Down the Security Rabbithole Podcast

By Rafal Los (Wh1t3Rabbit)

Listen to a podcast, please open Podcast Republic app. Available on Google Play Store.

Category: Tech News

Open in Apple Podcasts

Open RSS feed

Open Website

Rate for this podcast

Subscribers: 264
Reviews: 1

 Jul 23, 2019


Follow the Wh1t3 Rabbit ... attention technology and business leaders! The "Down the Security Rabbithole" podcast is not your ordinary security podcast, primarily because we take a business perspective on the colorful and fast-paced world of information security. Bringing useful commentary on relevant events in the information security community, filtered through a no-nonsense business first approach, this is a podcast that helps you get the sane perspective on hacks, risks, threats and technology that you need to help make decisions in your daily life and in your organization.

Episode Date
DtSR Episode 402 - Life Security Adulthood


First, I need to apologize for the quality of my (Rafal) audio. For a reason I don't understand, the Skype central record feature absolutely butchered it - could have been something on my end, I simply don't know. It should be listenable, albeit annoying.

Second, huge thanks to Carlos for taking the time out of his busy morning from being a dad and his day job to talk to us. He's got a lot of really interesting and important things to share about his adventures in our industry and community - you should probably listen closely.

Lastly - I have t-shirts to give away. If you want one, follow & re-tweet the @DtSR_Podcast handle and we'll pick a few of you (probably at random) to send shirts to.


Jul 07, 2020
DtSR Episode 401 - Vyrus Lessons in Red to Blue

Episode 401

Epilogue: This week, I got to sit down virtually with a long-time friend, and one of the most intelligent and quiet people you'll ever meet in InfoSec. My pal Carl Vincent (some of you may know him by other names) and I chat the transition from Red Team to Blue Team, tools, the state of the industry over the last few years, and just general conversation.

The world around us has changed, and it's important to have real conversations with people who shaped the industry in ways you probably didn't know or realize.


Jun 30, 2020
DtSR Episode 400 - Tom Nichols on Expertise

Friends and Colleagues!

We've made it. Milestone episode 400 of the podcast is here. And for the 400th episode I have none other than Mr. Tom Nichols. He's truly a qualified expert on a topic that needs some serious attention in today's world - expertise. In fact, he's written a book about it.

Please enjoy this episode, share it, and I want to thank Tom for taking the time out of his crazy schedule to laugh, educate, and drop a little bit of snark into our day.


Jun 24, 2020
DtSR Episode 399 - Post-Pandemic Issues

Episode 399 ... what a crazy ride it's been.

This week we have Brian Chidester - you may recall we had a chat with him on episode 379 which was recorded live at EnFuse Conference 2019 - back to talk about some of the things he's been hearing state and local security leadership talk about.

Great conversation, lots of topics covered... you'll enjoy it.

Also, next up - EPISODE 400!


Jun 16, 2020
DtSR Episode 398 - Leadership Series: Allan Alford

This week, episode 398 features our Leadership Series and the one and only Allan Alford. Allan has spent a long career building various security practices, advising boards, and generally doing great things.

While we're at it, you should go check out and sign up for the RSS feed of "Defense In Depth" podcast that Allan is a co-host on. They have a great tagline: "Couples therapy for security vendors and practitioners". Check them out here:


Jun 10, 2020
DtSR Episode 397 - Modern-ish Vulnerability Management

Welcome Down the Security Rabbithole to yet another edition of the DtSR Podcast. We we roll on towards milestone episode 400 James and Rafal discuss a topic that doesn't get nearly enough airplay - vulnerability management.

This isn't just your dad's vulnerability scanning though, or is it? Have we done anything exciting in this space in the last 15 years? Maybe... kind of...but the problem is much harder.


Jun 02, 2020
DtSR Episode 396 - Verizon DBIR 2020 Analysis

It's Verizon Data Breach Investigations Report time again. This episode is a yearly walk-through of the DBIR, where Rafal and James once again welcome Gabe Bassett back to the show to talk data, graphics, and lessons we need to learn.

Link to the report:


May 27, 2020
DtSR Episode 395 - Can We Fix the MSSP

Special thanks to our friends at AlertLogic - for providing some great discussion points and John for the episode!

This week, as DtSR hits episode 395 on our way to Episode 400, James and Rafal take some time out to ask:

"Hey John, how's the hair?"

It's great to be able to spend time with old friends and just talk about solving some long-standing problems our industry faces. One of the perennial favorites is why MSSPs are all terrible. Well - we have some ideas! Listen in if you've ever been frustrated with your MSSP... and are maybe interested in how the industry can collectively do better.


  • John Pirc
    • LinkedIn:
    • Rafal's personal note: John's a badass who has more experience in solving broad-scale problems and helping customers and companies through some difficult challenges. His advice is sage... you should probably listen in
May 19, 2020
DtSR Episode 394 - High Profile Healthcare Security Leadership

Episode 394

Rafal & James host Keith Duemling from the Cleveland Clinic (talk about high-profile jobs!) to talk about security in the healthcare space, challenges, the future, and other random topics. Keith has spent a large part of his career leading healthcare organizations, so he has a lot to share. Listen in!


May 12, 2020
DtSR Episode 393 - Smartish Cities

Guess who's back, back again ... James is back, so listen in!

So James is officially back after a bit of a hiatus from the podcast, and on this episode him and Rafal sit down over a fun interview with Matt Lewis Research Director for the UK with NCC Group. Matt is the primary author on a report on "Smart Cities", and it's definitely something you should read.

We talk about the report, discuss the true nature of a smart city and what it means to live in one. Pay particular attention to how difficult it was not to jump right into Die Hard 4 references... although we eventually broke down and did it anyway.


Guest Bio

Matt Lewis is Research Director for the UK with NCC Group ( – a security consultancy that has over 35 global offices, 2,000 employees and 15,000 clients. He’s worked in Cyber Security for over 18 years since his Computer Science academic studies, which focused on formal methods for system specification and design. Since then Matt has worked in various roles across Defence, Intelligence, Commercial and Big 4. He specializes in security consultancy, scenario-based penetration testing, vulnerability research and development of security testing tools and methodologies. His consultancy, testing and research experience spans multiple technologies across all sectors and many FTSE 100 and Forbes 2000 companies. He has vast experience in facilitating security assurance within the Government sector. Matt is a public speaker with global recognition of his knowledge and expertise in biometric security. He regularly presents at international conferences and seminars on all manner of cybersecurity-related topics.

May 05, 2020
DtSR Episode 392 - Chris Nickerson is an Original

Ladies and Gentlemen, friends, countrymen, lend me your ears!

This episode of DtSR features one of my favorite guests and one of the better storytelling from the "old days" opportunities I can recall. It also, not accidentally, features one of my favorite totally genuine people from our industry - Chris Nickerson.

I think the best way to describe Chris is like a charismatic honey badger. And if you haven't had the pleasure, you can listen to this episode and get just a small taste of what he's been up to the last few years. Buckle in, it's story time.


Apr 28, 2020
DtSR Episode 391 - Unprecedented Cyber Badness

This week, I'd like to thank JD Work for taking the time to be on the show and sharing his professional experience and expertise with us. The space of cyber policy, at the national and international level, is growing by leaps and bounds; and difficult decisions are often debated even as rapid reactions have to be made. These are difficult times for policymakers in the theater of cybersecurity. JD is an expert in this space and provides some real inside into what's going on, what our policymakers are thinking.



  • JD Work
    • LinkedIn:
    • Bio: JD Work serves as the Bren Chair for Cyber Conflict and Security at Marine Corps University. He holds additional affiliations with the School of International and Public Affairs at Columbia University, the Elliot School of International Affairs at George Washington University, and as a senior advisor to the Cyberspace Solarium Commission. He can be found on Twitter @HostileSpectrum. The views and opinions expressed here are those of the author(s) and do not necessarily reflect the official policy or position of any agency of the US government or other organizations.
Apr 21, 2020
DtSR Episode 390 - DFIR 20-20

This week, Brian Carrier joins DtSR to talk about digital forensics and incident response in 20/20. Forensics and incident response has had to evolve and change as devices become more mobile, smaller, and purpose-built. Brian talks through what this change has meant, and how tools and techniques have had to evolve to deal not only with the explosion of device types, but also sizes and various log capabilities (or none at all).


Related episodes:

Apr 14, 2020
DtSR Episode 389 - Leading Cyber Security in Academia

This week, DtSR dives into security leadership with an academic twist. We have the pleasure of hosting Robert Turner, the CISO of the University of Wisconsin, Madison.

This episode was recorded March 13th, 2020 right as the University and other institutions across the country and the world started their efforts to social distance and work from home due to the Corona Virus (Covid-19) pandemic.

Special thanks to Bob for taking the time out of his busy day, and crazy schedule given the times, to give us insights on his strategy, challenges, and successes!


Apr 07, 2020
DtSR Episode 388 - The SIEM is Dead Long May It Live

Welcome to episode 388, an episode at least 5 years in the making...mainly because it's taken this long to figure out a good way to get Anton on the podcast! Now that he's not an analyst anymore, I snagged him for an honest and open conversation about the one topic he has more expertise in than most anyone I know - the SIEM.

We wax philosophically, I manage to show my ignorance of the state of the art and history of SIEM, and we talk about where SIEM is going. Join us on a great conversation I am thrilled to have been a part of.


Mar 31, 2020
DtSR Episode 387 - Remote Workforce Leadership

This week, as we all continue quarantines and work-from-home DtSR hosts Valentina Thörner, who is an expert on remote workforce leadership. Valentina literally wrote the book (From a Distance) and now she's on the show discussing how to be a leader when your workforce is remote.


Additional Links and Resources

Guest 411

Mar 24, 2020
DtSR Episode 386 - Securing a Suddenly Remote Workforce

Covid-19 ... that's the headlines. Everywhere.

The suddenly remote workforce is a problem for many enterprises, and as workers are forced to work from home - security is a problem.

To that end, I snagged Brian Foster who has a long and storied history in our industry, to talk about what he thinks we should be thinking about.

Listen in, share, and let's hear what you think folks! Stay safe and well and most of all do not panic.


Mar 17, 2020
DtSR Episode 385 - Malware on the Lifeline

Greetings! On this episode of the podcast we present to you an episode we recorded back in January (but then due to a storage error we lost temporarily) with Nathan Collier from Malwarebytes. Nathan reported some findings from his research that basically there was some pre-installed malware running around, impossible to uninstall, on low-cost mobile phones. That kind of villainy is unforgivable (praying on the weak!) so we wanted to hear the whole story...and then some.

Here's one link to the full story, in case you're interested in reading it on your own...


  • Nathan Collier - Malwarebytes
Mar 10, 2020
DtSR Episode 384 - Zero Trust Redux 2020

This week Rafal hosts Dr. Chase Cunningham, Forrester analyst and all-around security badass to redux Zero Trust. The last time we tackled the topic was Episode 222 with John Kindervag back in 2016 - so it's time to see what's new.

Zero trust is more than just firewall rules, and it encompasses a lot of security technologies we don't even think about - so this update is a great primer for 2020.


Mar 03, 2020
DtSR Episode 383 - The Jennifer Ayers Interview

Join Rafal & James this week, as they welcome Jennifer Ayers. Jennifer is the Vice President of Overwatch and Security Response at Crowdstrike.

Rafal and Jennifer worked together "back in the day" so the conversation starts with a little storytelling from the old days, and then works its way into Jennifer's fantastic career and lessons learned over the years in her various leadership positions.


Feb 27, 2020
DtSR Episode 382 - Jeremiah Grossman Doing the Basics

This week on DtSR Podcast, a long-awaited guest joins us. That's right, the one and only Jeremiah Grossman joins us live from a tropical paradise, and you need to hear his message.

On this show we cover history, "the basics", and the necessity to know what your security attack surface looks like. It's perhaps one of the least sexy topics ever - but if you ignore it, you're pretty much screwed.


Feb 11, 2020
DtSR Episode 381 - 5G Security Implications

Welcome friends and fans!

This week we go down the rabbithole with Russell Mohr of MobileIron as we talk about the security implications for 5G. The new standard unleashed upon the American consumer (but more importantly on the commercial market) is changing mobile communication and connectedness.

About the guest...

Russell Mohr is an expert in 5G and mobile technology, with a wide breadth of expertise in other areas as well. Apparently during the early part of the interview, he was attacked by a dog that tried to eat him (I may be guessing, but that's what it sounded like).


Big thanks to Becca Chambers for setting this up, and lining up another future guest too!

Feb 04, 2020
DtSR Episode 380 - Gadi Tells It Like It Is

Welcome to episode 380 of the DtSR Podcast.

We have a special treat for you this episode, with long-time friend Gadi Evron, and he holds nothing back in his start discussion of our industry. We virtually guarantee this will quickly be your favorite episode...or at least your top 5.

Highlights from this week's episode include...

  • Gadi unloads on the 'attackers in the spotlight' nature of security conferences
  • Gadi & Raf chat about 25 years of incidents and what it's leading up to
  • Gadi is clearly not a fan of "Just do the basics"
  • Raf & Gadi decide we're clearly going to have to do this again...


Jan 28, 2020
DtSR Episode 379 - IoT Transforming LE

This week, in our final (for real this time) episode recorded LIVE from Enfuse Conference 2019, courtesy of OpenText, we chat with Brian Chidester. It's a fascinating conversation about what the IoT world can (and is) do for law enforcement and government ... think smart cities + Cops.

Highlights from this week's episode include...

  • Brian shatters any last shred of privacy I could believe in through the millions of IoT devices out there 'for our protection'
  • Brian reminds us hackers set of Tornado alarms around Dallas ... 
  • Brian and Rafal muse about FOIA in the digital age
  • Brian talks about advances like 'connected firearms'


Jan 21, 2020
DtSR Episode 378 - Trending on CISOs

In our final "Live from Enfuse 2019" episode, I had the pleasure of sitting down with Paul Shomo to talk about some of the things he's talked to CISOs about as he travels and advises on behalf of OpenText. It's a pretty interesting conversation...

Once again, thanks to OpenText for having the DtSR Podcast in Vegas!

Highlights from this week's episode include...


Jan 14, 2020
DtSR Episode 377 - The Global War for Soft Power

Welcome to 2020, as Down the Security Rabbithole rolls on!

This week we're back with a timely episode on the global war for soft power, with Andrea Limbago, Chief Social Scientist from Virtru. This is an interesting episode, touching on some topics such as privacy and censorship, and very timely.

Highlights from this week's episode include...

  • Andrea gives us a run-down on "soft power" and why it's important
  • Raf starts down a rabbithole and gets "dropped"
  • Andrea discusses how privacy regulation is impacting this space


Jan 07, 2020
DtSR Episode 376 - Protecting Our Kids Online

Merry Christmas, and a Happy New Year listeners of the Down the Security Rabbithole Podcast!

This week the show focuses on one of the most important things any of us really have - our children. Protecting kids in an increasingly digital world is tough, but not impossible. We decided to bring Theresa Desuyo from Qustodio on the show this week to discuss what her company is doing, and the broader theme of protecting children online.

Apologies in advance for Theresa's audio quality. Couldn't fix that in post.

Highlights from this week's episode include...

  • Rafal takes a shot at a sinister human being
  • Theresa talks through some of the more ominous things kids can face online
  • James is curious
  • Theresa gives us a look into the crystal ball...


  • Theresa Desuyo of Qustodio -

    Theresa is Qustodio’s Digital Family expert, leading Qustodio’s insights into how to best generate talking points around technology use adapted to each family’s reality. In addition, she leads growth, partnerships and operations in the US. Before joining Qustodio, Theresa worked in gamification for enterprises and a social enterprise, leveraging technologies to engage employees and for cause marketing initiatives respectively.

    She holds a B.A. from UCLA and an MBA from ESADE, is fluent in Spanish, Catalán and native English speaker from California.

    As a mother of 3 school-aged children (13, 11, and 5), decisions around technology use is an everyday topic and different for every child. She believes in educating kids and openly discussing the good and the risks associated to digital devices and the internet for them to build the resilience needed today.

Read her professional bio here: 

Dec 24, 2019
DtSR Episode 375 - Malcolm in the Middle (of a Career)

This week, DtSR is joined by Malcolm Harkins - former CISO of Intel and industry insider extraordinaire. Malcolm shares insights from his long and distinguished career so pull up a virtual chair, grab your notebook, and pull over because this is one that's a great listen.

Highlights from this week's episode include...

  • Rafal asks Malcolm why he doesn't job-hop like most CISOs
  • Malcolm and Raf discuss the "feature economy"
  • Raf asks Malcolm to predict the future


Dec 18, 2019
DtSR Episode 374 - Mike Daugherty Looks In the Rearview Mirror

This week, on a very special show recorded from his home studio in Atlanta, Rafal welcomes Mike Daugherty back onto the show to tell the story of his crazy journey and battle with the FTC.

Highlights from this week's episode include...


Dec 11, 2019
DtSR Episode 373 - Internet of Increasingly Smart Things

Welcome back for another great episode. This week we have a boomerang guest, Amber Schroader, recorded live in Las Vegas at Enfuse 2019.

Highlights from this week's episode include...

  • Amber wants a rockstar moment, but no confetti canons
  • Amber dissects Apple, Android, and "other" mobile OSes
  • We discuss machine-to-machine interactions
  • much more to discuss here!


Dec 03, 2019
DtSR Episode 372 - Not the Rise of the Machines

This week on #DtSR (live from Las Vegas, Enfuse 2019 Conference) Rafal chats with Nick Patience of 451 Group. Nick has some expertise in ML and provides context and content that is badly needed to dispel the crazy marketing hype out there.

Highlights from this week's episode include...

  • Nick answers the "What is ML/AI, and what is it not?"
  • We think Nick insulted machines by calling their learning potentially "shallow" (haha)
  • Nick gives us the retail applications of machine learning - grocery stores and similar things
  • Nick talks about "automating the mundane vs automating the complex" as problem spaces where ML is applicable
  • Nick explains ML is just software - but it's different from other software


Nov 26, 2019
DtSR Episode 371 - Advancing SOC-as-a-Service

First, and foremost, thank you to OpenText for having the #DtSR Podcast live and in-person in Las Vegas. Enfuse is a fantastic conference bringing together security operations professionals (forensics, threat hunters, SOC analysts), privacy, and legal professionals under one banner. It's a fantastic opportunity to hear some very involved talks, hear about the state-of-the-art, and join the conversation.

Also ... the people you will meet there are amazing - guests and staff.

Highlights from this week's episode include...

  • Kevin gives us an educated, experience-based opinion on threat intelligence, threat hunting, and other various key terms
  • Rafal make some snarky comments about "your mess for less" MSSPs
  • Rafal and Kevin attempt to discuss the analyst shortage - do we solve it with tech or people?


  • Kevin Golas, Director of Worldwide Security Services at OpenText -
Nov 19, 2019
DtSR - This Just In - OpenText and Reveille Announcement Nov 2019

Dropping in for a quick announcement - you heard it here first!

This week a few different announcements went out from OpenText, but this one caught my attention because it could honestly and truly be a game-changer for security and legal teams when it comes to breaches.

Going beyond the typical EDR solution, this announcement may be able to shine light into the questions security and legal professionals need answered in the case of a breach. Check it out.


Official Name: OpenText™ Content Security for EnCase™ by Reveille.

Press release:


  • Paul Shomo, Senior Security Architect, OpenText  
  • Brian Dewyer, CTO, Reveille Software
Nov 13, 2019
Rafal on SecurityGuy TV: The Need For Platforms

I recently had the pleasure of being on SecurityGuy TV ( to talk about the podcast, and why I think platforms are the future.

Check out the episode here:


Feedback welcome. If y’all enjoy it, Chuck wants to make it a regular thing...maybe we’ll do it.

Nov 12, 2019
DtSR Episode 370 - Gamifying InfoSec

Down the Security Rabbithole is back for Episode 370, and this week's podcast focuses on gamification, and it's applications to InfoSec. Big thanks to Chloé for joining us and sharing her knowledge. She's a legitimate expert in the field, so give this a listen.


Highlights from this week's episode include...

  • Chloé explains gamification
  • Rafal and James ask some tough questions
  • Chloé explains how games help us learn
  • Much more, tune in!



  • Chloé Messdaghi ( @ChloeMessdaghi ) - VP of Strategy at Point3 Security. She is a security researcher advocate who supports safe harbor and strongly believes that information security is a humanitarian issue. Besides her passion to keep people safe and empowered online & offline, she is driven to change the statistics of women in InfoSec. She co-founded Women of Security (WoSEC) and heads the SF Bay Area chapter. As well, she created WomenHackerz, a global online community that provides support and resources for hundreds of women hackers at all levels
Nov 12, 2019
DtSR Episode 369 - Ransomware's End

Welcome to episode 369!

This week Rafal talks ransomware and welcomes Oussama El-Hilali, Chief Technology Officer at Arcserve, and Chester Wisniewski, Principal Research Scientist at Sophos to the podcast.

Highlights from this week's episode include...

  • Chester hits us with some staggering facts and figures about ransomware
  • Rafal asks if companies should pay the ransom …and ducks
  • Oussama explains why backup companies and anti-malware companies should be besties


  1. Oussama El-Hilali
  2. Chester Wisniewski


Nov 05, 2019
DtSR Episode 368 - Contain(er) Your Security

Welcome to another edition of the DtSR Podcast! This week Liz Rice joins us all the way from the (still) UK, and James is back too! What a treat... join us and read the show notes!

Highlights from this week's episode include...

  • Liz explains containers, security, and gives us a foundation
  • Liz explains the fundamental stages of securing containers
  • Liz explains the model of different types of containers and the things you need to worry about
  • Rafal asks "where do you install the agent?"



  • Liz Rice - ( @LizRice ) - Liz Rice leads Aqua’s technology evangelism activities in the cloud-native ecosystem. She is an active member of the open source community, and an award-winning speaker known for her live-coding demos. She is currently co-chair of KubeCon & CloudNativeCon. Prior to getting immersed in containers she built up a wealth of software development, team, and product management experience working on network protocols and distributed systems, and in digital technology sectors such as VOD, music, and VoIP with companies including Skype, and Metaswitch Networks. When not writing code, or talking about it, Liz loves riding bikes in places with better weather than her native London, and competing in virtual races on Zwift. Find her on LinkedIn:
Oct 30, 2019
DtSR Episode 367 - Cloud Babies

This week, #DtSR Podcast is recorded live from Dallas at the Armor SecureCon inaugural user conference. Rafal had the occasion (and good fortune) to get a few minutes to sit down with Jeff Collins (CSO, Lightstream) and Kristopher Russo (Security Architect, Herman Miller) and chat cloud.

P.S. - We love in-person conversations!

Highlights from this week's episode include...

  • Jeff talks about Lightstream's cloud foundational framework and why it's a must-do if you're thinking cloud
  • Kristopher some inner wisdom on architecture and business alignment
  • Rafal makes a snarky comment about frameworks


Oct 22, 2019
DtSR Episode 366 - D I Why and How

Welcome Down the Security Rabbithole, to the DtSR Podcast.

This week, Zac Rosenbauer joins us to talk about what it's like to be "the IT guy" who also has to be vigilant of security in a fast-paced startup...based on Google's cloud platform. It's a riveting episode that will give you some good guideposts if you're about to DIY.

Highlights from this week's episode include...

  • Zac introduces what it's like to work in a rapidly evolving startup
  • We discuss some of the DIY that Zac has had to work with
  • Wait ... compliance...



Oct 15, 2019
DtSR Episode 365 - Mountains of Data

Welcome back to another episode ... this one sets up DtSRs appearance at the Enfuse Conference 2019 in Las Vegas in November. Give this topic a listen, as it doesn't matter whether you're in legal, compliance, or security - you need to understand this topic well.

We want to thank Opentext for sponsoring DtSR's trip out to Las Vegas for the conference, and of course we encourage you to join us out in the desert for another really well-done conference on the intersection of law, compliance, privacy, and security.


Highlights from this week's show include...

  • Anthony uses the phrase "data exhaust"
  • We get a peek into the intersection of big data, and big forensics
  • Anthony, James, and Rafal discuss 'real time identification' that's way beyond what your IPS can do
  • Anthony gives an insider peek into Enfuse 2019 including a keynote by James Clapper


Oct 08, 2019
DtSR Episode 364 - Interviewing Jerry Archer


This episode of Down the Security Rabbithole Podcast was recorded live from Dallas, TX where the Security Advisor Alliance Summit 2019 was happening. One of the hardest working men in the business, Mr. Jerry Archer, stopped by and took a few minutes off his schedule to let Rafal interview him and get some of those amazing nuggets of wisdom and experience into your ears.

Feedback, as always, is welcome!

Highlights from this week's show include...

  • Jerry sets the background for his knowledge by dropping his 40+ years experience
  • Jerry talks about risk management and reporting to the board
  • Jerry goes a little crazy talking about his budget
  • much more!

Big thanks to Sidney, AJ, Jerry and the rest of the SAA crew for having me aboard and letting me add some value to this very worthy cause. Folks, if you aren't a part of this thing, go to and find your cause.


Oct 01, 2019
DtSR Episode 363 - That Oh Shit Moment

This episode was recorded live from the Security Advisor Alliance Summit, 2019 in blistering hot Dallas, TX. If you don't know what the Alliance is, or are asking yourself why you should bother, click here and find out why this is one of those organizations that you must be part of if you're serious about cybersecurity.


Highlights from this week's episode include...

  • Graeme introduces himself
  • Rafal & Graeme talk about security at scale
  • Graeme discusses some of the insights of the Equifax breach
  • Graeme dispenses knowledge and experience by the truckload


Sep 25, 2019
DtSR Episode 362 - Real Security is Hard

Friends & Colleagues, this week I have the pleasure of being joined by one of my good friends and industry veteran - the one and only Jim Tiller. We revisit the things we talked about in Episode 102 and get an update on the state of security from a guy who would know.

Pre-requisite listening: Episode 102 -


Highlights from this week's show include...

  • Jim & Rafal talk about the "feature economy" that is the security vendor marketplace today
  • Jim explains the statement "Complexity is the camouflage for bad guys"
  • Jim explains what he believes security organizations have accomplished in the last 5 years
  • Rafal & Jim lament the 'fundamentals'


Sep 17, 2019
DtSR Episode 361 - Your Adversary Problem in 2019

This week Adam Meyers joins James & Rafal to talk about the Crowdstrike Mobile Threat Landscape Report 2019 - and the learnings and lessons therein.


Highlights from this week's episode include...

  • Adam gives us the lowdown on adversaries, in 2019
  • Adam bakes some bread
  • Rafal asks who the biggest and baddest attackers are
  • So much more... check out the link above, read the report!


Sep 11, 2019
DtSR Episode 360 - Thwarting Bots and Frauds

This week, Rafal sits down in person with Sam Bouso of Precognitive, in Chicago headquarters to talk about some very cool tech that's probably only on the periphery of security. Give it a listen!

Highlights from this week's show include...

  • Sam discusses the problem that bots and fraud pose to not only digital commerce but overall digital interaction
  • Sam and Rafal talk through the various buzzwords (machine learning, AI, etc) and their real applications here
  • Sam talks through how algorithms and massive data sets can identify human from non-human
  • So much more
Aug 27, 2019
DtSR Episode 359 - Mind the Diversity Gap

This week, in the 2nd of two installments recorded live at Black Hat 2019, Alyssa Miller joins Rafal live to talk about some of the talks she's giving, and takes us back in time.

Highlights from this week's show include...

  • Rafal and Alyssa discuss the very real problems the lack of diversity in technology creates
  • A jab is taken at the TSA ...because it's just too easy
  •  Alyssa revisits the 'castle analogy' for InfoSec and why it's so tough to get right
  • Much more fun... you'll have to listen in!


Aug 20, 2019
DtSR Episode 358 - No More Crappy Job Hunts

This week on another jammed-packed episode, Rafal takes to Black Hat 2019 to interview some interesting guests that have something unique to tell you. We start with Deidre Diamond, the lady behind CyberSN - and why she's reinventing the way you get your next InfoSec job.


Highlights from this week's show include...

  • Deidre tells us a little bit about what's new at CyberSN
  • Rafal & Deidre discuss the insane InfoSec job market
  • Deidre explains why how she's planning on eliminating hiring bias in the InfoSec workforce
  • The last time Deidre joined us was episode 337 - 
  • For more, go to and click the "Know More" icon in the top-right corner and get started!



  • Deidre Diamond ( @Cyber_SN ) - With over 20 years spent leading technology and cybersecurity organizations, Deidre Diamond offers a great perspective on the issues that matter most in our industry. Her vision, “to transform employment searching” has remained constant since she founded CyberSN in 2014. Find her on LinkedIn: 
Aug 15, 2019
DtSR Episode 357 - Hacker Summer Camp 2019

This week, James and I sit down to think (and talk) through Black Hat (and Defcon) 2019. "Hacker Summer Camp" as it's affectionately known in the industry, is a rite of every summer...but is it delivering value to attendees, do we have the right audience, and is the content worthwhile? This and more...


Highlights from this week's show include...

  • Raf and James reminisce about summer camp days gone by
  • Rafal addresses Dino's excellent-sounding keynote (abstract)
  • Raf & James discuss the hype (or more precisely, the lack thereof) of this year's conference and why it's nice for a change
  • All this and tune in!
Aug 05, 2019
DtSR Episode 356 - Its Been a While Andy

Welcome down the security rabbithole friends! This week, Andy Kalat takes a few minutes off from recovering to chat and comment on the state of security, and what's different since we first met back in... 2003? Fun episode... It's been a while, Andy!

Highlights from this week's show include...

  • Andy and Rafal try and figure out when they first real life
  • Andy points out the problem vendors suffer from "problem-scope-limiting" (this is an interesting one...)
  • Are things getting better? The guys discuss...snark ensues
  • Rafal asks Andy to predict what will change in the next ~5yrs



  • Andrew Kalat ( @LERG ) - Andy is an IT Security Executive, Co-Host of the Defensive Security Podcast, Speaker, Writer...according to his LinkedIn profile, here.
Jul 30, 2019
DtSR Episode 355 - Threat Modeling Rides Again

My dear listeners - we have John Steven back on this episode! If you don't remember his first appearance, it's OK, it was a little while ago back on episode 42 ... so it's been a while!

Highlights from this week's show include...

  • John gives us a run-down on the new things since the last episode
  • James & John talk OWASP Top 10
  • The guys try to understand what happened to Threat Modeling, and security overall, over the last decade
  • So much more, you'll have to listen
Jul 23, 2019
DtSR Episode 354 - Pragmatic Azure Security

Fans & Listeners!

This week we have a treat for you... as this episode is recorded LIVE from Microsoft's Inspire 2019 in Las Vegas (where it was 117F) but the conversation here is way hotter.

Highlights from this week's show include...

  • What is Microsoft releasing to help guide secure Azure deployment?
  • Mark and Jeff debate "What exactly is the value of "best practices"?"
  • So much more packed into this extended episode!



  • Mark Simos ( @MarkSimos ) - Lead Architect, Cybersecurity Solutions Group, Microsoft
  • Jeff Collins - Chief Strategy Officer, Lightstream
Jul 18, 2019
DtSR Episode 353 - Ira Winkler on Point

Yes, DtSR took a week off ... we were due.

This week, Ira Winkler joins Rafal to go down the rabbithole and talk about his career, opinions on our profession, and other important stuff. Sit back, take notes, and enjoy.

Highlights from this week's show include...

  • Ira gives a run-through on his career and what's gotten him "here"
  • Ira and Rafal discuss "breaking into security" and how it's being sold now, versus what reality should be
  • Ira gives us his take on training, certifications, career paths and the like
  • Yeah, so much more...


Jul 09, 2019
DtSR Episode 352 - AWS REInforce Warm Up Episode

This week, ahead of AWS RE:INFORCE 2019 (the first one) Rafal gets a conversation with buddy Mark for a candid talk about the top 3 public cloud providers, and a little insight into the evolution of the industry ... or not...

Highlights from this week's show include...

  • What are we expecting from AWS RE:INFORCE this inaugural year?
  • Mark gives us his take on the security in the three major public cloud providers
  • Rafal and Mark reminisce about how things were...and where they are in terms of cloud, and security
  • Mark and Rafal laugh about the opportunity security teams have right now...or may be missing


Jun 24, 2019
DtSR Episode 351 - Deeper Into the Microsoft Security Ecosystem

Thank you to Microsoft for sponsoring this show, and our podcast over the years...


Highlights from this week's show include...

  • Rob discusses what "Microsoft Threat Protection" is, isn't, and why it's relevant today
  • Rob gives us some context to "trillions of signals" - what does that mean?
  • Rob provides perspective on the pillars of operational excellence required to make Microsoft's vision a reality in damn-near-real-time
  • Rafal and Rob discuss what the ecosystem looks like, and how it's being released into production
    Rob answers whether Microsoft consumes its own tools… the answer may surprise you


  • Rob Lefferts - @rob_lefferts - Rob Lefferts, Director of Program Management for the Office APPS team, is responsible for the development and engineering for the Office Developer Platform, Access and Project teams, part of the Microsoft Office Division, focusing on the end-to-end developer and apps experience for the Office and SharePoint ecosystem. Prior to this role, Rob was the Group Program Manager for the SharePoint Base and Windows SharePoint Services teams, where his responsibilities included leadership for technical and strategic directions for the SharePoint business. Rob has been at Microsoft since 1997 and was part of the original core team for SharePoint Portal server. Rob holds a BS and MS from Carnegie Mellon in Pittsburgh, PA. 
Jun 19, 2019
DtSR Episode 350 - Deep Learning on Deep Packets

Show Note: As most of you know, this show has long refused to use advertisements, or ad revenue to keep itself going. That said, I openly welcome organizations who have something interesting to say and some extra marketing dollars to give, to sponsor an episode while still going through the same vetting process as everyone else. This is one of those shows.

This week James and Rafal are joined by Saumitra Das, the Chief Technology Officer for an interesting little start-up called Blue Hexagon. If you find yourself nodding along and interested in hearing more, we encourage you to go check out their website and let them know you hear of them on this show.

Highlights from this week's show include...

  • Saumitra shares his insights on AI, machine learning, and the limitations and mis-uses of them
  • We discuss the challenges of finding 'malice' at extremely high volumes, at extremely high rates of speed, and in extremely diverse environments
  • Saumitra previews the methods Blue Hexagon use to approach this problem and potentially start to draw a viable approach


Jun 11, 2019
DtSR Episode 349 - Verizon 2019 DBIR Double-Live Part 2

Friends & listeners - welcome to the 2nd half of the 2019 Verizon DBIR 2-part extravaganza. Gabe Bassett, one of the authors of the DBIR, joins Rafal & James to talk stats and lessons we can take away from the report.

Highlights from this week's show include...

  • We all talk patching... why it's hard, what we can do about it, and realities of patching
  • Gabe does more live data analysis
  • We get an insight into how long and how hard this report is to produce


Jun 04, 2019
DtSR Episode 348 - Verizon 2019 DBIR Double-Live Part 1

Friends & listeners - welcome to the 2019 Verizon DBIR 2-part extravaganza. Gabe Bassett, one of the authors of the DBIR, joins Rafal & James to talk stats and lessons we can take away from the report.

Highlights from this week's show include...

  • Gabe distinguishes between an incident and a breach - for those of you who need the refresher
  • Gabe dives into the stats to talk about small businesses, and the impact of breaches on them
  • Gabs does some live data science for us, pulling in stats on-the-fly
  • We avoid the 'patching' discussion (that's for the 2nd half)


May 29, 2019
DtSR Episode 347 - Inside the RH-ISAC

This week, Tommy McDowell who is the Vice President at the Retail and Hospitality Information Sharing and Analysis Center, joins Rafal in person, in Dallas.

Highlights from this week's show include...

  • Tommy gives us a background on himself, and the RH-ISAC (and it's mission statement, and such)
  • Tommy & Rafal discuss the difficulty in setting up an information sharing center
  • Tommy gives us insights into why retail and hospitality need their own unique threat sharing network



May 21, 2019
DtSR Episode 346 - Green Waxes Mostly Academically

This week, Rafal gets the rare occasion of sitting down face-to-face with someone and do an interview in person. Andy Green is a great if not sharky fellow, who helped me get over my PG rating for this podcast. So ... it's probably PG-13.


Highlights from this week's show include...

  • Andy talks about BSides Atlanta and the labor of love that is getting a conference stood up
  • We talk about conference drama - because we all need more of that in our lives
  • Andy discusses academic programs, shaping young minds, and being a universally beloved professor (not)


  • Mr. Andy Green ( @SecProfGreen ) - Andy is a lecturer of Information Security at Georgia's Kennesaw State University. When he's not running Atlanta's BSides ATL he teaches classes in the Information Security and Assurance degree program, in the Information Systems department of the Michael J. Coles College of Business at Kennesaw State University.
May 14, 2019
DtSR Episode 345 - RaffCon the Podcast

This week on the podcast, Rafal gets some one on one time with Raffael Marty ... and it's #RaffCon.


Highlights from this week's show include...

  • Raf & Raffy discuss the origins of #RaffCon
  • Raffy talks through Artificial security
  • Raf and Raffy dive into "risk management"



  • Raffael Marty - ( @raffaelmarty ) - Data analytics and visualization enthusiast. Interested in large-scale big data and cloud infrastructures to support cyber security use-cases. "How can we assist users to gain deep insight into large amounts of data?" I have spent a lot of time building and defining the security visualization space through open. I oversee Forcepoint's X-Labs, a specialized department within Forcepoint that is responsible for behavior-based security research and the development of predictive intelligence. In addition to traditional threat and security intelligence, we are the home of data science, machine learning, and artificial intelligence within Forcepoint.
May 07, 2019
DtSR Episode 344 - You've Probably Been Pwned

This week, Rafal is joined by the man, the myth, the Aussie legend - Troy Hunt. We basically talk about whatever is on his mind - which, as it turns out is a lot. Take a listen, we may publish an English translation later (joking, Troy!).


Highlights from this week's show include...

  • Troy gives a run-down on HaveIBeenPwned
  • We talk through some of the interesting use-cases for HaveIBeenPwned data
  • Troy gives perspective on usernames, passwords, and other important things technology/security related


  • Troy Hunt ( @TroyHunt ) - Troy is a Microsoft Regional Director and Most Valuable Professionalawardee for Developer Security, blogger at, international speaker on web security and the author of many top-rating security courses for web developers on Pluralsight.

    I created HIBP as a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or "pwned" in a data breach. I wanted to keep it dead simple to use and entirely free so that it could be of maximum benefit to the community.

    Short of the odd donation, all costs for building, running and keeping the service currently come directly out of my own pocket. Fortunately, today's modern cloud services like Microsoft Azure make it possible to do this without breaking the bank!

May 01, 2019
DtSR Episode 343 - The 31st Human Right

This week, on a riveting edition of Down the Security Rabbithole Podcast Raf sits down with Richie Etwaru, a human data ethicist and Founder and CEO of

What's a human data ethicist, you ask? Listen to the podcast, and find out.

Highlights from this week's show include...

  • Richie walks us through data ownership as a fundamental human right, including why now is the right time in history
  • Raf and Richie discuss the principles of data ownership and how they're different from privacy or security
  • Richie discusses data ownership as a great leveling factor for society
  • SO much more...


  • Richie Etwaru - Richie Etwaru is a human data ethicist and the Founder & CEO at where he is responsible for vision, strategy and execution focus for the company. He is driven to reshape the world by creating a new data economy, where inherent human data is legally human property.

    He has held c-level roles at Fortune 500 companies for two decades, and serves as advisor to venture capitalists, startups, governments, academia, and large organizations on transitioning to Trust Companies.

    Richie’s book Blockchain Trust Companies, Every Company is at Risk of Being Disrupted by a Trusted Version of Itself (2017) is used by universities, consulting organizations, and governments, and his TEDx talk Blockchain Massively Simplified has been viewed almost 1 million times.
Apr 23, 2019
DtSR Episode 342 - Michael Coates Has Things to Say

This week on episode 342, Michael Coates joins Rafal & James for the 2nd time. Michael's first episode was way, way back in 2015 on episode 134 titled "Fundamental Security". Looks like things haven't changed much.

We highly recommend you check out episode 134 first, then listen to this one. Trust us, you want the context.


Highlights from this week's show include...

  • Michael gives us an opinion on "what's changed" in the last decade or so
  • Michael discusses "risk", "technical risk", and the Enigo Montoya problem in security
  • Michael gives an overview of what he thinks the profile of the CISO should be
  • Michael gives his take on why he thinks low false-positive rates are important and automation is the future


Apr 16, 2019
DtSR Episode 341 - Discussing Security Reference Architecture

This week, in the final installment of "Live from RSA Conference 2019" Rafal interviews Mark Simos, who is the definitive source for reference architectures at Microsoft. He's the Lead Architect in the Enterprise Security Group and he's doing some amazing things for the community with regards to the Azure cloud and other Microsoft-related security things. Give this episode a listen and share it ...maybe listen again and take good notes!

Highlights from this week's show include...

  • Mark discusses security reference architectures (in general)
  • Mark and Raf rap on the shared responsibility model for the cloud...again
  • Mark answers "What's different about security in the cloud?"
  • Mark raises the concept of "raising the cost to the adversary" for defenders...


  • Mark Simos - ( @MarkSimos ) - Mark is Lead Architect in Microsoft’s Enterprise Cybersecurity Group where he is part of a group of cybersecurity experts who create and deliver unique cybersecurity services and solutions to Microsoft’s customers.

    Mark has contributed to a significant amount of Microsoft cybersecurity guidance - most of which can be found on Mark's List (

    Mark focuses on cybersecurity guidance to help customers manage cybersecurity threats with Microsoft technology and our partner solutions. Mark's current focus is on security assessments and roadmaps that span the spectrum of security topics including privileged access, high value asset protection, security strategies and operations, datacenter security, and information worker protection.
Apr 09, 2019
DtSR Episode 340 - Diana Kelley from RSA 2019

This week, Down the Security Rabbithole Podcast is publishing episode 3 of 4 which were recorded LIVE at RSA Conference 2019. This episode features Diana Kelley, of Microsoft, talking about the latest security report and other goodies.

Highlights from this week's show include...

  • Diana discusses the highlights from the latest Microsoft Security Intelligence Report
  • Raf provides an opinion on how Microsoft could totally own the endpoint space
  • Rafal & Diana dive back into passwords...apparently, we just can't get away from them
  • Diana tells a really interesting story about Microsoft Windows Hello and twins


  • Diana Kelley - @DianaKelley14Microsoft Enterprise Cybersecurity Group Leadership team member. Represent Microsoft at global security conferences, author-industry analysis, white papers, and blogs on Microsoft security strategy and response to cyber threats. Contribute to the all up security messaging and provide insight into the strategic vision and direction for the company in close partnership with marketing, business groups, and engineering, as well as working closing with the security PR and AR teams.
Apr 02, 2019
DtSR Episode 339 - Insuring Against Acts of Cyber War

This week, driven by the news cycle, and an interesting story... Rafal & James invite George and Shawn, as actual experts, onto the show.


Highlights from this week's show include...

Other links related to this podcast:

Mar 28, 2019
DtSR Episode 338 - Failure of Risk Management

This week, part 2 of a four-episode set recorded live from RSA Conference 2019. This time, it's Phil Beyer's turn to have a turn at the microphone... 

Highlights from this week's show include...

  • Phil talks up "The failure of risk management"
  • We discuss the realities of risk management
  • Raf asks "How do we make more informed risk decisions?"
  • Raf and Phil talk through thread models and why they're relevant
  • ...and so much more



Mar 19, 2019
DtSR Episode 337 - Insights on Cyber Talent

This week, in the first of a four-part "Live from RSA Conference 2019" series, Rafal interviews Deidre Diamond. Deidre knows a little something about cybersecurity talent having worked in the field most of her professional career. We discuss all kinds of interesting and relevant topics...

Highlights from this week's show include...

  • Deidre presents her new "human model" for hiring, staffing, and retaining excellent talent
  • We discuss the difference between a good leader, and just a good manager and why those aren't the same
  • We discuss the pay gap, why it's still a thing, and what's to be done about it
  • Deidre discusses the challenges women face in cybersecurity, and what's changing



  • Deidre Diamond: (@DeidreDiamond) -  in her own words:
    • Combining my 21 years of experience working in technology and staffing, my love for the cybersecurity community, and a genuine enthusiasm for people; I created Cyber Security Network (, a company transforming the way Cyber Security Professionals approach job searches. will remove the frustration from job-hunting, and aid in interpersonal connections and education.

      Throughout my career, I have built large-scale sales and operations teams that achieved high performances. Creating cultures based on an anything is possible attitude allows people to achieve above and beyond the usual. By establishing an open communication framework throughout an organization; I have created cultures of positive energy, career advancement, and kindness, that enables teams to reach beyond peak performance and have fun at work.

Mar 12, 2019
DtSR Episode 336 - Energy Sector Security Update Q1-2019

This week, Patrick Miller joins Rafal to provide an update on the energy sector, and what's different (or not). Another episode with a returning guest who continues to provide timely and important updates on key "big picture" security issues.


Highlights from this week's show include...

  • Patrick gives us a "state of the union" update on what's going on in the power industry with security
  • Raf asks "are we getting better... or worse?"
  • Patrick discusses IoT, IIoT, and "everything has an IP address"
  • Patrick tells a story about his recent encounter with a 386 & DOS 2.2 (if you know what this is, you're old)
Feb 26, 2019
DtSR Episode 335 - Ranking the Adversaries

This week, in a special episode, Dmitri Alperovitch of Crowdstrike joins Rafal to talk about a brand new report that Crowdstrike is releasing. The Crowdstrike 2019 Global Threat Report is a must-read with some very interesting topics covered. Dmitri joins Rafal to talk specifically about the ranking of threat actors, and what it means to you.


Highlights from this week's show include...

  • Dmitri explains "breakout time" and why it's important
  • Dmitri gives a walk-through of the methodology used to rank your global adversaries
  • Dmitri & Rafal talk through who's on first, and what's up with China
  • Rafal & Dmitri talk about what this report means to you sitting at your desk playing defender
Feb 19, 2019
DtSR Episode 334 - Compliance and Operational Process

This week, on the DtSR Podcast, Rafal is joined by Matt Herring, long time listener, and first-time caller. We talk through Matt's career path, and how he got to head up a global security operations team. It's a pretty interesting story - you should listen.


Highlights from this week's show include...

  • Matt talks us through how he got into being an auditor
  • Matt and Raf compare and contrast compliance and security (yes, really)
  • An uncomfortable discussion on market consolidation ensues
  • Matt gets put on the spot for leading and trailing indicators, provides some insights



Feb 12, 2019
DtSR Episode 333 - Security Evolution and Trends

This week James and Rafal talk to Sean Martin, one of the people who have been quietly making a difference in the security industry for almost three decades. Sean is credited with many innovations, ideas, and trends...and he spends some time discussing that with us.


Highlights from this week's show include...

  • We collectively quickly make fun of the SIEM (yesterday, today, and next decade)
  • Sean talks through the "feature companies" that are hitting the market in a recent couple of years
  • Raf brings up the idea that we really don't understand the impact of the technology we create for 10+ years - what does that mean for security?
Feb 05, 2019
DtSR Episode 332 - Security in Transformation

This week, long-time friend and colleague Jenn Black (doer of interesting things) joins James and Rafal on the podcast to talk about the role of security leaders in the digital transformation efforts of enterprise shops. Interesting conversation ensues.

Highlights from this week's show include...

  • Jenn, James, and Rafal discuss the role of the security lead in enterprise digital transformation
  • Jenn shares some of her experience in aiding CISOs with building security programs to support 'the business'
  • We make light of the fact that it's a million degrees below zero up north


  • Jenn R. Black ( @JennRBlack ) - With over 18 years of experience within IT and cybersecurity managed services, Jenn helps companies manage their cybersecurity threats, vulnerabilities, and risks to meet regulatory and business needs, while driving process efficiency. As a consultant in a cybersecurity practice, she works closely with clients to define their cyber strategy, create roadmaps and solutions to meet the company’s security objectives. 
Jan 30, 2019
DtSR Episode 331 - Incident Response and Counterfactuals

This week second-timer Jon Hawes is back for another trip to the microphone to talk about his interesting take on risk, response, and the security world we live and breathe. With interesting anecdotes and a firm grasp on real-world risk discussions, Jon and Raf have a pretty enlightening chat you will benefit from.

Highlights from this week's show include...

  • Jon discusses the concept of a "counterfactual"
  • Jon discusses feedback loops in how incidents are handled
  • Jon and Raf talk through how security professionals discuss 'risk' and what we can do to better the conversation



Jan 23, 2019
DtSR Episode 330 - Biometrics for Authentication

This week, James and I sit down to discuss biometric authentication and some of the FUD around ways it can be broken. This ends pretty much the way you think it does.


Highlights from this week's show include...

Jan 15, 2019
DtSR Episode 329 - Volunteering Your Career

This week, on the DtSR Podcast recorded way too early on a Monday morning, we talk volunteering in InfoSec with Kathleen Smith. Kathleen is the CMO of and - and she recently ran a volunteerism survey (link: you should probably check out too.

Highlights of this week's show include...

  • Kathleen discusses some of the highlights of the survey
  • We discuss some of the things volunteers learn, and why this is critical to our community
  • Several jokes are made
  • We discuss the value of volunteering and its impact on your career
  • and much, much more



  • Kathleen Smith - @YesItsKathleen - CMO, ClearedJobs.Net/CyberSecJobs.Com, both veteran-owned companies, she spearheads the community-building, and communications outreach initiatives catering to the both organizations’ many audiences including security cleared job seekers, cybersecurity candidates, and military personnel. Kathleen has presented at several security conferences on recruiting and job search within the cybersecurity world to include BSidesLV, BSidesTampa, BSidesDE, FedCyber. Kathleen volunteers in the cybersecurity community; she is the Director, HireGround, BSidesLV’s 2-day career track. Kathleen is well respected within the recruiting community, is the co-founder and current President of recruitDC, the largest community of recruiters in the Washington DC area
Jan 09, 2019
DtSR Episode 328 - Who Who Who Are You

This week, James and Rafal welcome in 2019 with a look at the fundamentally fatalistic argument that "everyone gets hacked" - with Richard Bird. They discuss whether that's even a valid statement, and if so, what can we do about it?

Highlights from this week's show include...

  • Richard addresses the question of whether we've addressed a fundamentally fatalistic attitude towards security
  • The guys discuss whether the real perimeter, as we go into 2019
  • Richard schools the guys on identity - and what it's not the perimeter, but something else


  • Richard Bird - Chief Customer Information Officer at Ping Identity - Link:
    (Yes, Richard is the guy with the smashingly handsome bowties!)
Jan 02, 2019
DtSR Episode 327 - Experienced Security Leadership

This week James is back on the microphone with Rafal as they interview 2 industry veterans to talk about the right approach to security leadership, and developing that talent pool. We talk to Yaron and Setu to get a sense of what their thoughts are on where good security leaders come from, and the hallmarks of that experience.

Highlights from this week's show include...

  • the curious case of the cyber head who doesn't computer
  • Yaron and Setu give us their thoughts on developing security leaders
  • Yaron shares some of his experience building a security program, across industries
  • Yaron and Setu give us a few pieces of insight for current and future security leaders
Dec 19, 2018
DtSR Episode 326 - MidMarket Security

This week, go down the security rabbit hole with someone who has been working on security in the mid-market (likely the kind of company you work at, statistically) for a long time. Bob has some great lessons learned and is willing to share. Listen in

Highlights from this week's show include...

  • Bob gives a quick history of how he "hacked into hacking"
  • A discussion of breaking into security
  • Bob & Raf discuss security in the mid-market, and how it's fundamentally different than other market segments
  • Bob discusses hiring, talent acquisition and "working from home" in today's job market
Dec 11, 2018
DtSR Episode 325 - A CISO at AWS reInvent 2018

In another episode LIVE'ish from AWS re:Invent 2018 I catch perennial favorite and long-time friend Dustin Wilcox as he wandered the vendor show floor.

Highlights from this week's show include...

  • Raf asks Dustin the obvious question - what's a CISO doing at a cloud expo?
  • Dustin discusses some of the cloud transformation challenges for security teams
  • Dustin unveils the three things he is currently concerned most about for security, in the cloud
  • Dustin imparts a final piece of wisdom you won't want to miss...


Rafal's Guest:

Dec 05, 2018
DtSR Episode 324-1 - AWS reInvent 2018 Delivering Security

At day 2 of re:Invent 2018 I tracked down Arash Marzban, Armor's head of product to talk about his stage session and where the market is going for security - at a developer/builder focused cloud conference. This short conversation is quite interesting...

Nov 28, 2018
DtSR Episode 324 - AWS reInvent 2018 Preamble

This episode of the Down the Security Rabbithole Podcast is sponsored in part by Armor Cloud Security. Go check us out at!


This week's show is a multi-part release from AWS re:Invent 2018. We sit down with two of Armor's solutions consultants to discuss trends, insights from day 0, and discuss anticipated moves and market shifts.

Expect this to be an insightful episode where we dive into cloud security from a development and security perspective.


Nov 27, 2018
DtSR Episode 323 - Security of a Global Enterprise

On episode 323, Richard Rushing (aka the "Security Ninua") joins us to talk about being the CISO of a global organization, and multi-national enterprise.


Highlights from this week's show include...

  • Richard talks to us about his background
  • We discuss the unique challenges of a multinational enterprise
  • Richard gives us some wisdom on how to approach "the business"
  • Richard provides some advice for keeping prioritization and sanity
Nov 20, 2018
DtSR Episode 322 - The Ethics of Cyber Security Panel

This week #DtSR tackles the topic no one else wants to - ethics in cybersecurity. There are a lot of things to be said, so rather than writing them down here, go listen to the episode. Repeatedly.

Highlights from this week's show include...

  • A base platform for the discussion on ethics
  • Moral relativism, applied to cyber
  • Law vs ethics
  • Cultural ethics and relativism
  • "Hacking back" - yes we went there
Nov 15, 2018
DtSR Episode 321 - Putting Threats In Perspective

** Go Vote **

Do your civic duty, and go vote. Heck, while you're standing in that long line to vote, listen to the podcast, we're not picky.

This week, Rob Graham joins Rafal and James (who's back!) to talk about various topics related to threats. We start with the hacking voting machines, and it go from there.

Highlights from this week's show include...

  • We ask Rob to tell us what he knows about the Georgia 'hacking the election' case going on right now
  • We discuss what the real threat to our elections is
  • We ask Rob to tell us what he thinks the biggest threats are, and how we should approach them
Nov 06, 2018
DtSR Episode 320 - Specializing in Forensics

This week, James Habben joins me in studio for what turns out to be an introspective walk through the evolving world of forensics.


Highlights from this week's show include...

  • James gives us some background on how he got where he is
  • We talk through some nostalgia
  • James answers the "Is APT trying to get me" question, sort of
  • We talk about things companies should be doing to prepare...
Nov 02, 2018
DtSR Episode 319 - Striking Out On Your Own

This week, my good friend and entrepreneur Rock Lambros (of the newly formed Rock Cyber) joins me to talk about getting the itch to go out on your own and actually doing it. Many of us have thought about it, daydreamed, but very few do it. So hear an episode from someone who did...

Highlights of this week's show include...

  • What motivates and drives someone to jump the safety net of corporate life and go off on their own?
  • Rock gives us the secret to "How you know it's time"
  • We discuss how you can avoid the failings of the typical "consultant"
  • We talk through some very interesting strategy and advisory questions... (lots of gems in here!)
  • Rock drops his list of things to think about/remember
  • We discuss how to make security more than just a cost center


  • Rock's new company - Rock Cyber "Navigating Security in a Brave New World" (
Oct 23, 2018
DtSR Episode 318 - War, Cyber and Policy

This week the DtSR podcast tackles one of the thornier issues going around in the news. As the accusations of Russsian hacking continue to mount, international leaders are speaking out and making bold statements that impact policy on a global level.

This topic needed to be addressed with some folks who have actual expertise in the matter - and with the understanding that what we have here are opinions and interpretations.


Highlights from this week's show include:

If you listen to this episode and have a strong opinion - get on Twitter and use the hashtag #DtSR and let's discuss it! There is already a lively discussion started here:


Oct 18, 2018
DtSR Episode 317 - Protecting Higher Education

While James is away, Raf will podcast all day ...or something like that.


Highlights from this week's show include:

  • Bill talks about what it's like to jump into a higher education system and try and play defense
  • We discuss the role of governance, centralized policy, and management in higher education environments
  • Bill discusses his view on the appropriate places to work in security, in a college/higher education environment
  • We compare and contrast the experience of security in higher education against very large enterprise (the comparison may shock you)


  • William Reyor - ( @WilliamReyor ) - William is Fairfield University’s first CISO, is a former penetration tester, and has more than a decade of security and network engineering experience. He is also the Security BSides Connecticut co-founder. You can find Bill on LinkedIn here: 
Oct 09, 2018
DtSR Episode 316 - NCSAM 2018

So, it's October 2018, and it's National Cyber Security Awareness Month. Again.

James and I have a bit of an issue with this, as you'd guess. Why are we still talking about awareness when we need action? Are there really people out there that are saying "If only I was aware that there are bad people trying to do bad things, I'd had done it differently"?


Highlights from this week's show include...

  • We riff on the thing we talk about once a year (and not anymore)
  • James takes a shot at passwords... fish, meet the barrel
  • Raf gets a little upset that we're talking about awareness, since 2004 and nothing really changes
  • Raf & James ask you to take action this year and tell us about it! Hashtag it #DtSR and tell us what you're doing for NCSAM 2018 that's going to make an actual difference
Oct 03, 2018
DtSR Episode 315 - Women in Cybersecurity-Mary Cheney

On this episode of the Down the Security Rabbithole Podcast, Mary Cheney joins us fresh off her talk to the North Texas ISSA Women in Security group. She has such a colorful background and such great stories to tell - we just had to have her on the show.


Highlights from this week's show include...

  • A walk-through of Mary's colorful and extremely diverse background
  • Mary talks about burnout as we pick up the topic from our conversation with Ann Johnson's episode
  • Mary talks about corporate "tools efficacy" and security's cry for wolves
  • much more!
Sep 25, 2018
DtSR Episode 314 - None of This Crap is Secure

This week, on DtSR Episode 314, the infamous (that's more than famous) John Strand joins us. No, not the male model ...the guy who's been an InfoSec legend since before you could walk.


Highlights from this week's show include...

  • We take a stroll down memory lane
  • We discuss the challenges with more complexity in development
  • John takes us through what he thinks some of the faults are



Sep 18, 2018
DtSR Episode 313 - Cyber Law Update Sept 2018

Friends welcome to yet another edition of the Down the Security Rabbithole Podcast - as we invite perennial favorite, Shawn Tuma onto the show! Shawn has a new office, a new law firm, and is giving us his take on what's new in the world of cyber and law. Listen in!


Highlights from this week's episode include...

  • Shawn brings up "The GDPR" and the self-imposed disaster that it has become
  • We dive into the problem with "all the data"
  • Shawn explains the idea of "necessary and proper" and case-law for data breaches
  • Shawn tells us about cyber insurance and the scariest word in the vernacular ... "negligence"
Sep 11, 2018
DtSR Episode 312 - Ann Johnson on Mental Health

This week Down the Security Rabbithole Podcast welcomes two very cool ladies from the InfoSec realm. First Ann Johnson of Microsoft (if you don't know Ann, you're living under a rock, honestly) is here to discuss a tweet she put out a while ago ( ) on mental health in high-pressure jobs in InfoSec. If that wasn't enough, Jennifer Duman from Armor joins us as a guest-host to provide her experienced perspective as a road warrior.


Highlights from this week's episode include...

  • Ann discusses the big deal with working from the road, in a high-pressure InfoSec job
  • We discuss the impact of being a road warrior has on mental health, families, and career
  • Ann gives us some insight from the teams and companies she's worked with
  • Ann gives us some thoughts on how to mitigate mental health impact for InfoSec professionals


Guest Host

Sep 05, 2018
DtSR Episode 311 - Further the Browser

This week we dive into the world of the web browser. A brief history, some discussion about what's wrong and how it's broken - and a few suggestions for what to do next. This is a complicated discussion - so you can bet we'll come back to it with your feedback!


Highlights from this week's show include...

  • A brief walk-through of the history of browsing
  • Solutions that tried, but ultimately failed, to solve the challenges
  • An approach we've seen before - the "remote browser"
  • Discussion on challenges and opportunities of the remote browser concept
  • Discussion on Authentic8's approach and innovations
Aug 29, 2018
DtSR Episode 310 - RFP POC OMG

This week, Rafal & James discuss one of the bigger challenges that an enterprise security team faces today - evaluating new/replacement security tools and services. Listen close if you're on the enterprise side, and listen closer if you're selling to them.


Highlights from this week's show include...

  • We address the difficulties of evaluating or replacing technologies or services
  • Rafal takes you into the "better" trap, and how you can avoid it
  • We discuss defining concrete problem statements
  • James & Rafal talk through the challenges of defining good requirements and evaluating
  • We address how to pick a winner - or not
Aug 23, 2018
DtSR Episode 309 - Digital Transformation, Take 2

This week Nate Smolenski - Director, Cloud Architecture Services - joins us for an insightful discussion on the concept of digital transformation for the enterprise. Many companies are undergoing a digital transformation, or have done so already, and it's up to security to once again, catch up.

Nate brings a truckload of experience and evidence into the conversation and as a security professional and practitioner - you should absolutely listen to this episode. Twice.


Highlights from this week's show include...

  • Answering: What in the world is "digital transformation"?
  • Discussion around the seemingly "take 2" we're embarking on, as security professionals
  • Enterprise security's role, or not, in digital transformation
Aug 14, 2018
DtSR Episode 308 - Theoretical and Applied Futurism

Friends, this week's episode is truly unique. We talk to a gentleman whose job it is to think big, and into the future in a big way.

Jeremy Nulik is the "Evangelist Prime" at Big Wide Sky - an organization that looks to think big, and solve big problems, in big ways. This is an incredible journey into problem-solving on a grand scale.


Highlights from this week's show include...

  • An overview of futurism, as an abstract tool for problem-solving
  • A discussion on the roots of futurism
  • Overview of how futurism is applied today
  • The four key approaches in applied futurism
  • Applying futurism to problem-solving in information security


Links you need to check out:


Aug 08, 2018
DtSR Episode 307 - Building and Teaching in Chicago

On this episode of the Down the Security Rabbithole Podcast, Rafal is in Chicago for a few days and visiting with a long-time friend and colleague, Don Donzal. Don has some great history in the Chicago hacking and security professional scene, so we take a stroll down memory lane, talk about what he's doing now, and take a long look ahead. Join us!


Highlights from this week's show include...

  • Don gives us a little insight into where Ethical Hacker Network got started
  • A history of Chicago Con - anyone been?
  • Life, family, career - and how balancing all of that and still doing what you love is important
  • A look into the future of the new venture!


Catch the Ethical Hacker Network online at, and on Twitter at @EthicalHacker.

Aug 01, 2018
DtSR Episode 306 - Balancing Family and Career

This week, we tackle a topic that should not have taken 306 episodes to get to - balancing family and work while growing a career in Information Security. Britney hits the high points with us, and takes us down the road of what it's like being a mother and security leader - as we explore the topic for everyone who is in our field.

Highlights from this week's show include:

  • Who does this apply to?
  • Are you being asked to choose?
  • Becoming adaptive
  • When you should bend and when you should concede
  • Creating your own space
  • Confidence
  • Benefits of Blending
Jul 25, 2018
DtSR Episode 305 - Security for the Mid-market

Do you work at a company that's too big to be "small business" but too small to be "large enterprise"? You're probably in that place known as the "mid-market". Many of the large vendors don't pay attention to you, and yet you still have all of the same problems big companies do - just without all the budget. What do you do? Listen to this episode of DtSR and find out what we think.


Highlights from this week's show include...

  1. Addressing the "tool" or "staff" conundrum
  2. Who's manning all those dashboards? Staff to dashboard ratio
  3. How do you prioritize, when you can't multi-thread?
  4. Giving up isn't an option, so what do you do?
Jul 17, 2018
DtSR Episode 304 - Transforming Security

This week, James and I interview a former Optiv colleague and advisor to many Fortune 250 CISOs in his long career, our friend Ron Kurisczak. Ron's long and successful career has included time spent truly transforming the way security functions, and how it's seen in the boardroom. Spend 35 minutes and hear his take on where we've been, and why right now is so crucial to our future.

Highlights from this week's show include...

  • Why are we transforming security?
    • Data classification, operation policies
  • Tracking key performance indicators (KPIs)  to the new rules of security
    • Who's getting through, how long did they have, what did you do to eradicate?
  • What are we measuring - how do we define "maturity" in security programs
  • Understanding how we understand and measure long-term losses from security failures
  • Moving into a truly risk-based security program, and away from "how much are my peers spending?"
Jul 11, 2018
DtSR Episode 303 - Advising Security Leadership

Thanks to my friend Brian Wrozek for joining us this week on Down the Security Rabbithole Podcast. Brian's long career as a CISO has broken several 'typical' molds... so he's a fantastic person to join us to talk about the things CISOs should be thinking about.

Highlights from this week's show include...

  1. Prioritizing projects as the CISO
  2. Getting support from the outside because "we hired you to know this"
  3. Refreshing and revisiting completed projects/tools to optimize and see a value
  4. Security is additive, we never really take anything away - is this a problem?
  5. Red team, blue team, purple team ... what happened to penetration testing?
  6. Automation, orchestration, automated response to bad
  7. Risk management, and "back to the basics" is still broken
  8. Breach after breach after breach - and nothing's changing
Jul 03, 2018
DtSR Episode 302 - InfoSec Superhero Syndrome

This week, as DtSR rolls on to Episode 302, we talk with John Svazic who is a Cloud Security Architect for a day job and runs the Purple Squad Security Podcast in his spare time. His perspective on the idea of an "infosec army of one" is one that many of us share, and it needs to be solved.

Highlights from this week's show include...

  • Trying to solve everything, on our own... burn out or flame on
  • Working as a lone wolf can be detrimental to your career, and sanity
  • Working as an individual within an enterprise team
  • Perspective for the business requires others
  • Case in point - Application security jobs
  • Purple teams - the ultimate collaboration, not me vs you
Jun 26, 2018
DtSR Episode 301 - Julie Conroy on eFraud and Identity

This week on Episode 301, James is off and I take a one on one conversation with Julie Conroy from Aite group on the topic of global fraud. It's a fascinating conversation that winds through the fringes and often unexplored corners of enterprise security. Check it out, and special thanks to Julie for taking the time out of her busy schedule.


Highlights from this week's show include...

  • A brief glimpse into the impact of enterprise security on global fraud
  • Julie talks through identity, and how enterprise security can positively impact fraud
  • Account takeovers - the thing we all fear but struggle to solve
  • Balancing security and usability, convenience


Jun 19, 2018
DtSR Episode 300 - Reminiscing

Thank you, listeners!

Down the Security Rabbithole has reached milestone episode #300.

In this episode, James and Rafal sit down with the nothing more than an open mic and talk through topics the podcast has previously covered, and others we still have yet to cover.


Join us. And a personal thank you to all of our guests over the past 300+ episodes... we are looking forward to much more great content to come!

Jun 14, 2018
DtSR Episode 299 - Leadership Lessons w Chris Abramson

Special thanks to Chris for doing this in-person. It was a fun conversation and always a pleasure!


Highlights from this week's show include...

  • Chris and I talk about measuring 'risk'
  • We discuss 'brittle systems' which apparently are still alive and kicking
  • Risk analysis, cloud computing, and your business



  • Chris Abramson ( @cabramson50 ) - Director, Information Security Delivery & Engineering; Team oriented Enterprise Information Security Management professional seeking to improve the security of organizations through education and practice. Qualifications include a bachelors degree in computer science; CISM, CISA, CEH and ECSA certification. Understanding of Industry, State and Federal regulatory standards. Ten years of experience in the creation and deployment of Information Security solutions for protecting the networks, systems and data assets of a fortune 50 company.
Jun 05, 2018
DtSR Episode 298 - Overcoming the Language Barrier

Two more episodes until we hit #300...what a crazy ride it's been! Thanks for taking the journey with us, and we're looking forward to having you along for another 300 (maybe).


Highlights from this week's show include...

  • Applications of DoD security in a non-DoD world
  • The meaning and elements of the risk equation
  • Understanding (making sense of) the risk equation
  • Swimming in the swamp of marketing literature
  • AppSec as an area of expertise (again, and again, and again)


Go see Jeff at Circle City Con if you're attending. He's giving a talk ( ) titled "(Re)Thinking Cyber Security Given the Spectre of a Meltdown: (Someone Hold My Beer)"

May 29, 2018
DtSR Episode 297 - A Model for Prioritizing Patching Efforts

Before you listen to this podcast ... go grab this report: from Kenna Security and the Cyentia Institute. Read it. Think about it. Then listen to this show.


Highlights from this week's show include...

  • A high-level walkthrough of the model that authors developed, and the many interesting insights
  • Why what you're doing now is probably as good as random chance
  • A deeper discussion on cause and effect of patches, and trying to do everything

So much more! While you're listening to the show, hit us up on Twitter using the hashtag #DtSR or tweet to @DtSR_Podcast!



May 22, 2018
DtSR Episode 296 - Hype Machine Off the Rails

This week, former analyst and security industry veteran Adrian Sanabria joins James & Rafal to talk about some of the hype in our industry. From current events, to learning lessons, to the on-going master-class in bullsh*t we convince ourselves of - this podcast is a riveting (although slightly longer) episode of free-flowing discussion.


Highlights from this week's show include...

  • We discuss #eFail - and the circus maximus of ridiculousness that it currently is
  • Adrian gives us some views on believing our own nonsense
  • We attempt to discuss how we got to this point
  • Much more!
May 15, 2018
DtSR Episode 295 - DevSecOps is Not a Thing

This week, Mark Nunnikhoven joins us from the great white North. All the way from Ottawa, Canada - Mark talks with James and Raf about cloud computing, DevOps, and some silly things security folks are doing to undermine themselves in the brave new world.

Highlights from this week's show include...

  • A brief discussion on moose and Canada
  • Why none of us believe "DevSecOps" is a thing
  • Deploying security into modern code development practices
  • Much, much, much more



  • Mark Nunnikhoven ( @MarkNCA ) - Vice President, Cloud Research at Trend Micro. Mark has way too many credentials and accolades to list here, go read his LinkedIn page, or check out "Mornings with Mark" on his Twitter feed daily. [Mark on LinkedIn]
May 09, 2018
DtSR Episode 294 - Securing Azure

* Special thanks to Microsoft for giving DtSR access to fantastic guests, and printing t-shirts & stickers for RSA Conference 2018. Please help us say thank you and check out all of the MS announcements at and if you really want to check out something amazing where IoT and cloud collide, check out

On this second special episode of the podcast live from RSA 2018, Raf sits down at RSA Conference 2018 with a gentleman you may not know but you should, Avi Ben-Menahem. We discuss what it's like in terms of effort, scope, and sheer talent, to take on the monumental task of securing the Azure public cloud platform. Avi shares his insights, and drops us some interesting tidbits on the day in the life of someone working at truly hyper scale.

Again, special thanks to Jessica and the Microsoft team for some truly unprecedented access.

May 02, 2018
DtSR Episode 293 - Diana Kelley from RSA 2018

* Special thanks to Microsoft for giving DtSR access to fantastic guests, and printing t-shirts & stickers for RSA Conference 2018. Please help us say thank you and check out all of the MS announcements at and if you really want to check out something amazing where IoT and cloud collide, check out

On this very special episode of the podcast, Raf sits down at RSA Conference 2018 with the one and only Diana Kelley to talk data integrity, crisis communication, and fear-based selling in security.

Again, special thanks to Jessica and the Microsoft.



  • Diana Kelley ( @DianaKelley14 ) - Diana is the Cybersecurity Field CTO for Microsoft, a cybersecurity thought leader, practitioner, executive advisor, architect, speaker, author and co-founder of SecurityCurve. More here: 
Apr 24, 2018
DtSR Episode 292 - Navigating Industry Conferences (RSA)

This week, James is back and he and Raf sit down for a discussion on navigating the big industry conferences, as RSA Conference kicks off in San Francisco. We add just the right bit of snark to your day, and provide some much-needed commentary on the industry, conferences, and survival.

Highlights from this week's show include...

  • A quick overview of RSA Conference
  • Getting value, learning something, or whatever else
  • Buzzwords, and navigating marketing speak
  • Attendee personas: buyer, attendee, vendor - there is a huge difference in how you experience a conference from these angles
  • Feature, product, or startup (sometimes they're the same thing!)
  • Tips, tricks and ideas for having a successful experience
Apr 17, 2018
DtSR Episode 291 - A New Perspective On Endpoint (Nyotron)

[This week's episode and fantastic discussion on endpoint security is sponsored by Nyotron]. DtSR listeners already know we don't do advertisements or traditional sponsorship - so when we bring in a sponsored guest it's because we believe the topic is interesting and the guests have a genuinely interesting point of view.

On that note...

The topic this week is the endpoint. Yes, the endpoint - the place where security started, and was subsequently abandoned, and reborn. Whether you're talking about virtual cloud workloads, laptops or other types of endpoints - we can all agree on the fact that there are too many buzz words, too many tools, and too many 'solutions' to the various ailments of the endpoint. This week we dive down the rabbit hole with Rene and Nir, from Nyotron, to hear their unique perspective and get an understanding on why they think their approach to this very difficult problem is worthy of your time.

I invite you to give this episode a listen, as it's a bit of a pilot for us. If you all enjoy it, we will do 1-2 of these per quarter ... if the audience votes that these add no value, we will give it more thought.

If you're coming out to RSA 2018, come see demos of live attacks (including Rubber Ducky) and learn more about Nyotron's technology at the RSA Conference - South Hall, booth #1639.

More information on Nyotron which we invite you to check out are here: 

Don't forget the hashtag #DtSR on Twitter and you can find us on LinkedIn as well!

Thanks for Rene and Nir of Nyotron for the discussion and recognition of the DtSR audience!

Apr 10, 2018
DtSR Episode 290 - What Ails the CMS

This week on the Down the Security Rabbithole Podcast, Tony Perez stops by for an early morning chat about the content management systems we in InfoSec love to hate on. We talk about Drupal, Wordpress and all the other CMSes out there that have similar issues.


Highlights from this week's show include...

  • Why start a company that does CMS security (they're hopeless anyway right?)
  • How many of the most popular CMSes are actually not as bad as you may think, security wise
  • The core, the plug-in infrastructure, and plug-ins
  • Finding, responding to, and fixing bugs in the modern software world


  • Tony Perez ( @Perezbox ) - [Tony has perhaps one of the coolest LinkedIn write-ups, so I'm pasting it here.] Tony is a proven business leader and operator. He is a former US Marine (2000 - 2005), and former CEO of Sucuri (2011 - 2017), a website security platform that was acquired by GoDaddy in April 2017. He has proven experience taking a security product from startup to a global, multi-national, organization. 

    His core competency revolves around: leadership, management, marketing, product position, product pricing, sales, business institutionalization, revenue and organizational strategy. 

    He believes that our greatest responsibility in sales and marketing is to bridge the gap between the value a customer expects from your product, and the value you assume you are delivering. 

    He brings with him an intoxicating level of energy, work ethic and passion. Excelling in high-tempo environments, and executing flawlessly against strategies. He is adamant about self-reflection and self-actualization, placing energy on learning his weaknesses and building on them. 

    He is horrible at spelling, but amazing at motivating people. He is known for challenging people to be better, to strive for more, to never settle for the cards they've been dealt. He was a leader of Marines, and today he's a leader of people, technology and industry.
Apr 03, 2018
DtSR Episode 289 - Neither Security Nor Privacy

This week, join DtSR as Rafal sits down across the virtual table with the one and only Robert Hansen. Rob (aka @Rsnake ) discusses his roots of being an almost-bad-guy, to the security of browsers, and privacy. Plus we get to reveal something pretty awesome...


Highlights from this week's show include...

  • Rob's fascination with alien conspiracy theories
  • A back history of browsers you've never heard of, that you benefit from today
  • Google...
  • Security vs. Privacy - why you don't actually get either
  • A secret reveal from Rob about his exciting new venture
Mar 27, 2018
DtSR Episode 288 - Experienced Opinions

This week, while James was out on family duty, I sat down on a Saturday morning with my good friend Will Gragido to talk security. Will is an industry old-timer (sorry buddy, we're old) and has some seriously valid opinions on many things. We discuss some interesting topics, and apologize for nothing.


Highlights from this week's show include...

  • It's conference season again... and time for more buzzword bingo
  • Marketing people are the worst...except we're all complicit
  • Threat Intelligence. Again. Still. Yep.
  • Let's go hunting for threats - who should have a threat hunt team, and why
  • Mergers, acquisitions, and the future of our industry



  • Will Gragido ( @WGragido ) - Will Gragido is a seasoned security professional with over 20 years’ experience in networking and information security. Will’s extensive background is the result of his service as a United States Marine, a consultant with the world renowned International Network Services, Internet Security Systems (now IBM ISS), McAfee, Damballa, Cassandra Security, RSA Netwitness, Carbon Black, Digital Shadows and now Digital Guardian where he leads the organization’s Advanced Threat Protection Product Line as its Director.
Mar 20, 2018
DtSR Episode 287 - Armored and Battle Tested

In case y'all don't read LinkedIn or Twitter - Rafal recently joined Armor (, so what better time to interview the CEO Chris Drake than right now.

So this week, Chris Drake joins us in the studio to talk about his background (which is quite interesting, by the way) and how he got to start a fast-paced cloud security-as-a-service company.


Highlights from this week's show include...

  • The road starts with jumping out of airplanes
  • The Butterball story
  • More discussion on challenges with existing security models
  • Security-as-a-Service vs. Managed Security (MSS) - differences and big differences



  • Chris Drake, Founder and CEO of Armor ( @ChrisDrake ) - Chris is currently the founder and CEO of Armor, a fast-paced cloud Security-as-a-Service provider. If you want more on Chris, you'll have to listen to the podcast.
Mar 13, 2018
DtSR Episode 286 - Breach vs Incident vs Lawyers

This week's DtSR Podcast sits down in the offices of Shawn Tuma to discuss an update on the law with regards to data breaches, or incidents - and what the differences between. We talk through current events, past history and look into the future a bit.

Highlights from this week's show include...

  • the legal differences in the words we use (breach vs. incident)
  • notification and disclosure in a global economy
  • planning, preparation, and the big day
  • costs - specifically around insurance - when things go badly
  • right to sue for current, and future, damages (did they really happen?)
  • overview of GDPR, and the cornucopia of other local, regional, national, and international laws as they are evolving


Mar 06, 2018
DtSR Episode 285 - Alt-Tab Alt-Tab Swivel-Chair

We have a treat for you folks this week!

On episode 285 of the podcast I'm joined by three well repected, forward thinking, and entrepreneurial-minded security executives to talk about about some of the challenges they see in the industry and what they're doing to solve them.

From cloud, to threat intelligence, staffing, and other scaling issues - we address the issues head-on, and provide some insight into what these three are thinking going forward.

*The audio quality isn't the usual high-quality I expect to publish, so my apologies for that in advance. Somewhere the recording tool I use had an issue, but I did my best to make sure you could hear the speakers clearly. Apologies for the background noise on this recording.



  1. Susan Magee
  2. Dustin Wilcox
  3. Jason Clark


If you've noticed the new logo, it's courtesy of a phenomenal artist, whose name is Peter Czaplarski. Yes, you too can hire him to draw amazing things for you, you can find him here: Peter is also the artist behind Vengence Nevada (found here, for you comic lovers: ) and has been an artist in many other venues. We highly encourage you to give his Facebook page a like!

Feb 27, 2018
DtSR Episode 284 - MSS SOS

This week on the Down the Security Rabbithole Podcast, Raf and James welcome long-time friend of Rafal's - Scott Stanton - to the microphone. Scott's able to join Raf in person in Atlanta, while James is predictably on the other end of a Howdy Doodie (you'll get this if you listen).

This week, we tackle the MSS issue (Managed Security Services providers) again, but with a fresh angle where we aren't just spending the entire time bashing something we all rely on - but rather providing some constructive feedback into MSS providers from an enterprise perspective. And reminiscing a little. A lot.

Join us! And spread the word!


  • Scott Stanton ( @Scott_Stanton ) - Information Security leader with experience in the High Tech, Manufacturing, Engineering, Services, and Energy industries. My technical depth includes application development, IP networking, operating systems, virtualization, and storage systems. Scott is currently the Senior Manager of Infrastructure Security at a medical technology company.


If you've noticed the new logo, it's courtesy of a phenomenal artist, whose name is Peter Czaplarski. Yes, you too can hire him to draw amazing things for you, you can find him here: Peter is also the artist behind Vengence Nevada (found here, for you comic lovers: ) and has been an artist in many other venues. We highly encourage you to give his Facebook page a like!

Feb 20, 2018
DtSR Episode 283 - Testing Security Into Applications

This week an old friend, Vinnie Liu of Bishop Fox, joins Raf and James to talk about the history of App Sec. We started trying to test ourselves secure, and we continue to come back to it - so this episode is a walk down memory lane and a glimpse into the future of application security.

Don't forget to like us on iTunes and share with your colleagues!



  • Vinnie Liu ( @VinnieLiu ) - Vincent Liu (CISSP) is a Partner at Bishop Fox, a security consulting firm providing services to the Fortune 500, global financial institutions, and high-tech startups. With nearly two decades of experience, Vincent is an expert in security strategy, red teaming, and product security; and at Bishop Fox, he oversees firm strategy and client relationships. 
Feb 13, 2018
DtSR Episode 282 - DDoS - Past, Present, and Future

Join us this week on Down the Security Rabbithole as Barrett Lyon (who knows a thing or two about DDoS) is our guest to talk about the evolution of the art and science of kicking people off of a network. Barrett is the authority on DDoS, with over 20 years in the field, going back to when angry teenagers flooded each other off of IRC servers.

This is a fun episode that walks through DDoS - where it came from, how it evolved, and what we can expect in the future. TLDR; yes ...your fridge may one day DDoS your toaster.



Barrett Lyon ( @BarrettLyon ) -

Barrett Lyon is the Vice President of Research and Development for the Neustar Security Solutions’ portfolio. He spearheads the development of innovative new products and solutions for the company’s industry-leading DDoS, DNS and cybersecurity solutions.
Mr. Lyon is a serial entrepreneur and a well-respected cybersecurity thought leader with experience building leading edge network services and infrastructure. Prior to Neustar, Mr. Lyon founded and served as its Chief Technology Officer. In 2009, he co-founded XDN, Inc. and served as its CEO. As Chief Technology Officer, he led the strategy and technical operations at BitGravity, a company he co-founded. Previously, Mr. Lyon founded Prolexic Technologies and served as its Chief Technology Officer, where he created the first successfully managed service to defend enterprises from Distributed Denial of Service (DDoS) attacks.
His authority and over 20 years of experience in the network security space has led to numerous collaborations with a majority of the tier-one and tier-two carriers in North America and Europe, and at National Security Agencies in Europe and the U.S. Outside of the security field, he has been active proponent in the advancement of the Internet. Mr. Lyon was responsible for the Opte Project, often referred to as the Internet Mapping Project and he formed He has been published in several security and non-security related books.


Feb 06, 2018
DtSR Episode 281 - Exploiting and Defending Human Behavior

This week, go Down the Security Rabbithole with James and Raf as they host Robert Sell. Robert took 3rd place at the Defcon SECTF (Social Engineering Capture-the-Flag) in 2017 and he has some lessons to you in the enterprise.

"Social Engineering" (while a ridiculous and non-descriptive term) is a real attack vector. How are you defending your enterprise?

Listen in. Then talk back on Twitter at #DtSR or LinkedIn!



Jan 30, 2018
DtSR Episode 280 - A Cloud Container Security Primer

This week, Chris Rosen from IBM joins us to talk about cloud containers - and the security (or lack thereof) of them. There is a paradigm change coming which significantly impacts security - if we're ready for it. Chris talks us through the dramatic changes (or maybe not) of doing cloud security with containers and the impact to the shared responsibility model.

Join us, and let us know what you think by leaving us a comment, either here or on iTunes.



Jan 22, 2018
DtSR Episode 279 - Deeper Down the SDP Rabbithole

This week, Jason Garbis re-joins the podcast to go past the Primer (Episode 257) and dive deeper into SDP (Software Defined Perimeter) with a discussion on cloud and relevance to the re-invention of the data center and related infrastructure.


Related DtSR listening:


Jan 16, 2018
DtSR Episode 278 - The Meltdown Over Spectre

Welcome Down the Security Rabbithole. This week we bring Jeff Schilling from Armor to talk about Spectre and Meltdown - the two hottest topics of the security right now and for the foreseeable future.


While you listen to us talk, check out these links:

And the obligatory "I patched and things got worse" post:


Jan 09, 2018
DtSR Episode 277 - An Outside In Look at Security and Innovation

Happy New Year, 2018.

Friends, thanks for listening! I can't believe this podcast is still going strong after all these years and 277 episodes. I started this podcast with an idea - give you something to listen to that was office-friendly, informative, and focused on advancing our trade. Over the years I've gotten some encouraging comments from people ranging from those trying to get into our industry, to those who are leading large organizations' security practices. I'm encouraged by you all, and thank you for supporting us.

Now, let's get on with 2018.

On this first episode of 2018, James and I welcome Ben Kepes who is a long-time friend of mine and and industry analyst. Ben isn't your typical analyst though, because he has a healthy dose of skepticism, an eye for bullsh**, and he's trusted by vendor and buyer alike. Oh, also, he's a Kiwi so he's got that going for him too.

Sit back, enjoy, and leave us a comment if you are so moved.

Jan 02, 2018
DtSR Episode 276 - Game Changer in ICS (no FUD edition)

What: In this episode we get the facts on the recent game-changing malware/attacks that appear to be nation-state sponsored attacking critical safety systems in industrial controls (ICS).

Why: You've probably read about it, and depending on what you read you may only have the hype or half the story.

Who: As always, Sergio Caltagirone from Dragos is the master at telling a great story, from just the facts. He's part of the team that did the analysis, wrote the narrative, and then ended up on countless phone calls explaining it to executives and national security types. He knows his craft.


We invited him on this special episode to give you the inside story, to separate some of the hyperbole from reality - so listen up.


Dec 26, 2017
DtSR Episode 275 - Beyond 2017 A New Hope

For episode 275 we are once again joined by the one and only Haroon Meer ( @haroonmeer ) to follow up on his conversation from September 2016 titled "What will get us there". If you've not had a chance to listen to that show, you absolutely should do that first.

Haroon shares his perspective including...

  • "The cloud has won"
  • Fundamentals are still hard, we're still largely failing at them
  • Hackers make the best engineers when you give them a problem to solve
  • Where do we go from here, into 2018, is there hope?
Dec 19, 2017
DtSR Episode 274 - Let's Talk Power Grid

This week, Patrick Miller returns (another boomerang guest from the way-back machine) to talk about the energy grid. It turn out, things aren't super different from 5 years ago, but some things have changed.

Patrick and I discuss resiliency (over actual security) in the grid, and focus on transmission, generation, and "getting it all working again" from a life safety perspective. It's a fascinating discussion, don't miss it!


** Apologies for some of the audio quality, we had "choppy" issues on Skype and I edited the best I could.

Dec 13, 2017
DtSR Episode 273 - Automate or Die (w/Demisto)

Join James and Rafal, one last time, live from Enfuse Conference (Las Vegas, NV) this past summer.

In this episode, we track down a personal friend of Raf's - Bob Kruse, Demisto, VP Sales & Alliances, and talk about the need for the enterprise to automate and orchestrate.

Oh, also, Bob pretty much said by 1 year from the recording of that episode he would get an "Automate or Die" tattoo. So just to be on the safe side, we'll give him until next year, about this time. Game on, Bob.

Dec 05, 2017
DtSR Episode 272 - Innovation, Startups, and the Security Bubble

This week, Grant and Mark join me live and in person in Las Vegas at the Amazon AWS re:Invent conference to talk about the security marketplace, innovation, "the bubble" and more.

Here's the announcement we talked about at the opening of the show



Nov 28, 2017
DtSR Episode 271 - The Secrets of Influence Through Communication

This week James and I are fortunate enough to have one of the best keynote speakers I've ever seen on the show. He's an amazing speaker, a brilliant magician and a sharp dresser - this guy is the real deal.

Straight off the keynote stage at the Security Advisor Alliance (SAA) Summit in Denver ... ok maybe not straight off, Vinh Giang joins us to talk about how to influence people while you're up there giving a talk or speech.

Grab something to take notes with - trust me, this one is chock full of brilliant nuggets.


Guest: Vinh Giang ( Twitter: @AskVinh and Facebook: ) is a brilliant self-made public speaker, magician, and all-around snappy dresser.

Nov 21, 2017
DtSR Episode 270 - Secrets of InfoSec at Scale

Ladies and gentlemen - we have our first 3-time guest! Brandon Dunlap, my good friend and industry titan, joins the podcast for his third trip down the rabbit hole.

In this episode Brandon Dunlap (@bsdunlap) and I talk through the challenges of security at scale, in person and live from Seattle. In the previous two episodes that Brandon has done on this show we've talked about the challenges of scaling information security teams, and this time we go deep into the strategies that work, where the lines are drawn and some lessons learned form a very successful career doing exactly this - infused at scale.


The previous two appearances of Brandon on this show are:

We invite you to listen, take notes, and converse with us on #DtSR on Twitter, or on this post on LinkedIn.

Nov 15, 2017
DtSR Episode 269 - Industrial Internet of Things (IIOT)

This week, we have a repeat guess with Robert M. Lee joining our show to talk about the Industrial Internet of Things. Rob's just finished a conference his company, Dragos, Inc, just started to educate and help increase awareness and research for the Industrial Internet of Things.

Whether you think you know what the IIOT is, or whether you can admit to yourself you need to be know more - this podcast will have it all.

We also reference a podcast with Dr. Timothy Chou (link: DtSR Episode 250 - Deconstructing the Internet of Things ). If you haven't read his book, "Precision" (link: ) it's the basis for a lot of this discussion.


Thanks to Rob again for being on the show!

Nov 07, 2017
DtSR Episode 268 - CISOs Survival Guide

Welcome down the Security Rabbithole, friends and colleagues!

This week, my guest is Larry Whiteside, Jr. (we know him as the best dressed man in InfoSec). Larry joins the podcast while James is out to discuss the life and times of a CISO. He has extensive experience as a CISO and security leader, working across multiple market verticals from energy to healthcare, in addition to being a former colleague advising CISOs.

Larry dispenses his brand of knowledge with a little bit of an edge, a little dose of realism, and a lot of fun. If you've never had the pleasure of working with Larry - it's something I advise you do at some point in your career. He's even been referred to as the "CISO Whisperer" by people who know and have worked with him. All else failing, Larry can always give you fashion advice, and up your sock game.

Game on!

Oct 31, 2017
DtSR Episode 267 - Cyber Security Awareness Month Wrap

This week, James and Raf cover the tail-end of Cyber Security Awareness Month. It's been an interesting week of news and of course let's talk about awareness.

Have you completed your mandatory training?

-- This weeks' talking points

Namaste Health Care security incident, announcement

DHS Imposes DMARC on Federal Agencies

Cyber Security Awareness Training

  • Are we over it yet?
  • Raf says he's always late, and it's always the same thing... does it work?
  • What are some better alternatives? (there have to be better)
  • Does your job offer/mandate awareness training? Does it WORK?!
    • How would you even know??
Oct 24, 2017
DtSR Episode 266 - Leadership Perspective with Michael

This week we're getting the band back together!

Michael Santarcangelo joins us for a segment we'll be featuring regularly (look for is every 6 weeks or so) on the leadership perspective. Security could use some leadership, and we will be enlisting Michael to talk about current events and lessons for leadership.

Tune in, and you may just end up with something you can use in your day job.

Oct 17, 2017
DtSR Episode 265 - Privacy and Paranoia

This week's Down the Security Rabbithole Podcast asks - "Are you paranoid enough about your privacy? or do you simply not have any?" with a couple of gentlemen who would know.

Join James and Raf as we go down the rabbit hole one more time, this time talking about the breadcrumbs, fingerprints, and digital privacy violations you voluntarily give up in your everyday life. It's a little scary, but the trade-off we make for the sake of convenience is very real.

Grab your tinfoil hat and your burner phone and enjoy!

Oct 10, 2017
DtSR Episode 264 - Windows Forensics Then and Now

This week, Harlan Carvey joins James and I to talk about the evolution of Windows forensics over the last decade and half or so. Harlan has more experience than most when it comes to diving into the Windows machine from a forensics perspective and is a well-spoken author of many books and blogs.



  • Harlan Carvey ( @keydet89 ) - Digital forensics and incident response analyst with past experience in vulnerability assessments and penetration testing. Conducts research into identifying and parsing various digital artifacts from Windows systems, and has developed several innovative tools and investigative processes specific to the digital forensics analysis field. Developer of RegRipper, one of the most widely used tools for Windows Registry analysis. Has developed and teaches several courses, including Windows Forensics, Registry, and Timeline Analysis.
Oct 03, 2017
DtSR Episode 263 - Legal Update Q3 2017

On this episode of Down the Security Rabbithole Podcast James and I get an update on the legal issues that have been talked about from our legal-eagle Shawn Tuma!

We're continuing our policy of not piling on to data breach hysteria, but will be covering some of the legal ramifications of recent disclosures, a possible national data breach law and a few other things that will make this show a must-listen. Shawn's unique perspective and true expert insights give you talking points and a download of facts that you wouldn't get listening to the talking heads and mainstream media.

Enjoy, share with your colleagues, subscribe via RSS, and don't forget to talk back to us on Twitter using the hashtag #DtSR.


Thanks for listening!

Sep 26, 2017
DtSR Episode 262 - Deeper Down the Cyber Liability Insurance Rabbithole

This episode, in conjunction with the Security Advisor Alliance ( ) we dive into a third round of Cyber Liability Insurance. This fascinating discussion dives deeper into the things security leaders need to know as Travis and Stephen get right to the heart of matters.

Required pre-listening...

Check out the first episode (way back in the archives) on DtSR Episode 34 - The Inside Scoop on Cyber Liability Insurance ( ) with Christine Marciano ( @DataPrivacyRisk ).

Then, go grab episode 172, our 2nd foray into this topic titled "The Truth on Cyber Insurance" ( ) with Eran Kahana and L. Keith Burkhardt and dive a little deeper.


As always, thoughts and comments are more than welcome and discussion using the hashtag #DtSR is encouraged!

Sep 20, 2017
DtSR Episode 261 - Deeper Down the ML Rabbit Hole

Welcome to another Down the Security Rabbithole episode folks!

This week, Alex and Sven are baaaaaaack for a deeper dive into machine learning and the shenanigans that surround it. We talk through what ML is, some use-cases and further dispell some common myths. We even have a little fun, who knew.



Sep 13, 2017
DtSR Episode 260 - The Immense Challenge of Protecting Office 365

This week, on Down the Security Rabbithole, Rudra "Rudy" Mitra joins us from Redmond to talk about what it's like to defend Office 365 at scale. On this episode we cover:

  • What we mean by at scale in regards to Office 365
  • Some pros and cons of the Office 365 platform as it pertains to security and safety
  • Eary warning, early detection, and how easy it is to really break things

There's so much more too! We even skipped talking about current events to give this show maximum run-time. Sit back, grab something to take notes with, and listen up. The lesson begins now.



  • Rudra "Rudy" Mitra - ( @rudramitra ) Rudra is the Director of Information Protection for the Office 365 platform. He works on extremely large-scale projects to ensure the safety and security of client data and the platform itself. LinkedIn profile is here:
Sep 05, 2017
DtSR Episode 259 - Risk Communication Primer

As we go once again down the security rabbithole, Raf and James meet up with Claire Tills who gives us a primer on "risk communication". Communicating 'risk' is a nuanced, subtle and often time-based endeavor so we feel like everyone should have at least some background in it.

Sit back, relax, and again...start taking notes furiously.



  • Claire Tille ( @ClaireTills ) - Communication researcher trying to get into information security. I write about applying comm theory to infosec and case studies in my blog (
Aug 31, 2017
DtSR Episode 258 - Big Scary Numbers

This week on the Down the Security Rabbithole Podcast, Dave Bittner of The CyberWire (podcast) joins us to talk about some of the ways that we believe security goes awry when it comes to 'big, scary numbers'. Listen in...


-- Top News

Aug 22, 2017
DtSR Episode 257 - Software Ate the Perimeter

This episode of Down the Security Rabbithole Podcast was recorded live and in person in Las Vegas at the Black Hat Conference 2017. Raf had a chance to sit down across the microphone from Jason Garbis of Cryptzone to talk about a the software defined perimeter.

SDP is a relatively new space many of us in security aren't familiar with, so we decided we'd record a primer on the topic, narrated by someone who is expertly involved in the practitioner side (through the CSA, Cloud Security Alliance) developing the standards and the provider side (Cryptzone) developing products and services towards the specification.

This is a more technical-focused podcast than many of our others, so sit back, grab a notepad and get ready to learn something.

For more of Jason's work, check out this link:


  • Jason Garbis - Vice President of Products for Cryptzone, where he's responsible for the company's product strategy and product management. Garbis has over 25 years of experience with technology vendors, including roles in engineering , professional services, product management, and marketing. Jason joined Cryptzone from RSA, and holds a CISSP certification.
Aug 16, 2017
DtSR Episode 256 - Rick Howard on the Record

This week - Rick Howard joins us and goes on the record to talk about the Security Canon and a few other interesting things you're just going to have to listen to, in order to find out.

— Top News
Here's what we talked about with Rick Howard...
The Cyber Security Canon
  • Check it out
  • Reading material for newbies and others of us
  • Patrolling Cyberspace — my homework
The Cyber Threat Alliance
  • Sharing intelligence - amongst competing vendors
  • Palo Alto leading the endeavor, with a group of 6
  • Some things are above competition — that’s worthy of a clap
  • If your vendors isn’t part of this alliance, ask them why not?

Guest Info

Aug 09, 2017
DtSR Episode 255 - Security and Human Nature

This week on the Down the Security Rabbithole Podcast, John Nye ( @EndIsNye_Com ) to talk about the human aspect of the cyber security equation. Getting away from blaming the user, we talk through the human nature side of the business with a focus on social aspects and behavior modification.

A fascinating discussion you'll want to listen to over and over again, for sure!

Aug 01, 2017
DtSR Episode 254 - Lowdown and Dirty ICS

This week Sergio Caltagirone joins James and I to talk about Industrial Controls networks and systems and some of the dangers that go undiscussed. Sergio is a 2nd timer, and we take the opportunity to catch up and discuss one of his favorite topics.


Additionally, we talk about a some of the topics that were discussed the week this podcast was recorded, a few weeks ago.


Whether you're in Las Vegas for Black Hat Conference 2017 or not, take a listen to this sobering discussion about industrial controls and some of the more clear and present dangers facing us in that sector.


Thanks again for joining us, Sergio!

Jul 25, 2017
DtSR Episode 253 - Defending the Small-to-Medium Enterprise

On this podcast - James and I welcome Shon Gerber as we talk through a pair of current events and the topic of the day.


  • Blue Cross Blue Shield of Alabama sends out USB sticks
    • Security elitists up in arms
    • We've taught people to be suspicious - don't click, don't open docs, and don't use USB -- So how do we get our clients content?
    • To my fellow security professionals- it's reckless to continue to stand with a firm "no" while offering no alternatives
    • So what do we suggest?
    • More important - what threat model vector are we saying that blocking the sending out of USB sticks would defend against?
  • MySpace has a major account password reset flaw, allowing account take-over


This week we bring Shon Gerber onto the show to talk about defending the SMB and SME. Here are some of our talking points:

  • SMBs/SMEs are uniquely challenged in that they can't afford good security any more than they can accord lack of security -- what's the answer?
  • How do we achieve scale, in an area of industry with razor thing margins and tiny profit margins
  • SMBs/SMEs are more likely to be catastrophically affected by an attack such as ransomware than big companies -- agree or disagree (#DtSR on twitter to talk back)
  • Other challenges - including how to achieve scale



  • Shon Gerber
    • Current
      • CISO for multinational chemical company with approximately 10K employees
    • Recent Past
      • Security Operations Supervisor for multi-national company 100K employees 
      • Senior Security Architect with multi-national 
      • Air Force Red Team - Squadron Commander
      • Multi-Disciplinary (Physical / Network Penetration Testing of Critical Systems)
Jul 18, 2017
DtSR Episode 252 - DFIR with Lesley Carhart

In this smasher of an episode James and I are joined by Lesley Carhart live from Enfuse Conference in Las Vegas to talk about the DFIR (Digital Forensics and Incident Response) as a broad field. There is SO much to talk about here, you'll want to listen twice.

Make sure that if you missed Enfuse this past year, you don't miss 2018. It's a great conference where you get to meet and talk with folks like Lesley and many others in this field.

Jul 11, 2017
DtSR Episode 251 - General Data Protection Regulation (GDPR)

This week on Down the Security Rabbithole Episode 251 (wow, can you believe we've published 251 full episodes?!) James and I host a roundtable of privacy and data protection experts and talk about the looming EU regulation known affectionately as GDPR.

The Global Data Protection Regulation (GDPR for short) impacts all companies that either do business with EU citizens, or operate in the EU. Basically, everyone. It's a huge deal and there really isn't a "wait and see" option.

Listen in, and if you have feedback provide it!


Does anyone really read these show notes? Reply on Twitter with #DtSR!



Jun 27, 2017
DtSR Episode 250 - Deconstructing the Internet of Things

Fresh off of his closing keynote at Enfuse Conference 2017 in Las Vegas, Dr. Timothy Chou joins us to talk about the difference between the Internet of People and the Internet of Things.

Even though many people talk about the IoT we still fail to understand the gravity and enormity of the problem we face and how information security professionals are so far behind the 8-ball here. Dr. Chou spend some time with us to dispense wisdom interlaced with humor to make it stick.



  • Dr Timothy Chou is a technologist, a lecturer, and published author. He has written a book called 
    "Precision: Principles, Practices and Solutions for the Internet of Things" that delves into an Internet of Things many don't really understand yet. While most of us focus on the Internet of People (gadgets and things meant to be operated by people) Dr. Chou focuses on the IoT where people aren't just optional, they're unnecessary.
Jun 20, 2017
DtSR Episode 249 - Finding a Way

This week, James and i try out a new format for the show. We hope you enjoy the blend of news commentary and an interview. 




  • Kevin Pope ( @screamingbyte ) - Kevin is a long-time friend of the show, and someone who has a fantastic story only he can tell. From struggling to thriving and the story to get there.
Jun 13, 2017
DtSR Episode 248 - Nick Hyatt On Ransomware

This podcast episode was recorded live to tape from Enfuse Conference 2017 from Las Vegas. If you didn't get a chance go get out this year to one of the premier DFIR (Digital Forensics and Incident Response) conferences you missed a heck of an event. 

James and I want to thank Guidance Software for the invitation, for having us out, and for access to some truly amazing guests for this series of recordings.

For #248 sit back and listen to Nick Hyatt talk with James and Raf about ransomware - fresh from his Enfuse Conference talk to your ears.


Enjoy and as always please hit us up on Twitter at #DtSR.



  • Nick Hyatt ( @Skelet0wn3d ) - Nick is currently the Senior Incident Management Consultant at Optiv Security, Inc. responsible for incident response, threat hunting, digital forensics, and malware forensics using a variety of skills and tools. He has hands-on knowledge and understanding of malware forensics, observation, removal, and threat hunting. Additionally, Nick has hands-on experience with digital forensics, malware forensics, data mapping, threat hunting, and e-discovery in different scales, from start-up and SMB environments to Fortune 500 environments.
Jun 06, 2017
DtSR Episode 247 - Internet of Things Forensics

Live once again from Enfuse Conference 2017 in Las Vegas, James and I interview Amber Schroader, the President and CEO of Paraben. This interview happened because you all voted and asked for it..ok and because she's a fantastic person to interview.

Be prepared for a little humor and a lot of knowledge.


Special thanks again to Enfuse and the Guidance Software team for having us out and getting us access to some downright amazing guests!

May 30, 2017
DtSR FeatureCast - Enfuse Conf 2017 - Theresa Payton

As James and I continue to publish our Enfuse Conference 2017 series of episodes we are this week joined by Theresa Payton. Theresa is the former CIO of the George W. Bush White House Administration, and now on the show Hunted where she runs a team of cyber trackers.



  • Theresa Payton ( @TrackerPayton) - Theresa Payton is one of the nation’s leading experts in cybersecurity and IT strategy. As CEO of Fortalice Solutions, an industry-leading security consulting company, and co-founder of Dark Cubed, a cybersecurity product company, Theresa is a proven leader and influencer who works with clients and colleagues to uncover strategic opportunities and identify new and emerging threats.

    Theresa began her career in financial services, where she coupled her deep understanding of technology systems with visionary leadership, executing complex IT strategies and winning new business. Following executive roles Bank of America and Wachovia, Theresa served as the first female chief information officer at the White House, overseeing IT operations for President George W. Bush and his staff.

    In 2015 Theresa was named a William J. Clinton distinguished lecturer by the Clinton School of Public Service. She is the author of several publications on IT strategy and cybersecurity and a frequent speaker on IT risk. In 2014 she co-authored, with Ted Claypoole, the book Privacy in the Age of Big Data​: Recognizing Threats, Defending Your Rights, and Protecting Your Family, which was subsequently featured on the Daily Show with John Stewart.

    Among her numerous accolades and recognitions, Theresa was named one of the top 25 Most Influential People in Security by Security Magazine and One of Infosec’s Rising Stars and Hidden Gems by Tripwire. In 2005 she was honored as Charlotte, NC’s Woman of the Year.
May 26, 2017
DtSR FeatureCast - Enfuse Conf 2017 - DFIR Students

Continuing our series recorded live at Enfuse Conference 2017 in Law Vegas, this episode features two USC students who are part of a large contingent here to learn and make connections.

Tatiana and Ayman join us to talk about how they got here, what they are planning for their future along with some general thoughts on DFIR and our industry!



May 24, 2017
DtSR FeatureCast - Enfuse Conf 2017 - Keynote Patrick Dennis

Today, CEO Patrick Dennis joins the Down the Security Rabbithole Podcast right after his keynote to talk about the conference, what's going on at Guidance, and the state of defense.

This is a FeatureCast so we get right to the point in an easy-to-listen format.


Thanks for listening!

May 24, 2017
DtSR FeatureCast - Enfuse Conf 2017 - Preamble

We kick off a week of on-the-scene podcasts live'ish from Enfuse Conference 2017, hosted by Guidance Software in Las Vegas, Nevada with Lori Chavez VP of Corporate Marketing. She is the brains responsible for the amazing conference including speakers, content and everything else.

Lori gives YOU an insider preview of Enfuse 2017, and tells us a little about what we can expect and some history of the conference - and we can't wait to give you MORE!

Stay tuned in all week as we bring you more fantastic content from Enfuse Conference 2017. And as always, use the hashtag #DtSR to talk back to James and I or #EnfuseCon17 to interact with speakers and attendees!

Just for DtSR listeners - we will post a special coupon code for next year's registration... just for listening. Don't miss it later this week!

May 23, 2017
DtSR Episode 246 - Finding and Responding to Badness

This week we are live from Enfuse Conference 2017 in Las Vegas, Nevada.

Special thanks to Guidance Software for having us out and getting us access to a whole host of fantastic speakers.

On this episode Greg Hoglund and Ryan Butterworth of Outlier Security join us to talk about the DFIR space with all it's problems including a shortage of qualified labor and sub-optimal tools. This fantastic discussion wanders all over the DFIR space including the "data problem" and tools, tools, tools.

That tool that Greg mentions, which is free, is right here:



  • Greg Hoglund - Founder and CEO, Outlier Security, Inc.
  • Ryan Butterworth - Principal Software Engineer, Outlier Security, Inc.
May 23, 2017
DtSR Episode 245 - NewsCast for March 16th 2017

Microsoft warns ransomware cyber-attack is a wakeup call

United flight attendant accidentally leaked door codes online

Keylogger discovered preinstalled on some HP laptops

May 16, 2017
DtSR Episode 244 - A Government CISOs Perspective

This week - live and in person from Denver, Colorado and the RMISC Conference I interview Stephen E. Coury the CISO of the County and City of Denver. The conversation leads off with Stephen's journey through cloud computing and weaves through some of the challenges municipalities and city governments are facing. It's a fantastic conversation that is readily applied to both public and private organizations - you need to check this out.

Thanks Stephen for coming out and talking to us!



  • Stephen E. Coury - CISO of the County and City of Denver, CO. 
May 10, 2017
DtSR Episode 243 - NewsCast for May 2nd 2017

Chrome to mark more HTTP pages ‘Not Secure’

  • In October, 2017, all HTTP sites will be marked ‘Not Secure’ while in incognito mode.
    • Incognito mode allows surfing the internet without saving your browsing history.
  • Enterprise:
    • Have you seen any negative feedback from the previous changes to show not secure?
    • Does this change your priority for moving to always HTTPS for all sites?
  • Link:


2017 Verizon DBIR Highlights: Analyzing the Latest Breach Data in 10 Years of Incident Trends


Hacker leaks episodes from Netflix show and threatens other networks




May 02, 2017
DtSR Episode 242 - Management and Leadership

This week the team gets together to talk Management and Leadership in the security industry and in general. Our very own Michael Santarcangelo joins us as our featured guest to dispense knowledge on leadership by the truckload. So grab a cup of coffee, something to take notes and listen in.

Apr 26, 2017
DtSR Episode 241 - NewsCast for April 18th 2017

NewsCast for Tuesday April 18th, 2017


Dallas Tornado Sirens Hijacked


Two Inmates in Ohio Jail Hacked it From the Inside


SWIFT Launches New Anti-Fraud Controls in Wake of Wire Frauds


Huge Adobe Security Update Just Released


Insider Threat - Engineer Arrested for Stealing Code

Apr 18, 2017
DtSR Episode 240 - The Truth About Machine Learning

This week the Down the Security Rabbithole podcast hosts Sven Krasser of CrowdStrike. Sven is an actual machine learning data science expert (as opposed to an "expert") who has been dabbling in machine learning, artificial intelligence and other forms of advanced computational science for a long while before it was popular in security. This week we James and Raf sit him down for 45 or so minutes to discuss the real facts and separate them from the fiction of what machine learning really is and the promise that it may hold for the enterprise security world.

As always, join us, share, and engage our crew using the hashtag #DtSR on Twitter.

We'd like to take a moment to thank Sven and Crowdstrike for the time and expertise to our show.



  • Sven Krasser ( @SvenKrasser ) - Dr. Sven Krasser currently serves as Chief Scientist at CrowdStrike where he leads the machine learning efforts utilizing CrowdStrike’s Big Data information security platform. He has productized machine learning-based systems for over a decade and most recently led the research and development of the first fully machine learning-based anti-malware engine featured on VirusTotal. Dr. Krasser has authored numerous peer-reviewed publications and is co-inventor of more than two dozen patented network and host security technologies.
Apr 11, 2017
DtSR Episode 239 - NewsCast for April 4th 2017

Pew Center Survey Finds Americans Lack Understanding of Cybersecurity Measures


Suspect Charged in USD 100m Whaling Scheme


Google's Android Security 2016 Year in Review Report: Android Security Improving


U.S., U.K. warn airports, nuclear facilities of cyberattacks


Neiman Marcus data breach settlement tells us plenty about the ROI of security

  • We’ve been saying this for a while - proportional security is what’s needed
  • There is no such thing as “secure” - why do many CISOs still push for it?
  • A settlement of $1.6M is likely cheaper than total cost of big security program
  • What would $1.6M spending on security mean?
  • Can you define “good enough” security?


Apr 06, 2017
DtSR Episode 238 - March 2017 Update with Shawn Tuma

This week, on the Down the Security Rabbithole Podcast, Michael and I are back with perennial favorite Shawn Tuma. Shawn, our legal eagle friend from Dallas, breaks down the latest issues that affect Cyber Security and the Law - with that business perspective you've come to expect from our podcast.

As always, we love hearing from you and if you have questions don't hesitate to hit us up on Twitter using hashtag #DtSR or you can always hit up Michael (@catalyst), myself (@Wh1t3Rabbit) or Shawn (@ShawnETuma) directly!

Thanks for listening and spread the word!

Mar 28, 2017
DtSR Episode 237 - NewsCast for March 21st 2017

The Cost of Cybercrime - Let’s Take a Different Perspective

Home Depot to Pay Banks $25 Million in Data Breach Settlement

Survey: Experience Preferred Over Education When Hiring For Cybersecurity

  • The survey of 350 IT security professionals gauged their attitudes toward the skills shortage in cybersecurity. Some 93 percent agreed that experience is more important than qualifications. A further 73 percent claimed that it didn't matter whether IT staff were college graduates when it came to getting the job done.
  • Qualifications are considered degrees and certifications
    • The rub -- and what they didn’t ask -- is how do you assess the experience and capability of professionals to solve the sorts of problems you have?
    • Straight Talk on hiring… check it out.
  • Split results on whether communication or technical skill was more important; hint - it’s communication. You can be the smartest one in the room, but if no one understands you…
    • But it’s also awkward to suggest that you can’t have both good technical and good communication skills. You can. Period.

How Risk Modeling Propels the Cyber Insurance Market Forward





Mar 21, 2017
DtSR Episode 236 - Enterprise Architecture 2017

Check out episode 236 with Marie-Michelle Strah who is a repeat offender here on the podcast with her first appearance back in 2014 on Episode 122 ( ).

This episode is a revisitation on Enterprise Architecture and it's importance to security with a perspective on enterprise tech stack, business segmentation and micro services in a modern distributed enterprise. Marie-Michelle's experience and extensive insight into the topic should give you something to think about as you go back to your day job in security.


GuestMarie-Michelle Strah ( @CyberSlate ) - Marie-Michelle Strah. PhD is currently Senior Principal in the Enterprise Architecture Group at Infosys Ltd and based in New York City. A highly collaborative, diplomatic and inspiring thought leader Michelle is able to effectively drive business and technology strategy and business insights across corporate boundaries and departmental silos. A seasoned management and technology consultant, she specializes in strategy development, cloud transformation enterprise information modernization and innovation management efforts to drive global growth while minimizing cost and risk in complex organizations. She has PhD from Cornell University, was a Javits Fellow and is a US Army veteran. Connect with Michelle on Skype/Twitter/Instagram/Snapchat @cyberslate |

Mar 14, 2017
DtSR Episode 235 - NewsCast for March 7th 2017

A Note on the Passing of a Legend

Are SysAdmins Violating the CFAA?

Yahoo Board Sends Message That Echoes

Cloud-connected toys

So … AWS S3 Went Dead, You’ll Never Guess Why

Mar 08, 2017
DtSR Episode 234 - Straight Talk on National Security

This week, the interview is extra special because we have a guest I've personally been following for a long while, and I finally got a chance to virtually sit down and talk through his considerable areas of expertise.

I'm pleasured to say we had a chance to sit down virtually with Professor Tom Nichols and talk international affairs, foreign policy and all the important things getting lost in the off-color political arguments lately. These are important issues to cyber security professionals that impact our daily lives - but rarely get discussed by someone with actual, credentialed expertise.

Enjoy this one, friends, I know we did recording it. I want to thank Tom for being an awesome guest and lending his time to our show.

If you want to read Tom's latest book, you can get it on Amazon, link HERE.



  • Tom Nichols ( @RadioFreeTom ): 

    Dr. Thomas M. Nichols is a Professor in the Department of National Security Affairs at the U.S. Naval War College and at the Harvard Extension School, where he worked with the U.S. Air Force to create the program for the Certificate in Nuclear Deterrence Studies. He is a former Secretary of the Navy Fellow, and held the Naval War College's Forrest Sherman Chair of Public Diplomacy. Dr. Nichols was previously the chairman of the Strategy and Policy Department at the Naval War College. Before coming to Newport, he taught international relations and Soviet/Russian affairs at Dartmouth College and Georgetown University.

    Dr. Nichols was personal staff for defense and security affairs in the United States Senate to the late Sen. John Heinz of Pennsylvania, and was a Fellow at the Center for Strategic and International Studies in Washington, DC. He is currently a Senior Associate of the Carnegie Council on Ethics and International Affairs in New York City. He was recently a Fellow in the International Security Program at the John F. Kennedy School at Harvard University.

    He is the author of several books and articles, including Eve of Destruction: The Coming of Age of Preventive War (University of Pennsylvania Press, 2008), and No Use: Nuclear Weapons and U.S. National Security (University of Pennsylvania, 2014). His most recent book, The Death of Expertise: The Campaign Against Established Knowledge and Why It Matters was released by Oxford in 2017.

    Dr. Nichols holds a PhD from Georgetown, an MA from Columbia University, the Certificate of the Harriman Institute for Advanced Study of the Soviet Union at Columbia, and a BA from Boston University.

Mar 01, 2017
DtSR Episode 233 - Reflecting on RSA Conference 2017

This week, fresh on the close of RSA Conference 2017 James, Michael and I discuss the happenings of the conference, lessons, and features along with some inside anecdotes you won't get from anywhere else. Of course, we add our own unique blend of snark and humor - but that's what gets you listening and coming back for more.

We'd like to say a big thank you to everyone who voted for us in the RSA Social Security (Security Bloggers) Awards. We didn't win, but we feel good about the audience we've acquired and will keep working hard to spread the message. So to all of you, thank you.


Let's get on with the show!

Feb 21, 2017
DtSR Episode 232 - Security, Fraud, Digital Payments

This week, while the security world congregates at RSA Conference 2017 we present to you Neira Jones, discussing digital payments, fraud and the world of security as it applies to this domain. In a fascinating discussion, we discuss many of the topics security executives and leaders are talking about right now - but as you have come to expect this is less about 'security' and more about protecting what matters.

We want to thank Neira for taking the time out of her busy schedule to join us on the show, and encourage discussion on the topics we covered - if you listen, and you have an opinion (I know you do) then let's discuss using the hashtag #DtSR on twitter.



  • Neira Jones (@NeiraJones) - Independent Advisor & International Speaker| Payments | Digital Innovation | Information Security | Fraud
    Non-Executive Director, Cognosec
    Chairman, Comcarde
    Chairman Advisory Board, Ensygnia
    Advisory Board Member & Ambassador, Emerging Payments Association
    Partner, Global Cyber Alliance
Feb 15, 2017
DtSR Episode 231 - NewsCast for February 7th 2017

It is that time of year of W-2 Scams


Cops use pacemaker data to charge homeowner with arson, insurance fraud


Facebook rolls out 2FA Hardware

  • A move that goes past SMS. Not the first time we have seen this technique (many sites support Yubikey). What type of adoption will we see?
  • Can we check to see if facebook has stock in hardware key companies?
    • Or what was that selection process like?
  • Enterprise: how does this work in your organization?
    • Do/did you block USB and other methods?
    • Do you block facebook? - by policy or actual?
    • How do you educate people about this?
  • Link:


5 Cybersecurity Tools Your Company Should Have

  • This is aimed at SMBs; as such, not sure these are the right suggestions
  • HOWEVER - most enterprises work with SMBs - how are you helping them level their game up?
  • Which of these can/do you do to help them get where they need to be?
  • How does helping them help you, benefit the industry?
  • Link:


Appeals Court Blocks Target Data Breach Settlement

Feb 08, 2017
DtSR Episode 230 - The IoT You Got for Christmas

On this Down the Security Rabbithole podcast we're joined by Stephen A. Ridley & Jamison Utter (yes, again with this guy) for a discussion on the finer points of Internet of Things (IoT) security ... or complete lack thereof.

If you own gadgets that are 'connected' or you are ever around them (hint: you're surrounded by things that pull IP addresses right now) then you need to listen to this podcast. Some great discussion in what was the very first podcast we recorded in 2017.



Jan 31, 2017
DtSR Episode 229 - NewsCast for January 24th 2017

Hi friends! We're honored to be finalists for the Security Blogger Awards 2017 "Best Security Podcast" so if you listen, go vote for "Wh1t3Rabbit" (as we're labeled)



Digital transformation forces businesses to rethink cybersecurity


Mobile is still the safest place for your data


The WhatsApp Backdoor That Isn’t


Organizational complexity is the greatest threat to cybersecurity

  • This article is in a healthcare IT publication, not security - interesting?
  • We know the enemy of security is complexity
  • Why does it feel like security tends to make things complex?


Jan 25, 2017
DtSR Episode 228 - Another Look at Endpoint Security

This week, Paul Hershberger joins us to talk about taking a fresh look at endpoint security for the new year. Paul has some insights into balancing risk/usability and how some of the things you've heard about endpoint may simply be ... wrong.

Join James and I as we let Paul endow us with his wisdom and experience... take some notes, this one's going to be good.


  • Paul Hershberger - @pjhersh13 - Director IT Global Security Risk and Compliance at The Mosaic Company.
Jan 18, 2017
DtSR Episode 227 - NewsCast for January 10th 2017

St. Jude, MedSec and the FDA


New York financial regulator to delay cyber security rules


Massachusetts makes data breach reports available online


California passes law making ransomware illegal


Online databases dropping like flies, with >10K falling to ransomware groups


TV anchor says live on-air ‘Alexa, order me a dollhouse’ - guess what happens next



  • Appropriate for coverage or do you think just providing a quick mention and the link in the show notes?
Jan 12, 2017
DtSR Episode 226 - Targeted Threats Facts From Fiction

Welcome to the first Down the Security Rabbithole Podcast episode of 2017!

We would like to kick off this year, and the run to episode 250 with an episode that dissects the facts from the fiction on the topic of "Advanced Threats". With all the talk in the news about the Russians "hacking the US election" (yes, that's absolutely silly to call it that) and talk of retaliation, it's important to have a frank discussion on the merits of the concept of advanced threats.

Sit back, grab a coffee and listen. I know you'll want to listen to this one more than once!


If you have a moment, and you actually read the show notes, we would love it if you could give us a rating on iTunes or actually leave a comment on the podcast page. Get engaged on Twitter, using the hashtag #DtSR!


Guest Biography

Sergio Caltagirone hunts evil.  He spends his days hunting hackers and his evenings hunting human traffickers.  After 9 years with the US Government, over 3 years at Microsoft and now at Dragos, Sergio not only hunted the most sophisticated targeted hackers in the world but also applied that intelligence to protect billions of users worldwide and safeguarding civilization through the protection of critical infrastructure and industrial control systems.  He co-created the Diamond Model of Intrusion Analysis proudly helping thousands of others bring more pain to adversaries by strengthening hunters and intelligence analysts. He also proudly serves as the Technical Director of the Global Emancipation Network, a Non-Governmental Organization, leading a world-class all-volunteer team hunting human traffickers and finding their victims through data science and analytics working towards saving tens of millions of lives.

You can find Sergio on Twitter at @cnoanalysis



Jan 03, 2017
DtSR Episode 225 - NewsCast for December 20th 2016

Merry Christmas, Happy New Year everyone!


May your holidays be filled with joy, love and family. From Michael, James and myself we wish you the very best and a healthy, prosperous and fulfilling 2017.

We will be back in 2017 with another great DtSR Episode... but before we go - here's one last NewsCast for 2016.


Yahoo - setting records again - biggest hack ever

Netgear Routers - Simple fix, Difficult fix

Microsoft Patches dangerous backdoor in skype for Mac OSX

Flash being relegated by MS’s Edge browser… is it time?

Dec 20, 2016
DtSR Episode 224 - Pointing the Finger of Responsibility

On this episode of Down the Security Rabbithole we tackle the question head on. Whose responsibility is security? Is it the end user who should be responsible for patching the devices they own? Is it the vendor who sells the wares? Is it the manufacturer who sells things with security issues?

What if it was everyone's problem? How do we police, legislate and ultimately assign blame? Should we be assigning blame, and more importantly what gives with this fascination for blaming the victim?

Lots of questions are asked and we start to tackle some of the answers...maybe.


Dec 13, 2016
DtSR Episode 223 - NewsCast for December 6th 2016

Federal Government Disproves the Myth of Cyber Talent Shortage

5 Mistakes to Avoid to Hire Qualified Application Security Talent

Obama Cyber Security Commission to [Finally] Present Its Report

  • Seems like lots of fluff. But is there any actual substance here?
  • Protect, defend, and secure today’s information infrastructure and digital networks
  • Innovate and accelerate investment for the security and growth of digital networks and the digital economy
  • Prepare consumers to thrive in a digital age
  • Build cybersecurity workforce capabilities
  •  Better equip government to function effectively and securely in the digital age
  •  Ensure an open, fair, competitive, and secure global digital economy

The First Question Security Leaders Need to Ask Before the Breach Happens

Amazon Unveils Anti-DDoS Service for Customers

  • The company is offering two levels of protection
  • AWS Shield Standard monitors incoming web traffic for customers and uses anomaly algorithms and other analysis techniques to detect malicious traffic in real-time
  • The company also announced AWS Shield Advanced, a version designed to protect against more aggressive and sophisticated attacks
  • This is big news - because DDoS has become an effective tool of cyber extortionists


Dec 06, 2016
DtSR Episode 222 - Zero Trust Security Model

This week, after a long wait, we have John Kindervag on the show! John talks us through the concept of "Zero Trust Security" and where and how it's implemented. It's a concept everyone should be familiar with by now - but I bet you aren't!

Join us, and as always provide feedback to the team using the hashtag #DtSR on Twitter, and you can always ping John directly at @Kindervag as well.

Nov 30, 2016
DtSR Episode 221 - NewsCast for Nov 22 2016

DHS Releases Strategic Principles for Securing the Internet of Things

What about the “need” for IoT legislation?

Facebook buys black market passwords to keep your accounts safe

Michael just got back from Boston, hosting a CISO Leadership Conferences. We discuss the trends that came up…  

→ just the trends…

  • Importance of a shared vision between the business and information security
  • Placing a higher value on skillsets vs. specific certifications/experience when seeking team members
  • How to enable the business and minimize asset loss
  • Creating a roadmap and measuring metrics/progress
  • Importance of reputational risk within an organization
  • Educating the board on your roadmap progress and threats, while keeping communication functional
  • Many organizations are placing a higher value on selecting the right cyber insurance
  • Challenges around third party vendor management
Nov 22, 2016
DtSR Episode 220 - Blaming the Breach Victim

This week, Patrick Dennis - the CEO of Guidance Software - joins us to talk about the Enterprise Security world's fascination with blaming the breach victim. We talk through some of the key issues and look for a way off the hamster wheel.

As always, #DtSR on Twitter to join in our conversation.

Nov 15, 2016
DtSR Episode 219 - NewsCast for Nov 8th 2016

It is election day.. Have you voted?


Beware, IPhone Users: Fake retail apps are surging before the holidays


Moving Beyond EMET


Tesco Bank blames ‘systematic sophisticated attack’ for account losses

  • Fraud system appears to be working - good
  • ~40,000 accounts affected, ½ of those lost money
  • Tesco is putting funds back, making things right
  • Core banking assets don’t appear compromised, ATMs and such still work
  • Potentially an issue with website, fixable

Google Discloses “Critical Flaw” in Microsoft OS 10 Days After Notifying

Nov 08, 2016
DtSR Episode 218 - The Business of Security

This week on DtSR Chad Boeckmann - President of Secure Digital Solutions - joins us to talk about the business of security. While the "bad guys" are running their criminal enterprise, security teams have struggled to be business-relevant. This discussion starts to dive into how to align security and business goals, answering the "how much is enough?" question and so much more.

Thanks to Chad for joining us. We encourage you to ask questions and leave comments here in the comments section or on Twitter at #DtSR. You can talk to Chad directly at @cboeckm on Twitter.

Nov 01, 2016
DtSR Episode 217 - NewsCast for October 25th 2016

The Massive DDoS That Hit Dyn.Org

Verizon Reviewing Terms of Yahoo Deal As Revenue Slides

Passwords - We’re Still Giving Out Horrible Advice

St. Jude Medical to Create Cybersecurity Advisory Board; Muddy Waters Releases More Vulnerability Allegations

Oct 25, 2016
DtSR Episode 216 - Why Software Insecurity is Still a Thing

This week, #DtSR takes a trip down Software Security lane or as some call it "How are we still writing code with bugs that we found relatively concrete fixes for in the late 90's?" (I may have been watching too many John Oliver episodes...)


Jeff Williams ( @Planetlevel ) and Tyler Shields ( @txs ) join me to talk this topic over from where we've been, to what we're doing now, to what the solution to this mess will be one day in the future. It's an interesting conversation that should stir up some emotion if you've been in AppSec or software security as there really are no docile opinions on this topic (or many others in security, unfortunately).


Plug in, listen and enjoy.

Oct 19, 2016
DtSR Episode 215 - NewsCast for October 11th 2016

‘Security Fatigue’ Can Cause Computer Users to Feel Hopeless and Act Recklessly, New Study Suggests


Our insulin pumps could be hacked, warns Johnson & Johnson


FBI arrests NSA contractor who stole sensitive data


Oct 11, 2016
DtSR Episode 214 - Financial Impact of Breaches

Grab a cup of coffee, jack in your earphones and listen up.

DtSR Episode 214 is addressing the issue of breaches, and their material financial impact to an organization.

The premise is simple - when you have a breach, are you going to see massive stock price drop, client exodus and so on? We sit down with legal expert and DtSR regular Shawn Tuma and researcher Jon Nichols to talk this through with James, Michael and yours truly.


Check this episode out. It may sting a bit, but once you come to grips with its reality - the world looks a little different.

Oct 04, 2016
DtSR Episode 213 - NewsCast for September 27th 2016

Quick update and invitation from Michael: starting to explore rolling out services and improving the Straight Talk Framework. If you’re up to discuss with me - I’ll offer a brief overview and then a “setup for Straight Talk”  review to explore how to get you started. It’s a real offer because I know we’ll both learn. And then I’ll get a better sense of where to focus and how to help more people in our industry.

Note on yahoo: we’ll talk to Shawn later


How are Healthcare Data Breach Victims Affected by Attacks?

  • It opens with some hype: “Healthcare cybersecurity attacks are much more prevalent and common because the industry typically has weaker approaches to data security, states”
  • What’s to like? Maybe? → someone is working to explore the potential actual harm from breaches
  • This article, however, is just an attack
  • Why it matters? People read this stuff. They reinforce it. Fiction becomes fact because it gets repeated so much

We're told data breaches cost millions on average - but this security study disagrees

NIST launches self-assessment tool for cybersecurity


  • Boosters say the document will help specialists explain the importance of cybersecurity to the company's bottom line — the "holy grail" of business cybersecurity. But some critics have questioned how useful it will be to smaller companies.
  • “NIST Cybersecurity Framework — a document that catalogues the five areas of cybersecurity every company needs to know: identify, protect, detect, respond and recover.”  
  • I like these five. Need to check out the process itself.
  • It’s open for comment. Personally, I’d love to hear from our audience
    • Using the NIST framework?
    • Checking out the tool?
    • Planning to make comments?


House to vote on cyber bill for small businesses

Sep 27, 2016
DtSR Episode 212 - Insider Threat Primer

In this episode, we talk with Mike Tierney, who is the brand-new CEO at Veriato. In our conversation we talk through a primer on insider threat, and use the great example of hosting a dinner party.

Mike has loads of nuggets of wisdom from his experience and we're certain that if you're a seasoned insider threat professional, or just thinking about the topic and wondering if you can do anything to protect your company - this show will be a good primer for furthering your discussion and learning.

Listen in, comment and share with your colleagues! Our show is always safe for the office and educational.


Talk back! Use our Twitter hashtag #DtSR to discuss this episode, ask questions, or suggest other topics or guests for the future!

Sep 20, 2016
DtSR Episode 211 - NewsCast for Sept 13th 2016

Chrome to label more sites as insecure in 2017

A USB Device is all it takes to steal credentials from locked PCs

DHS chief: 'Very difficult' for hackers to skew vote

  • Link:
    • Instead of dismissing the claim, let’s explore the merits
    • Then let’s consider what, if anything, it means for enterprise security
  • “It would be very difficult through any sort of cyber intrusion to alter the ballot count, simply because it is so decentralized and so vast,” he said, noting the series of state, local and county systems involved in running elections. “It would be very difficult to alter the count.”
    • Decentralized and vast - the merits
    • How many companies make the systems - so is it as decentralized as we’d like
    • How much of what you do in the enterprise is decentralized?
    • What are your points of failure - or the easy pathways to attack?
  • If someone did alter the vote… would we know? How would we know?
  • What’s the impact of appearing to alter the vote?
  • Depending on your organization… how would you handle the same sort of situation? How would you convey confidence to the executives and board?

Big business worried more about data loss than hackers – survey

  • Link:
  • This might feel like a “surprise” or a “shake your head” moment; but maybe it’s a signal of where we need to focus
  • If you’re in the enterprise, where (and how) would you rank the concerns?
  • What is the impact from data loss? Relative to a “breach” 
  • And then note: “But 15% of the companies Wells Fargo surveyed don’t require any employee training on cyber security, according to the report.”
    • That’s because the industry still botches this; 
    • I’m finally going to write up a series on this - and I’ll time it for October - make something productive out of security awareness month
  • Overall, this signals a need to seek better alignment with the executives and board; might I say… you need some straight talk

Obama Names Retired Air Force General as First Federal CISO

  • Link:
  • Position so broad… is it even useful?
  • Some notes of interest
  • General Officer (1 star)
  • Among Touhill's past positions was a 2-year stint as CIO and director of C4 systems, the nation's military transportation combatant command. 
  • He also served for nearly 1½ years as CIO and director for communications and information for the air mobility command. He retired from the Air Force in 2005 after nearly 22 years of service.
    • Reports to Federal CIO -- based in White House Office of Management & Budget
    • So they see this as a tech play only?
  • “ the blog, say Touhill will leverage his considerable experience in managing a range of complex and diverse technical solutions with his strong knowledge of civilian and military best practices, capabilities and human capital training, development and retention strategies.”
    • So basically… we have no idea what he’s doing or why
    • Only has 4 months
    • Window dressing?
Sep 15, 2016
DtSR Episode 210 - Data Protection Primer

In this episode James and I invite Vlad Klasnja from Optiv's Office of the CISO, and Hudson Harris, Chief Privacy Officer at HarrisLOGIC, to talk about data protection. From defining the concept to providing some insight into how we can actually protect confidential information - we talk through a lot of complex issues in this segment. Join us!



  • Hudson Harris - Chief Privacy Officer at HarrisLOGIC
  • Vlad Klasnja - Data Protection and Privacy Manager at Optiv
Sep 07, 2016
DtSR Episode 209 - NewsCast for August 29th 2016

NewsCast for Tuesday August 30th, 2016


Clinic Won’t pay breach protection for victims

California Bill would add security standards to data breach law

St. Jude stock shorted on heart device hacking fears

A Temperature-check on the state of application security

Important Apple patch for ‘Trident’

Aug 30, 2016
DtSR Episode 208 - Beyond the Ransomware Economy

This week Michael and I chat with Jamison Utter of Infoblox on one of the more interesting topics at hand - the economy of ransomware. We talk through the sudden popularity of the attack vector, the way the underground "criminal enterprise" has scaled and grown and the future of being a bad guy.

If you have occasion to talk to your organization's leadership on the ransomware epidemic, you need to listen to this podcast first.

Aug 23, 2016
DtSR Episode 207 - NewsCast for August 16th 2016

Quick note from Michael about the Straight Talk Framework & Program -- >

  • Get your free copy at
  • Launched a new program last week… boy, did I learn a lot.
    • Mostly, it’s my failure to explain. I’m going to chronicle some of the lessons over the next few days and share them
    • If you’ve already downloaded the questions - I’d love to chat with you about your experience…
    • If you find yourself in a situation like this, let’s chat. 25 minutes on the phone and we’ll both benefit
  • Until Monday, August 22nd, chance to get on board early and benefit yourself; i’ve got a lot to share this week and into the future. We’re at the start of something big!

Microsoft Accidentally Leaks 'Golden Keys' That Unlock Secure Boot-Protected Windows Devices: Oops?

The Future Of ATM Hacking

  • We didn’t have a problem, but we went ahead with the solution. Looking back on it, imagine some straight talk on this fiasco?
  • Yes, I realize some of you like the elegance of chip + pin; do you like the UX? Because it sucks. And if you lament the mag stripe, does that mean you stopped using a terrestrial radio, too?
  • Our need as leaders - in the enterprise and across the industry - is to focus limited energy and assets on the areas that create the most value

Apple will reward hackers with "bug bounty" to find flaws

  • The more we press on it, the more that we understand bug bounties and the like are just externally sourced (on spec) testing.
  • If you caught our last interview, we continued to explore the distinctions between research and testing; and rest assured, we’ll continue. When it comes to bug bounties, then, how does Apple do relative to structuring the deal of testing their software and devices?

Turbulence Ahead: Delta Computer Outage Is Just The Start, Say Experts

Risk vs reward – when good data becomes dangerous

Chief Security Officer May Be The Job Of The Future That No One Wants

Aug 18, 2016
DtSR Episode 206 - Vulnerabilities, Disclosure, Ethics, Research and Security

In this episode we chat with Steve Christey Coley currently the Principal Information Security Engineer over at MITRE Corp. In this episode we talk through our industry's obsession with vulnerabilities, dive headlong into the thorny issue of security research, talk through the various issues with disclosure and even delve into some ethics issues.

This episode is content-packed with some content that you will likely want to talk to us about. So here's how to find us:

Steve on Twitter: @SushiDude

Hashtag for the show: #DtSR


Steve's Bio (from LinkedIn -

Editor / Technical Lead for the Common Vulnerabilities and Exposures (CVE) project; Technical Lead for the Common Weakness Enumeration (CWE); co-author of the "Responsible Vulnerability Disclosure Process" IETF draft with Chris Wysopal in 2002; participant in Common Vulnerability Scoring System (CVSS) and NIST's Static Analysis Tool Exposition (SATE). My primary interests include secure software development and testing, understanding the strengths and limitations of automated code analysis tools, the theoretical underpinnings of vulnerabilities, making software security accessible to the general public, vulnerability information management including post-disclosure analysis, and vulnerability research.

Specialties: Vulnerability research, vulnerability management, software security.

Aug 10, 2016
DtSR Episode 205 - NewsCast for August 2nd 2016

Quick note from Michael about the Straight Talk Framework -- >

  • I’ve separated the framework from the programs; the framework is free and available for download from my website. More on the way!
  • To support both the framework and the programs, I’ve just finished a video that introduces the 5 questions; I have an optional workbook available and make a special offer at the end of the video
  • I’m about to launch an online offering… stay tuned for details


$2.7 Million HIPAA Penalty For Two Smaller Breaches

Is the GOP seriously considering endorsing vigilante hacking?!

NIST declares the age of SMS based 2-factor authentication over

The ninth circuit holds that accessing a website after receiving a cease and desist order does violate CFAA

A “famed hacker” is Grading Thousands of programs

Aug 06, 2016
DtSR Episode 204 - On Changing Culture

This week, Chris Romeo joins Michael, James and I to talk about changing the security posture of an organization by changing culture. This episode talks through tough issues like incentives, measurements and success factors. This episode with Chris is of particular interest for leaders and those who are working hard to change companies at their core, for the long term.


Chris Romeo's bio:

Chris Romeo is CEO and co-founder of Security Journey. His passion is to bring application security awareness to all organizations, large and small. He was the Chief Security Advocate at Cisco Systems for five years, where he guided Cisco’s Secure Development Life Cycle program, empowering engineers to "build security in" to all products at Cisco. He led the creation of Cisco’s internal, end-to-end application security awareness program launched in 2012. Chris has twenty years of experience in security, holding positions in application security, penetration testing, and incident response. Chris holds the CISSP and CSSLP certifications, and is a frequent conference speaker at RSA and AppSec.

Jul 26, 2016
DtSR Episode 203 - NewsCast for July 19th 2016

Ransomware that's 100% pure JavaScript? Sort of...

Researchers have come up with a 'cure' for ransomware

The government has officially issued a 'fact sheet' on randomware

Pokemon Go! - a neat idea with big issues potentially

FDIC hacked but covered it up, didn't report

The Fiat/Chrysler bug bounty program


Jul 19, 2016
DtSR Episode 202 - Outsourced but Better

This week on the Down the Security Rabbithole podcast, Brandon Dunlap is back for his second show. Following up on Episode 158 where we discussed outsourced security, this time around we talk through the next iteration of what "Managed Security" and outsourcing means to security.

You're not going to want to miss this episode!

As always, hit up our hashtag on Twitter at #DtSR and you can find Brandon on Twitter as well at @bsdunlap if you want to talk to him directly.

Jul 12, 2016
DtSR Episode 200 - Privacy, Security, Risk and Law Collide

** Our 200th numbered episode! **


A note from Raf:

 Thanks to everyone who has been listening to us, tweeting us, and sharing the links to our podcast. We are absolutely floored with the support and listenership we've received. The average show now gets just under 2,500 downloads when released in the first week, and that number goes up every week. So from the bottom of my heart, I humbly thank you and hope you'll continue to listen, share, and comment.

This week's episode is titled "Privacy, Security, Risk and Law Collide" as we host Dr. Chris Pierson and our recurring legal eagle from the great state of Texas, Shawn Tuma. If you don't have Shawn added on Twitter, you should go follow him right now.

In this week's episode we discuss the increasingly overlapping world of what was once "IT security" which has now started coming together with privacy, risk and law. Chris is uniquely poised to talk on the subject, as you will hear his credentials speak for themselves. You'll want to get comfortable, pay attention, and give this episode a careful listen as we take you down the security rabbithole for the 200th time.



  • Dr. Chris Pierson, CSO and General Counsel, Viewpost

    Dr. Chris Pierson is the EVP, Chief Security Officer & General Counsel for Viewpost. Dr. Pierson serves on the Department of Homeland Security’s Data Privacy and Integrity Advisory Committee and Cybersecurity Subcommittee and is a Distinguished Fellow of the Ponemon Institute.  Previously, Chris was the first Chief Privacy Officer, SVP for the Royal Bank of Scotland’s U.S. banking operations leading its privacy and data protection program.  Chris was also a corporate attorney for Lewis and Roca where he established it’s Cybersecurity Practice representing companies on security and data breach matters. Chris is a graduate of Boston College (B.A., M.A.) and The University of Iowa (Ph.D., J.D.) and gives keynotes/speaks at national events and is frequently quoted on cybersecurity.

Jun 28, 2016
DtSR Episode 199 - NewsCast for June 21st 2016

In this episode..


The "Nuclear Bomb" analogy isn't working, stop using it"

  • This is important with respect to how security people talk to real-life issues
  • Here is another example:


iOS apps will require secure https connections by 2017


Inside Sierra: How apple watch “auto unlock” will let you jump straight into MacOS


FICO to Offer 'Enterprise Security Scores'


Why don't banks care more about credit card security?


Cisco launches $10 million scholarship to tackle cybersecurity talent shortage

Jun 21, 2016
DtSR Episode 198 - What Legal Counsel Wishes CISOs Knew

On this episode of the Down the Security Rabbithole podcast, Dawn-Marie Hutchinson, currently an Executive Director within the Optiv Office of the CISO joins us and we talk about the things that she's learned over her career working with legal counsel, CISOs and solving problems. A fantastic episode with lessons learned, and executive leadership crammed into less than an hour. Give it a listen!


Find Rie on Twitter at @CISO_Advantage


UPDATE: Thanks to Sean Jackson (@74rku5) who has hand-transcribed the show. I haven't read this, personally, so if there if he slipped any humor I can't be held accountable!


Jun 14, 2016
DtSR Episode 197 - NewsCast for June 7th 2016

In this episode...



Are people "going offline" as a result of increasing dangers of the Internet?


"Sandjacking" allows attackers to install evil iOS apps

  • IF that attacker is physically holding your device
  • AND your device is unlocked
  • AND it takes a while because you have to backup, and restore a phone ... one app at a time
  • SO this isn't something you do to infiltrate someone's phone while they walk away for a few minutes to the restroom
  • Cool trick bro, but where on the spectrum of critical things does this fall?
  • The technique is called "Su-A-Cyder" ... awful name, lose points


Dropbox takes heat for a breach, that wasn't their breach


Lenovo's asking people to uninstall it's bloatware "Accelerator" app

Jun 07, 2016
DtSR Episode 196 - Jason Witty

On this episode of the Down the Security Rabbithole podcast, I get the pleasure of sitting down with one of my all-time favorite Chief Security Executives, Mr. Jason Witty. He's had a long career of successful security leadership, and in this podcast he sits down with us to talk about risk, threats and words we often confuse.

You're not going to want to miss this episode.

May 31, 2016
DtSR Episode 195 - NewsCast for May 24th 2016

This week the gang's all here to talk about some news happenings. Michael, James and I talk through some of the stories we've been tracking.

Have something you've been reading and want to talk about? Hit us on Twitter with hashtag #DtSR and suggest a topic/story for the next NewsCast!


Tennessee Amends Breach Notification Statute

FFIEC’s New Mobile Security Guidance: An Assessment

Software “glitch” kills Formula1 car mid-race

LinkedIn plays down 117 million user breach of data sale

May 24, 2016
DtSR Episode 194 - Update on Cyberlaw w Shawn Tuma

In this episode...


Michael and I welcome back Shawn Tuma, our resident Cyber Law Expert from the great state of Texas. We discuss some of the recent cases (unlocking an iPhone!) and some of the tough issues facing the court systems today. Shawn provides insights into the use of the finger (not joking) and some amusing and frustrating aspects of cyber law as the courts continue to evolve. Join us!

May 17, 2016
DtSR Episode 193 - NewsCast for May 10th, 2016

In this episode..


ImageTragick - major flaw in open source image processing toolkit

Detroit company loses $495k to wire fraud

The Ransomware Epidemic (Optiv blog)

Undetectable flaw in Qualcomm-powered Android phones is a huge deal

White Hat hacker sent to the clink for going too far

May 10, 2016
DtSR Episode 192 - Healthcare and Critical Infrastructure Security

In this episode...

Join our guest Larry Whiteside, Michael and I as we record live from InfoSec World 2016 in sunny Orlando, Florida! We talk through the life of a CISO, and the challenges of being in the Healthcare and Critical Infrastructure spaces and the similarities and differences. Larry has had a very diverse and successful career leading some of the most challenging organizations, so we dig into some of the things he's faced, how he's addressed some of those bigger leadership-level challenges, and just the mess that healthcare and critical infrastructure are in right now.


Don't miss this episode!



Note: I'm blessed with being able to work with Larry on a daily basis at Optiv. I highly encourage you to listen to this podcast and share with your friends and colleagues in the healthcare and critical infrastructure space.

May 04, 2016
DtSR Episode 191 - NewsCast for April 26th 2016

In this episode...

Only about a third of companies know how many vendors access their systems

No firewall, second-hand $10 routers are to blame for Bengladesh bank heist

Jim McKelvey's Launchcode is helping unconventional tech talent

  • internal mentorships could be the key
  • who out there is doing this, talk back to us using hashtag #DtSR on Twitter

The Simpson's math secret is the key to better security ... ?


Apr 26, 2016
DtSR Episode 190 - Interview with Lance James

In this episode, James, Michael and I are live from InfoSec World 2016 and we get the pleasure of interviewing Lance James fresh off the keynote stage. In this intimate, fast-paced and bold interview we talk through some of the challenges InfoSec is facing today, and where Lance believes we should be going.


If you haven't been to InfoSec World, we highly recommend going next year. The content team continues to provide a solid mix of technical, managerial and transitioning information security speakers. Make sure you have this one on your calendar for next year, and being the family!

Apr 20, 2016
DtSR Episode 189 - NewsCast for April 12th 2016

In this episode...


Pros examine mossack-fonseca breach: Wordpress plugin, Drupal likely suspects

WordPress pushes free https encryption for all hosted sites

If you can't break crypto, break the client

Executives - "We're not responsible for cyber security"


Apr 12, 2016
DtSR Episode 188 - Security Talent Truths

Intro song: "Josh Gabriel - Deep Down"; Intro/Outro v/o courtesy of @ToddHaverkos

Apr 05, 2016
DtSR Episode 187 - NewsCast for March 29th, 2016

In this episode...


Mar 29, 2016
DtSR Episode 186 - Becoming a CISO

In this episode


I posed some questions to Joey, an InfoSec professional who had recently moved into a CISO role in a midwest retail company:

  • Let's talk a little bit about the background you had before walking into your first day as a CISO...
  • How long have you been in your role, and what do you think "so far"?
  • What do you think were the biggest lessons you've learned in your time as a new CISO?
  • What do you make of all the talk about CISO burn-out rates, and the average tenure of a CISO being less than 2 years?
  • What do you see as the role of the CISO in today's business climate?
  • How do you work with other IT leadership, and executive leadership to make your mark and do your job?
  • From your experience, what do you think someone who is taking a new CISO role, or thinking about doing so, should know?
Mar 22, 2016
DtSR Episode 185 - NewsCast for March 15th 2016

In this episode...


The FTC is getting into providing guidance on password changes


Dwolla hit by CFPB and fined $100,000

  • Who is the CFPB (Consumer Finance Protection Bureau)?
  • This opening sentence is crucial: "The Consumer Financial Protection Bureau (Bureau) has reviewed certain acts and practices of Dwolla, Inc. (Respondent, as defined below) and has identified the following law violations: deceptive acts and practices relating to false representations regarding Respondent’s data-security practices in violation of Sections 1031(a) and 1036(a)(1) of the Consumer Financial Protection Act of 2010 (CFPA), 12 U.S.C. §§ 5531(a), 5536(a)(1)"


FTC To Study Credit Card Industry Data Security Auditing


Bengladesh bank hackers steal ~$100M

Mar 21, 2016
DtSR Episode 184 - A CISO Post-RSA WrapUp

In this episode, we wind down from RSA Conference 2016 and talk with Jonathan and Michael, both security executives and leaders at their respective companies whom were both out at RSA Conf and share with us some of their insights, lessons learned, and discuss some of the more interesting topics.


Join James and I for an informative, insightful, and slightly unnerving conversation about the state of our industry. If you missed RSA Conference (or even if you were out there but wish you weren't) this is one you're going to want to listen to at least once.

Mar 16, 2016
DtSR Episode 183 - NewsCast for March 1st 2016

This is RSA Conference week, so while Rafal is out in San Francisco trying to make it through another one, James and Michael break down the news events that you may have missed.


300,000 Homes affected by security alarm bug


82 Percent of company boards are concerned about security


See something suspicious online, Homeland Security wants to know about it


Antivirus update breaks Internet browsing due to glitch

  • Apparently, update blocks getting to many internet sites due to flagging javascript as virus
  • We have seen this many times before.
  • What to consider:
    • Do you have a plan to handle this type of situation in your business?
    • Do you understand your model to identify the potential risks to then consider response plans?

Hospital pays $17,000 ransom after crooks hold data hostage

Mar 01, 2016
DtSR Episode 182 - Apple Versus the FBI

In this episode...

  • Michael and I moderate what turns out to be an expert-filled panel discussion on the real issues of the Apple vs FBI debate
  • Shawn Tuma, our favorite cyber attorney, provides expert insights into the statutes, laws and applicable legislation in this case
  • Dave Kennedy, Von Welch and Gary bring their technical expertise and background to discuss the issues from a technology and policy perspective

We think this is one of those landmark podcast episodes you'll want to listen to a few times. Lots of interesting content here, and we encourage you to share!


Don't forget, #DtSR on Twitter!

Feb 23, 2016
DtSR Episode 181 - NewsCast for Feb 16 2016

In this episode


Class action lawsuit against SuperValu dismissed

Nieman Marcus - breached again (with another lesson this time)

  • So is it official, not having MFA is weak authentication?
  • Is someone accessing accounts through the web interface with stolen passwords a “breach”?
  • Encryption would have done nothing to save any of this information as it was accessed through the interface.
  • Did they have account lockout?  What's the rest of the story here?

Hacker steals and releases information on 30,000 FBI and DHS employees

Hacked toy company tries a different tactic


Feb 16, 2016
DtSR Episode 180 - From the CISO Perspective

In this episode...

  • Andrew discusses a few of the key challenges making it difficult for the healthcare sector right now
  • Robb, Andrew and Raf discuss the importance of identity in the corporate environment
  • Robb and Andrew give some of their wisdom for the successes and failures of CISOs (and the broader security industry)
  • We discuss the technical vs executive CISO approach (which is better?)
  • Robb and Andrew provide some unfiltered advice for CISOs and those who want to become them


  • Robb Reck ( @RobbReck ) - Chief Information Security Officer at Ping Identity, contributor to ISSA Denver with a long history as a successful security executive and leader.
  • Andrew Labbo - Drew is the CISO at Denver Health and Hospital Authority and is the owner and principal of RMHG, which offers HIPAA consulting and HIPAA advisory services. Drew has over 15 years’ experience with information security and technology and over 10 years’ experience as a Privacy and Data Security Officer. He is an expert on HIPAA Privacy and Security Rule regulations as well as HITECH and Omnibus regulatory updates. Drew’s recommendations are guided by his education in health administration and experience and leadership integrating privacy and security controls with health information technology infrastructure and applications, as well as treatment, payment, operations, and human subjects research workflows and processes.
Feb 09, 2016
DtSR Episode 179 - NewsCast for Feb 2nd 2016

In this episode


Employees may face penalties if they misinterpret security policies?

New lawsuit filed blaming Twitter for ISIS attack

SCADA/ICS make incident response more complicated

Only in NYC: Dept of Consumer Affairs warns parents of baby monitor hacks


Feb 02, 2016
DtSR Episode 178 - What Will Get Us There

In this episode

  • What goes us here - so where are we?
  • Where do we go, and how? (addressing stunt hacking)
  • We discuss how we can influence outcomes, without hand waving and endangering lives
  • What about truly understanding risk, versus ‘security stuff’?
  • Michael breaks out the “risk catnip”
  • Raf asks Haroon - “What are the 2-3 things security does right now, that we should just quit?”
  • We discuss some of the breakers that are turning into builders, and implications
  • With the rate of bad vastly outpacing the rate of good - what’s the solution?


  • Haroon Meer ( @haroonmeer- Haroon is an internationally acclaimed long-time industry insider and is working hard to change the "how we've always done it" dynamics. His talk "What got us here, won't get us there" is now world famous. He works over at Thinkst and does some pretty amazing things you should check out.
Jan 26, 2016
DtSR Episode 177 - NewsCast for January 19th, 2016

In this episode

FTC imposes a $250,000 fine for "false advertising" of encryption

NY wants to ban encrypted smart phone sales

Las Vegas casino is suing cybersecurity firm over "woefully inadequate" work

  • Are there ethical implications here of a competitor defining negligence?
  • Burden of proof is on casino to prove "woefully inadequate" - but against what standard?
  • Does this ultimately raise quality, price or both for IR services?

The FDA issues draft guidance of security guidelines

OpenSSH bug found, fixed

Jan 19, 2016
DtSR Episode 176 - 2015 InfoSec Legal Review

We open up our 2016 year interviewing Shawn Tuma on the show. Shawn is our legal eagle, and a regular contributor to the podcast. This episode ran a little bit long (OK a lot long) but I think you'll enjoy the show... 


In this episode...

  • Most important cybersecurity-related legal developments of 2015
    • Tectonic Shift that occurred with “standing” in consumer data breach claims
      • Discussion of law prior to Neiman Marcus case, and post Neiman Marcus
      • Does this now apply to all consumer data breach cases?
      • Immediate impact? Companies now liable?
      • Lesson is in seeing the trend and how incrementalism works
  • Regulatory Trends
    • FTC & SEC gave hints in 2014, post-emergence of Target details
    • Wyndham challenged authority – came to fruition in August 2015
    • SEC not far behind – significant case in September 2015
    • Aggressiveness of FTC is substantial – FTC v. LabMD … all over LimeWire
  • Officer & Director Liability
    • 2014 – SEC Comm. fired the warning shot … pointed the finger
    • Shareholder derivative litigation
    • Individual liability of IT / Compliance / Privacy “officers”
  • Major 2016 Legal Trends
    • Regulatory enforcement … which, by the way, is why NIST is becoming default
    • Shareholder Derivative – much more likely than consumer class actions at this time
    • Lessons from both of these: when you need to persuade the “money folks” that they need to act, mention D&O Liability (especially Caremark) and Regulatory focus on individuals … now they're in the cross-hairs
    • Realization that cybersecurity is more of a legal issue than anything else (IT or business) b/c it is the legal requirements and consequences that ultimately drive everything
Jan 13, 2016
DtSR Episode 175 - NewsCast for January 5th 2016

In this episode...


Juniper has a backdoor problem

Iranians broke into New York dam in 2013 and “had a look around”


Facebook announced it’s dumping Adobe Flash


191 Million US voter records found ‘unprotected’ by a researcher


PayPal rolls out the welcome mat for hackers


PCI Council extends encryption deadline

Jan 05, 2016
DtSR Episode 174 - Health Check on Healthcare InfoSec

In this episode...

  • We discuss what in the world is going on in the healthcare space, and why they’re such a target for attackers
  • Dustin discusses why the explosion in digitalization in health care is both amazing and terrifying
  • We discuss future-proofing “smart” healthcare
  • I stumble on “the fundamentals”
  • Dustin discusses the security of “data analytics” in the healthcare space
  • I ask how we can make health care professionals better security people, without making them security people
  • I ask Dustin what the healthcare industry should be doing, going forward into 2016


  • "Dustin" is a progressive CISO at a Fortune 250 Healthcare organization
Dec 28, 2015
DtSR Episode 173 - NewsCast for December 14th 2015

In this episode...

  1. Vizio is getting sued, over data their TVs collect?
  2. Wyndham settles (caves to) the FTC
  3. The US Federal Bureau of Investigation (FBI) admits to using 0day vulnerabilities
  4. Google introduces DLP into Google Apps
  5. Black boxes on ships can be hacked
Dec 14, 2015
DtSR Episode 172 - The Truth on Cyber Insurance

Thanks for joining us! This is a very important episode with true experts on the topic of cyber insurance. I was lucky enough to get an attorney and a VP of an insurance firm who specialize in the topic and their depth of knowledge and candor may shock you.

The net is that cyber insurance is a positive for our industry.


In this episode..


  • Eran says that if you don’t do good security, the courts will frown down upon that
  • Keith tells us why insurance covers security, but it does not cover negligence
  • We start back on the discussion on the importance of knowing your critical assets
  • Keith discusses why the insurance market is essentially a mirror of your program
  • Eran talks about how his team dissect and investigate breaches to improve understanding
  • Keith and Eran discuss how the process of buying cyber insurance can actually lead to improved security


Dec 07, 2015
DtSR Episode 171 - When the FTC Attacks

In this episode

I interview Mike Daugherty - author of The Devil Inside the Beltway [ link] live from the Security Advisor Alliance first-ever Summit in Dallas, TX. Mike was kind enough to sit down with me (twice, thanks to a tech failure) and tell his absolutely surreal story of what happened to him, his company at the hands of what can only be described as an insane situation.

If you own a business, or manage a business, or work in enterprise -- you need to hear Mike's story. If it wasn't documented and video recorded, you'd never believe it's true.

Truth be told, I've been a supporter of the FTC as an advocate for the victims of breaches - the person who's information is stolen. After hearing Mike's story... I have had my mind completely changed.

Nov 30, 2015
DtSR Episode 170 - Minneapolis CISO Summit Roundtable 1

In this episode

  • We start a constructive discussion addressing the problem of the ‘talent shortage’
  • The panel discusses the general lack of understanding of the big picture challenge from both sides: business and security
  • The panel discusses basic security issues in an expanding ecosystem of Internet connected things
  • The panel discusses some real potential solutions to our talent issue



Nov 23, 2015
DtSR Episode 169 - NewsCast for November 16th 2015

In this episode...

Nov 16, 2015
DtSR Episode 168 - Practical Enterprise Threat Intelligence

In this episode

  • Rob & Liam discuss the practical applications of threat intelligence for today's enterprise
  • We discuss what enterprise threat intelligence really is (and also what it isn't)
  • We discuss the place of feeds, tools, processes and people in the mechanics of the program
  • We discuss the need to conduct a program-based intelligence approach for the enterprise


  • Liam Randall ( @hectaman ) - With a career spanning 20 years, Liam Randall has worked at every level of the information systems pipeline- from building and operating large networks, developing and maintaining large 100M+ e-commerce solutions, to designing and implementing global network security monitoring sensor grids. A frequent speaker and trainer at security conferences Liam has trained over 1000 students on advanced incident response with a focus on leveraging the open source Bro Platform. 
  • Robert M. Lee ( @RobertMLee ) - Robert M. Lee is the founder and CEO at Dragos Security LLC where he helped design and build CyberLens - a cyber situational awareness software tool for critical infrastructure networks. He is also a non-resident National Cybersecurity Fellow at New America focusing on policy issues relating to the cyber security of critical infrastructure. For his research and focus areas, Robert was named one of Passcode’s Influencers and awarded EnergySec's 2015 Cyber Security Professional of the Year.
Nov 09, 2015
DtSR Episode 167 - NewsCast for Nov 2nd 2015

In this episode...

Nov 02, 2015
DtSR Episode 166 - Cyber Security From Board Room to White House

In this episode...

  • Raf sits down with Howard Shmidt to talk about Cyber Security from the public to private sectors and everything in between.
  • Howard & Raf talk through challenges of cyber security in the board room
  • Howard gives us some of the challenges that government faces, from his experience
  • Don't miss this episode!



  • Howard A. Schmidt ( @HowardAS ) - Former Supervisory Special Agent,Director of Computer Crime and Information Warfare, AF OSI, Former CSO Microsoft Corp. Former Chairman of White House Critical Infrastructure Protection Board, VP, CISO eBay Inc. Special Agent, US Army CID (Reserves). Law Enforcement Officer Chandler Police Department, AZ
Oct 26, 2015
DtSR Episode 165 - NewsCast for October 19th, 2015

In this episode...

Oct 19, 2015
DtSR Episode 164 - 3rd Party and Supply Chain Risks

In this episode...


  • Josh Douglas - CTO for Raytheon Cyber Products – has nearly two decades of experience in helping global enterprises and government agencies secure their most prized business/mission assets. During his past 9 years at Raytheon, he has overseen Raytheon’s Cyber Security Intelligence Operations, Malware Concepts, Security Infrastructure Operations and Research Technologies tasked to produce effective forward-looking cyber software solutions to contain and control advanced threats. These solutions are used to help commercial and government entities protect their enterprises and the global cyber supply chain from ever-changing advanced persistent threats and malware.

    Prior to joining Raytheon, Joshua has a successful track record in network security operations and engineering management positions, securing enterprise environments while promoting contextual response. Prior employers include Enterasys Networks, Kronos, Genuity, MIT Lincoln Laboratory and other prominent enterprises. Joshua earned a Bachelor of Science Degree in Computer Science from Appalachian State University and currently holds a number of technical computer and network security certifications. LinkedIn:
Oct 12, 2015
DtSR Episode 163 - NewsCast for October 5th, 2015

In this episode...

Oct 05, 2015
DtSR Episode 162 - OSINT and Privacy in a Digital World

In this episode...

  • Kirby tells us what OSINT is
  • We discuss how much we are giving away on digital channels?
  • We discuss if there is such a thing as anonymity anymore
  • Location sharing in apps — the bad, the ugly, the scary
  • Kirby and Michael discuss “checking up on your executives”
  • Raf talks about “logo pages” — why do these still exist?!
  • Kirby gives us some thoughts on OPSEC
  • Kirby leaves us with a dose of reality about privacy in today’s world



  • Kirby Plessas ( @kirbstr ) - Kirby is the CEO of Plessas Experts Network, Inc. She did some things before this too, but we can't tell you about them or we'd have to black-bag you and send you to Gitmo. You can get her LinkedIn bio here:
Sep 28, 2015
DtSR Episode 161 - NewsCast for Sept 21st, 2015

On this episode of the NewsCast

Sep 21, 2015
DtSR Episode 160 - Leadership from a Navy SEAL

In this episode...

  • Brandon, Michael and I discuss the challenges of leadership and how leadership is more than just telling people what to do. Brandon gives us some of his back-stories and anecdotes to illustrate his points on leadership along the way.
  • I promise you'll love this episode, and I highly encourage you to go donate what you're able to, to Red Circle Foundation (


  • Brandon Webb ( @BrandonTWebb ) - Brandon is a former Navy SEAL, bestselling author and CEO of Force12 Media. He founded Red Circle Foundation as a way to give back to the families of the Special Ops community in a meaningful way.


Sep 14, 2015
DtSR Episode 159 - NewsCast for Sept 7th 2015

In this episode

Sep 07, 2015
DtSR MicroCast 08 - Conference Engagement

In this MicroCast, live from HTCIA Conference 2015 in Orlando, FL, Michael and I quickly set the stage for a conversation on conference speaker/attendee engagement. 

[Raf] One of my biggest pet peeves as a speaker is getting a room-full of people who watch (and listen) me speak, wait for me to finish, and leave when I'm done.

[Michael] As an attendee, you need to know what you "do" and what you're looking for from the conference.


--> Here's the link to the article Michael mentions:


We welcome the discussion on this topic, #DtSR on Twitter!

Sep 01, 2015
DtSR Episode 158 - Managing Security with Outsourced IT

In this episode...

  • We discuss what life is like as the CISO when you have all the responsibility for, but no administrative access (or hands on keyboard)
  • Brandon tells his story about how his IT organization went from in-house, to out-house, and how they got where they are
  • Brandon tells us the process and strategy he uses to get a handle on his security
  • We discuss why visibility is one of the most important things to outsourced IT (and security)
  • Brandon tells a story of an incident where things went very sideways
  • We discuss the balance between outsourcer scalability and customer deviations
  • Brandon tells us why sometimes it takes 3 months to scan your environment for a vulnerability ( your head will explode )
  • …and so much more


  • Brandon Dunlap ( @bsdunlap ) - Brandon is the global Chief Information Security Officer for a an employee-owned, global leader in building critical infrastructure in energy, water, telecommunications and government services currently operating in more than 100 countries through consulting, engineering, construction, operations and program management.
Aug 31, 2015
DtSR Episode 157 - NewsCast for Aug 24th, 2015

In this episode...

Aug 24, 2015
DtSR Episode 156 - Leadership Defined Measured and Discussed

In this episode...

  • We discuss the ever-growing need for strong leadership in security
  • I ask whether experience and longevity in a position naturally brings leadership qualities
  • We talk through how leadership interplays with other competencies
  • Michael asks whether the security leader has a place at the executive table (the "big kids table")
  • Michael asks if the MBA has value in security leadership
  • We discuss the model my team uses for leadership and how we build them
  • Michael and Heath discuss various competency models for leadership
  • We discuss measuring, KPIs and relative distance
  • We discuss how leaders can make better decisions
  • Heath leaves us with an Alex Hutton quote
Aug 17, 2015
DtSR Episode 155 - NewsCast for Aug 10th, 2015

In this episode...

Aug 10, 2015
DtSR Episode 154 - Enterprise Software Security Reloaded

In this episode

  • Raf asks - Why haven’t we solved the same old software security bugs?
  • James asks how a security team gets out of the way and still get better security?
  • We discuss threat modeling, and channel a bit of John Steven
  • Jeff talks about the OWASP ESAPI and standard security libraries and controls
  • Jeff talks about “libraries with known vulnerabilities” and the role of open source components
  • Raf brings up the ugly side of enterprise outsourcing - code development by committee
  • We discuss static, dynamic and run-time security tools
  • Raf asks Jeff what the RIGHT approach to creating a software program looks like



  • Jeff Williams ( @PlanetLevel ) - Jeff brings more than 20 years of security leadership experience as co-founder and Chief Technology Officer of Contrast. In 2002, Jeff co-founded and became CEO of Aspect Security, a successful and innovative consulting company focused on application security. Jeff is also a founder and major contributor to OWASP, where he served as the Chair of the OWASP Board for 8 years and created the OWASP Top 10, OWASP Enterprise Security API, OWASP Application Security Verification Standard, XSS Prevention Cheat Sheet, and many other widely adopted free and open projects. Jeff has a BA from Virginia, an MA from George Mason, and a JD from Georgetown.
Aug 03, 2015
DtSR Episode 153 - NewsCast for July 27th, 2015

In this episode...

Jul 27, 2015
DtSR Episode 152 - The Great InfoSec Talent Shortage

In this episode

  • Talent shortage - is it real, and how bad is it?
  • We discuss: what does negative unemployment actually mean?
  • Michael asks- ecurity is still relatively new, how do we determined what “qualified” means?
  • What skills are necessary to be a good security professional?
  • Hiring - we discuss how we get better at screening potentially qualified employees
  • We discuss how we can vet out real experience, versus resume skills
  • Mark and Michael discuss specialization, automation, and optimizing our workforce
  • Mark shares his thoughts on growing and retaining top talent


  • Mark Orlando ( @MarkAOrlando )  - As the Director of Cyber Operations, Mark is responsible for Foreground’s Federal practice as well as the Virtual Security Operations Center (V-SOC) managed service. He leads a national team of analysts, engineers, incident responders, and managers who secure some of the most high profile networks in the Federal, financial, commercial, and power and utilities industries. As the senior operations subject matter expert, he is also responsible for security services strategy and advises on strategic Foreground initiatives such as threat intelligence analysis, custom analytics development. Mark is also a key advisor to the company’s award-winning educational unit, Foreground University. Prior to joining Foreground Security, Mark advanced through the technical ranks as a Security Analyst and Technical Lead in a variety of operations environments. In his 13+ years of experience, he has built and led security operations teams at the White House, the Department of Energy, the Pentagon, and numerous commercial organizations. He has also managed the operations division of a major Managed Security Service Provider supporting hundreds of private and public sector clients. Mark enjoys teaching and learning from others. He has presented on security operations and assessment at the Institute for Applied Network Security Forum and RSA Conference. Mark has earned the CISSP, PMP, CEH, ITIL, and multiple SANS GIAC certifications and holds a B.S. In Advanced Information Technology from George Mason University. Mark served in the US Marine Corp where he was a Marine Artillery NCO.

    Foreground Security (
Jul 20, 2015
DtSR FeatureCast - HTCIA International Conference 2015 Preview

In this episode...


  • Peter Morin joins us to talk through the upcoming HTCIA International 2015 Conference in sunny Orlando, Florida.
  • We talk through a preview of talks, events, and some interesting reasons you should be going to HTCIA Int'l
  • Check out the incredible lineup of keynotes, speakers and talks -
  • Come see the #DtSR crew live and in person as we record and broadcast from the conference
Jul 15, 2015
DtSR Episode 151 - NewsCast for July 13th, 2015

In this episode...

Jul 13, 2015
DtSR Episode 150 - A CEOs Perspective

In this episode

  • We take a little peek inside the mind of a CEO, from the security perspective
  • We discuss the state of information security in the last decade
  • Dan shares his wisdom on how the role of a security professional and security leadership has changed over the course of his career
  • We discuss about the talent shortage - and get an in-depth look at solving some of this problem
  • Dan shares with us his views on balancing people, processes and technology resources to achieve meaningful security
  • We talk strategy, and Dan and the guys talk through why it's so vital
  • We get Dan's "closing remark" (something you won't want to miss)



  • Dan Burns, CEO Optiv, Inc. -  Dan Burns brings more than 23 years of business, technology and security industry experience to his role as chief executive officer. In this role he is responsible for the development and implementation of high-level strategies and direction of the company’s growth. Being able to provide clear insight into navigating the complex information security landscape is a priority for Burns. His philosophy is to focus on building long-term relationships with clients, working with them to simplify their lives and becoming a trusted information security partner rather than a reseller or outside consultant.
    From 2002 when he co-founded Accuvant, until 2012 when he assumed his position as the company’s first CEO, Burns served as senior vice president of Accuvant’s sales organization. In that role, he was responsible for strategic planning, sales growth and problem resolution. Burns co-developed and helped to successfully execute on Accuvant’s initial vision – to build a company with the breadth, depth and capabilities to address the information security needs of organizations worldwide. He launched the sales force and grew it to a national powerhouse organization within a 10-year period, conducting business with nearly half of the Fortune 500, and driving $740M in revenue in 2014.
    Prior to his achievements with Accuvant, Burns was the regional vice president of sales for the western region of OneSecure. He played an integral role in transitioning the organization from a managed security services (MSS) provider to a product company, delivering to the marketplace the first intrusion prevention system (IPS) and generating $40M in product sales in the first year.
    Previously, as the western region vice president for Exault, an integrator, consulting organization and reseller, Burns secured some of the largest enterprise clients in the Rocky Mountain region and helped grow revenues to nearly $150M in two years. He also held positions at Access Graphics, Arrowpoint, and Netrex where he supported some of the largest telecommunication companies in building their information security programs, implementing technology and taking advantage of Netrex’s world-class MSS.
    Burns earned a bachelor’s degree in economics from San Jose State University
Jul 06, 2015
DtSR Episode 149 - NewsCast for June 29th 2015

In this episode

With me gone, James and Michael run feral!

  • It's June, so here are the top 3 security priorities for CISOs for 2015 (yes in June)
    • Boils down to: patch faster, improve credentials, code better
    • Is this the right list? 
    • It mentioned side-stepping cloud and mobility. What if migrating to the cloud offers the opportunity to not worry about patching or code, and improve your credentials? 
    • Someone pointed out to me that this matches the OPM hack; perhaps this is just content driven from that? Does that make it more or less valid?
    • Let us know… #DTSR
  • Cybersecurity tops advisors's compliance worries: poll
  • Why it's worth divorcing information security from IT
  • Keeping your kids safe (online) this summer -- with our very own TV star, James!
    • James, tell us about the experience - and how you don’t have nearly the control you think you’ll have
    • What did you do to prep?
    • What was your one big take away?
    • Now that you did the interview, any new thoughts?
    • Folks… what do you do? #DTSR - congratulate James on a great interview, then share your ideas (and yes, this is an enterprise play -- you can AND SHOULD share this with your employees)
Jun 29, 2015
DtSR Episode 148 - Focus on the CISO

In this episode...

  • What is the Security Advisor Alliance?
  • We discuss some of the issues facing CISOs today
  • Clayton gives us his perspective on how to solve some of those issues
  • Clayton tells us about the mission of the SAA
  • If your'e a CISO, are you signed up for the SAA Summit?  Shoot Clayton an email



Jun 22, 2015
DtSR Episode 147 - NewsCast for June 15th, 2015

In this episode...

Jun 15, 2015
DtSR Episode 146 - State of Enterprise Incident Response

In this episode...

  • Defenders are set up to fail? how and why
  • How do we fill forensics and IR positions?What skills and qualifications do forensics/IR need to have?
  • How can enterprises get better at IR from where they are today?
  • How do we solve some of the problems plaguing the security industry?



  • Andrew Case ( @attrc ) - Andrew Case is a senior incident response handler and malware analyst.He has conducted numerous large-scale investigations that span enterprises and industries. Andrew's previous experience includes penetration tests, source code audits, and binary analysis.  He is a core developer on the Volatility memory analysis framework and co-author of the highly popular and technical forensics analysis book "The Art of Memory Forensics: Detecting Malware and Th