An Interview with Robert Graham
I interviewed Robert Graham on the S4x19 Main Stage. Robert has an illustrious career in cyber security products including the creator of BlackIce and the first network IPS. We brought him to the S4 Stage for his contrarian views....Is The Purdue Model Dead?
This episode of the Unsolicited Response Podcast features a discussion on the S4x19 Main Stage with Brad Hegrat, Joel Langill and Dale Peterson. The question: Is the Purdue Model Dead? http://traffic.libsyn.com/unsolicitedresponse/2019-2-Final-2-Purdue.mp3 The...
4 Takeaways from 2018 … And Kicking Off 2019 With My S4x19 Mini Keynote
The first Unsolicited Response episode of 2019 is a shorter solo-sode. It begins with my four major takeaways from 2018: http://traffic.libsyn.com/unsolicitedresponse/Episode_19-1.mp3 Finally figuring out the OT / IT issue Consequence based risk reduction Detection...Podcast: Neighborhood Keeper for SMB Asset Owners
In this Unsolicited Response episode I interview Rob Lee of Dragos and Rob Smith of INL on a Department of Energy funded program called Neighborhood Keeper. The program attempts to provide threat detection and intelligence in an easy and affordable way to small and...Flawed ICS Mantras
I’m trying something a bit different in this short 22 minute episode. I rant about two flawed ICS mantras that are gaining traction and detract from useful discussions, and there is an overview of the S4x19 agenda and OnRamp training....Unsolicited Response Podcast: Ralph Langner Interview on ICS Product Market
In this episode I speak with Ralph Langner of Langner Communications about the ICS Product Security Market. Ralph is famous for his work on Stuxnet, and he has done a lot of great work before and after Stuxnet. For the last two years he has set aside his decades of...Blake Sobczak of E&E News on Electric Sector Cybersecurity
Blake Sobczak, a reporter for Energy & Environment News, has been on fire lately with his coverage of electric sector cybersecurity. It seems like I’m consistently retweeting his stories and putting them into my Friday News & Notes email (are you...Podcast: CCE with Andy Bochman of INL
Andy Bochman with INL joins me to discuss their Consequence-Driven, Cyber-Informed Engineering methodology (CCE). It is appealing because it places emphasis on the often neglected consequence part of the risk equation....
Michael Assante on the Podcast
Michael Assante is my guest for this episode. He has a storied career and recently won the RSA Conference Award for Excellence in Information Security. Mike was the VP/CSO of NERC, active at INL in the Aurora demonstration, led the development and implementation of the SANS ICS Security Training program, and even began working as CSO for an electric utility. We talk about driving change, what regulation would work, the lessons learned and failures of Aurora and much more.