The Cyber Ranch Podcast

Every trail ride ends at the, well, end of the trail. This is the end of the trail for The Cyber Ranch Podcast. Drew and Allan offer final parting thoughts and conduct brief interviews with 3 folks whose presence was vital to the show: Chris Cochran, Ron Eddings, and Rich Salim. It's been an amazing journey and we thank ALL of you who ever listened to even just one snippet of one episode. Y'all stay good now!

Howdy, y’all, and welcome to The Cyber Ranch Podcast. Today we tackle WHY? Why do we have this show? Why do we ask the questions we ask and host the guests we host? Why does any of this matter? More importantly, WHY do we all keep doing the same things over and over, saying the same things over and over, and expecting better results? WHAT can we change? Join Allan Alford, many times CISO, and cybersecurity podcaster of many years now. Joining Allan is Drew Simonis, who has been co-hosting the show now for 21 episodes, and a guest a few times before that. This show is a chance to understand the premise of the show better, to understand Drew better, and to find out why we're all here. Drew's bonafides: Drew joined as co-host because he’s a deep thinker, and because he applies that deep thinking to challenging the status quo. Allan's WHY? Is very simple. We’ve not grown or progressed as an industry in years now. Which means we are clearly doing something wrong. Mostly, IMHO, resting on our laurels, making the same assumptions, trying the same techniques, and not questioning any of it. Drew offers a more nuanced take on the idea of "speaking the language of the business". It's a great show. Y'all be good now!

We have all had a vague sense that our world is being manipulated, informed and fed by various conscious manipulation tactics - influence on political campaigns on social media, culture wars, class wars, etc. But we can glean out the facts and figure out who is telling what story if we embrace a new discipline - Narrative Intelligence. Our guest this week is Joe Stradinger, Founder and CEO of EdgeTheory, who are out to understand and leverage the conversations that shape our world. Specifically, social media campaigns and presences. Think threat intelligence but at a global/sociopolitical level. Joe has been an investor, he has worked in DC, and he has a lot of academic ties as well. His knowledge in this space is immense, and we are tickled pink to have him here at the ‘Ranch. We ask Joe: It's an excellent conversation, well worth a listen. Y'all be good now!

Howdy, y’all, and welcome to The Cyber Ranch Podcast! That’s Jon Green, an experienced CISO but also an experienced CTO. Jon is currently the CSO and CTO at HPE’s Aruba. He’s also a DefCon goon and a Team8 Villager. He’s done the marketing engineer side, the network engineer side… Quite a storied past. We are thrilled to be talking with him about the differences between CSO/CISO and CTO. Jon, thank you so much for joining us at the ‘Ranch! Y'all be good now!

Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest is Thomas Krane, Managing Director at Insight Partners. If you go to Thomas’ LinkedIn page, you will also see that he works with a number of cybersecurity scaleups (we'll define that term). As such, Thomas is uniquely qualified to speak to some trends in the industry. Drew asked Thomas to join us here at the ‘Ranch to discuss quite a few facets of the industry. Thomas, thank you for coming on down to the ‘Ranch! Y'all be good now!

This week Allan attended the HIP Global conference in New Orleans, which happens to be Allan's favorite city in America. The conference was outstanding - no sales pitches, no nonsense, just many experts speaking on the topic of securing identity. Entra ID, Okta, AD folks all were present, and it was amazing. Allan got to interview some AMAZING guests from all walks of identity life, including one gentleman whose pedigree includes a rather critical national role right out the White House... Listen in as Allan asks the following questions (one of which Drew answers too!) Y'all be good now!

In this episode Allan and Drew consult Tim Rohrbaugh, who has done quite a lot of research and work on the practical applications, deployment, use cases and limits of GenAI and LLM. It's a great show and you will most definitely learn a lot! Thank you Tim, thank you, listeners! Y'all be good now!

Howdy, y'all! With American presidential elections already under way, Allan and Drew decided that scrambling to get Kirsten Davies on the show for this week's show (the last one before formal Election Day) was paramount. Kirsten has been on our potential guest list for years now, as she is a multiple-times Fortune 500 CISO. But now Kirsten is CEO and Founder of The Institute for Cyber Civics, a non-partisan non-profit aimed at empowering poll workers and poll volunteers to recognize and deal with cyber attacks on the voting process. Hear about Kirsten's charter, mission, vision, goals and capabilities in this SPECIAL EDITION! episode! Y'all be good now!

Our guest today is Babbette Jackson, aka Technically__Rose of YouTube and Instagram fame! Babbette is in DLP and Insider threat analysis. She has worked in places as far flung as Edward Jones, Juniper Networks, and Bank of America. More importantly, Babbette is quite involved in the intersection of social media and community engagement. How do we use social media to engage others across generations and to and encourage community participation? Allan, Drew and Babbette discuss: It is a wonderful show, and Babbette is a wonderful guest who is willing to share the insights behind her success. Y'all be good now!

Who and what you are, your personality, your style, your thoughts... That’s all about to change. For one thing you are already a product on “free to use” social media. You don’t really own things you think you own (We're looking at you, Steam!) Even your intellectual property is up for grabs now in ways you can’t see coming. Hollywood actors are selling the rights to their digital likenesses, and meanwhile, others are stealing such rights via technological loopholes. All media exists, according to Drew, to draw you towards the advertisements… And your deepfake could be used to do just that to others. Some of these fakes are good enough to fool yourself even. Join Allan and Drew as they interview Sam Rad, a premier futurist and humanist, who freely admits that there is now an inherent tension between those two philosophies. The conversations about the governance, ethics, and security of all this new media and technology are woefully behind the curve. Many members of the TikTok generation has a 4-second attention span and require multiple simultaneous input streams at any given time to feel satisfied. Is this a deliberate attack on the Western human nervous system? Cyberattacks are certainly killing people already, why not go straight for their brains? Are the peasants coming with pitchforks and torches to destroy Frankenstein’s newest monster? How about the striking dockworkers? The terrorists destroying 5G towers? Do peasants with pitchforks ever win? Ned (mistakenly called “Jason” by Allan) Ludd and the Luddites failed in a big way to stop technology from replacing their jobs in the late 1700s (mistakenly referred to as the having happened in the Victorian era by Allan) This show is peppered with others such historical and cultural references such as the cultures and economies in Second Life, Picasso’s mass production of his own paintings, Rousseau’s evolving concepts of property, Mary Shelly and her Frankenstein’s monster, Hegel’s model of “thesis, antithesis, synthesis”, the Butlerian Jihad from the “Dune” series, and William Gibson’s maxim that, “The street finds its uses for things”. We’re not even coping with all of this, and now we have the AI conversation thrust upon us as well… Your content is training data, and can be mimicked with uncanny accuracy as well. Check out Sam’s book, “Radical Next” and her docuseries “Illicit Economies of the Shadowverse” to learn more about the positives and negatives of all of these trends in humanity. Good luck out there. Stay safe. Who you are and what you own is irretrievably altered at this point. Cybersecurity is really just “security” now. But hopefully all this mess will create the next cultural and creative Renaissance. Y'all be safe now...

Jason Shockey, CISO of Cenlar FSB, and 25 year veteran of cybersecurity, has a formula for running an excellent cybersecurity program. He studied a great deal in his various cybersecurity roles before leaping into a CISO role, and the studying paid off! Jason and Allan and Drew discuss the following: ALL in the span of one rapid-fire show! Do give it a listen, as you will learn about many valuable approaches and resources to help your program succeed. Y'all be good now!

Cyber as precursor to kinetic warfare? What about cyber AS warfare? And social media infiltration and propaganda? Join Allan and Drew as they invite Dave Schroeder, a renowned expert in this field, to discuss the active use of cybersecurity and social media as warfare between the Western World and China, Iraq, Russia and North Korea. They cover: This one is very sobering and perhaps the most important show of the year... Y'all be good now!

Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest today is Tim Brown. If you don’t’ know who Tim Brown is, he is the CISO at SolarWinds, and as such, is one of us. Or maybe in a way, he is all of us, really. Tim advises and has held various other roles in the past, including product roles, which our listeners know are well-respected skills down at the 'Ranch. The topic today is cyber regulation. It can range from self-regulation to associations, principles, practices, lobbying – all the way up to full government regulation. What works? What’s required? Topics covered: The call to action is ultimately this: If you don't have a seat at the table, folks will do things to you rather than with you. So get involved! Y'all be good now!

What can we established cybersecurity practitioners ACTUALLY do to help those new in the field besides blathering back and forth about the problem in the echo chamber that is LinkedIn? Drew got the clever idea of inviting three folks who are brand new to the field or barely started on their cyber journey, and, get this: ASKING them what they're experiencing and what they need! Clever, huh? It's an eye-opening show for a CISO. We are join on this week's episode by Amé Venter, May Ferreira, and Bryce Hill, who share their perspectives from their early stages in this field. It's a sobering perspective. To a certain extent, they've all been lied to and led on, and that's all of our faults. Key takeaways: Hewlett Packard Enterprise CISOs, please listen to this show. Please re-think your hiring strategies! Y'all be good now!

Howdy, y’all! Our guest today is Wade Baker, cybersecurity researcher, entrepreneur, professor… Wade is a Board of Directors member of the FAIR Institute, was an Advisory Board Member at the RSA Conference, was VP of Strategy & Risk Analytics at ThreatConnect, and is now Co-Founder of Cyentia Institute, which aims to advance cybersecurity knowledge and practice through data-driven research. Wade joins Drew and Allan to talk about (go figure!) data-driven cybersecurity. The three smash through a lot of assumptions and get to the heart of what is really going on in cybersecurity. Questions covered: Y’all be good now!

Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest is Michael Santarcangelo, Founder and President at Security Catalyst. He’s a former podcaster – co-creator of Business Security Weekly, he even did a stint on Down the Security Rabbit Hole with Raf and James. True fact, hearing Santa (as his friends call him) and Paul Asadoorian on Business Security Weekly is what inspired Allan to become a podcaster in the first place! But "Santa" (as his friends call him) has done the practitioner and the leader things as well, and got his start way back on the Global Security Team at Andersen Consulting… Santa joins Drew and Allan to discuss effective communication… Y'all be good now!

Your organization runs on commercial software far more than it does open source. But all you are delivered is binaries. What is your technical control to ensure that you are safe from this software? Such software is composed of: You need to be able to see it, understand it, probe it for malware, backdoors, corruption, CVEs, KEVs, etc. Well now you can. SBOMs are just the beginning... Allan and Drew are joined by Sasa Zdjelar, Chief Trust Officer at ReversingLabs, who have spent 15 years solving this highly specific and highly challenging problem in cybersecurity. The show is not sponsored by ReversingLabs. Allan and Drew wanted the world to know that they exist, and that this capability is now in-hand... Y'all be good now!

This is our third and final episode of this miniseries. In this episode we are joined by Ross Young, a well-established member of the cybersecurity community with a storied background and penchant for giving back via various means. Ross joins Allan and Drew in exploring the role of technology in the People, Process and Technology triad. Questions covered: Thanks as always for listening. Y'all be good now!

Howdy, y'all! In part two of our three-part miniseries, we tackle Process with Malcolm Harkins. Malcolm is former CISO at Intel, a good friend of Allan's, former Cylance Chief Trust and Security Officer, member of the board of director over at TrustMAPP (where Allan used to be COO), and is now at Hidden Layer, working to secure AI. Hidden Layer did not sponsor this show. Allan, Drew and Malcolm discuss the following: Thank you for listening! Y'all be good now!

Thanks for listening, y'all! Our next show is all about Process (we already did a show on People) and after that comes Technology. Y'all be good now!