Welcome to another insightful episode of "To The Point Cybersecurity," brought to you by Forcepoint! In today's episode, we're diving into the nuances of modern data security with our special guest, Yasir Ali, CEO of Polymer. As networks become increasingly borderless, the challenges for data security are escalating. We'll explore crucial technologies like Data Security Posture Management (DSPM) and Data Loss Prevention (DLP), and discuss the importance of reducing risk profiles and managing access control effectively.

Whether you're grappling with data security in a cloud-based world or curious about the future of AI in cybersecurity, this episode serves as an essential listen. Don't forget to subscribe and leave a review on Apple Podcasts or Google Podcasts. Let's get started! 

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e300

This week, Audra is joined by Mark Montgomery, senior director of the FDD’s Center on Cyber and Technology Innovation and director of the CSC 2.0. Today’s discussion focuses on the progress made implementing the recommendations of the Cyberspace Solarium Commission’s 2020 report and securing critical infrastructure more broadly, including insights from Mark on the need for a distinct military force focused exclusively on cybersecurity.

Mark Montgomery serves as senior director of the Center on Cyber and Technology Innovation, where he leads FDD’s efforts to advance U.S. prosperity and security through technology innovation while countering cyber threats that seek to diminish them. Mark also directs CSC 2.0, an initiative that works to implement the recommendations of the congressionally mandated Cyberspace Solarium Commission, where he served as executive director. Previously, Mark served as policy director for the Senate Armed Services Committee under the leadership of Senator John S. McCain, coordinating policy efforts on national security strategy, capabilities and requirements, and cyber policy.

Mark served for 32 years in the U.S. Navy as a nuclear-trained surface warfare officer, retiring as a rear admiral in 2017. He was assigned to the National Security Council from 1998 to 2000, serving as director for transnational threats. Mark has graduate degrees from the University of Pennsylvania and the University of Oxford and completed the U.S. Navy’s nuclear power training program.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e277

Buckle up for this week’s episode because it is quite a ride! Greg Crabb, founder of TenEight Cyber and former CISO for the United States Postal Service shares insights from his more than 25 years in law enforcement and bringing cyber criminals to justice. And hear perspective on CISO best practices for a 630k+ employee organization with 43k facilities and 160 million daily delivery points and how he took a 40 person cyber team to 600 in just a few years. Also learn how his team partnered with CISA to secure the 2020 U.S. election, how postal inspectors serve as first responders (hint: anthrax vs cornstarch), the importance of identifying and quantifying risk for your organization today and the DevSecOps opportunity ahead. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e268

Michael Daniel, President and CEO of Cyber Threat Alliance joins the podcast this week and dives right into the latest developing cyber implications resulting from the Ukraine conflict, as well as longer term considerations on Russian cyber companies impacted by sanctions. He also shares perspective on the differing views of cyber as a nuisance vs public/safety problem, the opportunity to combat cyber collectively, CISA’s Shields Up program and organizations sustaining a high level of vigilance, and the STIX information sharing platform.

Michael Daniel, CEO of Cyber Threat Alliance
Michael leads the CTA team and oversees the organization’s operations. Prior to joining the CTA in February 2017, Michael served from June 2012 to January 2017 as Special Assistant to President Obama and Cybersecurity Coordinator on the National Security Council Staff. In this role, Michael led the development of national cybersecurity strategy and policy, and ensured that the US government effectively partnered with the private sector, non-governmental organizations, and other nations.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e177

This week we are joined by Herb Lin, Senior Research Scholar, CISAC and Hank J. Holland Fellow, Hoover Institution at Stanford University – and author of the book Cyber Threats and Nuclear Weapons. Herb shares his deep expertise in cyber policy and security to shed light on key questions that should be on everyone’s mind, such as “Why are innovation and cybersecurity opposites” and “Why are we always behind in cybersecurity?”. He also breaks down why complexity is the enemy of security, cyber war vs nuclear war, three roads to ruin, and the role of a Chief Luddite Officer. Prepare for your mind to be blown!

Herb Lin, Senior Research Scholar at Stanford's Center for International Security and Cooperation

Dr. Herb Lin is senior research scholar for cyber policy and security at the Center for International Security and Cooperation and Hank J. Holland Fellow in Cyber Policy and Security at the Hoover Institution, both at Stanford University. His research interests relate broadly to policy-related dimensions of cybersecurity and cyberspace, and he is particularly interested in the use of offensive operations in cyberspace as instruments of national policy and in the security dimensions of information warfare and influence operations on national security. In addition to his positions at Stanford University, he is Chief Scientist, Emeritus for the Computer Science and Telecommunications Board, National Research Council (NRC) of the National Academies, where he served from 1990 through 2014 as study director of major projects on public policy and information technology, and Adjunct Senior Research Scholar and Senior Fellow in Cybersecurity (not in residence) at the Saltzman Institute for War and Peace Studies in the School for International and Public Affairs at Columbia University; and a member of the Science and Security Board of the Bulletin of Atomic Scientists. In 2016, he served on President Obama’s Commission on Enhancing National Cybersecurity. Prior to his NRC service, he was a professional staff member and staff scientist for the House Armed Services Committee (1986-1990), where his portfolio included defense policy and arms control issues. He received his doctorate in physics from MIT.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e176

This week’s podcast guest Rich Itri, Chief Innovation Officer at ECI, did the heavy work of reading the SEC’s 250-page proposal on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure and shares perspective on what may be ahead for public companies that are subject to the reporting requirements of the Securities Exchange Act of 1934. As it goes into comment period through May 9, 2022, many are on standby for the outcome of the proposed cyber incident reporting timeline of four days after a material breach. Which, of course leaves one to wonder, just what are we considering ‘material’ these days? You don’t want to miss this week’s episode as Rich shares deep insights from his more than 20 years on the financial services security frontlines.

Rich Itri, Chief Innovation Officer at ECI

Rich Itri is the Chief Innovation Officer at ECI. Rich has over 22 years of IT executive experience, spending his entire career managing IT within the financial services industry. Prior to joining ECI, Rich was Managing Director and Chief Technology Officer for PJT Partners, a boutique investment bank, Principal and Chief Information Officer for Sky Road and held Chief Information Officer positions at Arrowhawk Capital Partners and Arbalet Capital Partners. Over the years, Rich has developed and managed innovative, business aligned platforms, that drive revenue and operational efficiencies. Rich holds positions on several Advisory Boards and volunteers his time to help non-profits leverage technology.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e175

Matt Bianco, President at Fedway Consulting, joins the podcast this week to deep dive into the electric vehicle world, how it’s evolving, challenges being address (such as charging stations!) and government plans to help advance electric vehicles within the government fleet and with consumers across the U.S. One of the big questions with electric vehicles are the cyber vulnerabilities as charging stations connect to the internet to process charging time and transactions. With many asking, just how big a threat are we walking about as tens of thousands of new charging stations come online the next 5-10 years? Join the podcast to find out!

Matt Bianco, President at Fedway Consulting
Matt is a thought leader within the US Federal Government ecosystem related to Electric Vehicle (EV) Charging integration which includes strong knowledge of POV/GOV programs (workplace/fleet), hardware/software solutions, infrastructure, policy, etc. With partnerships across the industry including ChargePoint, Apollo Sunguard (SDVOSB), Beam Global, Freewire, etc, Matt has the ability to assist in formulating a plan that will cover every aspect of executing a flawless and easy Federal EV charging program. Other focuses include CyberSecurity initiatives and software solutions.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e174

Joining us this week is Avi Bashan, CTO of Kovrr sharing perspective on quantifying the elusive risk elements of business today. Great insights he shares on new methodologies and tools security teams, Risk Officers and others can leverage today to start putting risk into an understandable and quantifiable business perspective. And no conversation on risk is complete without discussion on cyber insurance - and we take a quick trip from the insurance industry’s beginnings through to present day cyber insurance.

Avi Bashan, Chief Technology Officer
Avi is CTO at Kovrr and leads engineering and research efforts. He started his career in an elite Israeli intelligence technology unit. Following his service, Avi advised Fortune500 companies on cybersecurity. Following his consulting period, Avi led research and development efforts at Lacoon Mobile security focusing on discovering novel new attacks and building state of the art malware detection engines. Lacoon Mobile Security was acquired by Check Point. Avi is a lecturer at Bar Ilan University's Business School and holds a B.Med.Sc from the Hebrew University of Jerusalem.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e173

Nick Espinosa, Chief Security Fanatic, at Security Fanatics joins the podcast this week to share perspective from his many interviews with Ukraine government members and others on-the-ground in Ukraine. He also shares insights on cyber attacks against Ukraine since 2014 and how the landscape continues to shift during the current conflict, including potential cyberattack leakage outside the region. And he dives into the critical communications elements at play including Internet access that is enabling those on the ground to communicate. He closes the podcast with four recommendations for companies looking to strengthen their security defenses amidst today’s uncertain cyber landscape. Be sure to follow Nick on Twitter @NickAEsp for continuing updates from those on the ground in the Ukraine.

Nick Espinosa, Chief Security Fanatic
For over 25 years, Nick has been on a first name basis with computers. Since the age of 9 he’s been building computers and programming in multiple languages. Landing his first IT job at age 15, Nick founded Windy City Networks, Inc at 19 which was acquired in 2013 by BSSi2. In 2015 Nick created Security Fanatics, a Cybersecurity/Cyberwarfare outfit dedicated to designing custom Cyberdefense strategies for medium to enterprise corporations. An expert in cybersecurity and network infrastructure, Nick has consulted with clients ranging from the small business owners up to Fortune 100 level companies. Nick has designed, built, and implemented multinational networks, encryption systems, and multi-tiered infrastructures as well as small business environments. He is passionate about emerging technology and enjoys creating, breaking, and fixing test environments.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e172

Joe Uchill, senior reporter at SC Magazine, joins us on the podcast this week to share perspective from his ongoing reporting on the cyber implications from the Ukraine conflict. We cover a bevy of themes including the level of cyber versus kinetic attacks, the “IT Army” of Ukraine and impact of decentralized hacking volunteers, Conti ransomware group woes and the globalism of the criminal economy, CISA Shields Up guidance and navigating through opportunistic criminals that invariably take advantage of a crisis. And he explains the Evel Knievel School of Storytelling approach.

Joe Uchill, Senior Reporter at SC Magazine

Long time cybersecurity reporter who has written for places like SC Magazine, Axios and Motherboard. I founded Axios’ Codebook cybersecurity newsletter and also wrote cybersecurity newsletters for The Hill and Christian Science Monitor. Newsletters are something of a specialty. In his spare time, he works on coding projects to bolster journalism. Previously ran a Washington D.C. area group of hackers, analysts and reporters who collaborated until COVID-19 put an end to in-person meetings.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e171

Petko Stoyanov, Chief Technology Officer for Global Governments at Forcepoint

Petko Stoyanov serves as Forcepoint's Chief Technology Officer for Global Governments. He focuses on strategy, technology and go-to-market for enterprise-focused solutions across the government verticals in Australia, Canada, New Zealand, United Kingdom, and the United States. Petko is an experienced cyber security leader who specializes in establishing information security programs and driving security maturity in technology through and experience specialized in aerospace, technology, and cloud. He has prior experience as an Information Security Manager and Security Architect leading and designing secure tamper resistant security systems and advanced multi-level security systems.

Petko's LinkedIn
https://www.linkedin.com/in/petko-stoyanov/

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e170

Dr. Samantha Ravich, Chairman for the Center on Cyber and Technology Innovation at Foundation for Defense of Democracies joins the podcast this week. She shares insights from her many years on the geopolitical and economic front lines of cyber, and work with many renowned government leaders, on developing a plan of action to address today’s cyber threat landscape and looming threat against critical infrastructure and essential services. She also provides perspective on building resiliency, what we can learn from natural disasters relative to cyber attacks, as well as the opportunity and impact of states creating and driving their own continuity of the economy plans.

Dr. Samantha Ravich, Chairman, Center on Cyber and Technology Innovation, Foundation for Defense of Democracies
----
Dr. Samantha Ravich is the chairman of FDD’s Center on Cyber and Technology Innovation and its Transformative Cyber Innovation Lab and the principal investigator on FDD’s Cyber-Enabled Economic Warfare project. She is also a senior advisor at FDD, serving on the advisory boards of FDD’s Center on Economic and Financial Power (CEFP) and Center on Military and Political Power (CMPP). Samantha serves as a commissioner on the congressionally mandated Cyberspace Solarium Commission and as a member of the U.S. Secret Service’s Cyber Investigation Advisory Board. Samantha served as deputy national security advisor for Vice President Cheney, focusing on Asian and Middle East Affairs as well as on counter-terrorism and counter-proliferation. Following her time at the White House, Samantha was the Republican co-chair of the congressionally mandated National Commission for Review of Research and Development Programs in the United States Intelligence Community. Most recently, she served as vice chair of the President’s Intelligence Advisory Board (PIAB) and co-chair of the Artificial Intelligence Working Group of the Secretary of Energy Advisory Board. She is advisor on cyber and geo-political threats and trends to numerous technology, manufacturing, and services companies; a managing partner of A2P, a social data analytics firm; and on the board of directors for International Game Technology (NYSE:IGT).

Her book, Marketization and Democracy: East Asian Experiences (Cambridge University Press) is used as a basic textbook in international economics, political science, and Asian studies college courses. Samantha is a member of the Council on Foreign Relations and advises the U.S. Intelligence Community and the Department of Defense. She is a frequent keynote speaker on: What Corporate Boards need to know about Cyber Security and Warfare; The Longer-Term Trends in International Security; and the Future of Intelligence Collection and Analysis. Samantha received her PhD in Policy Analysis from the RAND Graduate School and her MCP/BSE from the Wharton School at the University of Pennsylvania.

---
https://www.linkedin.com/in/samantha-ravich-7b5aa08b/

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e169

This week we dive into the hot topic of cyber insurance with Dr. Josephine Wolff, Associate Professor of Cybersecurity Policy at Tufts University The Fletcher School and author of the book “You’ll See This Message When it is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches” (MIT Press 2018). We explore the dynamic industry of cyber insurance and key policy areas such as defining cyber war, the impact of the increase of ransomware the last two years (some stats put it at 150% increase!), and how to change security behaviors. She also shares insights on AI and the always looming theme of bias as well as the importance of always keeping a human in the loop. And, be sure to look out for her new book on cyber insurance with MIT Press coming out in August 2022.

Josephine Wolff - Associate Professor of Cybersecurity Policy at Tufts University's The Fletcher School

Josephine Wolff is an associate professor of cybersecurity policy and has been associated with The Fletcher School at Tufts University since 2019. Her research interests include international Internet governance, cyber-insurance, security responsibilities and liability of online intermediaries, government-funded programs for cybersecurity education and workforce development, and the legal, political, and economic consequences of cybersecurity incidents. Her book "You'll See This Message When It Is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches" was published by MIT Press in 2018. Her writing on cybersecurity has also appeared in Slate, The New York Times, The Washington Post, The Atlantic, and Wired. Prior to joining Fletcher, she was an assistant professor of public policy at the Rochester Institute of Technology and a fellow at the New America Cybersecurity Initiative and Harvard's Berkman Klein Center for Internet & Society. She received received a Ph.D. in Engineering Systems and M.S. in Technology and Policy from MIT, and an A.B. in mathematics from Princeton. As a student, she also spent time at Microsoft, the Center for Democracy and Technology, the White House Office of Science and Technology Policy, and the Department of Defense.

https://www.linkedin.com/in/josephine-wolff-1baa414b/

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e168

This week Leonard Bailey, Head of Computer Crime and Intellectual Property Section’s (CCIPS) Cybersecurity Unit for the Department of Justice (DOJ), Criminal Division, joins us this week. We dive into the role of the DOJ in addressing the vast and ever-changing landscape of cybersecurity. Bailey shares insights on partnering with federal agencies as well as the private sector, navigating information sharing pathways, evolution of incident and cyber threat reporting procedures, and the recent release of the Harmonization of Cyber Incident Reporting to the Federal Government. He also helps debunk information sharing myths and spotlights available tools and benefits of cyber threat information disclosure.

Leonard Bailey

The Head of Computer Crime and Intellectual Property Section’s (CCIPS) Cybersecurity Unit and Special Counsel for National Security in the Department of Justice’s (DOJ) Criminal Division. He has prosecuted computer crime cases and routinely advised on cybersecurity, searching and seizing electronic evidence, and conducting electronic surveillance. He has managed DOJ cyber-policy as Senior Counselor to the Assistant Attorney General for the National Security Division and then as an Associate Deputy Attorney General. He has also served as Special Counsel and Special Investigative Counsel for DOJ’s Inspector General. Bailey is a graduate of Yale University and Yale Law School. He has taught law courses at Georgetown Law School and Columbus School of Law in Washington, DC.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e267

Forcepoint CEO Manny Rivelo joins the podcast this week to share perspective on what’s security in 2022 and beyond. Did you know hacking is really big business – money from attacks is equivalent to the world’s third largest economy, behind the U.S. and China. As hackers are innovating faster businesses are struggling to keep up. He shares insights on how the industry can help organizations can get past the conga line of security tools and moving at digital speed. And he shares perspective on the criticality of putting security at the center of design thinking and making security equal to connectivity, along with thoughts on hot topics today including the metaverse and Web3.

Manny Rivelo, CEO, Forcepoint

Manny Rivelo is the Chief Executive Officer (CEO) at Forcepoint. As Forcepoint CEO, Rivelo drives the company’s strategy to accelerate enterprise and government agency adoption of a modern approach to security that embraces the emerging Secure Access Service Edge (SASE) architecture. According to Gartner, more than 40 percent of enterprises will embrace SASE by 2024.

Rivelo brings to Forcepoint more than 30 years of experience across executive leadership, product management, customer support and sales functions with some of the world’s leading security and information technology companies. Rivelo joined Forcepoint from global investment firm Francisco Partners Consulting where he served as Senior Operating Partner. Prior to Francisco Partners, he was Chief Customer Officer at Arista Networks, where he was responsible for the company’s global sales and field marketing functions. Previously he also served as President & CEO of AppViewX, a low-code infrastructure automation provider.

Additional senior leadership roles included F5 Networks where he served as President and CEO as well as Executive Vice President, Security, Service Provider and Strategic Solutions responsible for launching and driving new market adjacencies in Security and Service Providers, Product Management, Marketing, and Business / Corporate Development. Prior to F5 Networks, Rivelo held various senior leadership roles at Cisco Systems including Senior Vice President of the Engineering and Operations group. While at Cisco, he oversaw roles in sales and multiple businesses, drove technical solution requirements for Cisco customers of all sizes and was responsible for operational excellence, standardization around processes and tools as well as enabling new business models.

Rivelo is currently a Director at Sandvine, Outdoorsy, WootCloud, Valtix and Fashwire. He holds bachelor’s and master’s degrees in Electrical Engineering from the Stevens Institute of Technology.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e167

This week Noam Maital, CEO and Co-founder of Waycare Technologies, a subsidiary of Rekor, joins us to share insights on a topic we haven’t yet covered on the podcast – shaping the future of city mobility. Imagine the significant amount of data aggregation and synthesis through AI critical in the management of our roadways, traffic flow and emergency response – that also helps power and draw data from many of the mobile and in-car maps we utilize today. Noam paints a picture of the data explosion coming the next few years as more and more smart and autonomous vehicles come online – expected to generate around 4TB of data daily – and the security of that data needs to be planned for today. And yes, the growing ransomware in traffic management threat we also discuss!

Noam Maital, Co-Founder and CEO, Waycare

Noam Maital is the CEO and a Co-Founder of Waycare Technologies. Prior to WayCare, Noam led global strategy projects in technology implementation, growth strategy, and financial due diligence. Noam holds a BSc, Summa Cum Laude, from Babson College with a dual degree in Economics and Strategic Management. Prior to his studies, Noam served as a First Sergeant in the Israeli Special Forces.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e166

Welcome to the end of 2021 episode where Eric and Rachael recap highlights from guests throughout the year hitting on the key topics that dominated the headlines including Log4Shell, Sunburst, Colonial Pipeline, ransomware growth trends, the Biden Executive Order of May 12th, Zero Trust, and the many award-winning books published such as by NY Times’ Nicole Perlroth, Sheera Frenkel and Cecilia Kang. They also share a preview of 2022 topics to come including the cryptomining, the metaverse, Web3 and more.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e165

Back from the archives! This week we're spotlighting one of our favorite episodes in Summer 2021 with The New York Times journalist Nicole Perlroth where she shares insights from her decade long research for her book "This is How They Tell Me the World Ends". (FORMERLY EPISODE 138) This week Nicole Perlroth, award-winning journalist for The New York Times and best-selling author of “This Is How They Tell Me The World Ends” joins the podcast to discuss her decade long journey covering cybersecurity and many terrifying discoveries navigating through the underbelly of the secretive cyberweapons market. She shares insights on the importance of making cyber understanding and awareness accessible to all audiences. And she details the many challenges governments and society face today as cyberattacks continue to ratchet up in scope of disruption and financial rewards with no consequences as we collectively wait for “the big event” that will be the forcing function to drive needed investment, global cooperation, and changed behaviors to truly take some of the advantage out of attackers’ hands.

Nicole Perlroth, Journalist, Cybersecurity and Digital Espionage & Author "This Is How They Tell Me The World Ends"

Nicole Perlroth covers cybersecurity and digital espionage for The New York Times. She has covered Russian hacks of nuclear plants, airports, and elections, North Korea's cyberattacks against movie studios, banks and hospitals, Iranian attacks on oil companies, banks and the Trump campaign and hundreds of Chinese cyberattacks, including a months-long hack of The Times. Her first book, “This Is How They Tell Me The World Ends,” about the global cyber arms race, will publish in February 2021. The book, and several of her Times articles, have been optioned for television.

A Bay Area native, Ms. Perlroth is a guest lecturer at the Stanford Graduate School of Business and a graduate of Princeton University and Stanford University.

https://www.linkedin.com/in/nicoleperlroth/

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e214

Dr. Richard Ford, Chief Technology Officer at Praetorian joins us on the podcast this week to share perspective on Log4Shell that's been making the headlines in recent weeks. He explains why this is the worst zero-day vulnerability the industry has seen in the last ten years, what makes it special and how Log4j's ubiquity in the java world will keep it around for a long time to come. He shares insights from the trenches on how to mitigate and warns why scanners are not proving reliable for catching everything. And he provide recommendations on how to get to ahead of the next zero day vulnerability lurking in the wings.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e164

Joining us from the fantastic vista of Monaco is Mark Arena, CEO at Intel 471 – and he has a great story to tell about the origins of the company name! He also breaks down the ransomware threat over the last couple decades and how they have evolved with the availability of new, faster, better technology as well as a business acumen in creating affiliate programs and Ransomware-as-a-Service. And he shares insights on cryptomixing as yet another path ransomware gangs can utilize to anonymize their ransom bounties received. (HINT: this is more like money laundering of cryptocurrency) So many great insights in this episode – including the importance of boots on the ground - you don’t want to miss it!Joining us from the fantastic vista of Monaco is Mark Arena, CEO at Intel 471 – and he has a great story to tell about the origins of the company name! He also breaks down the ransomware threat over the last couple decades and how they have evolved with the availability of new, faster, better technology as well as a business acumen in creating affiliate programs and Ransomware-as-a-Service. And he shares insights on cryptomixing as yet another path ransomware gangs can utilize to anonymize their ransom bounties received. (HINT: this is more like money laundering of cryptocurrency) So many great insights in this episode – including the importance of boots on the ground - you don’t want to miss it!

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e163

This week Chris Krebs, founding partner of Krebs Stamos Group and the first Director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) joins the podcast this week. He shares insights on ransomware trend lines, policy discussions, and streamlining the government engagement process for the private sector. He also shares perspective on risk (HINT: you can manage it but not eliminate it), how we can’t attack our way out of the cyber problem, the Information Assurance Directorate, why multi-factor authentication is critical (99% success rate!), and so much more. You don’t want to miss this timely discussion on the future of security.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e162

This week Dragos CEO and co-founder Rob Lee joins the podcast and breaks down the OT challenge that many businesses are facing today including a lack of clarity on who within the business owns OT and defining what acceptable OT risk means within the business. He also shares perspective on multi-factor authentication as one of the universal controls, the industry + geopolitical aspect of managing risk, and shifting the lens to think about the IP threat from the operator POV. And he shares insights on the Salt Water Project and what can happen when thinking through OT impact + the art of the possible.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e161

This week we catch up with Dmitri Alperovitch, co-founder of the think tank Silverado Policy Accelerator (SPA) and co-founder of Crowdstrike. He shares details on the newly launched Alperovitch Institute at the Johns Hopkins School of Advanced International Studies offering MA-PhD programs that intertwine cybersecurity and statecraft giving students the opportunity to study adversaries’ unique motivations, capabilities and histories. We also discuss the key policy areas that SPA is focusing on including cyber trade and industrial security and eco-sec as we consider the impact and future of security. He also breaks down the CHIPS Act, why offensive strategies are important and their potential psychological impact on cyber gangs, and how cryptocurrency exchange sanctions could impact the financial incentive of ransomware gangs. On December 7th at 9:00 a.m. ET be sure to tune into SPA’s moderated discussion, led by Alperovitch and a panel of lawmakers and policy experts discussing the national security challenges stemming from America's dependence on East Asia for semiconductor manufacturing. More details are at silverado.org/events.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e160

Curt Dukes, Executive Vice President and General Manager for Security Best Practices at the Center for Internet Security (CIS) joins the podcast this week. He shares insights from his more than 30 years with the NSA and how that journey led to the CIS and the synergies between the two organizations in providing cyber resources and fostering threat intelligence information sharing. And for those not familiar with the CIS he provides a great primer on this vital organization started 20 years ago by a group of private industry and government individuals who saw the escalating cyber threat landscape ahead and decided to organize and do something about it to make the connected world a safer place. And you don’t want to miss his perspective on multi-factor authentication and its 99% success rate.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e158

Stacy is a self starter with a passion for cyber security. Co-Founder of Connected Transport Business Unit at Irdeto. Evangelist and active speaker on cyber security for the connected transportation space. Strong and demonstrated Stacy Janes, Head of Security at Waymo

technical history in cyber security areas such as PKI, authentication/authorization, end-point security and ethical hacking. Proven history of building teams to solve difficult industry problems. 

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e266

Dr. Andrew Hammond, Historian and Curator of the International Spy Museum joins us this week - and let’s be honest he has just about the coolest job out there today! Hammond takes us through the classic period of espionage and the reliance on physical data and spycraft techniques to transport through to the modern day battlefield of cyber intelligence and espionage. And he provides insights on the historical throughlines of attacks that haven’t really changed over the centuries, by and large what is being sought is the same it is simply the mechanism by which exploits are executed have evolved. He also lends perspective on the cyber threat landscape ahead, and asks is this the dreadnought moment?

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e158

Mike Watson, CISO for the Commonwealth of Virginia, joins the podcast this week and shares perspective on the challenges and opportunities for security teams at the state and local level. He recounts a 2009 ransomware incident and details just how sophisticated ransomware attackers have become in the ensuing years since. And he provides perspective on shared responsibility, security standards and compliance baselines of “good”, walking the fine line of multi-factor authentication, security ubiquity, and why he has optimism for the security path ahead (HINT: it involves security as part of the process, not bolted on after the fact).

Mike Watson, CISO, Commonwealth of Virginia

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e157

This week we catch up with Matthew Ferraro an attorney at the international law firm Wilmer Cutler Pickering Hale and Dorr and former intelligence officer. He has written extensively on national security and legal issues and most recently authored the CNN opinion piece “Ransomware attacks are about to get worse. But there are ways to stop them”. He shares with us perspective on the role of governance in the continued pursuit to thwart ransomware groups which can feel like a “whack a mole” battle. He also dives into the growing deepfakes as a service business and the differences between “the liar’s dividend” and “the zealot’s dividend”. Be sure to read his CNN op-ed on the growing ransomware threat here: https://www.cnn.com/2021/09/13/perspectives/ransomware-attacks-cybersecurity/index.html

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e156

This week our special guest is Sudhakar Ramakrishna, President and Chief Executive Officer of SolarWinds. He shares insights from his first year at the company, joining at a very dynamic time as news of the Sunburst attack first started making headlines. He provides perspective on what we consider a master class in leading through crisis – putting employees and customers first, the importance of transparency, continuous and two-way communications (even when you don’t have all the answers) and building a culture of trust. And why through his many years in security he is still a stubborn optimist for the security path ahead – with people being a critical part of the solution.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e155

This week we welcome guest Combiz Abdolrahimi, a national security lawyer and Emerging Technology and Innovation Leader at Deloitte. We deep dive into today’s critical infrastructure vulnerabilities and navigating the path forward to address the threat with systems that weren’t originally designed with cybersecurity in mind. (Hint: don’t approach 21st century cyber challenges with 20th century thinking) And he shares perspective from his time in government at the U.S. Departments of State, Treasury, and Commerce, among others, as well as insights across today’s hot topic themes including ransomware, cryptocurrency regulations, international enforcement, and the criticality of information sharing and reporting requirements.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e154

Joining us this week is Danny Jenkins, CEO and Co-founder of ThreatLocker, an Orlando-based cybersecurity firm providing zero-trust endpoint security. Danny shares insights on the challenges facing critical infrastructure, particularly water systems that continue to be targeted with today’s latest headline grabbing financial + idealogical threat of ransomware. And he poses the question, “Will we get to a point where we have to stop drinking tap water?” He also provides perspective around the nuances of compliance (note: listen for the motorcyclist example!) versus regulation and getting on a path to proactive versus reactive security while moving to a collective mindset of ‘what can I do to improve security this week’? And you don’t want to miss ThreatLocker’s must read report on protecting water infrastructure from cyber attacks available here on our show notes at https://www.forcepoint.com/govpodcast/e153

Want to know what this week’s episode title means? Listen to our two-part episode with Juan Andrés Guerrero Saade (aka JAGS), principal researcher at SentinelOne and Adjunct Professor of Strategic Studies at Johns Hopkins School of Advanced International Studies (SAIS). JAGS takes us on an exciting and educational ride through his research efforts on Moonlight Maze, one of the first widely known cyber espionage campaigns in world history, and how he came to be a featured hologram in the International Spy Museum in Washington, D.C. He also shares insights on the epic trolling endeavor through the recent “Meteor Express” wiper attack of an Iranian railway and possible ties to early versions of Stardust and Comet malware. And you won’t want to miss his perspective on monetization, Linux flying below the radar, why it’s important to get more savvy in determining what you want from vendors and how a philosophy major found his way into the threat intel space.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e152

Want to know what this week’s episode title means? Listen to our two-part episode with Juan Andrés Guerrero Saade (aka JAGS), principal researcher at SentinelOne and Adjunct Professor of Strategic Studies at Johns Hopkins School of Advanced International Studies (SAIS). JAGS takes us on an exciting and educational ride through his research efforts on Moonlight Maze, one of the first widely known cyber espionage campaigns in world history, and how he came to be a featured hologram in the International Spy Museum in Washington, D.C. He also shares insights on the epic trolling endeavor through the recent “Meteor Express” wiper attack of an Iranian railway and possible ties to early versions of Stardust and Comet malware. And you won’t want to miss his perspective on monetization, Linux flying below the radar, why it’s important to get more savvy in determining what you want from vendors and how a philosophy major found his way into the threat intel space.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e151

Joe Marks, reporter for The Washington Post’s daily newsletter Cybersecurity 202 covering the policy and politics of cybersecurity joins us this week. He takes us behind the scenes of his many years covering cybersecurity and policy sharing insights behind the stories, the reporting process and journalism in the age of dis/misinformation. He also shares perspective on key moves made by CISA in bringing election and security groups together and the ticking clock for government investment in cybersecurity to shore up defenses of federal agencies and to modernize state and local governments that are increasingly the target of ransomware and other disruptive to way of life attacks.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e150

Sheera Frenkel covers cybersecurity from San Francisco for the New York Times. Previously, she spent over a decade in the Middle East as a foreign correspondent.Sheera previously worked for the Times of London, McClatchy and NPR, where her fluency in Hebrew and her conversational Arabic helped land stories. She has said that her time as a foreign correspondent aids her coverage of cybersecurity: People are always speaking different languages and their motivations are often unclear.Frenkel and her co-author Cecilia Kang were part of the team of investigative journalists recognized as 2019 Finalists for the Pulitzer Prize for National Reporting. The team also won the George Polk Award for National Reporting and the Gerald Loeb Award for Investigative Reporting.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e149

This week we welcome guest Combiz Abdolrahimi, a national security lawyer and Emerging Technology and Innovation Leader at Deloitte. We deep dive into today’s critical infrastructure vulnerabilities and navigating the path forward to address the threat with systems that weren’t originally designed with cybersecurity in mind. (Hint: don’t approach 21st century cyber challenges with 20th century thinking) And he shares perspective from his time in government at the U.S. Departments of State, Treasury, and Commerce, among others, as well as insights across today’s hot topic themes including ransomware, cryptocurrency regulations, international enforcement, and the criticality of information sharing and reporting requirements.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e265

This week we catch up with Dustin Moody, a Mathematician in the NIST Computer Security Division who shares insights on how he found his way to NIST and cryptography through a love of elliptic curves and their beauty in numbers and patterns. Learn more about the impending quantum revolution and what that means for encryption and what (as well as how long) it takes to develop a post-quantum cryptography standard (hint: it takes several years!). And he gives us a peak into the future of crypto agility and what it’s like working with other countries and their approach to crypto. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e148

Dive into the world of cryptocurrency with this week’s guest Jeff Roberts, executive editor at Decrypt and author of the book “Kings of Crypto: One Start-Up’s Quest to Take Cryptocurrency Out of Silicon Valley and On To Wall Street”. For those that are wondering, Jeff shares that cryptocurrency today is definitely mainstream and while it is still a speculative investment - with big banks getting into the game it may not stay that way for long. (HINT: in the next 10 years, we just may have an FDIC version for cryptocurrency!) He also shares how cryptocurrency such as bitcoin is serving as a nefarious and anonymous currency scapegoat for endeavors such as Silk Road and ransomware, however there are many fantastic applications it can also be used for and countries such as the US/Silicon Valley, South Korea, Switzerland and even China are helping to drive this forward. (Did you know bitcoin is legal tender in El Salvador today?!) And for those interested in his follow-up book, it just may be about currency wars. Stay tuned for more. Learn more about “Kings of Crypto”

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e147

This week we chat on the complexities and opportunities smart cities can deliver in the US and around the globe with guest Chris Teale, reporter at Smart Cities Dive. He’s spent years meeting with government and community leaders on the growth of smart cities and shares thoughts on just how fluid defining what a smart city is today. Learn which cities around the world are leading in the smart city evolution and how a patchwork of state-by-state laws and regulatory frameworks help and/or hinder progress. As well as examples of US cities you may not have expected that can share best practices and lessons learned with cities large and small across the country to help get them on the path to better utilizing technology and digitization to improve essential services (such as trash pick-up) and quality of life. He also shares insights of the ‘hackers as city consultant’ trend and how a federal government playbook for cities could help more cities get smarter, faster. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e146

This week we are joined by World Econopmic Forum’s Head of Governance and Trust Daniel Dobrygowski and Forcepoint Chief Legal Officer John Holmes for a discussion on the changing role of leadership when cyber is the cost of doing business. They share insights from the recently published World Economic Forum report “Principles for Board Governance of Cyber Risk” and historical points in time that today’s leaders can learn from in navigating business through the rapid advancements and innovations of the 4th Industrial Revolution. Read the WEF report here: https://www.weforum.org/reports/principles-for-board-governance-of-cyber-risk
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e145

Buckle up for this week’s episode because it is quite a ride! Greg Crabb, founder of TenEight Cyber and former CISO for the United States Postal Service shares insights from his more than 25 years in law enforcement and bringing cyber criminals to justice. And hear perspective on CISO best practices for a 630k+ employee organization with 43k facilities and 160 million daily delivery points and how he took a 40 person cyber team to 600 in just a few years. Also learn how his team partnered with CISA to secure the 2020 U.S. election, how postal inspectors serve as first responders (hint: anthrax vs cornstarch), the importance of identifying and quantifying risk for your organization today and the DevSecOps opportunity ahead. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e144

This week we have our first guest that successfully swam the English Channel – Sue Daley, Director of Technology and Innovation at techUK. Hear insights from Sue on the mental focus it takes to swim for 23 hours straight, how a singular national vision has helped the UK address the cyber challenge, the opportunity for US and UK collaboration on cyber issues, and key considerations for regulating AI. Sue also dives into the opportunity to embrace AI/ML for addressing online threats, why she’s optimistic for the cyber path ahead (hint: collaboration is key!) and why it will be good to finally have a “queue for the loo”. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e143

This week we pick back up for part two with CERT Division Director Greg Touhill. He shares insights on the mindset change in recent years on the importance in understanding risk and high value assets and where they reside. He also provides perspective for defining resilience, including taking a punch and keep on going, as well as steps for getting ahead of today’s ransomware threat run amok by buying down the risk. To learn more about CERT visit CERT.org. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e142

This week Greg Touhill, Director of CERT Division, joins the podcast to share insights on CERT’s history as the birthplace of cyber and culture of innovation at the center of the cyber universe. He also dives into the importance of the development of a Software Bill of Materials (SBOM), what happens when national leaders shine a light on cyber, why talent with breadth and depth is critical helping move the federal government cyber needle and the building blocks for standing up the federal government’s first CISO office. To learn more about CERT visit CERT.org. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e141

Cybersecurity is an industry rife with paradoxes and trying to get ahead of today’s vast threat landscape can feel like an endless loop of Penrose steps. This week’s guest Marilise de Villiers, co-founder and CEO of ROAR Consulting & Coaching shares insights on how to break the vicious cycle in an industry where the burn out struggle is real - particularly during the last year as the line between work and home vanished. Marilise shares details for building a personal toolkit for success that not only helps individuals build resilience but can also help organizations shape cultures that support security-first mindsets that truly make your people the strongest front line of security defense. Key to success? Defining what good looks like and redefining winning when winning is seemingly impossible. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e140

This week Eric and Rachael get To The Point on the latest cybersecurity headlines such as Colonial Pipeline, ransomware and the double extortion trend and the new Biden Executive Order on improving the nation's cybersecurity. And a new Gartner report this month noting cyber spending will grow to $150 Billion this year, yet cloud security is the most under invested category. And, the cyber industry in the US has more than 500,000 job openings and when starting salaries are up to $90k why aren't more people pursuing a career in what is by far the most exciting industry in the years ahead. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e139

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e264

Award-winning blogger, researcher, podcaster and man who coined the phrase “the cloud is just someone else’s computer”, Graham Clulely joins this week’s podcast to discuss the many ironies in cyber today. And he deep dives into the reward system that social networks deliver for creating tribes as well as the cultural chasm being driven through misinformation, disinformation and deepfakes today and the criticality of discourse with people of differing positions. He also shares the winning formula for his wildly popular, funny and informative podcast “Smashing Security” and why he’s skeptical of future predictions such as predicting what scares you about what the next decade in cyber will bring. Can that even be predicted?! For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e138

Buckle up for this week’s fast-paced podcast discussion with Lance James, CEO of Unit 221B (note: you get three guesses what this is a reference to –or, listen to the podcast to learn more!). Lance takes us on the wild ride of cyber history including his discovery of the Zeus malware in 2006, how the show Mr. Robot delved into the mind of the hacker, what it takes to understand the adversarial mindset of an attack, and the emergence of psyber (the intersection of data science, psychology and cyber). He also shares perspective on the ongoing AI debate between AI + people and automated AI, the pendulum in dealing with the Internet Age and a cultural defense, and the importance of transparency and training in how we protect and empower employees as the critical first line of defense. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e137

This week Nicole Perlroth, award-winning journalist for The New York Times and best-selling author of “This Is How They Tell Me The World Ends” joins the podcast to discuss her decade long journey covering cybersecurity and many terrifying discoveries navigating through the underbelly of the secretive cyberweapons market. She shares insights on the importance of making cyber understanding and awareness accessible to all audiences. And she details the many challenges governments and society face today as cyberattacks continue to ratchet up in scope of disruption and financial rewards with no consequences as we collectively wait for “the big event” that will be the forcing function to drive needed investment, global cooperation, and changed behaviors to truly take some of the advantage out of attackers’ hands. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e136