Cyber Security Interviews

https://www.linkedin.com/in/danielewood/ (Daniel Wood )is the Associate Vice President of Consulting at https://www.bishopfox.com/ (Bishop Fox), where he leads all service lines, develops strategic initiatives, and has established the Applied Research and Development program. Daniel has over 15 years of experience in cybersecurity and is a subject matter expert in red teaming, insider threat, and counterintelligence. Daniel was previously the manager of security engineering and technology at Bridgewater Associates, where he shaped the strategic direction of technology for the firm and oversaw technical security assessments of Bridgewater’s international office expansions. Daniel has also served in roles supporting the U.S. government in security architecture, engineering, and offensive operations as a Security Engineer and Red Team Leader. He supported the U.S. Special Operations Command (USSOCOM) on red teaming and digital warfare operations, and the U.S. Army on the Wargaming Cyber Effects on Soldiers’ Deci

https://www.linkedin.com/in/jassoncasey/ (Jasson Casey) is the CTO of Beyond Identity, a passwordless identity management provider. He also serves as a Fellow in CyberSecurity with the https://www.csis.org/ (Center for Strategic and International Studies) (CSIS) and the https://nationalsecurity.gmu.edu/ (National Security Institute )(NSI). Previously, Jasson was CTO of https://securityscorecard.com/ (SecurityScorecard), VP of Engineering at https://www.ironnet.com/ (IronNet Cybersecurity), Founder and Executive Director of http://flowgrammable.org/ (Flowgrammable) and Compiled Networks, and served in other technical and executive roles. Jasson received a bachelor’s degree in computer engineering from The University of Texas at Austin and a Ph.D. in computer engineering from Texas A&M University. In this episode, we discuss adjusting to COVID-19, his start in VoIP, third party security management, security without passwords, why you are a target, the role of a CTO, using the right language in security, sta

https://www.linkedin.com/in/johnhammond010/ (John Hammond) is a Security Researcher at https://huntresslabs.com/ (Huntress) as well as a cybersecurity instructor, developer, red teamer, and CTF enthusiast. John is a former https://www.dcita.edu/ (Department of Defense Cyber Training Academy) curriculum developer and teacher for the Cyber Threat Emulation course, educating both civilian and military members on offensive Python, PowerShell, other scripting languages and the adversarial mindset. He personally developed training material and infosec challenges for events such as PicoCTF and the "Capture the Packet" competition at https://www.defcon.org (DEFCON) US. John speaks at security conferences such as http://www.bsidesnova.org/ (BsidesNoVA), to students at colleges such as the University of North Carolina Greensboro, and other events like the https://holidayhackchallenge.com/ (SANS Holiday Hack Challenge/)KringleCon. He is an online https://www.youtube.com/johnhammond010 (YouTube personality) showcasing pr

https://www.linkedin.com/in/david-wong-53170a4/ (David Wong) is a security engineer working on the https://libra.org/en-US/ (libra Blockchain) at Facebook. He is an active contributor to internet standards like Transport Layer Security and to the applied cryptography research community. David is a recognized authority in the field of applied cryptography; he’s spoken at large security conferences like Black Hat and https://def.camp/speaker/david-wong/ (DEF CON) and has delivered cryptography training sessions in the industry. He is the author of the soon-to-be-published https://www.manning.com/books/real-world-cryptography (Real-World Cryptography book). In this episode, we discuss why he focused on cryptography, the evolution of blockchain, his contributions to TLS, the Noise Protocol Framework, quantum computing, why he wrote a book on crypto, presenting and teaching cryptography, sanitizing data, and so much more! Where you can find David: https://www.linkedin.com/in/david-wong-53170a4/ (LinkedIn) https://

https://www.linkedin.com/in/jeff-hussey-a6628a7/ (Jeff Hussey) is the President and CEO of https://tempered.io/ (Tempered). Jeff, the founder of https://www.f5.com/ (F5 Networks), is an accomplished entrepreneur with a proven track record in the networking and security markets. He maintains several board positions across a variety of technology, nonprofit and philanthropic organizations and currently is the chairman of the board for Carena and chairman and co-owner of https://www.ecofiltro.com/ (Ecofiltro) and https://www.puravidacreategood.com/ (PuraVidaCreateGood). Jeff also serves on the board for Webaroo and the Seattle Symphony. He was the chairman of the board for Lockdown Networks, which was sold to McAfee in 2008. Hussey received a BA in Finance from SPU and an MBA from the University of Washington. In this episode, we discuss adjusting to a remote workforce with a start-up, founding F5 Networks, developing a userbase community, tips for information security product success, IoT and OT cybersecurity,

John Ford is the Cybersecurity Strategist at https://www.ironnet.com/ (IronNet) and is an information security veteran with over twenty years in a wide variety of roles. Prior to IronNet, John was CISO for ConnectWise, the global leader in providing software solutions for Managed Services Providers. In this role, he was accountable for customer-facing security activities, product security, and served as an advisor to the CEO and leadership team. Before joining IronNet, John founded Sienna Group, a firm dedicated to providing data protection solutions to enterprise organizations, and has held executive roles in the healthcare industry. In this episode, we discuss healthcare security, compliance versus security, HIPAA regulation and privacy, intellectual property protection, real-time information sharing, ransomware in hospitals, recommendations for new CISOs, and so much more! Where you can find John: https://www.linkedin.com/in/john-ford-ciso/ (LinkedIn) https://www.ironnet.com/blog (IronNet Blog)

https://www.linkedin.com/in/bshoffman/ (Brandon Hoffman) is the CISO & Head of Security Strategy at https://netenrich.com/blog/ (Netenrich). Brandon is an admired security executive responsible for Netenrich’s technical sales and security strategy for both the company and its customers. Most recently, he oversaw solution architecture for https://public.intel471.com/ (Intel 471)’s dark web threat intelligence business. As former CTO at https://www.firemon.com/products/lumeta/ (Lumeta Corporation) and https://www.redseal.net/ (RedSeal Networks), Brandon led technical and field development in network security, vulnerability, and risk. He’s also held key practitioner roles focused in security architecture, penetration testing, networking, and data center operations. Brandon holds an MS degree from Northwestern University and a BS degree from the University of Illinois at Chicago. In this episode, we discuss adapting to COVID, accidentally getting into security, designing the intelligent SOC, a risk-based appr

This is a special episode where we celebrate the 100th episode of the Cyber Security Interviews podcast! In this episode, I have the mic turned back on me by a past guest, great friend, and an amazing asset to the community, https://cybersecurityinterviews.com/episodes/078-nadean-tanner-boil-it-down/ (Nadean Tanner). She crowdsourced some questions, but head plenty of her own as well as we did this Ask Me Anything special episode. Douglas Brush is an information security executive with over 26 years of entrepreneurship and professional technology experience. He is a globally recognized expert in cybersecurity, incident response, digital forensics, and information governance. In addition to serving as a CISO and leading enterprise security assessments, Douglas has conducted hundreds of investigations involving hacking, data breaches, trade secret theft, employee malfeasance, and various other legal and compliance issues. He also serves as a federally court-appointed Special Master and neutral expert in high pr

https://www.linkedin.com/in/fredrickdlee/ (Fredrick "Flee" Lee) is the Chief Security Officer at https://gusto.com/ (Gusto), where he leads information and physical security strategies including consumer protection, compliance, governance, and risk. Before Gusto, Lee spent more than 15 years leading global information security and privacy efforts at large financial services companies and technology startups, most recently as Square's Head of Information Security. He previously held senior security and privacy roles at Bank of America, NetSuite, and Twilio. Lee was born and raised in Mississippi and holds a bachelor's degree in computer engineering from the University of Oklahoma. In this episode, we discuss COVID response, three-dimensional communications, security as an enabler, integrating security and engineering teams, the information security skills shortage, diversity and inclusion in cybersecurity, his early mentors, and so much more. Where you can find Flee: https://www.linkedin.com/in/fredrickdlee/

https://www.linkedin.com/in/andrearoberson/ (Andrea Roberson) is a product manager at Centrify Corporation, where she directs the product roadmap for Centrify Privileged Access Service. She was previously a technical support engineer at the company for almost two years and has held several engineering and support roles during her career including at Google and Apple. She has a Bachelor of Science degree in Computer Science from Spelman College, where she was a member of the https://nsbe.org/home.aspx (National Society of Black Engineers), the https://www.acm.org/ (Association for Computing Machinery), and https://exhibits.stanford.edu/news-service/catalog/ky830df0026 (SpelBots). In this episode, we discuss working with product teams remotely, moving from IT to information security, securing remote access, diversity and inclusion in cybersecurity, mentoring others, self-care and mental health, new threats due to COVID, and so much more. Where you can find Andrea: https://www.linkedin.com/in/andrearoberson/ (Li

https://www.linkedin.com/in/hdmoore/ (HD Moore) is the founder and CEO of https://www.rumble.run/ (Rumble Network Discovery); a platform designed to make asset inventory quick and easy by combining active scanning with innovative research. Prior to starting Rumble, HD was best known as the founder of the https://www.metasploit.com/ (Metasploit Project), the foremost open-source exploit development framework, and continues to be a prolific researcher and occasional speaker at security events. In this episode, we discuss starting with BBSs back in the day, starting the Metasploit project, https://www.rapid7.com/research/project-sonar/ (project Sonar), his development of Rumble Networks, securing home networks, fingerprinting networks, jump boxes in IoT networks, and so much more. Where you can find HD: https://www.linkedin.com/in/hdmoore/ (LinkedIn) https://twitter.com/hdmoore (Twitter) https://hdm.io/ (Blog)

https://www.linkedin.com/in/gabriel-gumbs-68323939/ (Gabe Gumbs) has a deep-rooted passion for technology, information security, and problem-solving. As Chief Innovation Officer of https://www.spirion.com/ (Spirion)—a leader in rapid identification and protection of sensitive data—he’s channeling that passion to make the digital world a safer place. Wielding a unique mix of technical vision, marketing, and business acumen, Gabe is shaping the future of data security and protecting the sensitive personal data of customers, colleagues, and communities around the world. Despite having held a range of leadership positions in security technology— including VP of Product Strategy at STEALTHbits and Director of Research & Products at WhiteHat Security—Gabe considers his most valuable experience to be the time he spent on the ground as a security practitioner. Thanks to his intimate understanding of the real issues security professionals face on the front lines, he’s able to identify the core of the problem and c

https://www.linkedin.com/in/shahrokh-shahidzadeh-1187062/ (Shahrokh Shahidzadeh) is the CEO of https://www.acceptto.com/try-acceptto-request/ (Acceptto). Shahrokh is a seasoned technologist and leader with 29 years of contribution to modern computer architecture, device identity, platform trust elevation, large IoT initiatives, and ambient intelligence research with more than 25 issued and pending patents. Before Acceptto, Shahrokh was a senior principal technologist contributing to Intel Corporation for 25 years in a variety of leadership positions where he architected and led multiple billion-dollar product initiatives. In this episode, we discuss evolving authentication, SSO and MFA challenges, anomalous behavior detection, enforcing least privilege, his time with Intel, AI and ML, multi-cloud security, securing home users, and so much more. Where you can find Shahrokh: https://www.linkedin.com/in/shahrokh-shahidzadeh-1187062/ (LinkedIn) https://twitter.com/accepttocorp (Twitter) https://blog.acceptto.com/

https://www.linkedin.com/in/deborah-golden-7872561a8/ (Deborah Golden) is the US Cyber & Strategic Risk leader for https://www2.deloitte.com/us/en/profiles/debgolden.html (Deloitte Risk & Financial Advisory). In the prior six years, Deborah served as the Government & Public Services (GPS) Cyber Risk Services leader, as well as the GPS Advisory Market Offering leader, GPS Empowered Well-Being leader and the lead principal for a major federal government health care provider. Deb has more than 25 years of information technology experience spanning numerous industries, with an in-depth focus on government and public services, life sciences and health care, and financial services. Deb received a bachelor’s degree in Finance at Virginia Tech and a master’s degree in Information Technology at George Washington University. She serves on Virginia Tech’s Business Information Technology and Masters in Information Technology Advisory Boards is a self-proclaimed fitness junky and avid traveler and trains servi

https://www.linkedin.com/in/kylehanslovan/ (Kyle Hanslovan) comes to https://huntresslabs.com/index.html (Huntress Labs) from the U.S. Intelligence Community, where he supported defensive and offensive cyber operations for the past decade. He previously co-founded the defense consulting firm StrategicIO and actively participates in the ethical hacking community as a Black Hat conference trainer, STEM mentor, and Def Con CTF champion. Additionally, he serves in the Maryland Air National Guard as a Cyber Warfare Operator. https://www.linkedin.com/in/chris-bisnett-1792041b/ (Chris Bisnett) is a veteran information security researcher with more than a decade of experience in offensive and defensive cyber operations. While serving with the NSA RedTeam, he attacked government networks and systems to identify and remedy vulnerabilities. Chris is also a recognized Black Hat conference trainer and has taught his “https://www.blackhat.com/us-18/training/fuzzing-for-vulnerabilities.html (Fuzzing For Vulnerabilities)” co

https://www.linkedin.com/in/jackkudale/ (Jack Kudale) is Founder and CEO at https://cowbell.insure/blog/ (Cowbell Cyber) with over two decades of business executive experience. Previous senior roles include COO at Cavirin, CEO at Lacework, both cloud security startups; SnapLogic, a leader in hybrid cloud integration; and CA Technologies, where Jack led DevOps sales for the Fortune 500 leader. With deep operational experience in the DevOps, Cybersecurity, IT Ops, & Big Data spaces, Jack leads Cowbell to execute on its vision of bridging the cyber insurability gap. Jack also serves as a governing board member of https://www.brighterchildren.org/ (Brighter Children), a non-profit organization. In this episode, we discuss the importance of cyber insurance, risk management, the difference between cyber insurance vs other insurance products, the risks COVID-19 pose to small businesses, right-sizing cyber insurance policies, industries that are targets for attackers, and so much more. Where you can fin

https://www.linkedin.com/in/danielaayala/ (Daniel Ayala) is the Founder, and Managing Partner for https://secratic.com/ (Secratic), a strategic information security, and privacy consultancy focused on helping companies protect data and information, and be prepared before incidents happen. Daniel is also currently serving as the Interim Chief Information Security Officer for Michigan State University. Throughout his 24 year career, he has led security organizations large and small in banking and financial services, pharmaceutical, information, library, and technology companies around the world, taught university-level courses, and both writes and regularly speaks on the topics of security, privacy, data ethics, and compliance. In this episode, we discuss remote working, being a virtual CISO, compliance vs. security vs. privacy, application development security, creating a culture of security, communication skills, giving back to the community, mentoring others, mental health, and so much more! Where you c

https://www.linkedin.com/in/anthonybettini/ (Anthony Bettini) is the CTO for https://www.whitehatsec.com/author/anthony/ (WhiteHat Security), the leader in Application Security, enabling businesses to protect critical data, ensure compliance, and manage risk. Previously, Anthony ran Tenable Research where Anthony joined via Tenable’s acquisition of FlawCheck – a leading Container Security startup where Anthony was the CEO & Founder. Before its acquisition by Symantec, Anthony was CEO & Founder of Appthority, a leading Mobile Security startup, and winner of the “Most Innovative Company of the Year” award at the RSA Conference. In this episode, we discuss managing a remote team, web application security, DevSec, responsible vulnerability disclosure, Artificial Intelligence (AI), how to focus your career, being a founder, and so much more! Where you can find Anthony: https://www.linkedin.com/in/anthonybettini/ (LinkedIn) https://www.whitehatsec.com/author/anthony/ (WhiteHat Blog)

https://www.linkedin.com/in/bellis/ (Ed Bellis) is a security industry veteran and expert and was once named “Information Security Executive of the Year”. He currently serves as the Chief Technology Officer and Co-founder of https://www.kennasecurity.com/ (Kenna Security). He founded Kenna Security to deliver a data-driven risk-based approach to remediation and help IT teams prioritize and thwart would-be security threats. Ed is the former CISO of Orbitz and former Vice President, Corporate Information Security at Bank of America. He is an advisor to Dascena and former advisor to SecurityScoreboard.com, Dharma, and Society of Payment Security Professionals. Ed is a contributing author to the book, https://www.amazon.com/Beautiful-Security-Leading-Experts-Explain/dp/0596527489 (Beautiful Security). He is also a frequent speaker at industry conferences such as RSA, BlackHat, and many others. In this episode, we discuss vulnerability management maturity, how to focus on remediation, inventory management, securin

https://www.linkedin.com/in/hypponen/ (Mikko Hypponen) is a global security expert and has worked at F-Secure since 1991. Currently, he serves as https://blog.f-secure.com/ (F-Secure's) Chief Research Officer. Mikko has written on his research for the https://mikko.hypponen.com/articles.html (New York Times, Wired, and Scientific American), and he frequently appears on international TV. He has lectured at the universities of Stanford, Oxford, and Cambridge. He was selected among the 50 most important people on the web by the PC World magazine and was included in the FP Global 100 Thinkers list. Mikko sits on the advisory boards of t2 and Social Safeguard and in the advisory panel for the Monetary Authority of Singapore. In this episode, we discuss his early starts in information security, the rebirth of TELNET, security by design, the difference between privacy and security, mobile device security, IoT security, election security, and so much more. Where you find Mikko: https://www.linkedin.com/in/hypponen/ (