Bill Murphy's Redzone Podcast | World Class It Security

Marshall Kuypers is a PhD candidate in Management Science and Engineering at Stanford University, concentrating in Risk Analysis. His research studies quantitative models to assess cyber security risk in organizations. I heard Marshall talk at a major IT Security conference and after listening to him, I knew that I had to get him on the show to share his expertise. Marshall continues a theme that I have been harping on recently which is for you to deepen your sophistication of communicating at the highest level in your organization about Cyber Risk and investments that you want your company to mitigate against. For some of you this discussion will be re-enforcement of concepts and ideas that you already know but need to be reminded of. For others, Marshall will bring a fresh approach to you to test with your CFO, CEO or Board. The more effective you can be with communicating to your horizontal peers and upstream reports the better you can fulfill your mission within your company. Major take aways from this ep

Jack Freund, the guest of my latest podcast, is the co-author of a book with Jack Jones on quantifying risk (Measuring and Managing Information Risk: A FAIR Approach). This book was inducted into the Cybersecurity Canon in 2016. The Cyber Security Canon is a Hall of Fame for IT Security books. The founder Rick Howard has been a previous guest on this podcast. Some of the links that I really like from this episode are Jack’s presentation called “Assessing Quality in Cyber Risk Forecasting”, his most recent article in the ISSA Journal that I love called “Using Data Breach Reports to Assess Risk Analysis Quality”. You will be able to find all links and show notes at redzonetech.net/podcast This episode is sponsored by the CIO Scoreboard Major take-aways from this episode are: 1. Elevate Your IT Security Risk Communication Game using Data Breach reports to Inspire Action in the Business 2. How to use Risk Data so that the business becomes more comfortable with uncertainty 3. New Refreshing perspectives on pre

During my last interview I had a great talk with Daniel McDuff. Daniel’s research is at the intersection of psychology and computer science. He is interested in designing hardware and algorithms for sensing human behavior at scale, and in building technologies that make life better. Applications of behavior sensing that he is most excited about are in: understanding mental health, improving online learning and designing new connected devices (IoT). Listen to more about why it is important to collect data from much larger scales and help computers read our emotional state. Key Learning Points: 1. Understanding the impact, intersection, and meaning of Psychology and Computer Science 2. Facial Expression Recognition 3. How to define Artificial Intelligence, Deep Learning, and Machine Learning 4. Applications of behavior sensing with Online Learning, Health, and Connected Devices 5. Visual Wearable sensors and heart health 6. The impact of education and learning 7. How to build computers to measure phycology, our

I recently had a wonderful talk with Pascal Finette. I am really excited to share our conversation on the exponential technologies with you. Pascal is the head of Singularity University's SU Labs, where he leverages most intractable problems with cutting-edge technologies. One of the concepts we have delved into during our discussion was the concept of innovating organization at the edge instead of the core and how to approach growth through the lens of this concept. A lot of us are familiar with innovation when it comes to processes. How is it done with a product that is a business unit? Listen to more about the question to ask about open-sourcing, concept of “crow funding”, and the importance of moonshot thinking and exploring more at the edge.  4 Key Learning Points: The importance of the innovation at the edge of the core of an organization. The importance of moonshot thinking and asking big questions. What to be aware of when it comes to implementing open source concept. How to use the crowd funding mec

Today I had a wonderful talk with Zack Schuler. Zack is the founder and CEO of Ninjio, which is an I.T. Security Awareness business.   We discuss how 95 % of all breaches are caused by human error. It seems like such an obvious problem. But what can you do about this? Zach’s company has developed a way using a team of Hollywood writers to develop compelling security education and training to not just have your IT professionals involved in IT defense but have all your employees involved. 4 Key Learning Points: The importance of the gamification of security training in developing a security culture The importance of entertainment in storytelling How to deploy training easily and efficiently. How to measure the effectiveness of training. Zack Schuler Zack is the founder and CEO of Ninjio, which is an I.T. Security Awareness business.   Zack is passionate about keeping people safe from the countless cyber threats that are ever increasing. Listen to more about how to help train staff on increasing security aware

Today I had an interesting conversation with Jack Jones. This is Jack’s second time on the show and I loved our discussion. It is a gem of learning and is packed with information that you can use right away. Jack was one of the first CISOs in the United States and he is the inventor of the FAIR model for analyzing Information Security Risk. Jack’s bio is extensive and here is a short list of his accomplishments. Jack Jones has worked in technology for over 30 years, and information security and risk management for 25 years. He has over nine years of experience as a CISO with three different companies, including five years at a Fortune 100 financial services company. He received the ISSA Excellence in the Field of Security Practices award at the 2006 RSA Conference. In 2007, he was selected as a finalist for the Information Security Executive of the Year, Central United States, and in 2012 was honored with the CSO Compass award for leadership in risk management. Jones is also the author and creator of the Fa

In this episode, I interview Jean Gomes, CEO of DPA—a business consultancy that helps organizations improve performance through people—Chairman of The Energy Project Europe—helping organizations build sustainable high performance cultures through energy management—and trusted advisors to more than more than 50 CEOs. Listen as Jean and I discuss the undervalued importance of bringing the right energy to a business, why measured breaks are one of the fundamental keys to success, and how we can better intentionally activate the creative half of the brain. Sponsored By: CIO Security Scoreboard – Go to VisualCIO.com to learn more about how to communicate the status of your IT Security program visually and in minutes. Time Stamped Show Notes: 03:21 – Bill welcomes Jean to the show 04:00 – Why energy always beats talent 05:40 – Two teams can be equal in talent, but the team that has more energy will have 8X-10X top line revenue 05:57 – Vision and commitment will lead to sustainable high-performance every time

In this episode, I interview Rahul Kashyap, Chief Security Architect and Head of Security Research at Bromium, a company that focuses on stopping cyber-attacks where users are most vulnerable—the endpoint—through virtualization isolation. One of Silicon Valley’s 40 Under 40, Rahul has built a career around developing cyber defense technologies that focus on exploit prevention. At Bromium, Rahul manages R&D and product security, while simultaneously conducting robust industry outreach, speaking at leading security conferences including BlackHat, BlueHat, Hack-In-The-Box, RSA, DerbyCon, BSides, ISSA International, OWASP, InfoSec UK and others.  Sponsored By: CIO Security Scoreboard – Go to VisualCIO.com to learn more about how to communicate the status of your IT Security program visually and in minutes. Time Stamped Show Notes: 02:00 – Rahul joins to the show 02:41 – Talking about the 40 Under 40 03:30 – The importance of being “unstoppable”—no one believes in you at the front-end—you need to be relent

In this episode I interview Michelle Gielan, Founder of the Institute for Applied Positive Research, former CBS News anchor, and author of the Bestselling book, Broadcasting Happiness. As a psychology researcher, Michelle’s work has been featured in The New York Times, Washington Post, FORBES, Harvard Business Review, and on the CNN and FOX News networks. Listen as Michelle and I discuss the power of positivity, our responsibility as individual broadcasters, and how business leaders can radically improve employee performance by bringing the right attitude to the office.  Sponsored By: CIO Security Scoreboard – Go to VisualCIO.com to learn more about how to communicate the status of your IT Security program visually and in minutes. Time Stamped Show Notes: 01:02 – Bill welcomes Michelle to the show 01:30 – How Michelle went from being a computer engineer, to news anchor, to psych researcher 01:55 – Do work that fits your calling—that helps you serve the world 02:30 – At the height of the recession, Michel

In Episode #38 Bill interviews Eric Vanderburg, a thought-leader and Director of Information Systems and Security at JurInnov, a cyber security and forensics company that helps businesses get back on their feet following a security breach.  Listen as Bill and Eric discuss life as “Sherriff of the Internet,” virtual versus augmented reality, and various elements of upscale IT security.  Sponsored By: CIO Security Scoreboard – Go to VisualCIO.com to learn more about how to communicate the status of your IT Security program visually and in minutes. Time Stamped Show Notes: 01:40 – Bill welcomes Eric to the show 02:01 – What it’s like being the “Sherriff of the Internet”? 03:10 – Microsoft Hololens—Microsoft’s take on Google Glass 04:48 – Eric defines an innovative, real world application for Microsoft Hololens 05:47 – Fashion 07:31 – Other applications for Hololens 07:59 – Video conferencing 08:53 – Eric defines his idea generating process 09:39 – Virtual reality is cutting us away from the real world, wh

Today I had an interesting conversation with Ken Westin. Ken is commonly referred to as ‘The Good Hacker’ and has spent the past 15 years working with law enforcement and research teams to analyze current and emerging threats to determine how our everyday products and gadgets can mitigate these threats. He is regularly reached out to as a subject matter expert in the area of security, privacy and surveillance technologies. In our industry people do a lot of talking about how they want to stop cyber security threat, developing technologies they hope will stop threats, but rarely do you actually come in contact with people actually demonstrating a track record of success thwarting, mitigating and bringing people to justice. This episode is sponsored by the CIO Scoreboard What you will learn from this interview: The secret lives of applications that live on our phones. What information are these apps gathering that we’re not aware of and where exactly is that information going? How can this information be used

This episode is sponsored by the CIO Scoreboard I have never been particularly impressed with people who achieve meteoric results in business if other areas of their lives are going in exactly the opposite direction or are stagnant. What good is it to satisfy shareholders if your kids see you rarely or they see you but you are not present with them? Or you achieve business goals but skip your thirties with exercise because you feel that you can’t afford to take the time. Since my twenties, my bigger fascination has been to find models of success that incorporate all areas of life (business, family, relationships, health and spirituality) as a vision of success. My interest has been to find and learn from well-rounded people who have a mission and focus on positive impact in all major areas of life. They are far more interesting and usually get great business results as well. Notably, one of the patterns of highly self-actualized people that I have observed is that they have some combination of experts, train

This episode is sponsored by the CIO Scoreboard In this episode I interviewed Tyler Cohen Wood who has an impressive amount of experience in Cyber security, and Digital Forensic Security - in addition to helping the White House, the Department of Defense, The Intelligence Community, Federal Law enforcement and even NASA. In our discussion on security, we talk about the different protections available on Social media and the different types of cookies and how to ensure that you are protecting yourself and your family to the maximum. Read further for more information as we discuss the following important points: The best protection is knowledge of how things work Super cookies, zombie cookies, flash cookies The importance of turning off Exit data on photos that will be uploaded to social media sites Downloading Apps - Understanding what you are doing and what you are potentially giving away to companies How do others perceive you online? How to research yourself online and see how others perceive you Be aware

As a leader, how can you be immensely present in the moment with people, both at work and in your personal life and in any situation? In my insightful and humorous discussion with Shawn Hunter we discuss his book Out Think: How Innovative Leaders Drive Exceptional Outcomes and the wisdom gleaned from interviewing hundreds of thought leaders and executives from all walks of life. Shawn not only writes about this topic as an author, but has also had to live it as an entrepreneur who has built and sold a company which was acquired by Skillsoft. He has interviewed so many successful people that he can see patterns of success and achievement that might take us 100 – 200 books and years to learn. In this interview ideas come fast and you will surely want to capture them. Take notes. Shawn shares numerous anecdotes and stories throughout the interview and every one of them will present a teaching moment for you. Here are 10 of the highlights: One of the best questions to ask yourself this coming year “What am I cap

Today I am interviewing Eric Kaufmann. I asked Eric on the show to discuss his book Leadership as a Hero’s Journey – The Four Virtues for Transforming Uncertainty and Anxiety into Results and to share practical ideas and tools that deepen a leader’s ability to be efficient, effective and deliberate; a leader whom people are drawn to follow. Eric’s journey contains 13 years of leadership consulting, management at Fortune 100 firms, degrees in business and psychology and a quarter century of Zen practice. He has also given a TED talk called Transformation Myths and Legends. I am so glad to have Eric on the show because he gives a massively important message to us regarding ‘comfort’. As a leader you must explore your comforts with personal relationships, business relationships, and the results you are getting in every area of your life. Are you ‘leaning into’ the problems and discomforts in your business and personal life? Or are you running away from or avoiding them? The Western World can make us soft as men

Introduction In this ground-breaking interview with Tony McFarland, we discuss how companies and regulators interpret and understand current legislation on how to monitor and manage the risks that companies face that can potentially harm the business, and even affect shareholders. We discuss the concept of a material breach and how to define corporate obligations to material breach and disclosure. I loved my discussion with Tony McFarland. Tony is an attorney and one of the best in the United States at understanding the fast moving and ever evolving Data Security and Privacy Law landscape. Tony has a very unique perspective from the top (CEO and Board) as it relates to the CIO’s requirement to answer questions from the top that have not been asked before. We also discuss how current decisions and precedents on the Safe Harbor rule will affect the way companies across the Atlantic will have to justify the protections used, and required for data transfers. Biography Tony is a partner at Bass Berry and Sims PLC,

In this phenomenal interview with The Iceman Wim Hof we discuss what I believe may be the edge and frontier of human potential. By studying Wim, who has achieved 21 Guinness World Records, scientists are building a knowledge base of what is possible for humans. As Wim trains others to do what he does, then he becomes less of an ‘outlier’ and ‘anomaly’. This is why I asked him to talk with me. I am interested in learning how he accomplishes his feats so that I can apply his methods to my own life. My hope is that you will be able to take pieces of this interview and do the same with yourself, family, and business. We discuss: Raising Kids Teaching others to handle adversity - The science of the body mind connection – Cold Exposure and Breathing Proof - Scientific findings and research His vision for teaching kids how to control their health, strength, and happiness (mood) Adjusting Mood (happiness) - The link between breath and mood state Eliminating depression The science behind his extraordinary feats His m

In this podcast episode I interview Bill Brenner, who is an expert at digesting threat intelligence information and making this information available to a wide pool of people from C-Suite Executives to coders and developers. Bill is a Senior Technical writer for Akamai and has been a writer for CSO Online, and Liquid Matrix Security Digest. Additionally, he created and writes in a blog called the OCD Diaries where he discusses mental health issues with IT Executives and staff within the technology industry. Top 3 items for an IT Security Decision Maker to be concerned about moving forward: Super-vulnerabilities like Heartbleed, Shellshock, Poodle and OpenSSL - Identify the risks these pose your assets within your company and remediate them. Incident Response – Remember to develop a BCP/DR plan for IT Security Incidents Protect Your Brand – Which hacking groups don’t like your company or brand that leave you vulnerable to DDoS, cyber espionage, and ransomware style of attacks? You will also learn some of the

In this episode we discuss 6 different topics that you will definitely find highly interesting and relevant. The Rise of Superman Steven Kotler is a New York Times bestselling author, award-winning journalist, and cofounder and director of research for the Flow Genome Project. His books include The Rise of Superman, Abundance, A Small, Furry Prayer, West of Jesus, and The Angle Quickest for Flight. He discusses the Concept of Flow [00:57] As the Harvard Medical School Dr Ned Halliwell says – “Flow naturally catapults you to a point that you are not naturally in” Flow can be triggered by public speaking and meditation and really is a state of mind in which grit, fortitude, determination, creativity, resilience and critical thinking, pattern recognition and hot decision making pops in. Tracking Flow and Flow States – learning what activities break flow. Breaking patterns of breaking flow. BUT this is not just about getting more done, faster. This is about more than that. When people are in flow they are mas

If you have questions about Microsoft Azure Security you will love this interview with David Cross. David Cross is the General Manager in charge of Security with Microsoft Azure. He has been the primary inventor of over 25 security patents and is the author of numerous publications and white papers. Prior to Microsoft, he served 5 years with the aviation electronic warfare community with the US Navy. He has a BS in CIS and a MBA. One of the really fun parts of this interview is actually learning about his invention process as I was very curious about it since he has so many patents!