kits of some sort so we need to be aware that they can be leveraged. Be aware of where the vulnerabilities are.
  • The next step with SSL and moving towards TLS – pros and cons.

How to reach Bill Brenner:
LinkedIn
Facebook
Twitter
Akamai Blog
The OCD Diaries

Former Publications:
Liquid Matrix Security Digest
CSO Online

What is Your Plan for: Super-Vulnerabilities| Brand Take-down| & Incident Response| Humanity in Security - RedZone

This episode is sponsored by the CIO Scoreboard, reducing the complexity of your IT Security initiatives. Sign up for a demo here.

Leave a podcast review here

How do I leave a review?

Bill Murphy is a world renowned IT Security Expert dedicated to your success as an IT Business Leader. Follow Bill on LinkedIn and Twitter. Subscribe here for weekly podcast, CIO Mastermind and CISO Mastermind updates delivered to your inbox easily and effortlessly.

 

 

Oct 24, 2015

In this episode we discuss 6 different topics that you will definitely find highly interesting and relevant.

The Rise of Superman

  • Steven Kotler is a New York Times bestselling author, award-winning journalist, and cofounder and director of research for the Flow Genome Project. His books include The Rise of Superman, Abundance, A Small, Furry Prayer, West of Jesus, and The Angle Quickest for Flight.
  • He discusses the Concept of Flow [00:57]
  • As the Harvard Medical School Dr Ned Halliwell says – “Flow naturally catapults you to a point that you are not naturally in”
  • Flow can be triggered by public speaking and meditation and really is a state of mind in which grit, fortitude, determination, creativity, resilience and critical thinking, pattern recognition and hot decision making pops in.
  • Tracking Flow and Flow States – learning what activities break flow. Breaking patterns of breaking flow. BUT this is not just about getting more done, faster. This is about more than that. When people are in flow they are massively creative and massively efficient. Not to check email every 15 minutes as this breaks your flow and decreases efficiency [03:50]

 

The Most Bad Ass Navy Seal Ever – Jocko Willink

 

The Web’s Shadiest Neighborhoods by Blue Coat

TLD Article – Top Level Domains

  • Two years ago there used to be just 6 domains previously, and since 2013 there are now over 1,000 domains. [08:28]
  • Organized crime is hiding malware on these domains on these top-level domains (TLDS).
  • This is happening because of lax policies from ICANNs. There is a list of safe domains and unsafe neighborhoods to set your URL filters and spam filters [9:05]
  • DCS Don’t click plan – know what you are clicking before you click on it. Drive by malware is a huge entry point [10:28] – as you’ll see in my previous podcast with David Cross of Microsoft
  • Pay attention to your security equipment so that you can deal with this issue.
  • The web’s shadiest neighborhoods report
  • This is the site at ICANNs that lists the top level domains
  • Blue Coat

 

Gaming to Improve Your Speed as an Adult

  • Jane McGonigal’s research and TED Talks on the benefits of gaming
  • What assumptions have changed your mind in the past year?
  • This will surprise you but it has been found that game playing is healthy as long as it is under 21 hours a week. [11:53]
  • Physical resilience, mental willpower, social resilience mental stability are really important skills derived from game playing [12:30]
  • Playing a game with my son – before doing this research
  • Encouraging playing with daughters and sons, helps with bonding, collaborative problem solving and thinking creatively.
  • Collaborative problem solving, urgent optimism, the ability to act immediately to tackle an obstacle
  • Our avatar selves are trying to find the better version of oneself in these games [13:41]
  • The gaming mindset – helps with your team. What can you do with using repetitive tasks – making it a game and dive into flow and the willpower of game-playing.
  • Reference article on LinkedIn & RedZone

 

Hacks to Get More Sleep

  • We are being told by researchers that we need at least 8 hours sleep to perform optimally. We are not getting 8 hours of sleep. How do you hack sleep? How do you do it with products with lifestyle patterns and eating well?
  • Nick Littlehales details his techniques in the Guardian article [15:18]
  • He has practical ways to deal with that specially if you are travelling [15:30]
  • We are now exposed to artificial light stimulation and impacts on our health with depression. It potentially makes us fatter because our metabolisms are working as it should.
  • How to measure your sleep. How to have a dawn simulator and alarm clock. How to measure your sleep. How to sleep in sleep cycles. How to choose your bedding correctly. When you are travelling how to achieve perfect darkness [16:14]
  • It is important to see how he works with top athletes as they need to optimize recovery [16:44]
  • How can you be expected to perform optimally if your brain hasn’t fully recovered?
  • How to Recover from Lost Sleep - Ben Greenfield podcast - Nick Littlehales

 

Singularity University – Continuing Education

  • Executive program by Singularity University which concentrates on six exponentially growing fields each taught by world experts
  • Goal is to come away with knowledge of major disruptive innovations and their implications in the areas of Biotechnology, Bioinformatics, AI (Artificial Intelligence) and Robotics, Energy Environmental Systems, Medicine and Neuroscience, Networks and Computing Systems And Nanotechnology [18:30]
  • Finding what you are passionate about and taking it back into your specific expertise and add value [19:02]

 

This episode is sponsored by the CIO Scoreboard, reducing the complexity of your IT Security initiatives. Sign up for a demo here.

All methods of how to access the show are below:

Leave a podcast review here

How do I leave a review?

Bill is dedicated to your success as an IT Business Leader. Follow Bill on LinkedIn and Twitter. Subscribe here for weekly podcast, CIO Mastermind and CISO Mastermind updates delivered to your inbox easily and effortlessly.

Oct 17, 2015

If you have questions about Microsoft Azure Security you will love this interview with David Cross.

David Cross is the General Manager in charge of Security with Microsoft Azure. He has been the primary inventor of over 25 security patents and is the author of numerous publications and white papers. Prior to Microsoft, he served 5 years with the aviation electronic warfare community with the US Navy. He has a BS in CIS and a MBA.

One of the really fun parts of this interview is actually learning about his invention process as I was very curious about it since he has so many patents!

Oct 10, 2015

Are you a CIO, CSO, CISO, VP of IT, Dir of IT, SR VP of IT?

What does it cost you to manually examine threat intelligence information? Are you doing it at all?

If you are an IT decision maker you will want to listen to what Aharon Chernin, CTO of Soltra and I discuss related to Aharon’s expertise with STIX and TAXII. The STIX/TAXII standard is the future of IT Security as it relates to scaling access to actionable and relevant threat information that we can do something about versus being overwhelmed about yet more false positives. We discuss how sharing and teaching machines how to speak to each other about threat information is the vision of the future.

What if you could receive information from the FBI, DHS, and Cert for example and this could be ingested into your security machines, devices, software, etc and you didn’t need an analyst to make sense of the data? This is the vision of IT Security that I want you to consider. Only 1% of organizations have security analysts on staff. Why?....because humans are expensive and good ones are hard to scale to the level of threats all business from small to the mega-large are experiencing. Aharon is hard at work on this right now.w.

Oct 2, 2015

Ron is an expert in what it takes to develop the next generation of cyber security leaders.

• He is the Air Force Association US CyberPatriot 2013-2014 Mentor of the Year for his work with high school cybersecurity competitions.

• Ron Woerner is the Director of Cybersecurity Studies at Bellevue University. He has over 25 years of corporate and military experience in IT and Security

Resources for Cyber Security Team Competitions

1) Cyber Patriot Youth cyber security team competitions and explanations of the various levels of competition

2) ISC2/MITRE Cyber Challenge Academy Competitions – Capture the Flag

3) National Collegiate Cyber Defense Competition (CCDC)

4) Dr Dan Manson Cal State Pomona who created a single site to coordinate all cyber security competitions into one site called Cyber Security Federation - Single Site for information - Creating a sport out of cyber security competitions

1