The Security Ledger Podcasts-logo

The Security Ledger Podcasts

Technology Podcasts >

More Information

Location:

United States

Language:

English

Contact:

6178170198


Episodes

Podcast Episode 113: SAP CSO Justin Somaini and Election Hacks – No Voting Machines Required!

9/25/2018
More
Everybody worries about hacked voting machines. But an exercise in Boston last week showed how hackers can compromise the vote without ever touching an election system. Also: October is just around the corner and that means Cyber Security Awareness Month is upon us. So what are top cyber security professionals “aware of” these days? We talk with Justin Somaini the Chief Security Officer at SAP to find out. The post Podcast Episode 113: SAP CSO Justin Somaini and Election Hacks – No Voting...

Duration:00:43:29

Podcast Episode 112: what it takes to be a top bug hunter

9/17/2018
More
In this week’s episode (#112): top bug hunters can earn more than $1 million a year from “bounties” paid for information on exploitable software holes in common platforms and applications. What does it take to be among the best? We talk with Jason Haddix of the firm Bug Crowd to find out. Also: The Internet Society’s Jeff Wilbur talks about the new #GetIoTSmart campaign to educate device makers and the public about Internet of Things security. Will Hunt Bugs for Cash As recently as 15 or 20...

Duration:00:39:54

Spotlight Podcast: Flashpoint’s Allison Nixon on SIM Swapping and the Looming Online Identity Crisis

9/12/2018
More
Your smart phone does double and triple duty: letting you do banking, buy a cup of coffee, board a plane or access a sensitive online account. But that doesn’t mean that your phone number is equally as trustworthy. In this Spotlight Podcast, we speak with Flashpoint* head of research Allison Nixon about how a recent rash of SIM swapping attacks highlights a looming crisis in online identity. The risks of using phone numbers as a form of identity are on vivid display, amid reports of...

Duration:00:19:08

Podcast Episode 111: Click Here to Kill Everybody and CyberSN on Why Security Talent Walks

9/10/2018
More
In this week’s podcast (episode #111), sponsored by CyberSN: what happens when the Internet gets physical? Noted author and IBM security guru Bruce Schneier joins us to talk about his new book on Internet of Things risk: Click Here to Kill Everybody. Also: everyone knows that cyber security talent is hard to come by, and even harder to keep. But why does precious cyber talent walk? In our second segment, we’re joined by Deidre Diamond of cyber security placement firm CyberSN, who has all the...

Duration:00:59:09

Podcast Episode 110: Why Patching Struts isn’t Enough and Hacking Electricity Demand with IoT?

8/27/2018
More
In this week’s episode (#110): the second major flaw in Apache Struts 2 in as many years and has put the information security community on alert. But is this vulnerability as serious as the last, which resulted in the hack of the firm Equifax? We talk with an expert from the firm Synopsys. And: we’ve heard a lot about the risk of cyber attacks on the critical infrastructure used to generate and distribute electricity. But what would happen if someone figured out to how to hack electricity...

Duration:00:33:38

Spotlight Podcast: Arctic Wolf on Nurturing Talent for the Evolved SOC

8/22/2018
More
In this Spotlight Podcast, sponsored by Arctic Wolf Networks: sessions at this month’s Black Hat Briefings on PTSD and substance abuse among security workers are proof that the high pressure, high stakes world of information security can take its toll. So what does it take to find, train and nurture information security pros? Sam McLane, the Chief Technology Services Officer at the firm Arctic Wolf Networks joins us to talk about how his company holds on to top security talent. It wasn’t so...

Duration:00:25:16

Podcast Episode 109: What’s The US Freedom Army? Ask Russia.

8/20/2018
More
In this week’s episode of the Security Ledger Podcast (#109): what lurks in the dark recesses of online information operations? How about a secret “US Freedom Army” linked to Russia? Dave Aitel of Cyxtera joins us to talk about it. Also: hacking critical infrastructure isn’t just for nation states anymore. Cybereason joins us to talk about its recent report on cyber criminals hacking into industrial control systems. Psst! Want to join the Freedom Army? In the wake of the 2016 Presidential...

Duration:00:37:07

Spotlight Podcast: Synopsys’ Dan Lyon on the Challenge of Securing Connected Medical Devices

8/17/2018
More
In this Spotlight Podcast, sponsored by Synopsys: In the wake of a presentation at Black Hat about security flaws in implantable pace maker devices, Synopsys Principal Consultant Dan Lyon joins us to talk about why medical device makers struggle to make their connected medical devices more secure. Dan and I discuss some of the flaws in the approach that medical device makers take to security, and how manufacturers can take a page out of their own book: applying the same standards to cyber...

Duration:00:27:06

Episode 108: DEF CON’s Car Hacking Village and is the Open Source Model Failing on Security

8/14/2018
More
In this week’s podcast (#108), sponsored by CA Veracode: hacker summer camp wrapped up on Sunday, as the 26th annual DEF CON conference concluded at Caesar’s Palace in Las Vegas. Hacks of connected and smart vehicles were a big theme again this year. We sat down with the organizers of DEF CON’s Car Hacking Village to see what was news at this year’s show. Also: open source software has revolutionized the way software gets made, and turbo charged the growth of companies like Facebook and...

Duration:00:33:39

Special Black Hat Coverage: Google’s Parisa Tabriz Says Don’t Be A Jerk

8/10/2018
More
In this special Black Hat edition of the Podcast, sponsored by UL: Parisa Tabriz, Google’s Director of Engineering for the Chrome Web browser, brought some strong medicine to Las Vegas for her Black Hat keynote speech. We talk about why her simple message was so groundbreaking. Also: Ken Modeste of UL joins us from the Black Hat briefings to talk about UL’s efforts to make cyber security as important to consumers in the 21st century as product safety was in the 20th. Don’t be a Jerk:...

Duration:00:29:46

Episode 107: What’s Hot at Black Hat & does DHS need its new Risk Management Center?

8/6/2018
More
In this episode of The Security Ledger Podcast (#107): Hacker Summer Camp takes place in Las Vegas this week as the Black Hat, DEFCON and B-Sides conferences take place. We’re joined by DigiCert Chief Technology Officer Dan Timpson to talk about the presentations that are worth seeing. And, in our second segment, The Department of Homeland Security launched a new Risk Analysis Center that sounds a whole lot like some programs it already runs. Is this bureaucratic overkill or is DHS on to...

Duration:00:46:43

Spotlight Podcast: CSS on why Crypto Agility is the Key to Securing Internet of Things Identities

8/1/2018
More
In this Spotlight Edition of the Security Ledger Podcast: identity is at the root of many of the security problems facing the Internet of Things, from vulnerable and “chatty” endpoints to a lack of robust update and lifecycle management features. To figure out how we might start to build a more secure IoT ecosystem, we invited Judah Aspler, the Vice President of IoT Strategy at Certified Security Solutions, or CSS Security in to talk about how more agile PKI infrastructure is one element...

Duration:00:34:11

Episode 106: Election Trolls Are Afoot. We Talk To The Guy Who Watches Them

7/31/2018
More
In this episode of The Security Ledger Podcast (#106): with the November midterm elections in the U.S. fast approaching, election related shenanigans have already cropped up in connection with contested races in swing states, as well as around “hot button” issues such as gun control and race. To find out what the trolls are trolling about, we speak with Jonathan Morgan, the CEO at the firm NewKnowledge, which provides disinformation defense services for organizations. As July passes into...

Duration:00:23:54

Breaking the Ice on DICE: scaling secure Internet of Things Identities

7/26/2018
More
In this Spotlight Podcast, sponsored by Trusted Computing Group*, Dennis Mattoon of Microsoft Research gives us the low-down on DICE: the Device Identifier Composition Engine Architectures, which provides a means of solving a range of security and identity problems on low cost, low power IoT endpoints. Among them: establishing strong device identity, doing device attestation and safe deployment at scale and verifying software updates. Secure identities are the foundation of secure...

Duration:00:33:19

Episode 105: Is Trolling a Human Rights Abuse? Also: the Do’s and Dont’s of Ransomware Negotiation

7/23/2018
More
In this week’s podcast: a report out last week from The Institute for the Future makes clear that state sponsored trolling has gone global and is now a go-to tool for repressive regimes worldwide, constituting a new form of human rights abuse. Ben Nimmo of The Atlantic Council joins us to discuss. Also: ransomware is one of the most effective forms of online crime. Despite that, many organizations have no formal plan for responding to a ransomware attack: we talk with Thomas Hoffman of the...

Duration:00:42:48

Episode 104: Mueller’s Cyber Eye on the Russian Guys also Reaper Drone Docs Stolen

7/17/2018
More
In this week’s episode of the podcast (#104): the Mueller indictment of 12 Russian GRU operatives for hacking the 2016 presidential election was a bombshell. It was also 30 pages long. We read it so you don’t have to and we’ll talk about the big take aways. Also: when researchers from Recorded Future saw an offer on a dark web marketplace for documentation describing the operation of the US Military’s classified Reaper Drone, they thought it must be a ruse. But they were wrong. We’ll talk...

Duration:00:30:20

Episode 103: On the Voice-Controlled Internet, How Will We Authenticate?

7/10/2018
More
Voice based interfaces are growing in popularity, complexity and influence. But securing these interfaces has, thus far, been an afterthought. If we are destined to interact with the smart systems around us using our voice, how exactly will we manage to authenticate to those devices? In this podcast we speak with Ben Rafferty of the firm Semafone about the challenges of securing voice-based systems. Semafone won the recent PAYMNTS.com Voice Challenge with a way to use Amazon’s Alexa voice...

Duration:00:22:37

Episode 102: Is Blockchain the Foundation for a Secure Internet of Things?

7/2/2018
More
In this episode of the Security Ledger Podcast (#102): we think of blockchain as the immutable and distributed ledger that vouches for crypto currency transactions. But is its real potential as a foundation for a secure Internet of Things? We speak with Vaughan Emery, the CEO of the start-up Atonomi, which markets itself as a secure ledger for Things. The appreciation in the value of crypto currencies such as BitCoin and Ethereum, the attention of entrepreneurs, investors and Wall Street...

Duration:00:25:23

Episode 101: The Dystopian IoT looks a lot like the Printer Ink Aisle and City of Atlanta Employees phished on Rogue Wi-Fi

6/25/2018
More
In this episode of the podcast (#101): will the Internet of Things enable a glorious future of intelligent and subservient “things”? Or will it birth “ink jet nation:” a dystopia of closed and expensive technology silos that use patents, software licensing and lawsuits constrain the use, reuse and repair of connected things? We talk to author and activist Cory Doctorow following to his keynote at last week’s Security of Things Forum. Also: the city of Atlanta has made headlines after a...

Duration:00:53:43

Spotlight Podcast: Why North Korean Summit won’t End Hacking Threat

6/21/2018
More
In this Spotlight Podcast, Jon Condra, the Director of Asia Pacific Research at Flashpoint talks about why U.S. President Donald Trump’s summit with North Korean leader Kim Jong Un won’t put an end to North Korea’s online predation. That is just one conclusion in Flashpoint’s semi yearly Business Risk Intelligence Report. Fresh off a buddy-buddy meeting with Kim Jong Un, the murderous leader of North Korea, the Trump Administration moved this week to abandon the UN Human Rights Council...

Duration:00:25:53