Today, my guest is Roger Grimes.
Roger's expertise in the field of computer security is unparalleled. He describes himself as the best in the world when it comes to computer security defense- and he has the credentials to back up this assertion.
He works with Kevin Mitnick who he calls the best Offensive Security guy in the world, but he calls himself the best when it comes to Defense.
As all of you know by now I love Offense and Defense Innovation so this interview falls squarely into the category of Defense Innovation for sure.
With more than 40 computer certifications and twelve books authored or (Co-authored) on computer security, Roger has spent over three decades imparting his knowledge to audiences worldwide.
His current title is Data-Driven Defense Evangelist at KnowBe4. He is the author of the new book, Hacking Multifactor Authentication.
Roger is a 33-year senior computer security architect and cybersecurity veteran specializing in general computer security, identity management, PKI, Windows computer security, host security, cloud security, honeypots, APT, and defending against hackers and malware. He has worked at some of the world's largest computer security companies, including Foundstone, McAfee, and Microsoft.
In this time of remote workforces and distributed endpoints, Roger advocates for Multi-Factor Authentication. However, MFA is not the end all be all for security. The vast majority of hacking doesn't care about your MFA. It's all about reducing your risk, according to Roger.
Throughout his many years in the industry, Roger a universal mission that drives all of his actions- to make the internet a safer place. Roger says if he leaves the Earth without accomplishing that feat, he has failed.
I also provide how you can connect with him on Linkedin. He has over 25k followers.
We've been sold by the industry that MFA is a Warm Blanky and Panacea for all security ills.
Learn more deeply about this topic as it is critical to your distributed security architectures moving forward
I'm excited to share this conversation with such a distinguished and world-renowned Security Defense Specialist.
Here are useful topics, books, and resources discussed and what you will learn as you listen:
Why most companies today fail in risk-based security and how to avoid the most common pitfalls.
The benefits of enabling application control software like AppLocker in audit only mode.
Why assuming just because you have MFA that you can't be hacked is false and how smart application of MFA will reduce your risk of getting hacked.
Why push applications like FIDO are more effective than SMS-based multi-factor authentication.
The highest risk areas CIO's and CISO's need to avoid falling into when dealing with MFA.
Why MFA and other security measures like it are all about reducing your risk instead of eliminating it completely.
How to Connect with this Guest:
Technologies referenced in podcast:
Troy Hunt’s “Have I Been Pwned?”
Kevin Mitnick's “Mitnick Security”
FIDO Alliance Framework
Books Published by Roger A. Grimes Referenced in Podcast:
Hacking Multifactor Authentication , 1st Edition, By Roger A. Grimes. Published by Wiley, 2020
A Data-Driven Computer Security Defense: THE Computer Security Defense You Should Be Using, 1st Edition, By Roger A. Grimes, Published Independently, 2017
Transcript:
You can go to the show notes to get more information about this interview and what we discussed in this episode. You'll find the show notes at redzonetech.net/podcasts.
Leave A Review:
Love this episode? Share it with your LinkedIn community here.
If you haven't already, please make sure you leave us a review on iTunes or Stitcher. Not sure how to leave a review? Check out the instructions here.
About Bill Murphy:
Bill Murphy is a world-renowned IT Security Expert dedicated to your success as an IT business leader.
Follow Bill on LinkedIn and Twitter.
If you are interested in learning more about RedZone and our security expertise in particular related to Cloud and Email Security Kill Chain Strategy, Techniques, and Tactics you can email cloudkill@redzonetech.net.
Music provided by Ben's Sound: http://www.bensound.com/
Other Ways to Listen to the Podcast:
iTunes | Libsyn | Soundcloud | RSS | LinkedIn
Sarah Angel-Johnson is the CIO at Year Up when this was recorded. She is now the CIO of Save The Children. She was named a 2020 Boston CIO ORBIE Award winner for Non-profit CIO of the Year. She has 20+ years of proven results in being a change agent at scale, starting with coding IBM's first e-commerce website to digitizing the $860 million Girl Scout Cookie Program for 2.1 million girls and adults. She has led global organizations of 150 managers and employees, provided direction to 25,000 matrix team members, managed 7 global labs, and drove $1.7 billion in revenue.
Sarah has excelled when thrown into new situations and asked to lead change within an organization. She realized early on in her career that she could step in and meld different people, processes, and content together in a way that most leaders couldn't.
As a leader, the question of how do I bring people together is an important one. Sarah and I answer this question, share stories, and discuss qualities that are important for a leader to have and how to connect with employees at a deeper level.
It's not enough to simply ask questions. What separates good from great leaders is fundamentally leading with inquiry. Asking open-ended questions, having a genuine interest and curiosity in what motivates people, and having the patience to see everything through are necessary when bringing people together to take action.
In my conversation with Sarah, you will hear how every step in her career has contributed to her overall success and shaped her leadership style. But no matter where her career has taken her, one thing remains the same- a desire to make an impact and help others at scale.
I'm excited for you to hear her story. Let's take a listen.
Here are some of the things that you will learn in this podcast episode:
The value of mentors in shaping career success.
How to retain your talent within an organization.
The importance of self-awareness and how it will lead to seeing your broader purpose.
Influencing people starts with asking what the human need is, and then designing technology around the human.
To find out what truly motivates someone, ask open-ended questions, and create a genuine human connection.
Human-centered design is more of a mindset than anything else.
How to tailor different methodologies for different situations.
Goals are driven by first, creating a shared vision, and then creating a shared mission.
The top 3 offenses and top 3 defenses for 2021.
Finding the perfect work/life integration is a sliding scale as long as you are continually analyzing and digesting for yourself.
How to Connect with this Guest:
Articles referenced in podcast:
2020 BostonCIO ORBIE Award Winners
Transcript:
You can go to the show notes to get more information about this interview and what we discussed in the episode. Click here to download the full transcript.
Leave A Review:
Love this episode? Share it with your LinkedIn community here.
If you haven't already, please make sure you leave us a review on iTunes or Stitcher. Not sure how to leave a review? Check out the instructions here.
About Bill Murphy:
Bill Murphy is a world-renowned IT Security Expert dedicated to your success as an IT business leader.
Follow Bill on LinkedIn and Twitter.
If you are interested in learning more about RedZone and our security expertise in particular related to Cloud and Email Security Kill Chain Strategy, Techniques and Tactics you can email cloudkill@redzonetech.net.
Music provided by Ben's Sound: http://www.bensound.com/
Other Ways to Listen to the Podcast:
iTunes | Libsyn | Soundcloud | RSS | LinkedIn