About the show

Security Conversations covers the business of cybersecurity, from the lens of veteran journalist and storyteller Ryan Naraine. Thoughtful conversations with security practitioners on threat intelligence, zero trust, securing cloud deployments, penetration testing, bug bounties, advancements in offensive research and targeted malware espionage activity.

Connect with Ryan on Twitter (Open DMs).

Episodes

  • Collin Mulliner, Security Engineer, Cruise

    April 3rd, 2020  |  33 mins 28 secs
    android, ios, mobile, palmos

    Mobile security research pioneer Collin Mulliner talks about the early days of hacking PalmOS devices, the current state of smartphone platforms, his work on securing self driving cars, and why he built and open-sourced a firmware analyzer tool.

  •

    Michael Piacente, Principal, Hitch Partners

    March 30th, 2020  |  33 mins 10 secs
    career track, ciso, job hunting

    Hitch Partners principal Michael Piacente dishes on the cybersecurity job market during an economic crisis, the intricacies of recruiting top-flight security talent, the high rate of turnover among CISOs, and why companies should spend more time on writing better job descriptions.

  •

    Dave Aitel, Founder and CEO, Immunity

    March 23rd, 2020  |  37 mins 43 secs
    leadership, marketing, security, storytelling

    Security industry pioneer Dave Aitel dishes on entrepreneurship, fostering a "one team, one parking lot" culture, how lessons from his time at the NSA still guides his decisions, and his approach to blunt, honest marketing. We also discuss a shared passion for Brazilian Jiu-Jitsu and his work supporting Project Grapple in Miami.

  •

    Sounil Yu, Cyber Defense Matrix

    March 17th, 2020  |  35 mins 48 secs
    cybersecurity, infosec, security framework

    Former Chief Security Scientist at Bank of America, Sounil Yu, explains why he created the Cyber Defense Matrix framework and how organizations are using it to drive visibility and security decisions in multiple places. We discuss securing "cattle vs pets," the next era of security innovation, and the increasing security poverty line that hurts small- and medium-sized businesses.

  •

    Andy Ellis, Chief Security Officer, Akamai Technologies

    March 11th, 2020  |  32 mins 8 secs
    diversity, inclusion, recruiting

    In an industry where 10-15% of staff are women, Akamai's security team is 40% women and growing. Chief security officer Andy Ellis joins the podcast to share lessons on practical things -- some subtle, some major -- that pushed real diversity on Akamai's security team.

  •

    Costin Raiu, Global Director, GReAT, Kaspersky Lab

    September 3rd, 2018  |  51 mins 21 secs
    apt, ics-scada, targeted-attacks, threat-intel

    Veteran malware hunter Costin Raiu talks about writing his own an anti-virus program as a teenager in Romania, his work tracking advanced threat actors globally, and why he assumes his computer is compromised by at least three APT groups.

  •

    Josh Lefkowitz, Founder and CEO, Flashpoint

    August 28th, 2018  |  32 mins 10 secs
    analytics, entrepreneur, internet-scans, threat-intel

    Flashpoint chief executive Josh Lefkowitz talks about how his previous work as a counter-terrorism analyst underscored the value of contextual threat-intelligence, his company's approach to gathering and analyzing data, and his mission to be an extension of a client's security team.

  •

    Christine Gadsby, Director of Product Security Operations, BlackBerry

    August 6th, 2018  |  27 mins 32 secs
    patching, pentesting, red-teaming, threat-modeling

    BlackBerry security response executive Christine Gadsby joins the podcast to talk about tough decisions around shipping secure software, the challenges of securing supply chain dependencies, BlackBerry's new ransomware recovery feature, and her upcoming Black Hat 2018 presentation.

  •

    Chad Loder, co-founder and CEO, Habitu8

    July 31st, 2018  |  53 mins 28 secs
    patching, pentesting, red-teaming, threat-modeling

    Cybersecurity industry veteran Chad Loder talks about his time as co-founder of Rapid7, the decision to acquire Metasploit, lessons learned from moving to the CISO chair and why the industry still struggles with security awareness training.

  •

    Chris Castaldo, Senior Director of Cybersecurity, 2U

    July 26th, 2018  |  39 mins 44 secs
    careers, cisos, decisionmaking

    Chris Castaldo, senior director of cybersecurity at 2U, Inc., joins Ryan on the podcast to talk about building a threat model for digitizing the education sector, his top priorities as a defender, new solutions that impress him, and why it's important to get independent third-party security assessments.

  •

    Wim Remes, CEO and Principal Researcher, Wire Security

    July 23rd, 2018  |  40 mins 42 secs
    patching, pentesting, red-teaming, threat-modeling

    Founder and CEO of Wire Security Wim Remes discusses the intricacies of penetration testing, red-teaming, bug bounties, and calls for defenders to embrace continuous pen-testing.

  •

    Dan Hubbard, Chief Security Architect, Lacework

    July 16th, 2018  |  38 mins 12 secs
    analytics, entrepreneur, internet-scans, threat-intel

    Lacework Chief Security Architect Dan Hubbard joins the podcast to discuss his new research on container security, the challenges of securing cloud deployments, and why technological advancements have widened attack surfaces.