To The Point - Cybersecurity
About
Available on
Community
277 episodes
This week, Audra is joined by Mark Montgomery, senior director of the FDD’s Center on Cyber and Technology Innovation and director of the CSC 2.0. Today’s discussion focuses on the progress made implementing the recommendations of the Cyberspace Solarium Commission’s 2020 report and securing critical infrastructure more broadly, including insights from Mark on the need for a distinct military force focused exclusively on cybersecurity. Mark Montgomery serves as senior director of the Center on Cyber and Technology Innovation, where he leads FDD’s efforts to advance U.S. prosperity and security through technology innovation while countering cyber threats that seek to diminish them. Mark also directs CSC 2.0, an initiative that works to implement the recommendations of the congressionally mandated Cyberspace Solarium Commission, where he served as executive director. Previously, Mark served as policy director for the Senate Armed Services Committee under the leadership of Senator John S. McCain, coordinating policy efforts on national security strategy, capabilities and requirements, and cyber policy. Mark served for 32 years in the U.S. Navy as a nuclear-trained surface warfare officer, retiring as a rear admiral in 2017. He was assigned to the National Security Council from 1998 to 2000, serving as director for transnational threats. Mark has graduate degrees from the University of Pennsylvania and the University of Oxford and completed the U.S. Navy’s nuclear power training program. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e277
This week Eric and Arika discuss the process of creating real innovation in cybersecurity with Audra Simons, Director of Forcepoint’s Innovations Labs. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e276
Joining us this week is Peter W. Singer, a New York Times bestselling author of books including Ghost Fleet, LikeWar and the techno-thriller Burn In. He shares details on the New America volunteer, non-profit organization and its awesome #SharetheMicinCyber program helping to bring diversity of thought to the cybersecurity front lines. We also discuss the future of social media, what defines a cyberwar, Ukraine’s leverage of social media to garner global support this year, and the great work Useful Fiction is delivering to organizations to address the age old problem of translating complex themes (such as cyber) into compelling business narratives audiences understand and can learn from. And definitely take a few minutes to learn more about Passing the Mic’s cybersecurity fellowship program this week. Read more here: https://www.newamerica.org/the-thread/passing-the-mic-introducing-new-americas-cybersecurity-fellowship/ Peter Warren Singer is Strategist at New America, a Professor of Practice at Arizona State University, and Founder & Managing Partner at Useful Fiction LLC. A New York Times Bestselling author, described in the Wall Street Journal as “the premier futurist in the national-security environment” and “all-around smart guy” in the Washington Post, he has been named by the Smithsonian as one of the nation’s 100 leading innovators, by Defense News as one of the 100 most influential people in defense issues, by Foreign Policy to their Top 100 Global Thinkers List, and as an official “Mad Scientist” for the U.S. Army’s Training and Doctrine Command. No author, living or dead, has more books on the professional US military reading lists. His non-fiction books include Corporate Warriors: The Rise of the Privatized Military Industry, Children at War, Wired for War: The Robotics Revolution and Conflict in the 21st Century; Cybersecurity and Cyberwar: What Everyone Needs to Know and most recently LikeWar, which explores how social media has changed war and politics. It was named an Amazon and Foreign Affairs book of the year and reviewed by Booklist as “LikeWar should be required reading for everyone living in a democracy and all who aspire to.” He is also the co-author of a new type of novel, using the format of a technothriller to communicate nonfiction research. Ghost Fleet: A Novel of the Next World War was both a top summer read and led to briefings everywhere from the White House to the Pentagon. His latest is Burn-In: A Novel of the Real Robotic Revolution. It has been described by the creator of Lost and Watchmen as “A visionary new form of storytelling—a rollercoaster ride of science fiction blended with science fact,” and by the head of Army Cyber Command as “I loved Burn-In so much that I’ve already read it twice.” For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e274
Joining the podcast this week is Tony Sager, Senior Vice President and Chief Evangelist for the Center of Internet Security and shares insights from his 45+ years on the security front lines, including 34 years at the NSA. Risk was a big theme of the discussion particularly looking at risk through a similar lens as we view other risky domains, such as the great work being done with the Cyber Safety Review Board. (And he shares color on the power of being okay with the risk of being wrong sometimes.) He also shares perspective on moving to incentive-based cyber models (such as what’s been done in Ohio and Connecticut), and the criticality of translating technology, attacks & attackers into public policy and market incentives. And it can’t be a great cyber discussion without addressing the growing sophistication of cyber criminals and their organizations – really becoming the defacto organized crime success path today. Tony Sager, Senior Vice President and Chief Evangelist for the Center for Internet Security Sager is a SVP and Chief Evangelist for CIS. He leads the development of the CIS Critical Security Controls™, a worldwide consensus project to find and support technical best practices in cybersecurity. Sager champions of use of CIS Controls and other solutions gleaned from previous cyber-attacks to improve global cyber defense. He also nurtures CIS’s independent worldwide community of volunteers, encouraging them to make their enterprise, and the connected world, a safer place. In November 2018, he added strategy development and outreach for CIS to his responsibilities. In addition to his duties for CIS, he is an active volunteer in numerous community service activities: the Board of Directors for the Cybercrime Support Network; and a member of the National Academy of Sciences Cyber Resilience Forum; Advisory Boards for several local schools and colleges; and service on numerous national-level study groups and advisory panels. Sager retired from the National Security Agency (NSA) after 34 years as an Information Assurance professional. He started his career there in the Communications Security (COMSEC) Intern Program, and worked as a mathematical cryptographer and a software vulnerability analyst. In 2001, Sager led the release of NSA security guidance to the public. He also expanded the NSA’s role in the development of open standards for security. Sager’s awards and commendations at NSA include the Presidential Rank Award at the Meritorious Level, twice, and the NSA Exceptional Civilian Service Award. The groups he led at NSA were also widely recognized for technical and mission excellence with awards from numerous industry sources, including the SANS Institute, SC Magazine, and Government Executive Magazine. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e273
Joining us this week is Jennifer Cook, Senior Director of Marketing at the National Cybersecurity Alliance and we discuss all the hot and trending online scams facing consumers today including the growing prevalence of romance scams ($1.3B in losses last year!), job seeker scams, tax fraud scams, sextortion, and the latest scam making the rounds – pig butchering scams. Jennifer shares insights on the many free resources available to consumers – and the awesome work being done by the National Cybersecurity Alliance working with partners and champions around the globe – that raise awareness of what to look for and how to avoid online and mobile scams that take advantage of our day-to-day engagement channels including email, social media and, increasingly, mobile text messages. Jennifer Cook, Senior Director of Marketing at the National Cybersecurity Alliance Jennifer Cook is the Senior Director of Marketing at the National Cybersecurity Alliance (NCA). Jennifer leads the development and coordination of NCA’s growing suite of campaigns and programs, including Cybersecurity Awareness Month and Data Privacy Week. She joined the National Cyber Security Alliance in 2017 and holds a degree in Marketing from Drexel University. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e272
This week we dive into the hot topic of cyber insurance with Dr. Josephine Wolff, Associate Professor of Cybersecurity Policy at Tufts University The Fletcher School and author of the book “You’ll See This Message When it is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches” (MIT Press 2018). We explore the dynamic industry of cyber insurance and key policy areas such as defining cyber war, the impact of the increase of ransomware the last two years (some stats put it at 150% increase!), and how to change security behaviors. She also shares insights on AI and the always looming theme of bias as well as the importance of always keeping a human in the loop. And, be sure to look out for her new book on cyber insurance with MIT Press coming out in August 2022. Josephine Wolff - Associate Professor of Cybersecurity Policy at Tufts University's The Fletcher School Josephine Wolff is an associate professor of cybersecurity policy and has been associated with The Fletcher School at Tufts University since 2019. Her research interests include international Internet governance, cyber-insurance, security responsibilities and liability of online intermediaries, government-funded programs for cybersecurity education and workforce development, and the legal, political, and economic consequences of cybersecurity incidents. Her book "You'll See This Message When It Is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches" was published by MIT Press in 2018. Her writing on cybersecurity has also appeared in Slate, The New York Times, The Washington Post, The Atlantic, and Wired. Prior to joining Fletcher, she was an assistant professor of public policy at the Rochester Institute of Technology and a fellow at the New America Cybersecurity Initiative and Harvard's Berkman Klein Center for Internet & Society. She received received a Ph.D. in Engineering Systems and M.S. in Technology and Policy from MIT, and an A.B. in mathematics from Princeton. As a student, she also spent time at Microsoft, the Center for Democracy and Technology, the White House Office of Science and Technology Policy, and the Department of Defense. https://www.linkedin.com/in/josephine-wolff-1baa414b/ For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e271
Want to know what this week’s episode title means? Listen to our two-part episode with Juan Andrés Guerrero Saade (aka JAGS), principal researcher at SentinelOne and Adjunct Professor of Strategic Studies at Johns Hopkins School of Advanced International Studies (SAIS). JAGS takes us on an exciting and educational ride through his research efforts on Moonlight Maze, one of the first widely known cyber espionage campaigns in world history, and how he came to be a featured hologram in the International Spy Museum in Washington, D.C. He also shares insights on the epic trolling endeavor through the recent “Meteor Express” wiper attack of an Iranian railway and possible ties to early versions of Stardust and Comet malware. And you won’t want to miss his perspective on monetization, Linux flying below the radar, why it’s important to get more savvy in determining what you want from vendors and how a philosophy major found his way into the threat intel space. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e270
Want to know what this week’s episode title means? Listen to our two-part episode with Juan Andrés Guerrero Saade (aka JAGS), principal researcher at SentinelOne and Adjunct Professor of Strategic Studies at Johns Hopkins School of Advanced International Studies (SAIS). JAGS takes us on an exciting and educational ride through his research efforts on Moonlight Maze, one of the first widely known cyber espionage campaigns in world history, and how he came to be a featured hologram in the International Spy Museum in Washington, D.C. He also shares insights on the epic trolling endeavor through the recent “Meteor Express” wiper attack of an Iranian railway and possible ties to early versions of Stardust and Comet malware. And you won’t want to miss his perspective on monetization, Linux flying below the radar, why it’s important to get more savvy in determining what you want from vendors and how a philosophy major found his way into the threat intel space. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e269
Buckle up for this week’s episode because it is quite a ride! Greg Crabb, founder of TenEight Cyber and former CISO for the United States Postal Service shares insights from his more than 25 years in law enforcement and bringing cyber criminals to justice. And hear perspective on CISO best practices for a 630k+ employee organization with 43k facilities and 160 million daily delivery points and how he took a 40 person cyber team to 600 in just a few years. Also learn how his team partnered with CISA to secure the 2020 U.S. election, how postal inspectors serve as first responders (hint: anthrax vs cornstarch), the importance of identifying and quantifying risk for your organization today and the DevSecOps opportunity ahead. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e268
This week Leonard Bailey, Head of Computer Crime and Intellectual Property Section’s (CCIPS) Cybersecurity Unit for the Department of Justice (DOJ), Criminal Division, joins us this week. We dive into the role of the DOJ in addressing the vast and ever-changing landscape of cybersecurity. Bailey shares insights on partnering with federal agencies as well as the private sector, navigating information sharing pathways, evolution of incident and cyber threat reporting procedures, and the recent release of the Harmonization of Cyber Incident Reporting to the Federal Government. He also helps debunk information sharing myths and spotlights available tools and benefits of cyber threat information disclosure. LEONARD BAILEY The Head of Computer Crime and Intellectual Property Section’s (CCIPS) Cybersecurity Unit and Special Counsel for National Security in the Department of Justice’s (DOJ) Criminal Division. He has prosecuted computer crime cases and routinely advised on cybersecurity, searching and seizing electronic evidence, and conducting electronic surveillance. He has managed DOJ cyber-policy as Senior Counselor to the Assistant Attorney General for the National Security Division and then as an Associate Deputy Attorney General. He has also served as Special Counsel and Special Investigative Counsel for DOJ’s Inspector General. Bailey is a graduate of Yale University and Yale Law School. He has taught law courses at Georgetown Law School and Columbus School of Law in Washington, DC. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e267
Stacy is a self starter with a passion for cyber security. Co-Founder of Connected Transport Business Unit at Irdeto. Evangelist and active speaker on cyber security for the connected transportation space. Strong and demonstrated Stacy Janes, Head of Security at Waymo technical history in cyber security areas such as PKI, authentication/authorization, end-point security and ethical hacking. Proven history of building teams to solve difficult industry problems. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e266
This week we welcome guest Combiz Abdolrahimi, a national security lawyer and Emerging Technology and Innovation Leader at Deloitte. We deep dive into today’s critical infrastructure vulnerabilities and navigating the path forward to address the threat with systems that weren’t originally designed with cybersecurity in mind. (Hint: don’t approach 21st century cyber challenges with 20th century thinking) And he shares perspective from his time in government at the U.S. Departments of State, Treasury, and Commerce, among others, as well as insights across today’s hot topic themes including ransomware, cryptocurrency regulations, international enforcement, and the criticality of information sharing and reporting requirements. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e265
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e264
We’re excited to welcome to the podcast David Travers, Director of the Water Infrastructure and Cyber Resilience Division at the U.S. Environmental Protection Agency (USEPA). During our discussion he addresses key themes including, why are water infrastructure systems targeted by ransomware; how cyberattacks on water systems impact the surrounding community; and the role of cyber hygiene in protecting water systems. He also shares what we like to call an “origin story” for the sometimes-winding career pathways that lead to awesome opportunities to make a positive impact on communities at large. Water impacts all of us and you won’t want to miss any of the many insights David shares with us! Dr. David Travers, director of the Environmental Protection Agency’s Water Security Division Director of EPA’s Water Security Division in the Office of Water, Dr. Travers manages a team of engineers and scientists in providing tools, training, and direct technical assistance to the 152,000 drinking water systems and 16,000 wastewater systems in the US. Each year, the Water Security Division trains over 5,000 water/wastewater utilities, state/tribal officials, and federal emergency responders to become more resilient to any natural or manmade incident—including cyberattacks, climate change, hurricanes, drought—that could endanger water and wastewater services. Prior to David’s current role, he directed the Drinking Water Infrastructure Survey which assessed the current and future capital investments needs of drinking water systems. David has a PhD in environmental engineering and a Master of Public Health from the University of Michigan, and a Bachelor’s in History from the University of Chicago For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e263
We’re excited to welcome to the podcast Lauren Zabierek, Senior Policy Advisor to the Cybersecurity and Infrastructure Security Agency (CISA). She deep dives into CISA’s Secure by Design principles and approaches for secure by design software launched in April 2023 - with version two published on October 17, 2023. Lauren shares insights on the path to creation of CISA’s Secure by Design principles and how this ‘living document’ will continue to evolve in the dynamic and ever-changing landscape that is cybersecurity. We also discuss the global collaboration and interest in co-sealing the Secure by Design guidance across a multitude of international cybersecurity agencies - and moving forward this ‘need we can all agree on’. And it wouldn’t be To The Point podcast episode without Lauren’s awesome origin story and career pathway to today, including co-founding the online social media movement #ShareTheMicInCyber. You don’t want to miss this episode! LAUREN ZABIEREK, SENIOR POLICY ADVISOR AND LEAD EXPERT IN SECURE-BY-DESIGN AT THE CYBERSECURITY AND INFRASTRUCTURE SECURITY AGENCY (CISA) In January 2023, Lauren Zabierek was named a Senior Policy Advisor to the Cybersecurity and Infrastructure Security Agency. Previously, she was the Executive Director of the Cyber Project at Harvard Kennedy School’s Belfer Center. She came to this role as a 2019 graduate of the Kennedy School's mid-career MPA program. Her work focused on strategic, national security issues in cyber and tech--ranging from international conflict, cooperation, and norms to domestic collaboration, diversity, privacy, and supply chain issues. She was also the first woman participant in the Elbe Group discussions on cybersecurity, having been a part of the cyber-focused dialogue in 2019 in Stockholm, Sweden and again in 2021 virtually. Lauren is the co-founder of the online social media movement called #ShareTheMicInCyber, which aims to dismantle racism in cybersecurity and privacy. #ShareTheMicInCyber started as an online conversation on Twitter and LinkedIn but has become so much more--it is breaking down barriers in the cyber industry through individual and collective action. Since its inception, the movement has garnered over 100 million Twitter impressions and featured participation by the nation's cyber leaders. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e262
This week we are joined by Kenneth Bible, the Chief Information Security Officer (CISO) for the DHS Office of the Chief Information Officer (OCIO). He breaks down the National Cybersecurity Strategy Implementation Plan (NCSIP) introduced in July and provides great insights on how the plan was developed, the five key pillars of the plan, actioning each of the five elements, and the role government agencies have to play in executing against the plan and its 65 initiatives. He also provides perspective on international collaboration and partnership in achieving shared goals with the U.S. and how this will help “all boats rise” in strengthening cybersecurity across regions. And he shares what Audra likes to call one’s “origin story” on the career path that led to cybersecurity. Lots of valuable insights this week you won’t want to miss! CHIEF INFORMATION SECURITY OFFICER (CISO) FOR THE DHS OFFICE OF THE CHIEF INFORMATION OFFICER (OCIO) Kenneth W. Bible serves as the Chief Information Security Officer (CISO) for the DHS Office of the Chief Information Officer (OCIO). In this role, he is responsible for all matters relating to information and securing and strengthening the Department’s information security program and information technology (IT) posture. Prior to his current role, Mr. Bible served under the Headquarters Marine Corps Deputy Commandant for Information (DCI) as the Assistant Director for the Information Command, Control, Communications, and Computers Division (IC4). In this capacity, he also served as the Marine Corps’ Deputy Chief Information Officer and CISO, formulating and providing broad policy guidance for IT, cybersecurity, and communications infrastructure and applications. Among his many accomplishments, he delivered ADVANA, the U.S. Department of Defense’s single authoritative source for audit and business data analytics, and led Risk Management Framework reform across the Marine Corps by guiding production of the first fully accredited secure software development (DevSecOps) pipelines. Previously, Mr. Bible served with the Space and Naval Warfare Systems Command (SPAWAR) for almost two decades, starting as a lead engineer integrating commercial Geospatial Information Systems technology, then heading the Networks Engineering Division of the SPAWAR Systems Center Atlantic. He later became the Assistant Program Executive Officer (Engineering) for PEO Enterprise Information Systems, serving as the PEO’s chief engineer as assigned by SPAWAR headquarters. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e261
DR. SIWEI LYU, SUNY EMPIRE INNOVATION PROFESSOR AT THE UNIVERSITY AT BUFFALO Dr. Siwei Lyu received his B.S. degree (Information Science) in 1997 and his M.S. degree (Computer Science) in 2000, both from Peking University, China. He received his Ph.D. degree in Computer Science from Dartmouth College in 2005. From 1998 to 2000, he worked at the Founder Research and Development Center (Beijing, China) as a Software Engineer. From 2000 to 2001, he worked at Microsoft Research Asia (then Microsoft Research China) as an Assistant Researcher. From 2005 to 2008, he was a Post-Doctoral Research Associate at the Howard Hughes Medical Institute and the Center for Neural Science of New York University. Starting in 2008, he is Assistant Professor at the Computer Science Department of University at Albany, State University of New York. Dr. Lyu is the recipient of the Alumni Thesis Award of Dartmouth College in 2005, IEEE Signal Processing Society Best Paper Award in 2010, and the NSF CAREER Award in 2010. He has authored one book, and held two U.S. and one E.U. patents. He has published more than 50 conference and journal papers in the research fields of natural image statistics, digital image forensics, machine learning and computer vision. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e260
This week we deep dive into privacy with Mozilla Foundation’s Privacy Not Included content creator Zoë MacDonald. She shares fascinating insights from the deep research the *Privacy Not Included team undertakes to assess just how private is your data when using popular apps, driving in your connected car, etc. It was quite eye opening just how little privacy there is for connected car owners – giving up all kinds of privacy in the name of modern convenience. In fact, Zoë breaks down how and why all of the 26 car brands researched earner the *Privacy Not Included label. (Hint: that’s not a great thing.) She also shares some insights how Privacy Not Included got started in 2017 and the awesome buying guides they’ve been putting out to help everyone learn more about protecting their privacy with the products and services they use every day. Check out http://privacynotincluded.org to learn more! ZOE MACDONALD, CONTENT CREATOR, PRIVACY NOT INCLUDED AT MOZILLA Zoë is a writer and digital strategist based in Toronto, Canada. Before her passion for digital rights led her to Mozilla and *Privacy Not Included, she wrote about cybersecurity and e-commerce. When she’s not being a privacy nerd at work, she’s side-eyeing smart devices at home. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e259
We’re excited to welcome back to the podcast global security expert, speaker and author Mikko Hypponen who currently serves as Chief Research Officer at WithSecure. We dive into his book “If It’s Smart, It’s Vulnerable” and how cybersecurity has evolved and changed in the last year since it was published. He also shines a light on the ever-present topic of AI – the opportunity, risks, emerging regulations, deepfakes, geopolitical attack capabilities and so much more! And we talk about his road to cyber (more than 30 years!) and the spark of an article from 1983 on AI. Another great episode from Mikko you won’t want to miss! MIKKO HYPPONEN, CHIEF RESEARCH OFFICER, WITHSECURE Mikko Hypponen is a global security expert, speaker and author. He works as the Chief Research Officer at WithSecure and as the Principal Research Advisor at F-Secure. Mr. Hypponen has written on his research for the New York Times, Wired and Scientific American and he appears frequently on international TV. He has lectured at the universities of Stanford, Oxford and Cambridge. He was selected among the 50 most important people on the web by the PC World magazine and was included in the FP Global 100 Thinkers list. Mr. Hypponen sits in the advisory boards of t2 and Safeguard Cyber. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e258
Andrew Borene, Executive Director at Flashpoint joins the podcast this week. He brings a wealth of insights on today’s state of international security affairs gleaned from his many years in the U.S. Intelligence community, and leading private sector intelligence teams. We cover hot topics including collaboration on international cybersecurity policies, NATO’s cyber defense capabilities and challenges in achieving unified, alliance-wide cybersecurity policies. We also double click into today’s much discussed topic of Open-source intelligence (OSINT) and its growing popularity (such as Ukraine conflict), benefits and potential risks it poses. He also shares the journey of his professional path to security and it is quite exciting and inspiring! You don’t want to miss this episode! ANDREW BORENE, EXECUTIVE DIRECTOR FOR GLOBAL BUSINESS DEVELOPMENT AT FLASHPOINT NATIONAL SECURITY SOLUTIONS Andrew Borene is an Executive Director with Flashpoint, a worldwide provider of specialized intelligence and data to allied governments, businesses, and critical infrastructure industries to help them take decisive action and reduce risk. A seasoned advanced technology executive who led private sector intelligence teams at IBM, Symantec, and LexisNexis — Andrew is also a former senior official in the U.S. Intelligence Community where he led strategic operational planning for foreign counterterrorism on behalf of The White House National Security Council in addition to roles leading privacy policy and academic research efforts in areas from open-source intelligence to transnational crime. Borene is an attorney with deep national security law expertise, a Certified Information Systems Security Professional, and a US Marine Corps veteran. Andrew’s previous work has been recognized for service with both the FBI Director’s Award and the ODNI Exceptional Achievement Award. He is a Life Member of the Council of Foreign Relations. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e257
This week Keith Krueger, CEO of the Consortium for School Networking (CoSN), joins the podcast. He shares insights on the digital inequities that exist across schools and students and the challenges they create at a time when connectivity should be a basic right for all. We also dive into the digital inequity impact on cybersecurity for school districts today – and the free resources and tools such as the CoSN developed digital equity dashboard that identifies equity gaps across school districts’ networks to help illuminate actional paths to address. Keith also updates on the Biden Administration’s new efforts to improve schools’ cybersecurity posture and prevent future cyberattacks. Keith R. Krueger is CEO of the Consortium for School Networking (CoSN), a nonprofit organization that serves as the voice of K-12 school system technology leaders in North America. CoSN’s mission is empowering educational leaders to leverage technology to realize engaging learning environments. He was selected by Ed Tech for its 2019 30 K-12 IT influencers. In 2016 Technology & Learning selected him as one of the “big 10” most influential people in edtech, and the Center for Digital Education identified him as a Top 30 Technologist/Transformer/Trailblazer. In 2008 he was selected by eSchool News as one of ten people who have had a profound impact on educational technology over the last decade. In 2016 he received a Special Recognition award from the Council of Great City Schools. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e256
We are excited to welcome back to the podcast Rich Itri, Chief Innovation Officer at ECI. He joined us last year during the commentary period of the new SEC cyber rules to break down what’s being proposed and potential implications for businesses. And in this podcast the conversation comes full circle as the new SEC cyber rules are coming online and act as official recognition that the ever-present danger of cybersecurity threats can impact investor decision making. We talk through some of the key aspects of the new rules that have been making headlines including the “material” disclosure guideline and timeline, grey areas and the proposed AI rule. Great insights here from Rich for every business looking to navigate the new SEC cyber rules. RICH ITRI, CHIEF INNOVATION OFFICER, ECI Rich Itri is Chief Innovation Officer at ECI. Rich has over 22 years of IT executive experience, spending his entire career managing IT within the financial services industry. Prior to joining ECI, Rich was Managing Director and Chief Technology Officer for PJT Partners, a boutique investment bank, Principal and Chief Information Officer for Sky Road and held Chief Information Officer positions at Arrowhawk Capital Partners and Arbalet Capital Partners. Over the years, Rich has developed and managed innovative, business aligned platforms, that drive revenue and operational efficiencies. Rich holds positions on several Advisory Boards and volunteers his time to help non-profits leverage technology. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e255
Dr. Samantha Ravich, Chairman for the Center on Cyber and Technology Innovation at Foundation for Defense of Democracies joins the podcast this week. She shares insights from her many years on the geopolitical and economic front lines of cyber, and work with many renowned government leaders, on developing a plan of action to address today’s cyber threat landscape and looming threat against critical infrastructure and essential services. She also provides perspective on building resiliency, what we can learn from natural disasters relative to cyber attacks, as well as the opportunity and impact of states creating and driving their own continuity of the economy plans. Dr. Samantha Ravich, Chairman, Center on Cyber and Technology Innovation, Foundation for Defense of Democracies ---- Dr. Samantha Ravich is the chairman of FDD’s Center on Cyber and Technology Innovation and its Transformative Cyber Innovation Lab and the principal investigator on FDD’s Cyber-Enabled Economic Warfare project. She is also a senior advisor at FDD, serving on the advisory boards of FDD’s Center on Economic and Financial Power (CEFP) and Center on Military and Political Power (CMPP). Samantha serves as a commissioner on the congressionally mandated Cyberspace Solarium Commission and as a member of the U.S. Secret Service’s Cyber Investigation Advisory Board. Samantha served as deputy national security advisor for Vice President Cheney, focusing on Asian and Middle East Affairs as well as on counter-terrorism and counter-proliferation. Following her time at the White House, Samantha was the Republican co-chair of the congressionally mandated National Commission for Review of Research and Development Programs in the United States Intelligence Community. Most recently, she served as vice chair of the President’s Intelligence Advisory Board (PIAB) and co-chair of the Artificial Intelligence Working Group of the Secretary of Energy Advisory Board. She is advisor on cyber and geo-political threats and trends to numerous technology, manufacturing, and services companies; a managing partner of A2P, a social data analytics firm; and on the board of directors for International Game Technology (NYSE:IGT). Her book, Marketization and Democracy: East Asian Experiences (Cambridge University Press) is used as a basic textbook in international economics, political science, and Asian studies college courses. Samantha is a member of the Council on Foreign Relations and advises the U.S. Intelligence Community and the Department of Defense. She is a frequent keynote speaker on: What Corporate Boards need to know about Cyber Security and Warfare; The Longer-Term Trends in International Security; and the Future of Intelligence Collection and Analysis. Samantha received her PhD in Policy Analysis from the RAND Graduate School and her MCP/BSE from the Wharton School at the University of Pennsylvania. --- https://www.linkedin.com/in/samantha-ravich-7b5aa08b/ For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e254
Kicking off the 20th Annual Cybersecurity Awareness Month, we welcome back to the podcast Eric Goldstein, Executive Assistant Director for Cybersecurity for the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA). He shares insights on the exciting new cybersecurity public awareness campaign just launched, “Secure Our World”. It features simple ways to protect yourself, your family, and your business from online threats. Eric also shares some key takeaways from the recent headline making MOVEit attack impacting 60M+ individuals and sparking a new $10M bounty from the US State Department for the Clop ransomware group. And we dive into CISA’s Strategic Plan which focuses on how we will collectively reduce risk and build resilience to cyber and physical threats to the nation’s infrastructure. This is an awesome episode you won’t want to miss! https://www.cisa.gov/secure-our-world ERIC GOLDSTEIN, EXECUTIVE ASSISTANT DIRECTOR FOR CYBERSECURITY, CISA Eric Goldstein serves as the Executive Assistant Director for Cybersecurity for the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) as of February 19, 2021. In this role, Goldstein leads CISA’s mission to protect and strengthen federal civilian agencies and the nation’s critical infrastructure against cyber threats. Previously, Goldstein was the Head of Cybersecurity Policy, Strategy, and Regulation at Goldman Sachs, where he led a global team to improve and mature the firm’s cybersecurity risk management program. He served at CISA’s precursor agency, the National Protection and Programs Directorate,from 2013 to 2017 in various roles including Policy Advisor for Federal Network Resilience, Branch Chief for Cybersecurity Partnerships and Engagement, Senior Advisor to the Assistant Secretary for Cybersecurity, and Senior Counselor to the Under Secretary. At other points in his career, Goldstein practiced cybersecurity law at an international law firm, led cybersecurity research and analysis projects at a federally-funded research and development center, and served as a Fellow in Advanced Cyber Studies at the Center for Strategic and International Studies, among other roles. He is a graduate of the University of Illinois at Urbana-Champaign, the Georgetown University School of Public Policy, and Georgetown University Law Center. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e253
This week, Audra is joined by Megan Stifel, chief strategy officer for the Institute for Security and Technology, to discuss how ransomware has evolved from a business nuisance to now a threat to national security. Megan also shares how the United States' overall response to ransomware has the potential to impact the types of attacks faced by its organizations and touches on the need for greater transparency when it comes to international cyber information sharing. Megan Stifel is the Chief Strategy Officer for the Institute for Security and Technology. She is the founder of Silicon Harbor Consultants, which provides strategic cybersecurity operations and policy counsel. Prior to founding Silicon Harbor Consultants, she was an attorney in the National Security Division at the U.S. Department of Justice (DOJ). She most recently served as Global Policy Officer and Capacity and Resilience Program Director at the Global Cyber Alliance. She was previously the Cybersecurity Program Director at Public Knowledge. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e252
Joining us this week is Dr. David Bader, a Distinguished Professor and founder of the Department of Data Science in the Ying Wu College of Computing and Director of the Institute for Data Science at New Jersey Institute of Technology. He deep dives into the opportunity to democratize data science tools and the awesome free tool he and Mike Merrill spent the last several years building that can be found on the Bears-R-Us GitHub page open to the public. We also discuss the vulnerabilities in open-source supply chain, what about AI security teams should be concerned about, data poisoning, AI that is fair and equitable and the discussion on regulation and self-regulation in AI. Key takeaway from the conversation -- data science is indeed growing and it holds an exciting future for those that pursue it! David A. Bader is a Distinguished Professor and founder of the Department of Data Science in the Ying Wu College of Computing and Director of the Institute for Data Science at New Jersey Institute of Technology. Prior to this, he served as founding Professor and Chair of the School of Computational Science and Engineering, College of Computing, at Georgia Institute of Technology. He is a Fellow of the IEEE, ACM, AAAS, and SIAM; a recipient of the IEEE Sidney Fernbach Award; and the 2022 Innovation Hall of Fame inductee of the University of Maryland’s A. James School of Engineering. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e251
This week we’re joined by Julia Fallon, Executive Director of the State Educational Technology Directors Association (SETDA) and she shines a light on the appeal of school systems to cyber attackers. (HINT: it is access to PII to open credit cards, mortgages and more in the name of children that often is only detected many years later.) We also discuss the connection between schools and insurance companies, trends in how school systems are fortifying their security measures, the evolution of infosec to become a front office issue, and what schools can do to integrate cybersecurity into curriculums to both bolster security and lay a pathway for future cyber professionals. Julia Fallon is the Executive Director of the State Educational Technology Directors Association (SETDA), where she works with U.S. state and territorial digital learning leaders to empower the education community to leverage technology for learning, teaching, and school operations. Involved with learning technologies since 1989, her professional interest lies in making the case for public school systems wherein educators are able to optimize technology-rich learning environments to equitably engage the learners who fill their classrooms. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e250
Bill Evanina, Founder and CEO of the Evanina Group and former Director of the National Counterintelligence and Security Center Office of the Director of National Intelligence, joins the podcast this week to take a deep dive view into insider threat as September is Insider Threat Awareness Month. He shares insights from his many years on the counterintelligence and security front lines on what defines insider threat (Note: harm to self or others), the opportunities and challenges in available tools, information sharing and detection across organizations, the importance of leadership training and cross functional partnership to help mitigate insider threats and the criticality of sharing success stories (these really make a difference!). Founder and CEO of the Evanina Group advising CEOs and Board of Directors on strategic corporate risk, strategy, insider threats, cyber security, geopolitical risk, intelligence centers, etc. Instructor, University of Chicago, Graham School. Former Director of the National Counterintelligence and Security Center Office of the Director of National Intelligence responsible for leading and supporting the counterintelligence and security activities of the US Intelligence Community, the U.S. Government, and U.S. private sector entities at risk from intelligence collection or attack by foreign adversaries. Served as Chair of the NATO Counterintelligence Panel and the National Counterintelligence Policy Board, and the Allied Security and Counterintelligence Forum comprised of senior counterintelligence and security leaders from Australia, Canada, New Zealand, and the UK. Previously served as the Chief of the Central Intelligence Agency’s Counterespionage Group, as Assistant Special Agent in Charge of the FBI’s Washington Field Office and spent 24 years as a Special Agent with the Federal Bureau of Investigation (FBI). For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e249
We pick back up with Joshua Corman, founder of grass roots organization I Am the Cavalry, for part two of our discussion. Josh shares insights from his many years on the healthcare cyber front lines and provides both a captivating and sobering perspective on the state of healthcare security today. And while there have been many strides forward, we still have a long way to go. Audra and I learned so much during our discussion including themes such as cyber asbestos, the emerging care desert, dependency on undependable things, recalibrating the cost of connected medicine, if you can’t protect it/can’t connect it, the Omnibus Appropriations Act, and actionable insights on what we can do right now, as individuals and collectively, to make a difference. Joshua Corman is the founder of I Am the Cavalry, a grassroots organization focused on the intersection of digital security, public safety, and human life. He was formerly chief strategist of CISA’s COVID Task Force, where he advised on the pandemic response, provided cybersecurity expertise on healthcare infrastructure, and supported control systems and life safety initiatives. Prior to CISA, Josh was SVP and chief security officer at PTC, where he accelerated cyber safety maturity across industries. Previously, he served as director of the Atlantic Council’s Cyber Statecraft Initiative, on the Congressional Task Force for Healthcare Industry Cybersecurity, and in leadership roles at Sonatype, Akamai, IBM, and the 451 Group. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e248
