Exploring Information Security - Exploring Information Security
Timothy De Block
100 episodes
2 days ago
Summary:
In this episode, Timothy De Block sits down with a panel of cybersecurity leaders—Chris Anderson, Roger Brotz, and Mike Vetri—to discuss the realities of moving from "boots on the ground" technical roles to senior leadership. The conversation explores the challenges of letting go of the keyboard, the critical importance of emotional intelligence, and why "empathy" is a high-performance tool in a high-stress industry.
Meet the Panel
Chris Anderson: Security Consultant and Architect known for his "pot-stirring" approach to solving complex organizational security problems.
Roger Brotz: CISO at Arcadia Healthcare with over four decades of experience, starting his journey in 1977.
Mike Vetri: Senior Director of Security Operations at Veeva and former Air Force cyber operations officer.
Main Topics & Key Takeaways
The "Passion" to Lead
The panel dives into the true meaning of leadership, noting that the word "passion" stems from the Latin word for "suffering". Leading a cyber team means being willing to suffer through mistakes and high-pressure incidents alongside your team.
Empathy as a Business Metric
Mike shares a pivotal study indicating that leaders who embrace emotional intelligence and empathy often exceed their annual revenue goals by 20%. Conversely, a lack of empathy directly correlates to high burnout and employee turnover.
Learning to Fail Fast
The leaders recount personal failures, from failing to recognize team burnout during 16-hour-a-day incident responses to the "pride" of holding onto technical tasks for too long. They emphasize that failure is not a roadblock but a necessary inflection point for growth.
Bridging the Gap: Technical vs. Business
A major challenge for new leaders is translating "this is bad" into actionable business risk. Leaders must learn to speak the language of the boardroom, focusing on profit protection and risk management rather than just technical vulnerabilities.
Actionable Advice for Aspiring Leaders
Set Boundaries Early: Don't let your job intrude on your personal life until it's too late; once you establish a habit of always being available, it’s hard to pull back.
Find Your Barometer: Use a spouse or a trusted peer as a "barometer" to tell you when your stress levels are negatively impacting your leadership style.
Work-Life Harmony: Move away from the idea of a perfect "50/50 balance" and strive for harmony where your professional and personal lives can coexist.
All content for Exploring Information Security - Exploring Information Security is the property of Timothy De Block and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Summary:
In this episode, Timothy De Block sits down with a panel of cybersecurity leaders—Chris Anderson, Roger Brotz, and Mike Vetri—to discuss the realities of moving from "boots on the ground" technical roles to senior leadership. The conversation explores the challenges of letting go of the keyboard, the critical importance of emotional intelligence, and why "empathy" is a high-performance tool in a high-stress industry.
Meet the Panel
Chris Anderson: Security Consultant and Architect known for his "pot-stirring" approach to solving complex organizational security problems.
Roger Brotz: CISO at Arcadia Healthcare with over four decades of experience, starting his journey in 1977.
Mike Vetri: Senior Director of Security Operations at Veeva and former Air Force cyber operations officer.
Main Topics & Key Takeaways
The "Passion" to Lead
The panel dives into the true meaning of leadership, noting that the word "passion" stems from the Latin word for "suffering". Leading a cyber team means being willing to suffer through mistakes and high-pressure incidents alongside your team.
Empathy as a Business Metric
Mike shares a pivotal study indicating that leaders who embrace emotional intelligence and empathy often exceed their annual revenue goals by 20%. Conversely, a lack of empathy directly correlates to high burnout and employee turnover.
Learning to Fail Fast
The leaders recount personal failures, from failing to recognize team burnout during 16-hour-a-day incident responses to the "pride" of holding onto technical tasks for too long. They emphasize that failure is not a roadblock but a necessary inflection point for growth.
Bridging the Gap: Technical vs. Business
A major challenge for new leaders is translating "this is bad" into actionable business risk. Leaders must learn to speak the language of the boardroom, focusing on profit protection and risk management rather than just technical vulnerabilities.
Actionable Advice for Aspiring Leaders
Set Boundaries Early: Don't let your job intrude on your personal life until it's too late; once you establish a habit of always being available, it’s hard to pull back.
Find Your Barometer: Use a spouse or a trusted peer as a "barometer" to tell you when your stress levels are negatively impacting your leadership style.
Work-Life Harmony: Move away from the idea of a perfect "50/50 balance" and strive for harmony where your professional and personal lives can coexist.
A conversation with Kyle Andrus on Info Stealers and Supply Chain Attacks
Exploring Information Security - Exploring Information Security
41 minutes 29 seconds
3 months ago
A conversation with Kyle Andrus on Info Stealers and Supply Chain Attacks
Summary:
In this episode, Timothy De Block sits down with guest Kyle Andrus to dissect the ever-evolving landscape of cyber threats, with a specific focus on info stealers. The conversation covers everything from personal work-life balance and career burnout to the increasing role of AI in security. They explore how info stealers operate as a "commodity" in the cybercriminal world, the continuous "cat and mouse game" with attackers, and the challenges businesses face in implementing effective cybersecurity measures.
Key Takeaways
The AI Revolution in Security: The guests discuss how AI is improving job efficiency and security, particularly in data analytics, behavioral tracking, and automating low-level tasks like SOC operations and penetration testing. This automation allows security professionals to focus on more complex work. They also highlight the potential for AI misuse, such as for insider threat detection, and the "surveillance state" implications of tracking employee behavior.
The InfoStealer Threat: Info stealers are a prevalent threat, often appearing as "click fix" or fake update campaigns that trick users into granting initial access or providing credentials. The data they collect, including credentials and session tokens, is sold on the dark web for as little as two to ten dollars. This fuels further attacks by cybercriminals who buy access rather than performing initial reconnaissance themselves.
The Human and Business Challenge: As security controls improve, attackers are increasingly relying on human interaction to compromise systems. The speakers emphasize that cybercriminals, "like water, follow the path of least resistance." The episode also highlights the significant challenge for small to medium-sized businesses in balancing risk mitigation with operational costs.
Software Supply Chain Attacks: The discussion touches on supply chain attacks, like the npm package breach and the Salesforce Drift breach, which targeted third parties and smaller companies with less mature security controls. They note the challenges of using Software Bill of Materials (SBOMs) to assess the trustworthiness of open-source components.
Practical Cybersecurity Advice: The hosts discuss the need to rethink cybersecurity advice for non-tech-savvy individuals, as much of the current guidance is impractical and burdensome. While Timothy De Block sees the benefit of browser-based password managers when MFA is enabled, Kyle Sundra generally advises against storing passwords in browsers and recommends more secure password managers.
Exploring Information Security - Exploring Information Security
Summary:
In this episode, Timothy De Block sits down with a panel of cybersecurity leaders—Chris Anderson, Roger Brotz, and Mike Vetri—to discuss the realities of moving from "boots on the ground" technical roles to senior leadership. The conversation explores the challenges of letting go of the keyboard, the critical importance of emotional intelligence, and why "empathy" is a high-performance tool in a high-stress industry.
Meet the Panel
Chris Anderson: Security Consultant and Architect known for his "pot-stirring" approach to solving complex organizational security problems.
Roger Brotz: CISO at Arcadia Healthcare with over four decades of experience, starting his journey in 1977.
Mike Vetri: Senior Director of Security Operations at Veeva and former Air Force cyber operations officer.
Main Topics & Key Takeaways
The "Passion" to Lead
The panel dives into the true meaning of leadership, noting that the word "passion" stems from the Latin word for "suffering". Leading a cyber team means being willing to suffer through mistakes and high-pressure incidents alongside your team.
Empathy as a Business Metric
Mike shares a pivotal study indicating that leaders who embrace emotional intelligence and empathy often exceed their annual revenue goals by 20%. Conversely, a lack of empathy directly correlates to high burnout and employee turnover.
Learning to Fail Fast
The leaders recount personal failures, from failing to recognize team burnout during 16-hour-a-day incident responses to the "pride" of holding onto technical tasks for too long. They emphasize that failure is not a roadblock but a necessary inflection point for growth.
Bridging the Gap: Technical vs. Business
A major challenge for new leaders is translating "this is bad" into actionable business risk. Leaders must learn to speak the language of the boardroom, focusing on profit protection and risk management rather than just technical vulnerabilities.
Actionable Advice for Aspiring Leaders
Set Boundaries Early: Don't let your job intrude on your personal life until it's too late; once you establish a habit of always being available, it’s hard to pull back.
Find Your Barometer: Use a spouse or a trusted peer as a "barometer" to tell you when your stress levels are negatively impacting your leadership style.
Work-Life Harmony: Move away from the idea of a perfect "50/50 balance" and strive for harmony where your professional and personal lives can coexist.
