In this podcast episode I interview Bill Brenner, who is an expert at digesting threat intelligence information and making this information available to a wide pool of people from C-Suite Executives to coders and developers. Bill is a Senior Technical writer for Akamai and has been a writer for CSO Online, and Liquid Matrix Security Digest. Additionally, he created and writes in a blog called the OCD Diaries where he discusses mental health issues with IT Executives and staff within the technology industry.
Top 3 items for an IT Security Decision Maker to be concerned about moving forward:
- Super-vulnerabilities like Heartbleed, Shellshock, Poodle and OpenSSL - Identify the risks these pose your assets within your company and remediate them.
- Incident Response – Remember to develop a BCP/DR plan for IT Security Incidents
- Protect Your Brand – Which hacking groups don’t like your company or brand that leave you vulnerable to DDoS, cyber espionage, and ransomware style of attacks?
You will also learn some of the best sources for IT Security threat information:
- Mike Rothman - Securosis
- Rich Mogull - Securosis
- Adrian Lane - Securosis
Blogs and Podcasts:
- Jack Daniel - Tenable
- Security Bsides movement
- NAISG – National Information Security Group
- CSO Online
- State of the Internet Security podcasts
- Security Kahuna podcasts
Vulnerability Information Sources:
- Threat Post
- CSO Online
- Security Ledger – Paul Roberts
- CSI Group
- SANS Institute - Internet Storm Center
Humanity in Security - Mental Health
The importance of good mental health in the IT Security profession as it relates to depression, anxiety, coping with stress, OCD, Asperger’s, Autism.
The OCD Diaries – An opportunity to destigmatize mental illness and to give people in our industry a life raft and share tools that can help them. Taking your mental disorders and turning them into super powers!
Additional Show Notes
- Communicating what threat intelligence researchers are seeing directly to a more complex audience and hitting it at all levels - geared towards the larger security industry or community
- What does alignment between product managers and the threat intelligence team mean? The data [Akamai] receives is coming from the deployment of their products in the field. “Taking what we are seeing from our technology deployments and sizing it up against what other companies see and you know at the end of it giving people a bigger picture so that they can take actions that they need to take.
- Sharing of research is crucial – the benefits of information sharing between companies and how it helps keep out the bad guys. You can't take the information that you receive internally and makes proper sense of it without comparing it with what's going on elsewhere.
- How can we get to the point where it’s actually actionable sharing?
- What does it mean to have a third-party attack? A common platform like WordPress can have third-party widgets and plugins that they didn’t create and essentially those can be malware or exploit kits of some sort so we need to be aware that they can be leveraged. Be aware of where the vulnerabilities are.
- The next step with SSL and moving towards TLS – pros and cons.
How to reach Bill Brenner:
The OCD Diaries
Liquid Matrix Security Digest
What is Your Plan for: Super-Vulnerabilities| Brand Take-down| & Incident Response| Humanity in Security - RedZone
All methods of how to access the show are below:
This episode is sponsored by the CIO Scoreboard, reducing the complexity of your IT Security initiatives. Sign up for a demo here.
Leave a podcast review here
How do I leave a review?
Bill Murphy is a world renowned IT Security Expert dedicated to your success as an IT Business Leader. Follow Bill on LinkedIn and Twitter. Subscribe here for weekly podcast, CIO Mastermind and CISO Mastermind updates delivered to your inbox easily and effortlessly.