Down the Security Rabbithole Podcast (DtSR)

** Our 200th numbered episode! **

A note from Raf:

 Thanks to everyone who has been listening to us, tweeting us, and sharing the links to our podcast. We are absolutely floored with the support an…

In this episode..

The "Nuclear Bomb" analogy isn't working, stop using it"

• http://thebulletin.org/flawed-analogy-between-nuclear-and-cyber-deterrence9179
• This is important with respect to how sec…

On this episode of the Down the Security Rabbithole podcast, Dawn-Marie Hutchinson, currently an Executive Director within the Optiv Office of the CISO joins us and we talk about the things that she'…

In this episode...

Are people "going offline" as a result of increasing dangers of the Internet?

• This article makes the case for yes: http://www.techspot.com/news/64839-increasing-number-interne…

On this episode of the Down the Security Rabbithole podcast, I get the pleasure of sitting down with one of my all-time favorite Chief Security Executives, Mr. Jason Witty. He's had a long career of …

This week the gang's all here to talk about some news happenings. Michael, James and I talk through some of the stories we've been tracking.

Have something you've been reading and want to talk about?…

In this episode...

Michael and I welcome back Shawn Tuma, our resident Cyber Law Expert from the great state of Texas. We discuss some of the recent cases (unlocking an iPhone!) and some of the tou…

In this episode..

ImageTragick - major flaw in open source image processing toolkit

• ImageTragick is CVE-2016-3714
• Logo & Website: https://imagetragick.com
• Has a logo, so it must be yuge
• Is this re…

In this episode...

Join our guest Larry Whiteside, Michael and I as werecord live from InfoSec World 2016 in sunnyOrlando, Florida! We talk through the life of a CISO, and thechallenges of being in th…

In this episode...

Only about a third of companies know how many vendors accesstheir systems

• nearly every company is at risk for a third party breach
• it's almost impossible to vet every third party
• devel…

In this episode, James, Michael and I are live from InfoSec World 2016 and we get the pleasure of interviewing Lance James fresh off the keynote stage. In this intimate, fast-paced and bold interview…

In this episode...

Pros examine mossack-fonseca breach: Wordpress plugin, Drupal likely suspects

• Plug-ins seem to be a universal weakness
• Many companies have this type of 3rd party security issue
• The br…

Intro song: "Josh Gabriel - Deep Down"; Intro/Outro v/o courtesy of @ToddHaverkos

Have something to say? Let's hear it.

Support the show

>>> Please consider clicking the link above to support the show!
-…

In this episode...

• BadLock bug (which now has a website, a graphic, and more hype than Bieber) is out there
  • Is the bug really worth all this hype?
  • Is this anything more than a PR stunt, and a big market…

In this episode

I posed some questions to Joey, an InfoSec professional who had recently moved into a CISO role in a midwest retail company:

• Let's talk a little bit about the background you had before…

In this episode...

The FTC is getting into providing guidance on password changes

• Well OK, this isn't really guidance, it's just a blog
• But - does this mean that the FTC is getting into technical guida…

In this episode, we wind down from RSA Conference 2016 and talk with Jonathan and Michael, both security executives and leaders at their respective companies whom were both out at RSA Conf and share …

This is RSA Conference week, so while Rafal is out in San Francisco trying to make it through another one, James and Michael break down the news events that you may have missed.

300,000 Homes affecte…

In this episode...

• Michael and I moderate what turns out to be an expert-filled panel discussion on the real issues of the Apple vs FBI debate
• Shawn Tuma, our favorite cyber attorney, provides expert i…

In this episode

Class action lawsuit against SuperValu dismissed

• No damage (use of stolen information) so there's no case?
• As time passes, risk of use of stolen data, according to judge, decreases
• The p…