Post Syndicated from Rapid7 original https://blog.rapid7.com/2022/02/02/security-nation-john-rouffas-on-building-a-security-function/

In this episode of Security Nation, Jen chats with John Rouffas, CISO at intelliflo, about his experience building out a security function and team at a young and growing SaaS company. He shares his secrets of relationship-building (being a Brit, pubs are involved) and some of the key questions he asks when starting at a company that’s never had a CISO before. He also covers some of the challenges, including gaining visibility, and why being the dumbest person in the room is sometimes a good thing.

Stick around for our Rapid Rundown, where Tod and Jen talk about the 8 new vulnerabilities that CISA recently added to their Known Exploited Vulnerability (KEV) list.

John Rouffas

John Rouffas is recognized and respected as a leader in security operations on both sides of the Atlantic, having designed and implemented security operational and threat response capabilities since before the advent of SIEM technologies, for some of the largest government and multinational organizations in the world. He’s been involved with the development of operational technology security techniques for alerting within IT security operations environments, some of which have been adopted by critical infrastructure organizations in the United States. More recently, he’s been leading security maturity capabilities for SaaS organizations in the UK and US. Currently, he sits in the role of CISO at intelliflo.

John has been fortunate to combine two of his main passions in life: intelligence and technology. Some of his most notable experiences came while working with various US government agencies and developing large-scale security transformations, critical infrastructure defense techniques, innovative security operations, forensics, and threat intelligence strategies.

He’s also a qualified cricket coach, who still possesses a solid forward defensive stroke, and a very loud drummer (not necessarily a good one).

Show notes

Interview Links

• Take up John on the offer to spam him on LinkedIn.
• Learn more about what intelliflo is up to.

Rapid Rundown Links

• Check out CISA’s KEV list.
• Read up on the 8 vulnerabilities recently added to KEV.

Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/11/24/security-nation-chris-john-riley-on-minimum-viable-secure-product-mvsp/

In the final installment of Season 4 of Security Nation, Jen and Tod sit down with Chris John Riley, senior security engineer at Google and co-host of the First Impressions podcast (the one about cybersecurity, not Jane Austen). They chat about Minimum Viable Secure Product (MVSP), a set of controls Chris recently helped develop at Google that aim to provide a better baseline for security when evaluating vendor risk. They discuss the state of supply chain security for technology vendors and the challenges of establishing what really qualifies as “minimum” in terms of security protocols.

Stick around for our Rapid Rundown, where Tod and Jen talk about a recently disclosed DNS rebinding vulnerability in Sky routers that exposed them to takeover attacks over the course of a whopping 17 months.

Check back in with us for Season 5 of Security Nation in January. In the meantime, have a safe holiday and a happy New Year!​

Chris John Riley

Chris John Riley is a Senior Security Engineer at Google, where he is tech lead for the vendor reviews focus area.

In his spare time, Chris collects books (that he never finds time to read) and spends his weekend taking long romantic walks from the sofa to the kitchen (mostly for snacks).

Show notes

Interview links

• Listen to Chris’s podcast, First Impressions.
• Check out the other, Jane Austen-themed First Impressions podcast.
• Learn more about MVSP at the official site and in this blog post from Google.
• Read up on the ETSI standard Jen mentioned.
• Revisit our previous episode on Disclose.io with Casey Ellis.

Rapid Rundown links

• Read about the Sky router vulnerability.
• If you just can’t wait till January to hear from us again, revisit Season 4.

Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/11/10/security-nation-michael-powell-on-being-a-cyber-envoy/

In this episode of Security Nation, Jen and Tod chat with Michael Powell about his work as specialist cyber representative to North America for the UK’s Department for International Trade (DIT). After confirming that Michael is not actually a spy (or is he?), they discuss the excitement and challenges of creating cross-continental collaboration on some of the most pressing cybersecurity issues organizations face today — including supply chain risk, ransomware, and the role of government in moving the needle on these threats.

Stick around for our Rapid Rundown, where Tod and Jen talk about inTheWild, a new open-source, community-driven database for vulnerabilities that are being actively exploited.

Michael Powell

Michael Powell is DIT’s cyber sector trade specialist in North America. His background includes over 15 years of experience with major enterprise and start-ups, defining and delivering managed and professional cybersecurity services for law enforcement and commercial organizations. Michael is based on the East Coast, advising UK companies on North America market entry – leveraging DIT’s network to discuss resourcing, legislation, and the evolving needs of buyers. He is a proponent of workforce diversity across the tech sector and has a strong technical background to understand and discuss solutions to complex organizational cybersecurity problems. When not advising UK companies, he works closely with the London specialist teams, and partners, on investment opportunities and being an in-market voice for the UK cybersecurity ecosystem.

Show notes

Interview links

• Learn more about the UK’s Department for International Trade.

Rapid Rundown links

• Check out inTheWild, and follow them on Twitter.
• Grab our 2022 planning resource. (Note! This is a direct PPTX link — don’t be alarmed by the sudden download.)

Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/11/04/pete-cooper-and-irene-pontisso-of-the-uk-cabinet-office-on-their-cybersecurity-culture-competition/

In this special bonus episode of Security Nation, Jen and Tod chat with Pete Cooper and Irene Pontisso from the UK Cabinet Office about their current competition aiming to promote cybersecurity culture among small businesses. They highlight their 9 hypotheses, which touch on the role of human factors, the distinction between cyber culture and security culture, and the importance of leadership. They chat about why they decided to get help validating these ideas through a competition format — the “Bakeoff Approach,” as Irene calls — to promote collaborative thinking and get a sense of what organizations are doing on these issues today.

The deadline to apply for the competition is fast approaching on Monday, November 8, and winners will be awarded contracts to carry out the competition over 12 weeks, beginning in late November. Check out the Invitation to Tender to submit your entry!

Pete Cooper

Pete Cooper is Deputy Director Cyber Defence within the Government Security Group in the UK Cabinet Office, where he looks over the whole of the Government sector and is responsible for the Government Cyber Security Strategy, standards, and policies as well as responding to serious or cross-government cyber incidents. With a diverse military, private-sector, and government background, he has worked on everything ranging from cyber operations, global cyber security strategies, advising on the nature of state-vs.-state cyber conflict to leading cybersecurity change across industry, public sector, and the global hacker community, including founding and leading the Aerospace Village at DEF CON. A fast jet pilot turned cyber operations advisor, who on leaving the military in 2016, founded the UK’s first multi-disciplinary cyber strategy competition, he is passionate about tackling national and international cybersecurity challenges through better collaboration, diversity, and innovative partnerships. He has a Post Grad in Cyberspace Operations from Cranfield University, is a Non-Resident Senior Fellow at the Cyber Statecraft Initiative of the Scowcroft Centre for Strategy and Security at the Atlantic Council, and is a Visiting Senior Research Fellow in the Department of War Studies, King’s College London.

Irene Pontisso

Irene is Assistant Head of Engagement and Information within the Government Security Group in the UK Cabinet Office. Irene is responsible for the design and strategic oversight of cross-government security education, awareness, and culture-related initiatives. She is also responsible for leading cross-government engagement and press activities for Government Security and the Government Chief Security Officer. Irene started her career in policy and international relations through her roles at the United Nations Platform for Space-Based Information for Disaster Management and Emergency Response (UN-SPIDER). Irene also has significant industry and third-sector experience, and she partnered with the world’s leading law firms to provide free access to legal advice for NGOs on international development projects. She also has experience in leading large-scale exhibitions and policy research in corporate environments. She holds a MSc in International Relations from the University of Bristol and a BSc from the University of Turin.

Show notes

• Learn how to apply at the competition’s Invitation to Tender.
• Read up on the Small Business Research Initiative.
• Dig into the UK Government’s Functional Standard for security.

Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/10/27/security-nation-jack-cable-on-ransomwhere/

In this episode of Security Nation, Jen and Tod chat with Jack Cable, security architect at the Krebs Stamos Group, about Ransomwhere, a crowdsourced ransomware payment tracker. They chat about how Cable came up with the idea, the role of cryptocurrency in tracking these payments, and how better data sharing can help combat the surge in ransomware attacks.

Stick around for our Rapid Rundown, where Tod and Jen talk about a remote code execution vulnerability that open-source forum provider Discourse experienced recently, which CISA released a notification about over the weekend. Tod highlights some of the many things Discourse is doing right with its security program.

Jack Cable

Jack Cable is a security researcher and student at Stanford University, currently working as a security architect at Krebs Stamos Group. Jack formerly served as an Election Security Technical Advisor at CISA, where he led the development and deployment of Crossfeed, a pilot to scan election assets nationwide. Jack is a top-ranked bug bounty hacker, having identified over 350 vulnerabilities in companies including Google, Facebook, Uber, Yahoo, and the US Department of Defense. After placing first in the Hack the Air Force challenge, Jack began working at the Pentagon’s Defense Digital Service. Jack was named one of Time Magazine’s 25 most influential teens for 2018. At Stanford, Jack is a research assistant with the Stanford Internet Observatory and Stanford Empirical Security Research Group and launched Stanford’s bug bounty program, one of the first in higher education.

Show notes

Interview Links

• Check out the Ransomwhere site.
• Listen to our previous episode with Jack on election security.

Rapid Rundown Links

• Read the CISA notification on the critical RCE vulnerability in Discourse.
• See Discourse’s announcement of the vulnerability on GitHub.
• Peruse Discourse’s technical blog post about it.
• Check out Discourse’s security program and policies.

Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/10/13/security-nation-michael-daniel-on-the-cyber-threat-alliance/

In this episode of Security Nation, Jen and Tod chat with Michael Daniel, president and CEO of the Cyber Threat Alliance (CTA), as well as a co-chair on the IST’s Ransomware Task Force. After discussing Michael’s career in cybersecurity with the US government, they talk about what makes information sharing so hard in the security space and how the CTA has addressed this challenge in its efforts to promote better threat intelligence.

Stick around for the Rapid Rundown – with Tod on holiday (AKA vacation), Jen brings on Rapid7’s public policy guru Harley Geiger. They chat about the Cyber Incident Reporting Act, which is likely headed to a Senate floor vote and, if passed, would bring major changes to the reporting requirements around cybersecurity events for owners and operators of critical infrastructure.

Michael Daniel

Michael Daniel serves as the President and CEO of the Cyber Threat Alliance (CTA), a not-for-profit that enables high-quality cyber threat information sharing among cybersecurity organizations. Prior to CTA, Michael served for four years as US Cybersecurity Coordinator, leading US cybersecurity policy development, facilitating US government partnerships with the private sector and other nations, and coordinating significant incident response activities. From 1995 to 2012, Michael worked for the Office of Management and Budget, overseeing funding for the US Intelligence Community. Michael also works with the Aspen Cybersecurity Group, the World Economic Forum’s Partnership Against Cybercrime, and other organizations improving cybersecurity in the digital ecosystem. In his spare time, he enjoys running and martial arts.

Show notes

Interview links

• Follow Michael on Twitter @CyAlliancePrez
• Learn more about the Cyber Threat Alliance
• Check out the Ransomware Task Force, which Michael co-chairs
• Read Jen’s position piece on hack back

Rapid Rundown links

• Read the full text of the Cyber Incident Reporting Act
• Refresh your memory on the SolarWinds data breach
• See who’s on the House Homeland Security Committee

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/09/29/security-nation-rob-graham-on-mike-lindells-cyber-symposium/

In this episode of Security Nation, Jen and Tod chat with Rob Graham of Errata Security about his experience attending pillow magnate Mike Lindell’s Cyber Symposium, where he claimed packet captures would reveal incontrovertible evidence of widespread fraud in the 2020 US presidential election. (Spoiler alert: Nothing resembling that description actually occurred at Lindell’s event.) An expert on packet captures, Graham recounts the Kafkaesque forensic logic behind the Cyber Symposium data — some of which was presented in a file type only known to a single living person — as well as the value of having real experts attend highly dubious events like this one.

Stick around for the Rapid Rundown, where Tod and Jen discuss Microsoft’s plan to turn off Basic Auth in Exchange Online next year and the Autodiscover bug that may have prompted the change.

Robert Graham

Rob Graham is a well-known cybersecurity expert. He created the BlackICE personal firewall, the first IPS, sidejacking, and masscan. He frequently speaks at conferences and blogs.

Show notes

Interview links

• Rob’s live Tweet thread
• Rob’s archive of the provided RTFs (hex decoded)
• Rob’s BLX Container Extractor
• All about Dennis Montgomery. Warning: this is a Wiki rabbit hole.
• A Torrent of several gives of data from the Cyber-Symposium is available at:

magnet:?xt=urn:btih:39a9590de21e77687fdf7eacee4dd743f2683d72&dn=cyber-symposium&tr=udp://9.rarbg.me:2780/announce

Rapid Rundown links

• The original Bleeping Computer story on Microsoft shutting off Basic Auth
• The related story about Amit’s Autodiscover bug finding that may have prompted the above
• A somewhat early reference to some WPAD bugs
• The earliest reference Tod could find about WPAD exploits… which happened to be written by the very same Tod back in 2009.

Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/09/15/security-nation-craig-williams-of-cisco-talos-on-proxyware/

In this episode of Security Nation, Jen and Tod chat with Craig Williams, recently of Cisco Talos, about proxyware and integrating security acquisitions the right way. Along the way, they touch on the challenges of being a security communicator with an audience that extends beyond practitioners – and a few real-life stories of people who didn’t realize their cameras were spying on them.

Stick around for our Rapid Rundown, where Tod and Jen talk about the REvilware ransomware gang’s return from “retirement” and how lagging adoption of EMV is leading to high-profile cases of ATM fraud.

Craig Williams

Craig Williams has always had a passion for learning how things operate – and circumventing security measures. His deep interest in security technology began with research into vulnerabilities, threats, and network detection techniques. His research over the past decade has included running global threat intelligence teams, malware labs, and trying to outwit the very security products he has helped design.

Show notes

Interview Links

• Craig is on Twitter, but his OpSec is pretty tight so good luck getting that follow back.
• You can read up on Cisco Talos, and check their most recent on proxyware here.

Rapid Rundown Links

• Check out the Bleeping Computer story on the ATM robbers.
• Back in 2016, Rapid7’s Weston Hecker demonstrated some EMV attacks.
• But that doesn’t matter because about half of all U.S. gas stations still don’t operate with EMV payment.

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/09/01/security-nation-jill-fraser-deborah-blyth/

In this episode of Security Nation, we chat with Deborah Blyth, CISO of the State of Colorado, and Jill Fraser, CISO for Jefferson County, Colorado. They tell Jen and Tod about their experience securing Colorado’s cyber infrastructure at a state-wide level, breaking down silos across the various local governments to come together on an integrated, long-term plan. They go through some of the challenges of funding, collaboration, and generating buy-in — as well as how the recent national focus on election security has impacted the state and local levels.

Stick around for the Rapid Rundown, where Tod and Jen discuss Firefox’s new feature blocking insecure downloads.

Jill Fraser

Jill Fraser is the Chief Information Security Officer for Jefferson County in Colorado where she has worked for 9 years. Jill is responsible for managing the county’s enterprise cybersecurity program, which includes policy and procedure guidance, continuous improvement of incident response capabilities, end user awareness training, and risk management. She concentrates on ensuring the county’s security program is a business enabler by maintaining a sound cybersecurity strategy that supports county productivity, growth, and innovation.

Jill is an advocate for cross-organizational collaboration. She was one of the founding members of the Colorado Threat Intelligence Sharing (CTIS) network and is an active partner in the Whole of State cybersecurity program in Colorado (cooperatives formed to improve cybersecurity in Colorado-by-Colorado). Additionally, she participates in a locals-only mentoring group that serves as mechanism of peer support. She is the Chair of Colorado’s Homeland Security Senior Advisory Committee’s Cyber Subcommittee, and she is a member of the Multi-State Information Sharing and Analysis Centers (MS-ISAC) Executive committee.

Jill is an advocate for development of programs that will improve local government’s ability to secure their data and services within the limited budgets and staffing constraints most locals face. Jill has been in the information technology field for over 20 years and is a Certified Information Systems Security professional (CISSP*) as well as a Certified Chief Information Security Officer (C-CISO*).

Deborah Blyth

Deborah Blyth is Colorado’s Chief Information Security Officer (CISO), with over 25 years technology background and 15 years leading information security programs. As the CISO, she serves as the point of contact for all information security initiatives in Colorado, informing the state Chief Information Officer and executive agency leadership on security risks and impacts of policy and management decisions on IT-related initiatives. Deborah is responsible for determining the strategic and tactical security direction for executive branch agencies, to meet established objectives.

Before joining the state of Colorado, Deborah led the Information Technology Security and Compliance programs at TeleTech (5 years) and Travelport (3 years). Deborah is a Colorado native and graduated Summa cum Laude with a Bachelor of Science degree from Regis University.

Show notes

Interview links

• National Cyber Security Center
• Colorado Cyber Resource Center
• Cybersecurity HSAC Subcommittee

Rapid Rundown links

• Firefox follows Chrome and prepares to block insecure downloads by Catalin Cimpanu
• hxxp://smart4alarm.com/ is the website Tod ran into that plops an APK right in your Downloads with no clicks. Is this okay?

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/08/18/security-nation-daniel-crowley/

On the latest episode of Security Nation, we’re joined by Daniel Crowley, IBM X-Force Red’s Research Director — aka Global Research Baron (a title that delights Jen Ellis’s British sensibilities). Daniel tells Jen and Tod all about his team’s security research internship program, which gets undergrad and grad students involved in pentesting and other forms of research in real-world environments through a series of bootcamps. He also divulges some research project ideas for those looking to uncover vulnerabilities in hidden places — including your calendar invites.

Stick around for the Rapid Rundown, where Jen and Tod talk about DEF CON highlights, the Cyber Symposium non-findings, and — you guessed it — ransomware.

Daniel Crowley

Daniel is the primary author of the Magical Code Injection Rainbow, a configurable vulnerability testbed, and FeatherDuster, an automated cryptanalysis tool. In the security industry since 2004, he is a frequent speaker at conferences like Black Hat, DEF CON, Shmoocon and SOURCE. Daniel also holds the noble title of Baron in the Principality of Sealand.

Show notes

Interview Links:

• The original Watchfire paper on HTTP Request Smuggling from 2005
• HTTP request smuggling reborn by James Kettle
• HTTP/2 Request Smuggling from DEF CON 2021
• Free TCP/IP bugs
• Free ICS bugs
• Snyk’s Zip Slip research

Rapid Rundown Links:

• All the DEF CON videos
• Tempest Radio Station Presentation by Paz Hameiri
• Tempest Radio Station paper
• How to get started in cybersecurity AMA on Reddit
• Rob Graham’s Live Tweeting of the Cyber Symposium

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/08/04/security-nation-richard-kaufmann/

In this episode of Security Nation, we’re joined (for the second time!) by Richard Kaufmann, CISO at Amedisys, a leading provider of home healthcare. He’ll tell us how his company’s aim to heal people at home coincided with hospitals filling up with COVID-19 patients — and how his role as CISO can help (cyber) secure that growing shift into home healthcare.  

And stick around for our Rapid Rundown, where Tod spins a supply chain risk tale for Jen, specifically the drama surrounding the PyPI repository bug.

Richard Kaufmann

“It is now safe to turn off your computer.”  For most of us, this simple message in the late 90’s was a reminder that the operating system processes had stopped and the circuits carrying all of the ‘1’s and ‘0’s were ready to be powered off. For me, it was my first foothold into the information-security arena. Starting at defacing that iconic .JPEG and advancing into running information-security teams across finance, healthcare, and manufacturing organizations, I’ve tried to remove a little bit of entropy in the world via simple solutions to complex problems.

A problem well defined is a problem half solved. In an environment where threat landscapes, frameworks, and shareholder value are constantly changing, the ability to fall back on the fundamentals of logic and computing has become a rare commodity. I like to work with those who have a similar appetite for challenging norms and thinking creatively. This methodology has manifested itself by creating a dialogue between executive non-technical leaders and the boots-on-the-ground engineers that keep enterprises safe from cyber threats. Currently, I’m focused on transforming the approach to cybersecurity within healthcare. By disrupting the “cult of security,” we can increase the quality of patient care, protect the privacy of the data those individuals entrust us with, and innovate for a more effective future.

My daughter is my biggest fan; I enjoy long walks with heavy backpacks; and that inner voice inside my head sounds just like David Goggins.

-Richard Kaufmann, Chief Information Security Officer, Amedisys

Show Notes

From the discussion with Richard:

• Amedisys: Richard’s home healthcare employer
• S02E06: Our first time around with Richard
• S02E10: The mentioned episode with Oliver Day

From the Rapid Rundown:

• The Record on the PyPI bug
• The original research from RyotaK
• Jen’s Python joke

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/07/28/security-nation-philipp-amann/

In this episode of Security Nation, we’re joined by Philipp Amann of Europol. Jen and Tod chat with Philipp about No More Ransom, a Europol-lead effort to combat ransomware by providing technical means to unlock encrypted drives, covering dozens of ransomware kits from Alpha to Ziggy, as well as working with a bunch of countries’ national police forces around the world. Oh, and here’s a spoiler: NMR estimates they’re responsible for saving almost 1 billion dollars in ransom demands over its 5-years-and-counting run. Amazing! NMR also:

• Features 121 decryption tools addressing 151 ransomware families
• Has been downloaded approximately 6 million times
• Saved victim orgs approximately $900 million in unpaid ransoms
• Read more on NMR in Jen’s recent blog!

Tod and Jen then lament the COVID-19 situation in Las Vegas (stay safe and healthy out there, everyone!) and chat about the latest NTLM attack technique, dubbed PetitPotam. And new on the blog this week: show notes! Just head to the bottom of the page for all the references you could ever want.  

Philipp Amann

Philipp Amann is the Head of Strategy at the European Cybercrime Centre (EC3). EC3 Strategy is responsible for assessing and acting on relevant trends and threats related to cybercrime and cybersecurity. Other key areas of responsibility include managing EC3’s industry advisory groups, prevention and awareness, and capacity building.

Philipp has worked in various fields; these include the financial sector, global disarmament, international investigations, and on issues related to safety and security in cyberspace, all topics about which he cares deeply.

Show Notes

• Philipp Amann Head of Strategy at European Cybercrime Center
• No More Ransom, an incredibly useful self-serve library of ransomware crackers
• Need some specific guidance on what to do if you suffer a ransomware attack? Check out NMR’s publication!
• Also mentioned in the show was Europol’s annual Internet Organised Crime Threat Assessment report, which is a great read.
• Interested in partnering with NMR? Send in a request here!
• The Rapid Rundown is mostly about the PetitPotam proof of concept NTLM attack, as discovered by @topotam77
• Microsoft’s helpful mitigation KB for the sameSANS Diary writeup of this novel NTLM attack that demonstrates the risks

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/07/21/security-nation-brian-honan/

In this episode of Security Nation, we’re joined by Brian Honan of BH Consulting. Jen and Tod chat with Brian about his experience as a founder of Ireland’s first CERT, the continuing scourge of ransomware, and cyber warranties. They also go beyond all of the recent salacious breach headlines, discussing the need to highlight successes and positive happenings in cybersecurity.

And stick around for our Rapid Rundown, where Tod and Jen talk about the under-the-radar WifiDemon vulnerability affecting iPhones and iPads.

Brian Honan

Brian Honan is CEO of the cybersecurity and data protection firm BH Consulting, and he is recognised internationally as an expert on cybersecurity. He has acted as a special advisor to Europol’s Cybercrime Centre (EC3), founder of Ireland’s first CERT, and sits on the advisory board for several innovative security companies.

Brian is the author of several books, and regularly contributes to various publications. For his contributions to the cybersecurity industry, Brian has been awarded the “SC Magazine Information Security Person of the Year” and was also inducted into the Infosecurity Hall of Fame.

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/07/07/security-nation-jonathan-cran/

In this episode of Security Nation, we’re joined by Jonathan Cran. We wade into uncharted territory with Jonathan, as he claims the title of Security Nation’s first repeat guest! He returns with an update on rapidly growing pandemic side project, Intrigue, which turned into a real attack surface management company with real funding and real customers!

Stick around for our Rapid Rundown, where Tod and Jen pointedly do not talk about the Kaseya breach and PrintNightmare, but instead, the Monpass breach and just how many certificate authorities you are implicitly trusting today.

Jonathan Cran

Jonathan Cran is a 20-year information-security veteran and expert. Based in Austin, Texas, his career has focused on security assessment, with leadership roles at Rapid7, Bugcrowd, and Kenna Security. He founded Intrigue Corp in 2019 to help enterprise customers map, monitor, and manage their attack surfaces. Intrigue provides proven, data-backed methods to stay ahead of  threats.

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/06/23/don-spies-and-kim-grauer-on-tracking-illicit-bitcoin-transactions/

In this episode of Security Nation, we’re joined by Don Spies and Kim Grauer of Chainalysis. They discuss the relationship between ransomware and cryptocurrency and how Chainalysis leverages unique characteristics of the latter to combat the former.

Stick around for our Rapid Rundown, where Tod and Jen discuss a newly discovered, very old crypto vulnerability (and by crypto we mean encryption!), as well as take a look at election security news here in the wake of literally hundreds of audits of polling results.

Kim Grauer

Kim Grauer is the Director of Research at Chainalysis, where she examines trends in cryptocurrency economics and crime. She was trained in economics at the London School of Economics and in politics at Oxford University. Previously, she explored technological advancements in developing countries as an academic research associate at the London School of Economics and was an economics researcher at the New York City Economic Development Corporation.

Don Spies

Don Spies is the Director of Strategic Initiatives for Chainalysis, where he works with federal agencies to address their cryptocurrency needs. This includes fighting terrorism, enforcing sanctions, and detecting money laundering. Previously, Don held various roles at the U.S. Department of the Treasury. He also spent 13 years as an Intelligence Officer in the U.S. Army Reserve.