Tl;DR: This week on episode 598 as we are 1 episode away from the Big 600, Adam Meyers joins the podcast to provide an update on the interesting things happening in the world of ransomware, threat actors, and general cyber criminals. Adam regales us with some interesting stories and always has that witty insight we expect from Adam. YouTube Video: https://youtube.com/live/5EBanXzfdtQ Support the show >>> If you're reading this, consider clicking the link above to support the...

TL;DR: On this episode of the DtSR Podcast, Shawn Tuma joins James & I to talk over what's changed, what's new, and what's not going well at the intersection of cyber and legal. Spoiler Alert: Nothing's that much better, and things are worse. YouTube video: https://youtube.com/live/VDqxohnvpXs Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home:...

TL;DR: On this installment of the podcast, David Monnier joins Rafal & special guest Jim TIller to talk about hunting bad actors in cyberspace. What it's like chasing down villains, challenges, and related discussion. David is a recognizable industry expert and someone who can dispense some great discussion and advice. Listen up! YouTube Video: https://youtube.com/live/t53yK6zkikE Support the show >>> If you're reading this, consider clicking the link above to support the...

TL;DR: This week on the podcast, the conversation with Phil Beyer goes all over the map. We start with the interesting (but short) story of how Phil got into cyber, to vCISO vs CISO, and how we really feel about the CISOs opportunity to "win". Short answer - there isn't a win here. It's a very fast-paced episode you'll want to listen at normal speed because, frankly, it's too fast otherwise! YouTube video: https://youtube.com/live/VfYntM7yft0 Support the show >>> If you're reading...

TL;DR: On today's episode of the podcast, Jessica Hoffman joins James and I to talk about Emotional Intelligence. What is it? Why is it desperately important to cybersecurity professionals in  leadership role? All these questions and more are addressed as we parse out the ins and outs of emotional intelligence. YouTube video: https://youtube.com/live/DUBX9r22zEs Support the show >>> If you're reading this, consider clicking the link above to support the...

TL;DR: This week Episode 593 features Jeff Reich of the Identity Defined Security Alliance as we talk about some of the big-picture challenges of identity, interoperability, and security of identity and identity security (yes those are different). YouTube video: https://youtube.com/live/oTWJEVTzTlY Support the show >>> If you're reading this, consider clicking the link above to support the show! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= YouTube home:...

TL;DR:  On this episode, James and I welcome CEO Patrick Dennis, CISOs Jack Korzeniowski and Sam Masiello, former CISO and vCISO, and industry veteran Jim Tiller onto a panel to discuss ransomware. Ransomware is catastrophic for some businesses, and in this episode, we talk through some of the key topics that CEOs and CISOs lose sleep over. Huge thank you to all of these fine gentlemen who gave their time to leave you with their insights. Find us on LinkedIn and if it piques your interest -...

TL;DR: *Warning: This episode is ranty, and potentially offensive to overly sensitive types*. That said, in this episode Jim Tiller and I sit down, drink in hand, and have a good old rant about the state of the industry right now. We talk through the "people problem", and the tech problem, and lay plenty of blame. At some point, I think we even suggested a solution. Maybe. Enjoy! YouTube Video: https://youtube.com/live/TW133OeFsdA Support the show>>> If you're reading this, consider...

TL;DR: On this week's episode, James Beeson once again joins Rafal & James, with guest-host Tom Venables to talk about procurement's involvement in the security of an enterprise. What does procurement have to do with security? How can the two functions work together to improve the security of the enterprise both today and into the future? Listen as we discuss this vital topic. YouTube Video: https://youtube.com/live/wGDgQZv97wE Support the show>>> If you're reading this,...

TL;DR:   This week's episode features one of the all-time greats. Joe Dibiase was the first CISO I worked under when I joined GE Power Systems back in the early 2000s and he's had a rather amazing career spanning many different industries. We chat about life, CISO'ing, and what he's up to now. Spoiler alert - Joe sports a Braves World Championship ring! YouTube Video: https://youtube.com/live/pxGDOrs7_OA Support the show>>> If you're reading this, consider clicking the link above to...

TL;DR: This week's episode has the one and only Jeremiah Grossman on the show to talk about liability in software, some of the fundamental problems with cyber security, the market forces that move (or could move) things in the positive direction - and where it could all potentially go. It's a fascinating discussion you'll not want to miss. YouTube Video: (coming soon) Support the show>>> If you're reading this, consider clicking the link above to support the...

Tl;DR: Part 3 of 3: This episode is the big reveal with details and a how-to, in a 3-part series presented by Bo Birdwell, on how to build a defensible security program using compliance to drive greater security improvement. The accompanying video is a must-watch because it has the slides Bo is talking through, and you're not going to want to miss that. YouTube Video: https://youtube.com/live/vUjAogOSePU Support the show>>> If you're reading this, consider clicking the link above to...

Tl;DR: Part 2 of 3: This episode is the set-up, the problem statement, and overview of Bo's approach, in a 3-part series presented by Bo Birdwell, on how to build a defensible security program using compliance to drive greater security improvement. The accompanying video is a must-watch because it has the slides Bo is talking through, and you're not going to want to miss that. YouTube Video: https://youtube.com/live/mVIVszWgCCU Support the show>>> If you're reading this, consider...

Tl;DR: Part 1 of 3: This episode is the introduction of a 3-part series presented by Bo Birdwell, on how to build a defensible security program using compliance to drive greater security improvement. The accompanying video is a must-watch because it has the slides Bo is talking through, and you're not going to want to miss that. YouTube Video: https://youtu.be/MJNwn6sbxcM Support the show>>> If you're reading this, consider clicking the link above to support the...

TL;DR: This week Joel Scambray joins James and I to talk about the trends and observations from the world of professional services. Joel is a long-time leader in the professional services delivery space in cybersecurity, and he has some interesting insights to share about where we are and where we could potentially be going. YouTube Video: https://youtube.com/live/LtDgSlnJyik Support the show>>> If you're reading this, consider clicking the link above to support the...

TL;DR: This episode is part of the Leadership series of episodes, with the one and only James Beeson. James is one of the quintessential CISOs who is successful in both his craft and business world. I had the pleasure to work with James and his team many years ago and I can't wait for you to hear his insights and lessons learned. If you can get either some coaching or insights from James - take it and thank me later. YouTube Video: https://youtube.com/live/L_gDnWNREvQ Support the...

TL;DR: This week, I virtually sat down 1 on 1 with my long-time friend, cyber security veteran,  and fellow smartass Christopher Davis to talk about the state of pre-sales (sales engineering) in our industry. We've both done it, being both seller and buyer of security products and services -- and we can complain about the state of things. Chris offers some solid advice, so take notes! Support the show>>> If you're reading this, consider clicking the link above to support the...

TL;DR:  As we talked about last year, Jim Tiller is joining us as a regular guest on an episode that looks forward (uncomfortably) to 2024 with all the mayhem and disappointment it will no doubt bring to the cybersecurity industry. What's coming? Let's talk about it... and we're not holding back. YouTube video: https://youtube.com/live/B5K4WQg0S7A Link James referenced: https://www.theregister.com/2024/01/05/swatting_extorion_tactics/ Support the show>>> If you're reading this,...

TL;DR: On this first episode of 2024, what better way to ring in the new year than to discuss the evolution of (knowledge) work? For this show, my friend Bill Pelletier joins as the Statler to my Waldorf as we discuss where knowledge work was a decade ago, where it is today (post-Covid), and what it could be if we thread the needle just right. In the end, one thing is for certain - the "future work experts" are not very smart, or they'd understand single-factor statements are stupid. Check...

TL;DR:  This week, our good friend Jeff Collins joins Rafal & James to talk about the "everything" being on the Internet now. Whether it's presents for the kids, connected devices in the kitchen, or stuff at the office - everything seems to be on the Internet and could be a potential exposure for you, your family, or your company. How do we deal with all of this? YouTube video of all the hilarity is available here: https://youtube.com/live/gA-unKSLO7A By the way - if you haven't checked...

TL;DR: Your favorite podcast is back, after a short break, and bringing you another packed episode with Brandon Dunlap & Jim "All Tiller, no filler" Tiller where we discuss Kelly Shortridge's column "Security Isn't Special". Some things we agree with, some things we don't, but we talk through it thoroughly. That's part of the fun! Join the pod, and see what we're talking about. Support the show>>> If you're reading this, consider clicking the link above to support the...

TL;DR: This week I'm joined by Mike Towers - a gentleman who has "digital trust" literally in his job title. This is an episode where we attempt to start the conversation of trust in an age of digital everything. Of course, the backdrop for today's discussion is the mayhem over at OpenAI - and if that's not a great place to start, I don't know what is. Is anyone else having a difficult time accepting that this podcast is now in it's 14th season?! YouTube...

TL;DR: I finally decided that Erik Bloch's LinkedIn posts have provoked a certain interest in a conversation about what a "modern-day" SOC should look and behave like. I then invited Jim Tiller and Anton Chuvakin (because they have some opinions), on the show to join James and me to discuss this. It didn't quite go to plan. YouTube Video: https://youtube.com/live/cgKpTTmCUrs From The BlockchainFrom supply chains to customer loyalty programs, blockchain tech will touch every businessListen...

TL;DR: On this episode of the pod, Jim Tiller and I talk through the hot takes published about the SEC vs SolarWinds and Brown, and why so many people are getting it all wrong. I highly encourage you to go read the actual indictment before giving your opinion.  Link to the SEC page: https://www.sec.gov/news/press-release/2023-227YouTube video: https://youtube.com/live/9z4g9p3BW-YMy YouTube "short" on this subject: https://youtube.com/shorts/o1Qsdy5xU-o Support the show>>> If you're...

TL;DR: Executive Conference organizers - this episode is for YOU. On today's episode of the podcast, it's just James and I on the microphone discussing all of these executive security events you may be getting invited to. They're just generally bad - people with big titles rattling off corporate marketing speak, with low attendance and low value. Or ...is there a better way? We discuss, and offer some suggestions to conference organizers to make these events fun and worthwhile again. Link...