Bill Murphy's Redzone Podcast | World Class It Security

Are you a CIO, CSO, CISO, VP of IT, Dir of IT, SR VP of IT? What does it cost you to manually examine threat intelligence information? Are you doing it at all? If you are an IT decision maker you will want to listen to what Aharon Chernin, CTO of Soltra and I discuss related to Aharon’s expertise with STIX and TAXII. The STIX/TAXII standard is the future of IT Security as it relates to scaling access to actionable and relevant threat information that we can do something about versus being overwhelmed about yet more false positives. We discuss how sharing and teaching machines how to speak to each other about threat information is the vision of the future. What if you could receive information from the FBI, DHS, and Cert for example and this could be ingested into your security machines, devices, software, etc and you didn’t need an analyst to make sense of the data? This is the vision of IT Security that I want you to consider. Only 1% of organizations have security analysts on staff. Why?....because humans a

Ron is an expert in what it takes to develop the next generation of cyber security leaders. • He is the Air Force Association US CyberPatriot 2013-2014 Mentor of the Year for his work with high school cybersecurity competitions. • Ron Woerner is the Director of Cybersecurity Studies at Bellevue University. He has over 25 years of corporate and military experience in IT and Security Resources for Cyber Security Team Competitions 1) Cyber Patriot Youth cyber security team competitions and explanations of the various levels of competition 2) ISC2/MITRE Cyber Challenge Academy Competitions – Capture the Flag 3) National Collegiate Cyber Defense Competition (CCDC) 4) Dr Dan Manson Cal State Pomona who created a single site to coordinate all cyber security competitions into one site called Cyber Security Federation - Single Site for information - Creating a sport out of cyber security competitions

Internationally acclaimed creativity expert Michael Michalko joins me today to discuss his creative thinking techniques that have inspired business thinkers around the world to create the innovative ideas and creative strategies they need to achieve unimaginable success in today's changing business environment of complexity and uncertainty. He says change the way you look at things and the things you look at change. If you always think the way you’ve always thought, you’ll always get what you always got. The same old, same old ideas over and over again. The future belongs to those thinkers who embrace change, break new ground, forge new paths, and transform the way they think. Discover how to look at the same information as everyone else and see something different by using the creative thinking techniques and strategies that creative geniuses have used throughout history.

Uris is a leader in the world of research as it relates to IoT Security. This interview is a great learning tool to educate business leaders and your peers about where IoT is going and what it means to you and your business.

Mark is a world renowned expedition paddler and explorer and he has a powerful story to he shared about kayaking the entire length of the Amazon, Mississippi, Volga River (Europe’s largest river) and walking across Iran. My hope is that this interview will spur you on to try your own personal adventure or one with your family.

The CISO Should Not Report to the CIO |Assume you Have Been Hacked|6 Kill Chain Fundamentals You Must Know|How Can You Deny Command and Control Attacks| The Best Cyber Security Books - Hall of Fame|Alan Turing Should be a Hero|7 x ‘Must Ask and Prove’ Questions and CIO/CISO must ask about their Next Gen Firewall |Scaling Security with Real Cooperation|AI’s Role in Info Sec| The Beginnings of AI and Security

Two Ways to Avoid Being Perceived as a “Door Matt” and an “Order Taker” In Your Business. The Two Best Ways to Immediately Add Value to the Business, Converged Orgs Drive 4x More Profit, New Language for the CIO, Words that Really Matter, Projects and Investment Scoring.  

Hacking-Back vs Attribution| APT Attack vs Targeted Attacks| Mobility and Virtualization| Leadership and Team Innovation| Ethics and the Selling of Vulnerabilities| The Best Zero Day definition Ever| Options of How to Avoid Poisoning Your Phone| Geo fencing| The One Question that you need to ask to Prevent Losing Your Job after a Breach Incident| Who has the Worse Cyber Criminals China or Russia?| Pinball Machines and Teaching Kids How Things Work Versus Consuming Things

Kayvan is an authentication expert. He gives a fascinating review of the old and future related to User Authentication Trends and Methods for Native Mobile Applications. Do you want to know pros and cons with various authentication methods of the future like IRIS, Selfie Based Authentication, Voice, Finger print, Face Recognition, Gesture and other Trends in Mobile Security ?  

In the following interview Hadi and I discuss Big Data Security Topics like the Mosaic Effect, Mobile Security, The Demise of Passwords, IoT TOCTOU Attacks, Driverless Cars, Atomic Views of IoT, Orchestration Layers Limitations with Big Data Security, and what he describes as ‘Loose Membranes’ with IoT security

  Are you and your team ready to make Leapfrog Steps or are you simply making Incremental Progress?    How do you get hard things done?        We are so often conditioned to look at the negative end of accomplishment. As human beings we tend to look at all the reasons something can’t be done versus listing all the reasons how it can be done.    My discussion with Don Wiegner in many ways you have heard the message before, but this time around you are hearing it from someone who has just spent two years doing what others thought was impossible. He discusses how to accomplish insurmountable goals and do it in a way that brings people together under a common purpose. Have you had a defining moment in your career where your back was against the wall and you had to get the job done?  

Alex Hutton major bank CISO, thought leader, influencer, presenter, award winning speaker, as he discusses with me inspiration he gets from the best sushi in the world and a having a vision of craftsmanship in his profession. I have written about Craftmanship in the past and after talking with CISO Alex Hutton this was emphasized even more. Jiro Ono owns the most famous Sushi restaurant in the world. Similar to Jiro’s you can approach your profession as a master would. The importance of IT Ops and Security being run as a craft is important because most CIOs and CISOs feel that their biggest value unfortunately is when there is a problem (data breach, failure of a system, etc) Alex Hutton has served as CEO for Risk Management Insight. He served as a principal in the Risk Intelligence group for Verizon, involved in the development of the VDBIR. He is an avid security blogger, speaker and conference organizer. He brings a wealth of knowledge and experience on risk management and metrics to any discussion. He is

Jack Jones is widely considered a thought leader in risk management and information security, Jack has been employed in technology for the past thirty years; specializing in information security and risk management for twenty-four of those years. During this time he has garnered a decade of experience as a CISO, including five years for a Fortune 100 financial services company. His work has also been recognized by his peers and the industry, earning him the 2006 ISSA Excellence in the Field of Security Practices award, and the 2012 CSO Compass Award for Leadership in Risk Management. Jack is the originator of the now industry standard risk management framework known as Factor Analysis of Information Risk (FAIR). FAIR has seen adoption globally, within organizations of all sizes, and is now regularly included in graduate-level university courses on information security and referenced by other industry standards. He also recently co-authored a book on FAIR entitled "Measuring and Managing Information Risk - A F

You are really going to enjoy my interview with Mark Robnett, CIO Justice Federal Credit Union. Mark is a rising star in the Credit Union industry and I asked him to detail for you in this episode how he put together his presentation to his board regarding his IT security strategy and tactics. I have found that Justice FCU is about 1-2 years ahead of Credit Unions of its size. I would put them on par with firms many times their size. Mark also has the added pressure of having a very smart and technically savvy board. There is no hiding behind jargon and complexity with them because the board is comprised of individuals with backgrounds in FBI and Justice Department. What a challenge!

This interview was a lot of fun. Enterprises frequently buy security products with the best of intentions, but they end up being abandoned. Sometimes the product never makes it out of the box and into the rack. What factors contribute towards security shelfware and what can be done by both vendors and enterprises to avoid this happening? If it has happened how can you reverse it?What are the top security products that end up on the shelf or marginally used?

In this interview with Thycotic software’s CEO Jonathan Cogley it would be easy to have our discussion based solely on the success of his product and company. Thycotic has been on a tear dominating the password management space. What you will get from this interview is something of deeper value. We discuss Jonathan’s focus on Thycotic’s Unique Culture, Risk based CIO decision making, and key aspects of you network that you want to absolutely be in control of.

My discussion with Jean Gomes, Chairman of the Energy Project is a fascinating one. Jean works with some of the largest IT companies in the world like Google and Yahoo as well as Sony and other brands. We discuss how he teaches leaders of companies to build their latent capacities in today’s accelerating world. I  am a huge believer in tapping our reserves of potentialThis show will change your perception on what you are capable of. This is not an episode about how to push the wheel faster or keep more plates spinning. The role of a leader today demands that we tap all of our reserves and capabilities so that we can pull off the good that we were destined to create.  Our discussion is not about chasing how efficiently you can mow the lawn or plow the field. Today you need to have the mental agility to use the part of the brain that synthesizes and correlates, draws distinctions and unique relationships between things. You can’t do this if you are exhausted or depressed.  We review cutting edge research on the

In this episode with Davi Ottenheimer you are going to love learning more about Big Data Security and the challenges that CIOs face as well as the planet.  The challenges that the IT profession and IT Security face are tough ones.  We dive into many concepts related to why you can’t limit gathering data and at the same time expect to find security correlations between system systems or people. You will learn why De-Identification so important to understand with Big Data Security? And why it doesn’t work!   

Data Governance from core to edge. Smart alerting, file permissions, active directory, and other technical areas in IT Security monitoring with Big Data Security Analytics, HIPPA, and PCI. Reducing noise and getting to what matters for core IT security events with tools from Varonis.

Bob Fecteau is a Tier 1 CIO with SAIC. This episode reviews leadership vs management, being a financial expert, examples of owning problems, building CIOs, the skills needed to be a next gen CIO