Security Breach

EXPLORE

Society & Culture

Health & Fitness

© 2024 PodJoint

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/44/bf/6e/44bf6e47-dc0f-c0d9-785a-36959d7b7f1d/mza_6575845348342347746.jpg/600x600bb.jpg

Security Breach

Eric Sorensen

147 episodes

1 week ago

Send us a text We’ve all heard the euphemism about knowledge being power. But perhaps the more accurate assessment comes from my favorite childhood cartoon. Yes, I’ve referenced it before, but when GI Joe signed off each episode by letting us know that “Knowing is Half the Battle”, Duke and his crew were echoing the same sentiment as our guest for today’s episode. Evan Dornbush is the CEO of Desired Effect. A former DoD-trained state hacker, he’s now working with cyber researchers to help pro...

Show more...

All content for Security Breach is the property of Eric Sorensen and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Send us a text We’ve all heard the euphemism about knowledge being power. But perhaps the more accurate assessment comes from my favorite childhood cartoon. Yes, I’ve referenced it before, but when GI Joe signed off each episode by letting us know that “Knowing is Half the Battle”, Duke and his crew were echoing the same sentiment as our guest for today’s episode. Evan Dornbush is the CEO of Desired Effect. A former DoD-trained state hacker, he’s now working with cyber researchers to help pro...

Show more...

Episodes (20/147)

Security Breach

You Don't Have to Out-Tech the Hacker

Send us a text We’ve all heard the euphemism about knowledge being power. But perhaps the more accurate assessment comes from my favorite childhood cartoon. Yes, I’ve referenced it before, but when GI Joe signed off each episode by letting us know that “Knowing is Half the Battle”, Duke and his crew were echoing the same sentiment as our guest for today’s episode. Evan Dornbush is the CEO of Desired Effect. A former DoD-trained state hacker, he’s now working with cyber researchers to help pro...

2 weeks ago

40 minutes

Security Breach

Speaking the Right Language

Send us a text Perhaps you’re familiar with the quote, “The greatest trick the Devil ever pulled was convincing the world he didn’t exist.” While its use in the movie The Usual Suspects might resonate with most, the original attribution goes to French poet Charles Baudelaire. The quote came to mind in preparing for my conversation with Tim Chase, Principal Technical Evangelist for Orca Security. I knew we were going to be discussing topics where the biggest implementation challenges typically...

4 weeks ago

46 minutes

Security Breach

Why People Are Not the Biggest Risk

Send us a text While I’ll resist drawing comparisons about industrial cybersecurity to butterflies and bees, producing this episode did remind me of another great Muhammad Ali quote: "The hands can't hit what the eyes can't see.” This could provide an easy segue into the ongoing challenges about asset visibility, but really, it goes a bit deeper than that. In addition to being able to see all the things we need to defend against, we also have to understand what to look for in establishing tho...

1 month ago

49 minutes

Security Breach

Preserving Uptime in the Face of Evolving Attacks

Send us a text Uptime. It’s the lifeblood of manufacturing and the precise target of industrial sector hackers. By knocking systems offline, stealing credentials, holding data for ransom, or crippling supply chains, the bad guys know their ultimate goals of disruption or extortion will be realized. And as we’ve discussed numerous times here on Security Breach, keeping these bad actors out has become more and more difficult as new technology, connectivity and endpoints are added to the O...

2 months ago

31 minutes

Security Breach

New Patching Strategies for Old Vulnerabilities

Send us a text While there are plenty to pick from, one of the biggest challenges for cybersecurity professionals in the industrial realm can be getting financial support. In manufacturing there are always a number of viable spending options, and working to make cybersecurity a priority can be tough, especially when enterprises are faced with initiatives seen as more fundamental to the core mission of getting finished product out the door. However, a couple of recent reports could help connec...

2 months ago

26 minutes

Security Breach

The Wild & Weird of Industrial Cybersecurity

Send us a text When talking to the experts and leading authorities that have participated in the 140+ episodes of Security Breach, there’s always a slight pause when directing their attention specifically to the industrial sector. That’s because, well, we’re special. There’s the unique juxtaposition of old and bleeding edge technology. There’s the influx of greater connectivity combatting the struggles to identify and secure the growing number of endpoints. And there are the...

3 months ago

30 minutes

Security Breach

Using AI to Stay Ahead of the Hack

I know that we’re constantly talking about artificial intelligence - the best ways to use it, the ways hackers are using it, and the overall good, bad and ugly of implementing AI into your security infrastructure. But what if we took a little different route. In this episode we're going to explore how AI can help make your people better at managing cybersecurity. We know there’s a huge talent pool shortage, and the challenges of keeping employees vigilant against repeated attacks continues to...

3 months ago

31 minutes

Security Breach

Threat Landscape Update

Discussing the ever-expanding threat landscape is something we do a lot on Security Breach, but this episode is dedicated exclusively to topics like zero-day vulnerabilities, nation-state threats, phishing schemes, ransomware, and of course, the role artificial intelligence continues to play in making the good guys smarter and the bad guys tougher to pin down. But we’re not doing to dwell on the doom and gloom, we’ll also touch on the growing number of solutions and strategies that can help e...

3 months ago

49 minutes

Security Breach

Cure Me or Kill Me - The Little Things That Escalate Attacks

As loyal listeners of this podcast know, I’m a big believer in paying close attention to the little things, the blocking and tackling, the basics, the fundamentals. All those elementary elements that comprise the building blocks of stronger cybersecurity plans and successful defensive strategies. Spoiler alert – that comes through again … and again in this episode, but what makes it worth your time is how my guest, Jesper Sønderby Andersen, the Global Head of Customer Success at Secomea...

4 months ago

43 minutes

Security Breach

Being 'Proactively Paranoid, Not Paralyzed'

As all of you know, there are no silver bullets when it comes to cybersecurity success in the industrial sector. Every enterprise has its own unique characteristics, each plant floor its different connectivity elements, and each business is comprised of diverse human dynamics that fuel its culture. However, regardless of the environment, there continues to be a handful of best practices that can be universally applied. As I journey across the cybersecurity realm, one of these reoccurrin...

4 months ago

36 minutes

Security Breach

Why More Hackers Are Logging On Than Breaking In

We’ve heard it before – hacker tactics are not changing, but the hackers are getting a lot smarter in how they deploy their time-tested attacks. Additionally, honing in on the human element of cybersecurity is nothing new. We’ve spoken with numerous guests about getting buy-in, improving training, and how creating a cyber-receptive culture is key in getting any cybersecurity plan to stick. But Dave Taku, Head of Product Management and User Experience at RSA, and our guest for this episode, of...

5 months ago

33 minutes

Security Breach

You Think You Know Me

Who are you? This episode dives into one of the most challenging cybersecurity topics currently on the docket – identity management. My conversation with Brandon Traffanstedt, Sr. Director and Global Technology Officer at CyberArk, took us in two equally important directions. The first deals with individuals and how to properly manage those accessing your systems and networks. The second, equally as challenging, but potentially more complex, focused on machine or asset identities and un...

6 months ago

35 minutes

Security Breach

Avoiding the Ostrich Approach

I’m always tempted to start out each episode by talking about a problem, and then setting up our guest as the solution to that problem. It’s formulaic and a bit redundant, but it’s also effective. So I’ll apologize in advance because I’m about to do that very thing again. The difference is that Howard Grimes, the CEO of the Cybersecurity Manufacturing Innovation Institute (CyManII) is looking to help provide a lot of solutions for manufacturers. As we discuss workforce challenges, secur...

6 months ago

51 minutes

Security Breach

'We've Made Our Own Prison'

Insider threats are creating new attack vectors, but old-school solutions could rise to the challenge. Regardless of the situation or dynamic, everyone likes to think that they’re special. However, with experience we learn that appreciating both the shared similarities, as well as some of those unique traits, are how we can best solve problems. A great example is a recent conversation I had with Umaimah Khan, founder and CEO of Opal Security – she goes by UK for short. Her firm focuses ...

7 months ago

43 minutes

Security Breach

Dark AI Speeding Hacker Evolution

In many instances the biggest challenge facing OT cybersecurity practitioners is knowing where to focus resources, especially their time. In other words, what are the priorities for the enterprise, facility and people? I recently sat down with Securin's Lead Threat Intelligence Analyst - Aviral Verma. And while I anticipated a conversation focused on vulnerabilities and the threat landscape, discussing these topics led to deeper dives on a range of topics that also included breaking down IT/O...

7 months ago

36 minutes

Security Breach

Why Ransomware, Credential Theft and Phishing Schemes Persist

One of the great things about covering industrial cybersecurity is the number of reports, studies and white papers being produced right now to help provide intelligence on threats, research on new tools, and data on leading trends. The tough part is sorting through all this data and, at some point, prioritizing it in order to get the most and best information. One source that I look forward to each year is IBM’s X-Force Threat Intelligence Index. It’s full of all that stuff I just mentioned, ...

8 months ago

39 minutes

Security Breach

Unsecure Webcam Was All a Ransomware Group Needed

Endpoint security tools worked, but the hackers worked harder for their payday. While everyone likes to know how someone else might have screwed up and what the fallout looks like, the more import elements of episodes like this one come from the in-depth conversations about new tactics and strategies that are being used by the bad guys, and simultaneously, the insight on new best practices for the good guys. So while I did enjoy diving into how the ransomware group Akira was able to use webca...

8 months ago

32 minutes

Security Breach

IABs, Dark Web Fueling Ransomware Surge

We talk a lot about the growing complexity of hacking groups and how their tools and tactics continue to evolve. One such evolution is the ongoing specialization that runs rampant throughout the black hat community – especially when it comes to ransomware. The rise of initial access brokers, affiliate programs, spoofing domain creators, dark web communities, and more are fueling ransomware-as-a-service groups and posing new cybersecurity challenges. And while numerous reports deta...

9 months ago

39 minutes

Security Breach

Manufacturing’s Internal Cyber Struggles

Breaking down silos while securing the cloud and leveraging secure-by-design advancements. The challenges facing the industrial OT landscape that emanate from external sources are … varied, complex and constantly evolving. Smarter hacking groups, AI-driven phishing schemes and deceptive malware viruses head the list of concerns. And while these factors show no signs of fading, the reality is that there are just as many challenges facing industrial cybersecurity that are embedded within the ve...

9 months ago

27 minutes

Security Breach

Observations of an Ethical Hacking Researcher

One of the goals of the show is to help you better understand all the threats facing your OT assets, your data and your people. In order to do that, we work to identify those individuals with a feel and in-depth understanding of these threats and the evolving network of threat actors. And I can’t think of anyone better to break down the hacker landscape than an individual whose research has led to being followed by well-known data breachers on social media and considered persona-non-grata in ...

10 months ago

36 minutes