Down the Security Rabbithole Podcast (DtSR)

DHS Releases Strategic Principles for Securing the Internet of Things

• https://www.dhs.gov/sites/default/files/publications/Strategic_Principles_for_Securing_the_Internet_of_Things-2016-1115-FINAL..…

This week, Patrick Dennis - the CEO of Guidance Software - joins us to talk about the Enterprise Security world's fascination with blaming the breach victim. We talk through some of the key issues an…

It is election day.. Have you voted?

Beware, IPhone Users: Fake retail apps are surging before the holidays

• The issue of brand protection and knock-off websites, apps and such is real
• Spilling ove…

This week on DtSR Chad Boeckmann - President of Secure Digital Solutions - joins us to talk about the business of security. While the "bad guys" are running their criminal enterprise, security teams …

The Massive DDoS That Hit Dyn.Org

• Massive DDoS disrupts a ton of popular websites (Netflix, Twitter, etc)
• IoT used to amplify attack
• What does this mean for corporate users, home users, and vendors?
…

This week, #DtSR takes a trip down Software Security lane or as some call it "How are we still writing code with bugs that we found relatively concrete fixes for in the late 90's?" (I may have been w…

‘Security Fatigue’ Can Cause Computer Users to Feel Hopeless and Act Recklessly, New Study Suggests

• https://www.nist.gov/news-events/news/2016/10/security-fatigue-can-cause-computer-users-feel-hope…

Grab a cup of coffee, jack in your earphones and listen up.

DtSR Episode 214 is addressing the issue of breaches, and their material financial impact to an organization.

The premise is simple - when …

Quick update and invitation from Michael: starting to explore rolling out services and improving the Straight Talk Framework. If you’re up to discuss with me - I’ll offer a brief overview and then a …

In this episode, we talk with Mike Tierney, who is the brand-new CEO at Veriato. In our conversation we talk through a primer on insider threat, and use the great example of hosting a dinner party.

M…

Chrome to label more sites as insecure in 2017

• Link: https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html
• Focus on sites that transmit passwords or credit card info over HTTP

In this episode James and I invite Vlad Klasnja from Optiv's Office of the CISO, and Hudson Harris, Chief Privacy Officer at HarrisLOGIC, to talk about data protection. From defining the concept to p…

NewsCast for Tuesday August 30th, 2016

Clinic Won’t pay breach protection for victims

• http://www.zdnet.com/article/clinic-wont-pay-breach-protection-for-victims-ceo-says-it-would-be-death-of-compa…

This week Michael and I chat with Jamison Utter of Infoblox on one of the more interesting topics at hand - the economy of ransomware. We talk through the sudden popularity of the attack vector, the …

Quick note from Michael about the Straight Talk Framework & Program -- >

• Get your free copy at https://securitycatalyst.com/straight-talk-framework/
• Launched a new program last week… boy, did I lear…

In this episode we chat with Steve Christey Coley currently the Principal Information Security Engineer over at MITRE Corp. In this episode we talk through our industry's obsession with vulnerabiliti…

Quick note from Michael about the Straight Talk Framework -- >

• I’ve separated the framework from the programs; the framework is free and available for download from my website. More on the way!
• To s…

This week, Chris Romeo joins Michael, James and I to talk about changing the security posture of an organization by changing culture. This episode talks through tough issues like incentives, measurem…

Ransomware that's 100% pure JavaScript? Sort of...

• Slightly misleading article
• Generally a Windows-based attack (go where the users are)
• https://nakedsecurity.sophos.com/2016/06/20/ransomware-thats…

This week on the Down the Security Rabbithole podcast, Brandon Dunlap is back for his second show. Following up on Episode 158 where we discussed outsourced security, this time around we talk through…