Send us a Text Message.TL;DR: Friend of the pod, Karim Hijazi of Vigilocity, joins Rafal this week to talk about the state of ransomware, its "families", proliferation and motivations. It's a dark picture that's getting darker as it all evolves

DtSR Episode 607 - Outsourcing Your Security Part 2

12 days ago 31m 56s

Send us a Text Message.TL;DR:This week is part 2 of the 2-part series on "Outsourcing your security" with Paul Farley. Paul's expertise in this space means you should be taking notes! On this second part, we dive into how you can pick an effect

DtSR Episode 606 - An Unsurprisingly Awful GAO Report

19 days ago 33m 33s

Send us a Text Message.TL;DR: James and I spent a few minutes dissecting the high-level of a GAO report (Government Accountability Office) ...perhaps ironically named... that is awful in so, so many ways it's ridiculous. Listen in, comment with

DtSR Episode 605 - Outsourcing Your Security Part 1

25 days ago 33m 42s

Send us a Text Message.TL;DR: This week Paul Farley, Deputy CISO of NCR Voyix joins myself, James, and Jim TIller to discuss outsourcing security in a modern company. We talk through a bit of history, some requirements for a good MSP, and the

DtSR Episode 604 - Justin Foster Deeper Dive on Access Control Part 2

Jun 4th, 2024 33m 53s

Send us a Text Message.TL;DR: Justin Foster is back (and James is out) with guest co-host Jim Tiller as we talk through network-based access control from the "old days" through today's modern approaches. What worked, what didn't, what we tried,

DtSR Episode 603 - Justin Foster Access Control Now More Than Ever

May 28th, 2024 33m 59s

Send us a Text Message.TL;DR: This week's episode is part 1 of ... (I'm not sure) in a series of conversations about that old, boring, yet remarkably relevant topic of "Access Control". We pull in Justin Foster and guest co-host Jim Tiller to t

DtSR Episode 602 - Mark Simos 3 Conferences at RSAC

May 21st, 2024 30m 12s

Send us a Text Message.TL;DR: Sitting atop the Moscone Center North, I met up with Mark Simos and we talked through his impressions and our overall analysis of RSA Conference 2024. Some interesting observations, particularly about the "3 confer

DtSR Episode 601 - The RSA Conference 2024 Debrief

May 14th, 2024 52m 48s

Send us a Text Message.TL;DR: This episode is a recap (my recap) of RSA Conference 2024. I wrote up a brief post on LinkedIn on my way out of town (linked here: https://www.linkedin.com/feed/update/urn:li:activity:7194698322790547456/ ), and no

DtSR Episode 600 - The LiveStream for Number 600

May 7th, 2024 2h 1m

Send us a Text Message.TL;DR: -> 2hr party-line episodeThis feels surreal, as I write this, that DtSR is pushing episode 600 out to your ears right now. I couldn't possibly have imagined when I started 14 years ago, that this would be real. Thi

DtSR Episode 599 - How the Hell Did We Get Here?

Apr 30th, 2024 41m 46s

Send us a Text Message.Tl;DR: On the last episode before the big 600th extravaganza, James and I have a conversation about the types of conversations we've had on this show so far, reminisce about some of the favorite guests, and rehash some of

DtSR Episode 598 - Adam Meyers What the Bad Guys Are Up To

Apr 23rd, 2024 42m 18s

Send us a Text Message.Tl;DR: This week on episode 598 as we are 1 episode away from the Big 600, Adam Meyers joins the podcast to provide an update on the interesting things happening in the world of ransomware, threat actors, and general cybe

DtSR Episode 597 - Shawn Tuma Legal Climate Update

Apr 16th, 2024 40m 32s

Send us a Text Message.TL;DR: On this episode of the DtSR Podcast, Shawn Tuma joins James & I to talk over what's changed, what's new, and what's not going well at the intersection of cyber and legal. Spoiler Alert: Nothing's that much better,

DtSREpisode 596 - David Monnier Hunting Cyber Villains

Apr 9th, 2024 53m 3s

Send us a Text Message.TL;DR: On this installment of the podcast, David Monnier joins Rafal & special guest Jim TIller to talk about hunting bad actors in cyberspace. What it's like chasing down villains, challenges, and related discussion. Dav

DtSR Episode 595 - Phil Beyer No Way To Win as a CISO

Apr 2nd, 2024 38m 31s

Send us a Text Message.TL;DR: This week on the podcast, the conversation with Phil Beyer goes all over the map. We start with the interesting (but short) story of how Phil got into cyber, to vCISO vs CISO, and how we really feel about the CISOs

DtSR Episode 594 - Cyber's Relationship to Emotional Intelligence

Mar 26th, 2024 45m 58s

Send us a Text Message.TL;DR: On today's episode of the podcast, Jessica Hoffman joins James and I to talk about Emotional Intelligence. What is it? Why is it desperately important to cybersecurity professionals in leadership role? All these q

DtSR Episode 593 - The Big IAM Challenges

Mar 19th, 2024 44m 34s

Send us a Text Message.TL;DR: This week Episode 593 features Jeff Reich of the Identity Defined Security Alliance as we talk about some of the big-picture challenges of identity, interoperability, and security of identity and identity security

DtSR Episode 592 - Holding Business Ransom, a CEO & CISO Perspective

Mar 12th, 2024 1h 1m

Send us a Text Message.TL;DR: On this episode, James and I welcome CEO Patrick Dennis, CISOs Jack Korzeniowski and Sam Masiello, former CISO and vCISO, and industry veteran Jim Tiller onto a panel to discuss ransomware. Ransomware is catastrop

DtSR Episode 591 - Its a Weird Time in Our Industry

Mar 5th, 2024 56m 21s

Send us a Text Message.TL;DR: *Warning: This episode is ranty, and potentially offensive to overly sensitive types*. That said, in this episode Jim Tiller and I sit down, drink in hand, and have a good old rant about the state of the industry r

DtSR Episode 590 - Can Procurement Save the CISO

Feb 27th, 2024 50m 37s

Send us a Text Message.TL;DR: On this week's episode, James Beeson once again joins Rafal & James, with guest-host Tom Venables to talk about procurement's involvement in the security of an enterprise. What does procurement have to do with secu

DtSR Episode 589 - The More Things Change w Joe Dibiase

Feb 20th, 2024 48m 33s

Send us a Text Message.TL;DR: This week's episode features one of the all-time greats. Joe Dibiase was the first CISO I worked under when I joined GE Power Systems back in the early 2000s and he's had a rather amazing career spanning many diff

DtSR Episode 588 - This is How We Get to Software Liability

Feb 13th, 2024 44m 14s

Send us a Text Message.TL;DR:This week's episode has the one and only Jeremiah Grossman on the show to talk about liability in software, some of the fundamental problems with cyber security, the market forces that move (or could move) things in

DtSR Episode 587 - A Framework for Defensible Security Programs w Bo Birdwell 3-3

Feb 8th, 2024 33m 24s

Send us a Text Message.Tl;DR:Part 3 of 3: This episode is the big reveal with details and a how-to, in a 3-part series presented by Bo Birdwell, on how to build a defensible security program using compliance to drive greater security improvemen

DtSR Episode 587 - A Framework for Defensible Security Programs w Bo Birdwell 2-3

Feb 7th, 2024 43m 43s

Send us a Text Message.Tl;DR:Part 2 of 3: This episode is the set-up, the problem statement, and overview of Bo's approach, in a 3-part series presented by Bo Birdwell, on how to build a defensible security program using compliance to drive gre

DtSR Episode 587 - A Framework for Defensible Security Programs w Bo Birdwell 1-3

Feb 6th, 2024 31m 47s

Send us a Text Message.Tl;DR:Part 1 of 3: This episode is the introduction of a 3-part series presented by Bo Birdwell, on how to build a defensible security program using compliance to drive greater security improvement. The accompanying video

DtSR Episode 586 - Trending Security Services w Joel Scambray

Jan 30th, 2024 40m 20s

Send us a Text Message.TL;DR: This week Joel Scambray joins James and I to talk about the trends and observations from the world of professional services. Joel is a long-time leader in the professional services delivery space in cybersecurity,