#240 - From CruiseCon to AI Threats (with Ira Winkler)
Join us for an engaging episode of CISO Tradecraft, hosted by G Mark Hardy, featuring cybersecurity veteran Ira Winkler. In this episode, we dive deep into cybersecurity careers, discuss the unique CruiseCon cybersecurity event, and explore the evolution of information security. Hear firsthand accounts of career journey highlights, networking strategies, and the importance of democratizing top-tier content. Learn about the impacts of AI in cybersecurity, data poisoning, and upcoming cybersecurity conferences. Whether you're a seasoned professional or just starting your journey, this episode is packed with invaluable insights and advice.
https://cruisecon.com/
Don't forget to the the following code for 10% off "CISOTRADECRAFT10"
Transcripts: https://docs.google.com/document/d/1-H1CShsyirr4ZL9d1WCx6IMA_ngjWoEN
Chapters
00:00 Introduction to CISO Tradecraft
01:34 Meet Ira Winkler: Cybersecurity Veteran
02:50 The Concept of CruiseCon
05:58 Challenges in Cybersecurity Events
08:03 Building a Cybersecurity Community
13:45 Mentorship and Networking in Cybersecurity
21:52 The Importance of Relevant Mentorship
24:40 The Importance of Programmatic Principles
25:19 Finding the Right Mentor for Your Career Path
26:38 Adapting to a Shifting Career Landscape
27:05 Understanding AI Fundamentals
29:12 The Role of Data in AI
30:57 Agentic AI and Its Applications
32:48 Challenges and Risks in AI
41:33 Upcoming Events and Keynote Speakers
43:35 Leadership Lessons from Ground Zero
46:39 Future Cruise Con Events
47:44 Conclusion and Farewell
--------
48:22
--------
48:22
#239 - Actionable Gamification and Lasting Success (with Yu Kai Chou)
In this episode of CISO Tradecraft, host G Mark Hardy speaks with gamification pioneer Yu-Kai Chou about his new book, '10,000 Hours of Play: Unlock Your Real Life Legendary Success.' Explore key concepts such as aligning your passions, skills, and goals through six essential steps: choosing your game, knowing your attributes, selecting your role, enhancing your skills, building alliances, and achieving your quest. Discover how gamification can lead to personal and professional success. Tune in for an insightful conversation that could change the way you approach your career and life.
Yu-Kai Chou - https://www.linkedin.com/in/yukaichou/
Actionable Gamification Book - https://a.co/d/isv7K0W
10,000 Hours of Play Book - https://a.co/d/3L88jTs
Transcripts: https://docs.google.com/document/d/1gPxWVeS8QYNsgGpXt3EDQy5zGcCYH7hL
Chapters
00:00 Introduction: The Power of Play
00:34 Meet Yu-Kai Chou: Gamification Pioneer
04:16 Understanding the Octalysis Framework
07:34 10,000 Hours of Play: A New Perspective
09:24 Choosing Your Game: Discovering Your Life's Mission
16:49 Knowing Your Attributes: Identifying Your Strengths
22:14 Selecting Your Role: Layers of Your Role Sphere
23:12 Aspiration and Identity: Defining Who You Want to Be
24:46 Occupation and Specialization: Aligning Your Roles
26:48 The Importance of Direction and Continuous Growth
28:05 The Concept of Ikigai and Skill Enhancement
30:38 Creating a Skill Triangle and Role Models
31:39 Gamification in Cybersecurity and Beyond
32:50 The Role of Determination and Passion
37:50 Building Alliances for Success
41:27 Recap and Final Thoughts
--------
44:55
--------
44:55
#238 - The Impact of the Israel Iran Conflict (with Nathan Case)
In this episode of CISO Tradecraft, host G Mark Hardy discusses the ongoing Israel-Iran conflict and its potential cyber implications with cybersecurity expert Nathan Case. They delve into lessons learned from the Russia-Ukraine conflict, discuss the effectiveness of cyber warfare, and evaluate Iran's cyber capabilities. The conversation also covers the ethical implications of cyber attacks, dual-use targets, and the danger of supply chain vulnerabilities. Practical advice is provided on improving cybersecurity measures, including the importance of MFA, network segmentation, and evaluating internal threats. Join us for an in-depth look at how current geopolitical tensions can impact global cybersecurity.
Nathan Case - https://www.linkedin.com/in/nathancase/
Chapters
00:00 Introduction to the Israel-Iran Conflict
00:52 Meet the Expert: Nate Case
01:51 Cyber Warfare Insights from Russia-Ukraine Conflict
03:36 The Impact of Cyber on Critical Infrastructure
08:00 Ethics and Rules of Cyber Warfare
15:01 Iran's Cyber Capabilities and Strategies
16:56 Historical Context and Modern Cyber Threats
23:28 Foreign Cyber Threats: The Iranian Example
24:06 Israel's Cyber Capabilities
25:39 The Role of Cyber Command
26:23 Challenges in Cyber Defense
27:11 The Complexity of Cyber Warfare
32:21 Ransomware and Attribution Issues
36:13 Defensive Cyber Operations
39:39 Final Thoughts and Recommendations
--------
45:23
--------
45:23
#237 - Build a World Class SOC (with Carson Zimmerman)
Join G Mark Hardy and Carson Zimmerman, the author of '11 Strategies of a World-Class Cybersecurity Operations Center,' in this insightful episode of CISO Tradecraft. Carson shares his career journey, the evolution from the 10 to 11 strategies, and delves into the future needs of Security Operations Centers (SOCs). They discuss critical topics such as the importance of continuous improvement, AI's impact on SOCs, and the value of embracing neurodiversity in cybersecurity teams. Whether you're a seasoned cybersecurity leader or an aspiring professional, get actionable advice on how to enhance and revolutionize your SOC operations.
11 Strategies of a World Class Cybersecurity Operations Center https://www.mitre.org/sites/default/files/2022-04/11-strategies-of-a-world-class-cybersecurity-operations-center.pdf
14 Questions are all you need - https://www.first.org/resources/papers/conf2024/1445-14-Questions-Carson-Zimmerman.pdf
Transcripts - https://docs.google.com/document/d/1WVJi9WkxOG7yedQYWSooiqRFjBERd9kV
Chapters
00:00 Introduction and Guest Welcome
00:53 Background and Book Discussion
03:33 SOC Challenges and Stagnation
06:10 Managing SOC Alerts and Burnout
09:26 SOC Evolution and Neurodiversity
23:50 Career Progression in Cybersecurity
30:28 Impact of AI on SOC Operations
40:07 Final Thoughts and Conclusion
--------
41:41
--------
41:41
#236 - Build a World Class GRC Program (with Matt Hillary)
In this episode of CISO Tradecraft, host G Mark Hardy sits down with Matt Hillary, the Chief Information Security Officer of Drata, to discuss governance, risk, and compliance (GRC) and trust management. They explore key topics such as the evolution of GRC, trust management, compliance automation, and the advent of AI in compliance processes. Matt shares insights on building a world-class GRC program, the challenges and opportunities in modern-day compliance, and the mental health aspects of being a cybersecurity leader. This episode is a must-watch for any cybersecurity professional looking to enhance their GRC strategies and compliance operations.
Big Thanks to our Sponsor Drata. You can learn more about them at https://drata.com/
Connect with Matt Hillary at https://www.linkedin.com/in/matthewhillary/
Transcripts - https://docs.google.com/document/d/1VzRQSEvgUwenDERlNn2bwlIpnz4QPQ15/
Chapters
01:39 Meet Matt Hillary: CISO of Drata
06:06 The Evolution of GRC and Trust Management
14:48 Continuous Compliance and Automation
19:26 Compliance as Code: The Future of GRC
22:18 The Importance of Getting It Right the First Time
23:15 Customer Compliance Challenges
24:21 Vendor Risk Management and Trust Building
26:26 Leveraging AI for Compliance and Risk Management
31:43 Evaluating Credibility of Third-Party Evidence
41:09 Common Mistakes in GRC Programs
43:56 Final Thoughts and Industry Call to Action
Canada - english