About the show

The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks.

Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers.

Connect with Ryan on Twitter (Open DMs).

Three Buddy Problem on social media

Episodes

  • Will Lin, Principal and Founding Investor, ForgePoint Capital

    March 2nd, 2018  |  55 mins 11 secs
    patching, pentesting, red-teaming, threat-modeling

    Principal and founding investor at ForgePoint Capital Cybersecurity William Lin talks about venture capital activity in the security space, sectors that are ripe for investment, missed bets on successful companies, and the cybersecurity talent shortage.

  •

    Pete Chronis, CISO, Turner Broadcasting

    February 26th, 2018  |  45 mins 53 secs

    Chief Information Security Officer at Turner Broadcasting Pete Chronis discusses his new book on solving the cybersecurity conundrum, the day-to-day grind of securing a global media organization, and the role of the CISO in the modern world.

  •

    Brad Arkin, Chief Security Officer, Adobe

    February 23rd, 2018  |  47 mins 6 secs
    careers, cisos, decisionmaking

    Adobe’s Chief Security Officer Brad Arkin talks about setting and managing risk management priorities, protecting company infrastructure, the challenges of securing software, and the looming death of Adobe Flash Player.

  •

    Aanchal Gupta, Director of Security, Facebook

    February 14th, 2018  |  35 mins 38 secs
    careers, cisos, decisionmaking

    Director of Security at Facebook Aanchal Gupta joins the podcast to share her story and provide guidance for young women struggling to overcome societal obstacles.

  •

    Tom Conklin, Director of Security and Compliance, Vera Security

    February 8th, 2018  |  33 mins 28 secs
    careers, cisos, decisionmaking

    Senior Director of Security and Compliance at Vera Security Tom Conklin talks about the pros and cons of using bug bounty programs, the challenges of managing risk in smaller companies, and why user awareness training is an ongoing headache for security administrators.

  •

    John Terrill, CISO, Fox News, Fox Business and Fox Television

    February 6th, 2018  |  47 mins 15 secs
    careers, cisos, decisionmaking

    Chief Information Security Officer at Fox News, Fox Business, and Fox Television John Terrill joins the podcast to talk about life in the CISO trenches and makes a bold prediction that could significantly change the cybersecurity narrative.

  •

    Christopher Ahlberg, CEO, Recorded Future

    January 30th, 2018  |  29 mins 3 secs
    apt, ics-scada, targeted-attacks, threat-intel

    Co-founder and CEO of Recorded Future Christopher Ahlberg discusses the emergence of threat intelligence as a valuable security tool, the morals and ethics surrounding disclosure of nation-state attacks and the importance of tracking adversaries beyond the wall.

  •

    Masha Sedova, co-founder, Elevate Security

    January 26th, 2018  |  30 mins 3 secs
    awareness, education, patching, pentesting, phishing, red-teaming, threat-modeling

    As businesses struggle with security awareness training for employees, Elevate Security co-founder Masha Sedova argues that the focus should be on “behavior change” and recommends the use of positive motivation and available tools to get employees to make better security decisions.

  •

    Paul Roberts, Editor-in-Chief, Security Ledger

    January 19th, 2018  |  40 mins 59 secs
    analytics, entrepreneur, internet-scans, threat-intel

    Veteran security journalist Paul Roberts talks about the creation of Security Ledger, his work covering cybersecurity, the democratization of media, and hiccups with IoT legislation.

  •

    Dino Dai Zovi, co-founder and CTO, Capsule8

    January 11th, 2018  |  39 mins 57 secs
    analytics, entrepreneur, internet-scans, threat-intel

    Dino Dai Zovi, co-founder and CTO of Capsule8, joins the podcast to talk about the fallout from the Meltdown and Spectre vulnerabilities, the transition from security research to managing a VC-funded start-up and reminisce about his time as a famous Pwn2Own MacBook hacker.

  •

    Sharon Anolik, President and Founder, Privacy Panacea

    January 4th, 2018  |  43 mins 51 secs
    analytics, entrepreneur, gdpr, internet-scans, privacy, threat-intel

    Sharon Anolik, President and Founder of Privacy Panacea, talks about her work advising corporate clients on privacy and data protection issues, the looming chaos surrounding the European Union’s GDPR (General Data Protection Regulation) and the role she plays on ‘Silicon Valley.’

  •

    Kim Zetter, Journalist and Author

    December 29th, 2017  |  52 mins 6 secs
    apt, ics-scada, targeted-attacks, threat-intel

    Award-winning security journalist and author Kim Zetter talks about her work tracking cyber-espionage campaigns, why she uses an old school cassette player to record sensitive interviews and the dramatic changes sweeping the security industry.