The Security Ledger Podcasts

In this episode of the podcast, I speak with Window Snyder, the founder and CEO of Thistle Technologies about the (many) security challenges facing Internet of Things (IoT) devices and her idea for making things better: Thistle’s platform for secure development and deployment of IoT devices. The post Episode 250: Window Snyder of Thistle on Making IoT Security Easy appeared first on The Security Ledger with Paul F. Roberts. Related Stories Spotlight: Traceable CSO Richard Bird on Securing the API EconomyEpisode 249: Intel Federal CTO Steve Orrin on the CHIPS Act and Supply Chain SecurityForget the IoT. Meet the IoZ: our Internet of Zombie things

In this Spotlight episode of the Security Ledger podcast, I interview Richard Bird, the CSO of the firm Traceable AI about the challenge of securing application programming interfaces (APIs), which are increasingly being abused to steal sensitive data. The post Spotlight: Traceable CSO Richard Bird on Securing the API Economy appeared first on The Security Ledger with Paul F. Roberts. Related Stories Episode 250: Window Snyder of Thistle on Making IoT Security EasyEpisode 247: Into the AppSec Trenches with Robinhood CSO Caleb SimaEpisode 249: Intel Federal CTO Steve Orrin on the CHIPS Act and Supply Chain Security

Paul speaks with Steve Orrin, the Federal CTO at Intel Corp about representing Intel and its technologies to Uncle Sam and the impact of the CHIPS Act a massive new federal investment in semiconductors. The post Episode 249: Intel Federal CTO Steve Orrin on the CHIPS Act and Supply Chain Security appeared first on The Security Ledger with Paul F. Roberts. Related Stories The surveys speak: supply chain threats are freaking people outEpisode 250: Window Snyder of Thistle on Making IoT Security EasyForget the IoT. Meet the IoZ: our Internet of Zombie things

In this Spotlight episode of the Security Ledger podcast, I interview Itsik Kesler, the CTO of the threat intelligence firm Kela about the evolution of threat intelligence and findings from the company’s latest State of Cybercrime Threat Intelligence report. The post Spotlight: Making the Most of Cyber Threat Intelligence with Itsik Kesler of KELA appeared first on The Security Ledger with Paul F. Roberts. Related Stories Cyberattacks on Industrial Control Systems Jumped in 2022Forget the IoT. Meet the IoZ: our Internet of Zombie thingsBeware: Images, Video Shared on Signal Hang Around

In this episode of the Security Ledger Podcast, Paul speaks with Jill Moné-Corallo, the Director of Product Security Engineering Response at GitHub. Jill talks about her journey from a college stint working at Apple’s Genius bar, to the information security space - first at product security at Apple and now at GitHub, a massive development platform that is increasingly in the crosshairs of sophisticated cyber criminals and nation-state actors. The post Episode 248: GitHub’s Jill Moné-Corallo on Product Security And Supply Chain Threats appeared first on The Security Ledger with Paul F. Roberts. Related Stories The surveys speak: supply chain threats are freaking people outEpisode 250: Window Snyder of Thistle on Making IoT Security EasyResearcher finds malicious packages lurked on npm for months

Paul speaks with Caleb Sima, the CSO of the online trading platform Robinhood, about his journey from teenage cybersecurity phenom and web security pioneer, to successful entrepreneur to an executive in the trenches of protecting high value financial services firms from cyberattacks. The post Episode 247: Into the AppSec Trenches with Robinhood CSO Caleb Sima appeared first on The Security Ledger with Paul F. Roberts. Related Stories Spotlight: Traceable CSO Richard Bird on Securing the API EconomyEpisode 250: Window Snyder of Thistle on Making IoT Security EasyEpisode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPass

I interview Jack Naglieri, CEO of Panther about the failures of the current SIEM technology and the need for what Naglieri terms “detection engineers." The post Spotlight: SIEMs suck. Panther is out to change that. appeared first on The Security Ledger with Paul F. Roberts. Related Stories What’s the Future of Detection Teams? Five Predictions for What Lies Ahead Cyberattacks on Industrial Control Systems Jumped in 2022Episode 248: GitHub’s Jill Moné-Corallo on Product Security And Supply Chain Threats

Getting a start-up off the ground isn’t easy in the best of times. Now imagine doing it just as a global pandemic is shutting down society...and the economy. Our guest this week, Josh McCarthy of Revelstoke Security, did it and lived to tell the tale. The post Episode 246: SOARing out of Lockdown with Revelstoke Security appeared first on The Security Ledger with Paul F. Roberts. Related Stories Episode 250: Window Snyder of Thistle on Making IoT Security EasySpotlight: Traceable CSO Richard Bird on Securing the API EconomyEpisode 249: Intel Federal CTO Steve Orrin on the CHIPS Act and Supply Chain Security

Six decades in, password use has tipped into the absurd, while two-factor authentication is showing its limits. We talk with Matt Salisbury of Honeybadger HQ, which is using AI and machine learning to re-imagine knowledge-based authentication. The post Episode 245: How AI is remaking knowledge-based authentication appeared first on The Security Ledger with Paul F. Roberts. Related Stories Spotlight: Traceable CSO Richard Bird on Securing the API EconomyEpisode 250: Window Snyder of Thistle on Making IoT Security EasyEpisode 247: Into the AppSec Trenches with Robinhood CSO Caleb Sima

In this episode of the Security Ledger podcast, brought to you by ReversingLabs, we interview Danny Adamitis (@dadamitis) of Black Lotus Labs about the discovery of ZuoRAT, malware that targets SOHO routers – and is outfitted with APT-style tools for attacking the devices connected to home networks. As always, you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and Spotify. Or, check us out on Google Podcasts, Stitcher, Radio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted. [MP3] Cyber attacks on small office and home office (or SOHO) routers aren’t new. Back in 2016, the malware known as Mirai made headlines across the world by infecting hundreds of thousands of weekly protected SOHO routers and DVR devices and stringing them into […] The post Episode 244: ZuoRAT brings APT Tactics to Home Networks appeared first on The Security Ledger with Paul F. Roberts. Related Stories Episode 250: Window Snyder of Thistle on Making IoT Security EasyForget the IoT. Meet the IoZ: our Internet of Zombie thingsEpisode 241: If Its Smart, Its Vulnerable a Conversation with Mikko Hyppönen

Paul talks with Chris Hoff the Chief Secure Technology Officer at LastPass about the CSTO role and the security implications of “software eating the world.” The post Episode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPass appeared first on The Security Ledger with Paul F. Roberts. Related Stories Episode 248: GitHub’s Jill Moné-Corallo on Product Security And Supply Chain ThreatsSpotlight: Traceable CSO Richard Bird on Securing the API EconomyMalicious Automation is driving API Security Breaches

In our latest podcast, Paul caught up with Sick Codes (@sickcodes) to talk about his now-legendary presentation at the DEF CON Conference in Las Vegas, in which he demonstrated a hack that ran the Doom first person shooter on a John Deere 4240 touch-screen monitor. The post Episode 242: Hacking the Farm (and John Deere) with Sick Codes appeared first on The Security Ledger with Paul F. Roberts. Related Stories DEF CON DOOM Patrol: Deere Jailbreak Raises Questions on Security,...

We speak with Mikko Hyppönen on the sidelines of the DEF CON Conference in Las Vegas to talk about his new book, “If its Smart it Vulnerable." The post Episode 241: If Its Smart, Its Vulnerable a Conversation with Mikko Hyppönen appeared first on The Security Ledger with Paul F. Roberts. Related Stories Episode 241: If Its Smart, Its Vulnerable a Conversation wit Mikko HyppönenForget the IoT. Meet the IoZ: our Internet of Zombie thingsCES Overlooks New Report That Finds Auto Cyber Is A...

In this episode of the podcast (#240) Lauren Zabierek, the Executive Director for the Cyber Project at the Belfer Center at Harvard’s Kennedy School joins us to talk about the need for a re-think of national cybersecurity preparedness, as major hacks like the attack on Colonial Pipeline put the focus on resilience and public safety. The post Episode 240: As Stakes Grow, Cyber Policy Needs to “Shift Right”? appeared first on The Security Ledger with Paul F. Roberts. Related...

Naomi Yusupov, a Chinese Intelligence Analyst at the threat intelligence firm CyberSixGill talks to host Paul Roberts about that company’s new report: The Bear and the Dragon: Analyzing the Russian and Chinese Cybercriminal Communities. The post Episode 239: Power shifts from Russia to China in the Cyber Underground appeared first on The Security Ledger with Paul F. Roberts. Related Stories Episode 244: ZuoRAT brings APT Tactics to Home NetworksEpisode 238: Robots Are The Next Frontier...

In this episode of the podcast (#238) we speak with Daniel Brodie, the CTO at the firm Cynerio. about his firm’s discovery of a string of critical security flaws in an autonomous medical robot, TUG, that is already deployed in hundreds of clinical settings and the growing issue of medical device insecurity and cyber risks to healthcare providers. The post Episode 238: Robots Are The Next Frontier In Healthcare Cyber Risk appeared first on The Security Ledger with Paul F. Roberts. Related...

The hack of Beanstalk is just the latest major compromise of a decentralized finance (DeFi) platform. In this podcast, Jennifer Fernick of NCC Group joins me to talk about why DeFi’s security woes are much bigger than Beanstalk. The post Episode 237: Jacked on the Beanstalk – DeFi’s Security Debt Runs Wide, Deep appeared first on The Security Ledger with Paul F. Roberts. Related Stories Episode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPassEpisode 241: If Its...

we sit down with Christian Sorenson, the former lead of the international cyber warfare team at US Cyber Command and CEO of cybersecurity firm, SightGain, to talk about what we’ve learned so far from Russia’s war in Ukraine, and what may be coming next. The post Episode 236: Cyberwar Takes A Back Seat In Ukraine (For Now) appeared first on The Security Ledger with Paul F. Roberts. Related Stories Episode 240: As Stakes Of Attacks Grow, Can Cyber Policy “Shift Right”?Episode 239: Power...

In this episode of the podcast (#235) Justine Bone, the CEO of Medsec, joins Paul to talk about cyber threats to healthcare organizations in the age of COVID. Justine’s firm works with hospitals and healthcare organizations to understand their cyber risk and defend against attacks, including ransomware. The post Episode 235: Justine Bone of MedSec on Healthcare Insecurity appeared first on The Security Ledger with Paul F. Roberts. Related Stories Episode 238: Robots Are The Next...

In this episode of the podcast (#234) US Representative Jim Langevin (D-RI), joins Paul to talk about the flurry of legislation passed on Capitol Hill in recent months to boost the U.S.’s cyber defenses. The post Episode 234: Rep. Jim Langevin on Cyber Policy in an Age of Political Polarization appeared first on The Security Ledger with Paul F. Roberts. Related Stories Episode 240: As Stakes Of Attacks Grow, Can Cyber Policy “Shift Right”?Episode 238: Robots Are The Next Frontier In...