Why is it so difficult for security people to speak to developers? And the other way around…

For this episode, Robby has invited a veteran to the software security game, Nick Murison, Security Practice Lead at Miles. Nick started off as a penetration tester, and has been passionate about software security and training developers to think about security upfront for close to two decades.

They speak about software security within the development lifecycle, and bridging the gap between developers and security people. Nick also explains how he believes more organizations can get security into their development, and dives into the question “is DevOps really increasing or decreasing your security risks?"

Forensic Readiness | OT miniseries

We’re continuing our Operational Technology (OT) miniseries where we look into the security challenges in the OT space. 

This time around, Robby’s invited a fellow security podcaster and former head of forensics at Volvo, Rikard Bodforss.

Rikard has been working with security in the Industrial Control Systems (ICS) and OT space for a long time, both from the private sector and as IT and Security Manager in the City of Gothenburg’s water and waste department. In his conversation with Robby he shares from his experience in the field, and explains what exactly forensic readiness is, and why it’s important. He also shares what he believes are some generic truths and recommendations for organizations that operate in ICS and OT environments.

Stay tuned for more episodes in our OT miniseries coming soon.

Technical level: 2/5

Host: Robby Peralta

Producer: Paul Jæger

https://mnemonic.no/podcast 

How do we go from data to information, and from information to intelligence in the cyber world?

Who better to try to explain this than the former Director of the national communications and security agency in the Netherlands, Job Kuijpers, and his colleague and trusted advisor for Threat Intelligence, Piet Kerkhofs. After more than 15 years in the Dutch government's cyber program the two of them founded the cyber security company EYE, and in their conversation with Robby they share from their vast and hands-on experience working with threat intelligence.

In this episode, you’ll hear about the most common misconceptions about threat intelligence that they’ve come across, and how much and what should be automated in threat intelligence – and what shouldn’t.

They also discuss what’s required by an organisation buying/receiving threat intelligence, and how to evaluate if your organisation actually needs threat intelligence tools for its security work.

Technical level: 2/5

Host: Robby Peralta

This time, Robby has invited his most recent online friendship and the uncrowned king of open source, Simon Simonsen, to the podcast. Simon also happens to have a lot of experience developing and utilising security architecture defense strategies, or as he calls it; utilising your home court advantage.

Simon has over a decade of experience in security and is working as a Senior Information Security Officer at the Danish energy trading house Danske Commodities (DC).

In his discussion with Robby, he explains his mostly open source approach to protecting his home court by using OODA Loops (Observe, Orient, Decide and Act) and by knowing that as long as you know your network better than any adversary, you should come out winning. He also shares his approach to making sure you do know your network better, as well as his journey with OODA Loops.

Hunting ELK: https://github.com/Cyb3rWard0g/HELK 

The Open Source Security Events Metadata (OSSEM): https://github.com/OTRF/OSSEM

Security Onion: https://securityonion.net/

Sentinel ATT&CK: https://github.com/BlueTeamLabs/sentinel-attack

Technical level: 4/5

Host: Robby Peralta

How can we prove cybersecurity effectiveness?

With USD 124 billion being spent worldwide on IT security last year alone, it's no wonder this is a question many would like the answer to. However, finding a quantitative metric to evaluate security investments, outside of positive effects like diminishing risks and reducing the amount of bad things happening, is not straight forward.
 
To help us navigate this question, Robby is joined by someone with a lot of experience making security investments effective. Brian Contos has a long list of merits after his more than two decades of experience working in the cybersecurity field. He has also written several security books and is an award-winning podcaster. Brian is now CISO & VP Technology Innovation in Mandiant Security Validation, also known as Verodin, a business platform for measuring and managing cybersecurity effectiveness.

Technical level: 1/5

Host: Robby Peralta
Producer: Paul Jæger

https://mnemonic.no/podcast

For this Norwegian episode of the mnemonic security podcast, Robby and co-host for the day Manager of Governance, Risk & Compliance at mnemonic, Gjermund Vidhammer, are joined by two major actors in the Norwegian cyber landscape: Robin Bakke, Specialist Director for Cyber Security at the Ministry of Justice & Public Security, and Bente Hoff, Director National Cyber Security Center (NCSC) at the Norwegian National Security Authority (NSM). 

They discuss the importance, and the many different arenas, of private-public cooperation both in Norway and internationally, and share the Ministry and NSM’s thoughts on what’s important for digital security these days – and where they see most risk.

Related reading:
Nasjonal strategi for digital sikkerhet: https://www.regjeringen.no/no/dokumenter/nasjonal-strategi-for-digital-sikkerhet/id2627177/
Nasjonal Sikkerhetsmåned: https://norsis.no/nsm/

Technical level: 1/5

https://mnemonic.no/podcast 

How can we best apply data science techniques to gain security visibility? 

What data you collect obviously affects your detection capabilities, but as many have painfully experienced; there can be too much of a good thing!

In this episode, Robby is joined by Jeff Barto. He is the Chief Security Officer at a large hedge fund in the US, has worked in security for over 20 years and has a lot of experience asking himself the question “how much data is enough?”. Jeff takes us through what types of data is he collecting and why, and how to collect data smartly to get the detection capabilities you need. 

Robby and Jeff also discuss their take on the future of data science and security visibility, and whether now is the time to ditch people and leave security for the machines? 

Technical level: 3/5

https://mnemonic.no/podcast