Hacker Valley Studio

Follow Ron Eddings on Twitter

Black Hills Information Security

Supported by Axonius

Hacker Valley Blue S2 Episode 7 - Kevin Allison

18 maj 2021 | 42 min

Hacker Valley Blue S2 Episode 6 - John Strand

18 maj 2021 | 29 min

If want to get into computer security, you're going to learn to love it, you're going to have to be successful, because a lot of computer security isn't just about bits and bytes, it's really about effectively communicating what needs to be done to the right people.

In this episode wet have the incredible John Strand. Organizations need to become more proactive, and see where those weak spots are to protect themselves from something like ransomware. You need to run a pen test because you can have somebody literally launch those attacks, and identify those weaknesses in those vulnerabilities before the bad people do.

What's the gap that we can all learn from? It's passwords. By and large for most users, passphrases are the way to go. And, multi-factor authentication is actually a very sound strategy.

If you look at one key tenant of computer security, complexity is the enemy of computer security. And security is constantly trying to catch up and protect against yesterday's attacks. So, the future is more connected, it's more complicated. And the problem is, we still have people that use weak passwords, we still have people that click on links from strangers. And ultimately, when we're looking at that future, you're going to see the exact same problems that we've always had complicated on a much, much, much, much, much larger scale. As things get more and more pushed to the cloud. There'll be no shelter here, the front line is everywhere. World of computer security.

Key Takeaways:

0:00 Previously on the show
2:02 John introduction
2:44 Episode begins
2:47 What John is doing today
3:45 John’s core tenets
5:51 How pen testing is “Blue”
6:17 Why understanding fundamentals matters
8:55 Ransomware
10:41 Organizations need to be prepared
11:58 Password gap
13:37 Password philosophy
17:07 Multi-factor authentication
21:40 What to do today
24:24 New problems
26:44 Learn your own network
28:26 Where to find John

John Strand on Twitter

John Strand on LinkedIn

Follow Ron Eddings on Twitter

Aaron Rinehart on Twitter

Hacker Valley Blue S2 Episode 5 - Jamie Dicken and Aaron Rinehart

18 maj 2021 | 45 min

In this episode, we brought in two exceptional guests that are no stranger to chaos. In fact, they've identified ways to engineer for chaos. In the studio, we have Aaron Rinehart, CTO, and founder at Verica. We also have Jamie Dicken, former manager of applied security at Cardinal Health and current director at Resilience. These two are also authors of Security Chaos Engineering. If you haven't read that book it's already out, you should check it out.

Chaos engineering is the technique of introducing turbulent conditions into a distributed system to try to determine the conditions that cause it to fail before it actually fails. So they simplify it. What we do with chaos engineering is learn about the system without experiencing the pain of an outage or an incident. You learn to trust your gear by testing.

The biggest impact really came once we understood how security chaos engineering fits into the bigger security picture. It's not about just being a part of the latest and greatest techniques and having the excitement of doing something that's cutting edge, but security chaos engineering at the end of the day. It's useless unless what you've learned drives change.

Key Takeaways:

0:00 Previously on the show

1:40 Aaron Rinehart and Jamie Dixon introduction

2:08 Episode begins

2:59 What Jamie and Aaron are doing today

3:13 What Jamie is doing

4:13 What Aaron is doing

5:00 Discuss chaos engineering

9:26 Importance of chaos engineering

10:16 Myths of chaos engineering

12:55 Chaos engineering customer impacts

17:34 Learning to trust the test and end result

19:03 Reader and customer feedback

22:21 Chaos engineering gone wrong

27:39 Implementing change in cybersecurity

28:11 Building a team of experts

39:08 Getting involved in chaos engineering

41:09 Tools for listeners

43:25 Keeping up with Aaron and Jamie

[email protected]

Jamie Dicken on Twitter

Verica on LinkedIn

Verica Free Book

Follow Ron Eddings on Twitter

Vote for Hacker Valley Studio to win a Webby!

Hacker Valley Blue S2 Episode 4 - Lenny Zeltser

18 maj 2021 | 35 min

Hacker Valley Blue S2 Episode 3 - Chani Simms

18 maj 2021 | 30 min

Hacker Valley Blue S2 Episode 2 - Marcus Carey

18 maj 2021 | 36 min

Hacker Valley Blue S2 Episode 1

18 maj 2021 | 34 min

Episode 138 - On Being Us in Technology with Kendrick Trotter

17 maj 2021 | 34 min

Episode 137 - Securing Virtual and Augmented Reality with Tamas Henning

10 maj 2021 | 32 min

Episode 136 - From Tragedy to Triumph with Chani Simms

4 maj 2021 | 32 min

Road to the Webby's: An Underdog Story

2 maj 2021 | 10 min

Episode 134 - Knowing Your Worth in Technology and Cybersecurity with Jimmy Sanders

27 april 2021 | 30 min

In the studio today is Jimmy Sanders, a mentor, technician and all-around leader. Jimmy is the head of information security at Netflix DVD where he secures data and systems from cyber threat while building resilient compliance programs across technology, financial services, and healthcare organizations.

Jimmy is here to talk about what we are worth in technology and cyber security. He is always full of advice and knowledge and is always promoting positive change in our community.

To start this podcast, Jimmy shares a little about his background and how he came to the role he is in now for Netflix. Along with his career background, he shares all the organizations he is involved with.

Jimmy talks briefly about what happened to him that encouraged him to go 120% and then some in this career choice. He didn’t find his passion in technology until 12 years after graduating college. You will hear how the possibility of never walking again affected his work ethic.

Allan and Jimmy talk at length about those 12-years where Jimmy was stumbling, bouncing from college to college, to flunking out of college. It took those years for him to discover how the absence of passion can truly feel.

The show closes discussing knowing how to recognize opportunities and taking them. In addition, they talk about how important it is to know your worth, recognize your value and that everything in life or work is negotiable. You will only be better than your job description if you make it that way.

Key Takeaways:

0:00 Intro

1:27 Episode begins

2:28 Jimmy Sanders introduced

2:40 Jimmy shares his background

4:20 Jimmy shares how he made his way into cyber security

6:28 What happened to Jimmy that got him going headstrong into cyber security

8:57 For 12-years, Jimmy stumbled through life – what did he learn and do?

10:40 Journey into his career choice and how it skyrocketed

13:00 How does Jimmy stay fresh and on top of advancements

14:54 Jimmy shares his “superpower”

17:55 Making the most of opportunities and getting into that mindset

20:15 Jimmy shares how to know your worth and understand your value

23:35 Negotiations when looking for a job

25:10 Jimmy’s hopes and objectives for the Technology Collaborative Summit which Cyber Ranch is hosting

27:26 Advice to those questioning their value in their cyber security job

28:55 Thank you and how to keep in touch

Links:

Sign up for the April 27th event 3:30 PM – 5:00 PM Pacific Time: www.techwc.org

Jimmy Sanders on LinkedIn

Support Hacker Valley Studio on Patreon. Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Vote for Hacker Valley to Win a Webby Award!

26 april 2021 | 5 min

Episode 132 - Giving Back Through Technology with Gabriela Ariza

21 april 2021 | 26 min

Episode 131 - Making the Most of Time Off with Sarah Groen

15 april 2021 | 31 min

In this featured episode of Hacker Valley Studio podcast, Ron and Chris are joined by Sarah Groen, founder and CEO of Bell & Bly Travel, a luxury travel advisory firm. Bell & Bly Travel helps executives, entrepreneurs, and their families take a holistic view of their vacation planning, allowing them to save time, enjoy amazing experiences they can't plan on their own, and make lasting memories with loved ones. Sarah is a contributing columnist for the CEOWORLD magazine and is the host for the Luxury Travel insider podcast.

In most of our episodes, we talk about work, the grind, and getting better every single day. In this episode, we talk about something a little different; talking about taking time for yourself and maximizing vacations and time off, time with family, friends, and time for experiences.

Sarah is no stranger to experiences; she has traveled the world and is an expert at planning vacations. We brought her into the studio to talk about getting the most out of our time off.

Her background is varied; she has an extremely random resume. She is from South Texas and lives in Houston. She started in the financial world but wanted to get off the corporate rat race track because she didn’t enjoy what she was doing. She went back to business school, not knowing what she wanted to do, but focused on entrepreneurship.

After school, Sarah went back to Houston and did many things, such as investing in an energy software startup and being an accelerator that she co-founded. She worked at Uber - launching and running UberEats in Houston and Phoenix. Finally, Sarah realized that if she was going to put that much time and effort into a business, she wanted it to be her own and build her own equity. So, she started looking into companies to invest in and buy. She finally began to focus on her passion for travel.

She describes herself as crazy about travel and shares how many countries she has visited and continents - and it’s a lot! She is always thinking about where she is going next. It all started due to her early experience where at 15 she went to Germany for an entire summer. She loves planning travel for families who have kids at that age which is an impetus to loving travel. This love led her to use all her free time for travel.

Sarah loves all her travel experiences for so many reasons. Trips fulfill you in many different ways. Her ability to share what she loves led to her acceptance at Stanford. Travel reminds her that she is so small in the world. There are so many other ways to think and live, that when she travels, she is reminded of that.

As the episode progresses, Sarah describes how travel benefits the mind and health. There is a lot of research that shows how vacations and travel is good for you. People need it! One example is neuroplasticity. If something brand new happens, you will remember it more. This keeps your brain more agile and to be more creative. Travel puts you in a different environment and helps create new neuropathways.

It is a fact that Americans are skipping tons of vacation days; there are millions of vacation days left on the table. As that number goes up, all sorts of things are happening such as anxiety, mental health issues and other things that are symptoms of working too hard.

In order to plan travel for groups, they bring people in and ask multiple questions to get to the bottom of what’s most important about this vacation and why. What helps them relax. This helps discover what is needed most by the travelers. Making the most of the vacations is different for every person. Some want to do everything, and some don’t want to do much at all.

The needs are different for everybody! Luxury travel means something different, however. She hesitates to put the word “luxury” in marketing, etc. Generations want different things and luxury means true customization. People don’t want to feel like a number anymore. She is catering toward personalized and customized things.

What does customized mean? How does it get specific? What do people look at? Sarah can do and plan things that are “ungoogleable.” There are so many experiences that can be customized based on interests and passions. These are “behind the scenes” and not amongst the packed tours that one encounters when on typical vacations.

Sarah shares how networking is important in the role as a luxury travel planner. She specializes in clients’ needs and wants, and they plan the world. That can only happen through fantastic networks and partnerships. They have worked with them and keep up with them on a regular basis. They have vetted partners in every corner of the world, and are kept up-to-date and help curate these specific itineraries and ideas. Doesn’t matter if it is art or basketball, they make it happen due to their network.

How people spend their money is personal, but don’t save it for a day you are never going to spend it. If there is something you want to do, make a plan to make it happen. Lay out what you want to achieve in your travel bucket list, and make a plan. Pencil the experiences in that you want to have!

Travel has changed alot since Covid-19. Don’t let it scare you off when you are planning travel. Hotels and airlines and tour operators have adjusted to safety protocols. Safety is different for all people and their wants in regard to the degree of risk they are willing to take. Booking and cancellation policies have flexed greatly. Those dream trips can be planned almost risk-free right now.

When it comes to food, it is trending to having more local cuisine experiences. For instance, going to the market, following a local expert, going to different places and trying different things. It is food combined with stories and history that is the trend.

Sarah is planning our “Think Week”, and we were excited to hear what she had in store for us. She has our interests and general information based on the forms sent to us. The next step is a call to hear what changes from the form and speaking in person. This gives a true vision of what might make sense and then talk about options and possibilities.

Impactful Moments

0:00 - Welcome back to the Hacker Valley Studio

1:26 - This episode features Sarah Groen

2:25 - Where they met Sarah

2:44 - Sarah’s background is extremely varied

3:19 - Where the entrepreneurship started

3:57 - Decided to start focusing on her passion - travel

4:14 - Why travel? What does it mean to her?

5:19 - Most memorable travel experience?

7:40 - How good travel is for you

10:35 - How people get the most out of time off?

13:04 - What does luxury travel mean for clients?

17:57 - How important is networking in this type of role?

20:23 - What would you say to our listeners who want to dip their toes in luxury travel?

22:08 - How travel has changed due to Covid-19.

25:36 - How food fits into travel

27:58 - What’s in store for our “Think Week”

29:29 - Best ways to stay in or get in touch with Sarah

Links:

Learn more about BelleAndBlyTravel

Luxury Travel Insider Podcast on all platforms

@Sarahgoesglobal on Instagram

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 130 - Fighting for Others with Anne Marie Zettlemoyer

7 april 2021 | 35 min

Anne Marie Zettlemoyer is Vice President of Security Engineering and Divisional Security Officer at MasterCard. She’s a mentor to many cybersecurity practitioners and a visiting fellow at the National Security Institute at George Mason University

As far back as elementary school, making sure everyone was treated properly and respected was important for Anne. In college, despite not knowing the first thing about cycling Anne’s determination to do the right thing led her to participate in a 600-mile charity ride to raise money for research towards a vaccine against HIV.

Anne Marie started in Business and holds an MBA in Organizational Behavior and Corporate Strategy, she started on the business side and worked under many titles like Analyst, Controller, Auditor, and Strategist. About 12 or 13 years ago she fell in love with Security because it speaks to her mission of protecting and defending others.

Ron shares about how mentors have helped him learn cybersecurity and asks Anne Marie about when she’s helped others climb the security mountain. Anne Marie recalls being the only woman presenter at a Cybersecurity conference and receiving a certain lack of respect until she demonstrated exactly how much expertise and experience she had. She spoke to some other women in attendance and encouraged them to apply themselves in the same field assuring them that they could also succeed, two years later one of the people she encouraged had become Senior Security Engineer.

Chris asks about what it means to her to be able to show up with others now and whether she had someone like that for her own journey. Anne Marie shares about having to fight for everything herself. She expands that talent, grit, and many things are distributed throughout humanity but opportunity isn’t equally distributed. Anne Marie believes that those with the capability to find those who simply need an opportunity and lift them up have a certain responsibility to do so. That they can lift up those who will also lift up others. Ron asks Anne Marie about what it takes to make a great leader and supporter today. Anne Marie speaks a bit about leading from quiet influence and measures success more by effectiveness. The conversation shifts to how trust is needed when working to communicate risk and security decisions depending on who you’re working with as not everyone will share the same perspectives and backgrounds. Chris asks Anne Marie for a piece of advice for someone who may need someone to show up and protect them and she urges us to try new things, learn new things, expand our own possibilities. Anne Marie speaks about how showing up and trying to reach out can be enough to open new doors.

1:01 — Welcome back to the Hacker Valley Studio our guest this episode is Anne Marie Zettlemoyer.

2:43 — Anne’s amazing fluency in business and how she fell in love with security.

4:37 — The call Anne feels to respect others and make sure they’re respected.

6:48 — The causes to fight for even without complete preparation for the journey ahead.

8:58 — The extremes of a ride to do the right thing, and a helping hand to get you up a mountain.

11:30 — How you can never know the power of showing up for yourself.

13:30 — The power of showing up for others and being the only woman there.

15:34 — Two years after being the only woman cybersecurity presenter at a conference

19:04 — Anne shares about having to fight for everything herself.

20:30 — The responsibility for those that have the heart to find and uplift others.

22:00 — The conversation moves to topics about networking and great leadership.

24:00 — Why having a sense of humility is necessary for a leader and building a network.

25:30 — Learning to not re-invent the wheel.

27:20 — Creating a rounded perspective to build comprehensive solutions.

28:50 — Why you need trust from the folks you’re trying to protect.

31:00 — Advice for someone listening that needs someone to protect or stand up for them.

32:45 — Trying new things one step at a time can be enough.

Links

You can find Anne Marie Zettlemoyer on her Linkedin or her Twitter

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor AttackIQ and enroll in The AttackIQ Academy!

Episode 129 - Seeing the Value in Everything with Saam Motamedi

1 april 2021 | 37 min

Saam Motamedi is a General Partner at Greylock, a Silicon Valley venture capital firm. Saam has always found joy in finding individuals with the ideas and perspectives needed to become leaders and seeing them grow. As a student, Saam built student led organizations and nurtured the talent in his peers so they could grow as leaders. Saam started his professional journey on the product side of the industry working for a startup company, BladeIQ. The organization was an early adopter of machine learning and made innovations in the Customer Relationship Management solution market. The company was later acquired by Salesforce and their technology was integrated into the Salesforce CRM solutions.

Saam shares that he enjoys helping entrepreneurs go from technical insight to an initial product. His superpower is leveraging his insight into how products and software solutions fit into the larger economic ecosystem. Saam also has success with helping companies continue to develop their products while bring new offerings using planned strategy. Ron asks Saam how he sorts through companies that are focused on artificial intelligence or machine learning in order to find great opportunities and people. Saam elaborates that he is focused less on the theoretical applications of these tools and more on how they are used to solve problems for customers. Saam provides perspective on the value of end user input in improving the quality of machine learning itself.

Chris asks Saam about advice about product market fit and how to ensure the company has the right timing. Saam shares that timing varies across customer segments. It is important to not only understand what customers want but be able to see what customers should want or what they’re going to want. The conversation touches upon how COVID-19 has shifted the venture capital landscape. Saam tells us that the amount of interesting ideas and products has actually increased, and that entrepreneurs need to understand what their own story is and how it is even more relevant today than perhaps two years ago. Ron asks Saam about the most exciting technology to him today. Saam remains enthusiastic about machine learning technology helping better decisions being made as well as automation helping free up time and more of the workforce to focus on higher valued tasks. Saam lets us know that it’s never too early to talk to Greylock and that some of the most impactful investments have been based on an idea and an understanding of the market the entrepreneur was aiming to disrupt.

0:00 — Intro

01:21 — Welcome Back to Hacker Valley today in the Studio, Saam Motamedi.

04:30 — Saam’s superpowers: understanding products, markets and people.

06:30 — Saam’s experience with the product innovation side

08:13 — Network building and finding talent

10:28 — Seeing the entrepreneur in people even before they see it in themselves

12:37 — Investing in solutions to important problems and not the technology they’re using.

14:17 — Creating a learning engine that actually learns over time

15:55 — Advice on having the right team and the right idea at the right time.

18:37 — Timing requires predicting what customers are going to want

20:09 — How the pandemic has shifted the entrepreneurial and VC landscapes

23:05 — Customer interactions and brand ambassadors shifting to digital channels

25:00 — Crawl before you walk before you run: how to grow a company

27:04 — Getting the right attention, standing out in a digital sales landscape

29:00 — Showing off your product and continuing to grow without high touch interactions

31:34 — Saam shares how security is more relevant than ever

33:10 — If you’ve got an idea and imagination it’s never too early to start talking to Greylock.

35:32 — Understanding your own story to build your own company.

If you want to stay up to date with what’s going on with Saam you can follow him on twitter Saam Motamedi (@saammotamedi) or find him on linkedin Saam Motamedi - General Partner - Greylock Partners. Check out Greylock Partners to find out more about this venture capital firm and read their blog to learn more about what they’re doing.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 128 - A Masterclass on Being Yourself with Ashish Rajan

24 mars 2021 | 32 min

Ashish Rajan is a Cloud Security leader, podcaster, investor and fashion expert. He’s the Melbourne chapter leader of the OWASP Foundation and the Head of Security & Compliance. Ashish makes full use of his expertise and shares his knowledge as founder of a Cloud Security academy as well as in his weekly Coffee with Ashish which streams on Twitch, linkedin and YouTube.

Ashish shares that while doing his weekly cloud security livestreams from the streets of Melbourne he became a recognizable person. Dressing with the intention of presenting something different to people Ashish began changing the way people look at him as a cybersecurity person. Ron asks Ashish about people understanding his value and how that can be conveyed through being confident with self image and comfortable in your own skin. Ashish speaks about the difference that presenting a new image of a security expert makes in his own career, that sometimes folks in the industry don’t necessarily communicate enough with people who don’t already have that knowledge base and so there can be a gap.

The conversation moves to how Ashish’s interests overlap and have grown throughout his cybersecurity practice and professional growth, he began meeting people more into sales over coffee in order to make more connections with other forward thinking professionals. Ashish’s mindset is that goals have to evolve especially when you’re able to meet them ahead of schedule, he applies this successfully to his Coffee with Ashish weekly show. Chris asks Ashish about his innovative mindset and a time he’s had to overcome an obstacle. His journey overcoming that is inspiring, after being let go from a job Ashish still believed there was reason to invest in the ideas and company. From there he began putting his time and energy into the cloud security academy and cloud security podcast using the motivation gained after that setback put in front of him as motivation to teach others how to fish in the cyber ocean. Ron and Chris talk with Ashish about legacy and Ashish shares that planting seeds will be the legacy he hopes for. Ashish hopes that making significant impact on other people’s lives in a positive way will become his. Ashish shares that finding mentors aligned with the goals that you have, starting on your goals will pay dividends.

Impactful Moments

0:00 — Intro

2:05 — Welcome to Hacker Valley Studio with Ashish.

4:15 — Origin story of a Tinkerer and mastering the cheat codes.

6:10 — Trying new things and trying to innovate them creatively.

7:45 — Unintentionally stumbling into the fashion world.

9:00 — Transforming into an extroverted Security person.

10:33 — Diversifying Cybersecurity with fashion and putting yourself out there.

12:40 — Being comfortable in your own skin after putting yourself out there.

13:33 — Following in the footsteps of your parents.

16:00 — Discovering more than just security and learning how to sell.

18:00 — The organic origins of Coffee with Ashish.

20:00 — Overcoming obstacles and teaching others to fish.

22:10 — Making the right investments in helping other people.

24:10 — Ashish leveling up constantly and what’s next.

26:20 — Ashish’s advice for stepping into your own personal strength.

28:00 — The very online future and making your own media hub.

Links:

Connect with Ashish on LinkedIn and check out his podcast Coffee with Ashish.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

If your experience with compliance has sucked, check out our friends at ByteChek and see what they can do for you.

Episode 127 - Finding Comfort in Being Uncomfortable with Paul Rivera

17 mars 2021 | 21 min

Paul Rivera is the president and CEO of Def Logix, he built his own company from the ground up. Paul was born in the Bronx, NYC and grew up in both Queens, New York and Dallas/Fort Worth area of Texas.

The two areas he grew up in couldn’t be more different and he faced a lot of social anxiety. In middle and high school Paul felt there was a difference between the things he worried about and the concerns of his peers. Young Paul would rather figure out how to improve himself than impress others with something more material. Eventually at the age of fifteen Paul quit school and instead began going to the library. There he spent time reading on his own. He went from reading science fiction to learning about the physics, chemistry and math behind it.

In his twenties Paul moved back to New York for college and was working while attending school. Following in his hero Mr. Spock’s footsteps he took classes in: Logic, Philosophy and Computer Science. Paul fell in love with programming after building his own calculator application by using coding. Programming was a way to use computers to build things from his own imagination and engaging his creative side. He got his Computer Science degree in his mid twenties.

Paul speaks about the difference between New York City and the Dallas Fort Worth Area and some of the interpersonal differences moving to a less diverse area and not fitting in. Ron asks Paul what the missing puzzle piece that led him on the education path he chose. The conversation between Paul, Ron and Chris touches on different ways of learning and thinking. Paul shares about the school of hard knocks and researching, he shares about having to research excessively can lead to potential missed opportunities.

Chris asks about a challenge he faced building Def Logix. Paul talks about finding his way as a significant contract closed out, dealing with employees being discontent and having to conceptualize Def-Logix 2.0. Our hosts Ron and Chris speak about the burnout that can happen when tasks aren’t aligned with purpose. Paul shares that he enjoys creating solutions more than other tasks that are typically aligned with being at the top of a company. Paul had to learn to delegate more in order to grow the company. Towards the end of our conversation Paul shares some of his experiences with public speaking, something he was very uncomfortable with at first. It was necessary for him to get out of his comfort zone in order to keep growing.

Impactful Moments During the Show

00:00 — Intro

01:35 — Welcome back to the Hacker Valley Studio and welcome to Paul Rivera.

03:05 — Learning the science behind the sci-fi.

04:25 — Why Paul quit school at 15 and his path back to education.

06:00 — Calculators and falling in love with programming.

07:40 — Thinking differently about clothing.

09:05 — Thinking outside the box with logic AND intuition instead of logic OR intuition.

10:31 — Paul’s key way of learning.

12:20 — Paul on building his own company and challenges faced.

14:20 — What would change if he closed shop and started again?

16:30 — The harebrained ideas, creating solutions and finding joy.

18:30 — Growth and getting out of your comfort zone

Links

You can find Paul Rivera on LinkedIn

Check out Def-Logix a cybersecurity company that does research and development, software development and secure networks.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Check out ByteChek they can help you establish your security program, automate your readiness assessment, and complete your SOC 2 audit faster.

Episode 126 - The Grit of Being World Champion Part 2 with Lee Kemp

12 mars 2021 | 24 min

In this episode we continue our conversation with Lee Kemp, a three time World Champion in Wrestling (1978, 1979 and 1982 all in the 74 kg weight class) and held the record for being the youngest World Champion. In addition to being a champion wrestler, Lee is a father, a wrestling coach, a public speaker, and an author. He learned many of the skill sets needed to navigate his life on the mat. A child of the 60’s, he was adopted at the age of 5, before adoption learned how to find his own contentment in the situation he was in. From a young age Lee learned how to focus on what’s important and tackle whatever he needed to get done.

Our conversation with Lee Kemp resumes with Chris asking Lee a question about representation. Lee shares that there were other Black wrestlers that were successful before him and while Dan Gable was a direct inspiration he saw additional championship inspiration in Black wrestlers. Lee found representation and inspiration to one day own his own business working for Tom Burrell of Burrow Communications. He shares tremendous insight about race relations in the USA being further complicated by suppression of stories, like that of the mathematicians from Hidden Figures.

When Lee’s family left Cleveland in 1968 they moved to Chardon, Ohio; this was almost an entirely White community. Growing up there Lee saw his family being accepted into this community and learned that mutual respect was possible. We ask Lee about what someone who wants to be a champion needs. Lee explains that putting your focus on someone else that is successful can help and that finding inspiration is a truly important thing. Listening is important, if someone like Lee tells you the steps that you need to take to truly become a champion it’s important to take the advice as a whole.

Being the best isn’t the only measure of achievement, for Lee going for something with all your heart is meaningful. After winning World Championships and global competitions two years running Lee was on track mentally and physically to become an Olympic champion, but in March of 1980 President Jimmy Carter announced that the USA would not be participating at the Olympics. Lee explains how that opportunity being taken away impacts him even now. 40 years later the 2020 Summer Games have been delayed and Lee speaks a bit about that showing how the grit to be world champion endures.

Impactful Moments During The Episode

00:00 — Intro

01:00 — Welcome back to Part 2 our conversation with Lee Kemp.

01:33 — Looking at what types of representation mattered to Lee.

03:49 — Representation making a difference on a professional level.

05:50 — Lee speaks about Tom Burrell, advertising and race.

06:59 — Seeing your own value and everyone seeing each other’s humanity.

07:53 — We’re all the same race.

08:39 — The examples that parents set.

10:10 — Leaving Cleveland and moving to Chardon in 1968.

12:09 — The respect Lee’s father received from his community.

13:24 — Lee speaks about the importance of listening and empathy.

15:22 — Putting yourself in the right environment to be a champion.

17:07 — Taking advice and finding motivations.

18:31 — Going for something with all your heart.

19:50 — A story of “Things not happening.”

21:04 — Resiliency and the Tokyo Olympics, lessons learned.

22:25 — Thanks to Lee Kemp and for listening to Part 2 of the Grit of Being World Champion

Links:

Learn more about Lee Kemp and pick up his book Winning Gold.

Watch the great documentary Watch Wrestled Away: The Lee Kemp Story | Prime Video.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 125 - The Grit of Being World Champion with Lee Kemp

9 mars 2021 | 37 min

Our special guest this episode is Lee Kemp, a three time World Champion in Wrestling (1978, 1979 and 1982 all in the 74 kg weight class) and held the record for being the youngest World Champion. In addition to being a champion wrestler, Lee is a father, a wrestling coach, a public speaker, and an author. He learned many of the skill sets needed to navigate his life on the mat. A child of the 60’s, he was adopted at the age of 5, before adoption learned how to find his own contentment in the situation he was in. From a young age Lee learned how to focus on what’s important and tackle whatever he needed to get done.

Lee’s childhood with his adoptive family involved a lot of hard work. His family moved from the city to a rural neighborhood and he worked on a farm. There was a certain strictness his father held, if farm work needed to get done it had to get done. Over the summers of Lee’s youth, he learned about finding contentment in hard work and became comfortable being uncomfortable. Lee started wrestling in high school in the 9th grade and made the varsity team in the 10th grade, his first season in varsity he won as many matches as he lost. The summer between the 10th and the 11th grade year was the turning point for young Lee. He attended a Wrestling Camp that the wrestler Dan Gable was at right before the Olympic games of 1972, what he learned from Dan Gable at that camp became the catalyst for Lee becoming a different wrestler and different person. Lee gained a new mindset from that wrestling camp with Dan Gable. Coach Lee went on to win the state championship as a junior in high school, defeating the defending state champion.

As the episode progresses, Ron and Chris ask Lee about his philosophies on consistency. Lee describes that at each point in his journey to be a champion wrestler he took every opportunity to learn more about his game and his opponents. While Lee was in wrestling camp with Dan Gable, he was the only willing volunteer that would allow Dan to try out wrestling moves on him. Lee knew that if he could understand how one of the greatest wrestlers performed offensively and defensively he could at a minimum learn something new and potentially incorporate it into his style. Lee’s determination has always been contagious and a positive influence to his community. An example that Lee shares is the story of his wrestling teammate Pat Christenson. Before defeating Dan Gable, Wisconsin had a drought of national champions in wrestling. Pat Christenson shared with Lee after defeating Gable he realized he could aspire to become a world champion also.

Impactful Moments During The Episode

01:30 - Welcome back to the Hacker Valley Studio.

01:56 - Introducing the three time world champion Lee Kemp.

03:04 - A child of the sixties and learning how to give back.

04:18 - Understanding where you come from and learning to be content.

07:01 - Characteristics of grit.

08:43 - Overcoming the biggest roadblock to success.

11:08 - Finding a worthwhile goal as a high school wrestler and learning from the best.

12:26 - The inflection point towards success for wrestler Lee Kemp

14:24 - The fateful wrestling camp experience of 1972.

16:25 - Watching your camp coach from the summer with Olympic Gold.

17:28 - Lee Kemp finds the opportunity to wrestle against his former wrestling camp Coach, the gold medal winner Dan Gable.

19:05 - How Lee stayed focused on wrestling Gable despite detractors and distractions.

21:20 - Finding a different mindset, finding a different Lee Kemp.

22:51 - Taking little steps of confidence towards goals.

24:11 - Lee Kemp being in the moment wrestling in the last 30 seconds against Gable.

25:53 - From being in the moment to being part of the moment.

27:30 - The reaction to breaking expectations

29:00 - A rivalry that couldn’t be played out in competition, an unofficial match between Kemp and Gable

31:00 - Moving mountains

32:57 - Inspiring future wrestling champions at University of Wisconsin

34:30 - Having a mindset and attitude for making things possible

36:30 - Thank you for listening to Part 1 of Lee Kemp on Hacker Valley.

Links:

Learn more about Lee Kemp and pick up his book Wrestled Away.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 124 - The Learning Leader with Allan Alford

2 mars 2021 | 32 min

Introducing the Cyber Ranch Podcast and Allan Alford!

Allan Alford is currently the Chief Technology Officer/Chief Information Security Officer at TrustMAPP. Allan Alford is a member of the Hacker Valley family and has launched a new show called the Cyber Ranch Podcast. Allan has been a CISO at a number of different companies and has a wealth of knowledge in Cybersecurity. Has about 20 years of Cybersecurity and has a background in product security.

Allan is a tinkerer and a second generation information security practitioner. His father was a systems operator/administrator who specialized in Systems Security, his father brought their first IBM PC into the house while Allan was in middle school. Since that moment, Allan has always been interested in technology and had a group of friends who had the brand new tools of the time like the TI-99, TRS-80, IBM PC and Apple IIe. He and his friends were porting and writing games, hacking and war dialing. Allan’s mother was a school teacher and had house rules about television time, and so with an hour of TV a week Allan’s primary form of entertainment was reading.

In high school Allan took a creative writing class where he found a passion for storytelling and reading novels. Before entering college Allan was confident in his technology skills and decided that studying Humanities would make a greater impact for him. While studying, Allan learned that there were many parallels between the study of humanities and technology. There was a vocabulary, grammar, and structure by which things operated that had a consistent set of rules. Allan learned that the correct application of grammar and vocabulary helped all things work properly.

As the episode progresses, Allan shares while reading books, articles or other word based sources there’s a sort of internal voice that is within his mind that reads the words ‘out loud,’ however once he’s immersed in the book or text that the subvocalization fades and there’s a much more immediate type of onboarding of the information, the non-conscious reading voice. Chris shares that he describes this as the flow of learning. Allan also speaks of lucking into a prime slot on the KTCU college radio station and how he found his groove djing by deconstructing threads of music. He would put together his set by starting with a popular song and tracing it back from influence and inspirations.

Allan also shares his thoughts on the importance of networking - And not all networking starting points being equal. With his success now he tries to create bridges and conversations through his network that promote the exchange of ideas and further conversations for people, Allan is hoping to do the same with his podcast - The Cyber Ranch. Professionally he’s embarking on a new journey as the Chief Technology Officer at TrustMapp and is currently learning how to be a great producer of Security technologies.

Impactful Moments During the Show

0:00 - Welcome back to the Hacker Valley Studio!

01:30 - Welcome back to the Hacker Valley studio and welcome to the Cyber Ranch podcast

02:30 - Allan’s Professional Adventuring Card

03:00 - Allan’s tinkering background and a second generation info security professional

04:30 - Writing and porting video games as a youth, growing up as a STEM kid

05:35 - Creative writing opening the world to storytelling

06:50 - Going to college already knowing about Computer Science

08:40 - Practices and techniques for learning rapidly and staying sharp

10:30 - Understanding the fields of vocabulary and grammar

11:56 - Conscious reading voice, non-conscious reading voice and flow

14:14 - From reading to producing work that people could consume

16:00 - DJ Deconstruction, how Allan put together a primetime radio set on KTCU

17:00 - Networking without inherited connections

19:20 - How networking works for Allan now

22:20 - Networking misunderstood, the traps of the output side

24:00 - Allan’s 70/30 rule for career advancement

25:30 - CISO and CTO parallels

27:30 - What motivated Allan to start his own cyber security podcast

29:30 - For someone entering the Cybersecurity world from a non-technical background

Links

Connect with Allan on LinkedIn Allan Alford - CISO & CTO - TrustMAPP

Check out The Cyber Ranch Podcast!

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor AttackIQ and enroll in The AttackIQ Academy!

Episode 123 - Adventures in Venture Capital with Lindsay Lee

25 februari 2021 | 41 min

Lindsay Lee is the founder and managing member of Authentic Ventures. Authentic Ventures is an early stage VC firm based in Oakland CA. Lindsay has worked many years in the investment industries as well as venture capital and ran a direct investment fund. Authentic ventures is a new kind of firm focused primarily on women and under-represented minority founders. Authentic Ventures is focused on building its own network of women founders of more diverse backgrounds and entrepreneurs who really want to see success translate into more opportunities for their communities.

Coming from modest beginnings and raised by immigrant parents from the West Indies, his parents really solidified the importance of education. Lindsay has worked in investment banking as an analyst alongside graduates of Ivy League schools, there he learned about his own determination to excel even in tough working conditions while learning as much as possible. After graduating from graduate school Lindsay started an ill-fated technology start up in 1999; funding was hard to find in the early naughts (00’s) especially for Black founders.

After pivoting to working in asset management companies Lindsay joined a family office where he built and managed a portfolio. He reached a turning point there where he was able to look at public and private investments and assess the landscape. Lindsay decided he wanted to differentiate himself and focus efforts on really approaching investment in his own way, to invest in “early stage companies,” as opposed to series A or series B companies. A peer at another firm told him that it was going to be double the effort and twice the financing to get it off the ground. Lindsay’s drive and the network he was a part of propelled him through the challenges.

The conversation touches upon the “rules of the game” for galvanizing new ideas and bringing new products and companies into the market. He speaks about the roles that entrepreneurs, lawyers and investors have in capital markets. Lindsay found his calling as an investor was one where he was a coach, rather than an entrepreneur who is trying to score goals all the time. Lindsay describes how his focus was on cultivating relationships and community in order to grow an interconnected network that would allow for long lasting impact in the landscape while also bringing success to his firm.

He shares that the one thing he’s had to get right is finding A+ people to work with. In his approach as an investor he is trying to set the table for women of color and reserve, or build, a seat at the table that allows for success to be shared. Lindsay believes this focus will lead to more opportunities for more diverse teams. For folks interested in becoming an investor or entrepreneur Lindsay speaks about the importance of team building and utilizing the connections they already have as capital. He also urges people to not ignore the skills they’ve gained by applying themselves and that those skills plus knowledge of the space they’re focused on can create something that’s meaningful.

Impactful Moments During Podcast

00:00 - Welcome back to the Hacker Valley Studio, introducing Lindsay Lee of Authentic Ventures, a VC firm that invests in seed and early stage companies.

02:30 - Building a more diverse inclusive VC network and culture.

04:30 - What the exploration of VC was like for Lindsay and what were some of the motivations for moving in this way in that sphere.

06:45 - Why it’s important for diversity that a firm like Authentic Ventures exists in Silicon Valley and the tech community.

07:20 - How VC firms can help create more wealth across communities of color and gender.

09:30 - The journey to VC and what exploring that world looked like for Lindsay.

10:00 - Entrepreneurship as a sport: who are players, rule-makers and play callers.

11:45 - Taking the long view on cultivating good investments and finding the right people.

12:20 - Starting his own thing in VC, differentiating himself and dealing with uncertainty

14:27 - What immersion in VC is like, navigating changing landscapes

15:15 - If you’re looking for a challenge, investing is a good field; things not going to plan.

15:45 - Why you need to find A+ people.

17:20 - Staying humble and grounded in VC

18:14 - What creates success in entrepreneurial endeavors

19:30 - Why Authentic Ventures has a culture of good energy

20:45 - Studying and data in VC, compounding experience and knowledge, the value of having a community

22:40 - Trying to find ideas and company with momentum

23:20 - No free lunch in investing? What does a margin of error mean in this VC world.

24:45 - Why VC firms learn about the founders, how to scrutinize the methodology

26:00 - If you’re an entrepreneur why you should get to know a VC fund outside of funding events.

27:00 - Being an early believer in trailblazers

28:00 - Authentic Ventures tries to win together, with the right people

29:25 - Lindsay talks about not starting out on First or Second Base and making an impact that helps his community.

30:35 - Having something to prove as an analyst at investment banks

31:45 - The best lesson to learn as an investor, understanding the people, connecting with people that share your values.

33:30 - Why there’s no substitute for excellence or hard work.

37:23 - Staying power and determination: “Get your money right.”

38:30 - Staying in touch with Lindsay Lee and Authentic Ventures

Stay connected with Lindsay Lee by checking out Authentic Ventures

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

We Are Here Finale: Rep. Yvette Clarke

23 februari 2021 | 37 min

Hacker Valley Studio presents: We Are Here - an audio journey and series exploring black excellence in technology and cybersecurity. In part three of this series, Ron and Chris interview Congresswoman Yvette Clarke, serving as the U.S. Representative for New York's 9th congressional district since 2013.

Congresswoman Clarke’s parents immigrated to Brooklyn, New York in the 1950s from Jamaica. Being born from immigrant parents and witnessing the transformation of the country during the civil rights movement helped shape her worldview. Congresswoman Clarke mentions that the nurture from her family and community sparked her interest in public service at an early age. Congresswoman Clarke recalls being a child and looking up to her pediatrician, Dr. Thompson. Congresswoman Clarke could see herself being like Dr. Thompson and that led her to pursue her interests in STEM in grade school and college. When Congresswoman Clarke went away to college she made a commitment to come back to Brooklyn and use her education to help others

As the episode progresses, Congresswoman Clarke mentions her parents were engaged in the community out of necessity. They wanted to be able to navigate the United States and create community for her and her brother. Congresswoman Clarke’s mother started her community outreach at Parent Teacher Association meetings and was encouraged to run for political office after some time. In fact, Congresswoman Clarke became the first and only child to succeed a parent in political office.

Congresswoman Clarke describes community as essential and building communities is done through education. Digital transformation has enabled all generations to collaborate on common causes that they previously wouldn’t have had the opportunity to. An example that Congresswoman Clarke provides is narrowing the education gap for children of color. Through technology, parents have been working with government agencies and private organizations to provide more resources to schools in need.

Impactful Moments:

0:00 - Hacker Valley Studio presents We Are Here Pt 3

0:52 - Congresswoman Yvette Clarke on Hacker Valley Studio!

1:56 - Early life and how Congresswoman Clarke made it into office

3:38 - What inspired Congresswoman Clarke to help others

7:21 - Surprises while in office and servicing the public

13:35 - Congresswoman Clarke’s story of perseverance

16:36 - The importance of community and how to influence yours

24:40 - Education and mentorship

27:51 - Using technology to course correct and amplify your voice

31:59 - Sage wisdom for embarking on your personal journey

Follow Congresswoman Yvette Clarke on LinkedIn, Instagram, and Twitter

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Episode 121 - What Is Your IP Address with Chris Parker

20 februari 2021 | 28 min

In this episode of Hacker Valley Studio podcast, Ron and Chris are joined by Chris Parker, creator of WhatIsMyIPAddress. His website now reaches six million monthly visitors and began as a necessity to solve a technical problem, which you can probably guess, determine his IP Address.

WhatIsMyIPAddress predates Google and was often found through the search engine AltaVista. For years, the site was simple, straightforward and didn’t have any graphics or markup (HTML). At some point, Chris stumbled upon a Content Management System (CMS) called Geek Log but quickly learned with the amount of traffic that it was best for him to manually code each page on his website. For quite some time Chris maintained the website, answered questions from users about IP Addresses, and created more content without receiving any monetary compensation. The advent of Google AdSense led Chris to realize that he could make a profit for hosting his website.

Chris’s website is in the top 3,000 websites on the Internet and was managed out of his home office for over 8 years. As you can imagine, he received traffic from users across the world and was even the target of some cybersecurity attacks. However, keeping the functionality on his website simple, the biggest threat Chris faced was Denial of Service (DoS). After moving his website from his home to a CDN provider that blocks malicious traffic and bots, Chris saw a 90% reduction in web traffic to his website. This led Chris down the path of creating content about security and configuration.

With such a large audience, Chris decided to start the Easy Pray podcast and help listeners learn how to avoid becoming easy targets for scammers and fraudsters online and in the real world. Chris recalls a story of a fraud group that scammed victims by telling the victim that they’ve won the lottery in their country but are unable to withdraw the winnings because of citizenship. This scam is not uncommon and has caused hopeful individuals to lose thousands and sometimes their entire life savings. Chris has set out on a mission to inform others of these scams and create awareness about online safety.

Impactful Moments

0:00 - Welcome back to the Hacker Valley Studio

1:44 - Introducing Chris Parker, Creator of WhatIsMyIPAddress

5:11 - Was the naming of the website intentional or was it incidental?

6:04 - Adapting and digital transformation

7:29 - Malicious traffic and cyber attacks

10:39 - Creating a more safe Internet with the Easy Pray podcast

12:43 - Unfortunate spam and scamming stories

15:18 - More about Chris’s goal to provide education to his listeners

18:40 - Learnings and takeaways to avoid being scammed

24:02 - Tools that Chris is using to grow and scale his business

26:51 - How to stay up to date with Chris Parker

Links:

Learn more about Chris Parker and visit his website and podcast.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 120 - Bishops, Black Belts, and Business with Jeff Cook

16 februari 2021 | 34 min

In this featured episode of Hacker Valley Studio podcast, Ron and Chris are joined by Jeff Cook, Co-Founder, and CFO of ByteChek. Jeff has over 10 years of experience in both accounting and auditing and has set out a mission to “make compliance suck less”

Jeff began his career at accounting firm, Arthur Andersen. In 2002, the firm surrendered it’s license to practice as a CPA which forced Jeff to consider working at other firms. This surprise turned out to be a blessing as it made him transition from New York to Washington DC. After his transition, Jeff worked in public accounting and auditing for 12 years and began starting IT auditing practices and SOC practices at large accounting firms.

While working at a cybersecurity firm, Jeff met his co-founder AJ Yawn. The two worked on numerous SOC engagements together - which gave them the confidence to scale their ideas and efforts to make compliance suck less. Despite 2020 being the beginning of a global pandemic, the two decided to persevere and form their company ByteChek.

As the episode progresses, Jeff describes his partnership with AJ as dynamic and fluid. Jeff brings to the table a deep understanding of accounting and auditing challenges and solutions. Jeff admires AJ’s ability to be a leader and rally the troops to ensure everyone is moving in the right direction. Besides complimenting each other’s strengths and weaknesses, Jeff and AJ are also great friends and check-in together to help each other grow personally outside of work.

Jeff describes his superpower as his ability to work under pressure. When there’s deadlines and a surplus of work, Jeff leans on his experience as an accountant. While working as an accountant, each year in January through April (tax season) Jeff had to practice his discipline of working under pressure with clear deadlines from his clients and the government. Additionally, Jeff has spent years practicing martial arts, and describes it as a great technique to use to clear his mind in all situations.

Impactful Moments

0:00 - Welcome back to the Hacker Valley Studio

1:41 - This episode features Jeff Cook, Co-Founder, and CFO of ByteChek

2:26 - Jeff’s background and start in accounting and auditing

5:08 - Thriving in business as a founder during a global pandemic

8:31 - Jeff’s superpower and where it began

11:16 - How to overcome your kryptonite and core emotional challenge

13:58 - How martial arts has helped Jeff as a practitioner

17:48 - Parallels between cybersecurity, chess, and martial arts

21:21 - Getting comfortable with discomfort

28:14 - Wisdom from Jeff for leveling up as a entrepreneur and practitioner

Links:

Learn more about Jeff Cook and connect with him on LinkedIn.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

We Are Here Part 2: A Cyber Masterminds Discussion

10 februari 2021 | 88 min

Hacker Valley Studio presents: We Are Here - an audio journey and series exploring black excellence in cybersecurity. In part two of this series, Ron and Chris host a mastermind conversation with Tia Hopkins, Charles Nwatu, AJ Yawn, and Kelvin Coleman. In this special conversation, we discuss ExIST, a framework to promote excellence in the pursuit of human endeavors like hobbies, careers, and finding purpose.

Explore

As humans, we’re always on the brink of discovery. Watching a documentary, witnessing someone perform a piece of art or a eureka moment might be all that it takes to pull you in a new direction to explore a new topic. Learning something new can be like stepping into a new world that you’ve never experienced. This leap can be exciting, scary, or even uneventful but always leads to discovery.

Tia Hopkins began exploring technology since she can remember. One of her first memories of her interest in technology was when she noticed her mom stopped buying her toys because she would take them apart to understand how they worked. Tia took a giant leap into the new world of technology when she took apart her family and realized that she had to put it back together before her mom found out. Tia has explored many facets of technology from working with Internet Service Providers, IT teams, and Managed Detection and Response teams.

Immerse

After deciding which world to ExIST in, the next step to understanding and mastery is immersion. This is surrounding yourself in a new topic or idea and learning what it means to succeed in that arena. In sports, this might be watching a professional game and learning more about the rules. In cybersecurity, immersion may be reading blogs on the topic or watching YouTube videos that explain a focus area. While immersing yourself in this world you’ll identify the mindset needed to remain there and grow.

Charles Nwatu’s advice on immersion is to not be afraid to fail - It's the only way you succeed. Not giving yourself the opportunity to take the shot is even worse than failure itself. Learn how to consume content in any way that works best for you - read, listen, watch everything you possibly can. Identify ways that help you articulate what you’ve learned to others.

Study

After learning the rules and where the boundaries exist in the new world, the next step is to study. Using tools, knowledge, examples and mentors to improve your capabilities. If you’re learning about a topic with subtopics, you may need to re-immerse yourself in areas that you’re weak on. In this phase of the framework, you're using your new capabilities to rapidly learn and improve.

AJ Yawn provides the advice of staying focused and ignoring the results. To Focus AJ often implements the 90-90-1 rule. And it's taking 90 days spending the first 90 minutes of your day, focusing on ONE thing. Whenever AJ is trying out a new endeavour he ignores the results for the first 90 days, even if there’s no visible improvements. When picking up anything new the focus should be on the attempt rather than the outcome.

Translate / Transform

Translation is expressing the sense of wisdom into language. During this part of the ExIST framework, you’re using the collection of experience and wisdom to create, innovate, or teach. Taking your developed ability and bettering the lives of others.

Kelvin Coleman has always been an advocate of teaching others and promoting the people in the cybersecurity industry. Kelvin can recall researching and reciting state capitals that he’d take to his meetings to build a rapport with city and state government stakeholders. While the name of a state capital or mascot may not seem critical, it helped his customers understand that he does the research and cares about doing what is best for everyone.

Impactful Moments

0:00 - We Are Here a series exploring black excellence in cybersecurity

1:13 - Kelvin Coleman, the strategic mastermind

1:50 - Tia Hopkins, the technical juggernaut

2:25 - Charles Nwatu, the wise warrior

3:00 - AJ Yawn, the empathetic CEO

4:28 - ExIST, a framework to promote excellence

5:40 - Explore

22:14 - Immerse

56:09 - Study

1:10:10 - Translate/Transform

1:20:12 - Sage wisdom from our mastermind group

1:25:20 - How to keep in touch with our amazing guests

Stay In Touch Kelvin Coleman on LinkedIn

Connect with Tia Hopkins on LinkedIn and Empow(her) Cybersecurity

Follow Charles Nwatu on LinkedIn

Stay connected with AJ Yawn on LinkedIn

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Get your start in cybersecurity with SANS through their Diversity Cyber Academy!
Applications are now open, and SANS is looking for the best and brightest to diversify the field! The
SANS ICMCP Diversity Cyber Academy is available for current college students, college graduates, and
career changers who are not already working in cybersecurity.
Those interested can go to sans.org/dca or if you’d like to learn more about what SANS is doing on the
Diversity and Inclusion front please visit https://www.sans.org/about/diversity

We Are Here Part 1: Patrice Washington

8 februari 2021 | 33 min

Hacker Valley Studio presents: We Are Here - an audio journey and series exploring black excellence in cybersecurity. in part one of this series, Ron and Chris interview Patrice Washington, one of the world's most popular podcasters and authors. This episode in the series is a story of ascension.

As we begin the episode Patrice mentions although she has a background in education, she’s here because of the hard work she put in during uncertain times and stepping into the unknown.

In 2009, Patrice was in her mid 20s and graduated from the University of Southern California with a business degree emphasizing entrepreneurial studies. During her senior year she started a real estate and mortgage brokerage and grew it to a seven figure business by 25. Everything changed for Patrice after becoming a mother and experiencing the housing crisis shortly after experiencing so much success. Between ages 25 to 28 years old, she went from seven figure business owner to being on the bathroom floor, bawling and snotting and crying scraping up change in couch cushions.

Patrice describes that “doing all the things”, “checking all the boxes”, or “being the one” is not the path to professional or financial success. From following her faith and reading scripture she was reminded, “What good is money in the hands of a fool if they have no desire to seek wisdom?”

Patrice had a lot of knowledge, information, education but I didn't have wisdom. Which is how to apply knowledge, when to apply education, and with whom to apply education. Since March, 2009 Patrice has been on a mission to go everywhere she can and teach others that the journey is not just about chasing money, it’s about seeking wisdom.

What helped turn around Patrice’s life was an unlikely encounter with blogging mothers at Starbucks that gave her the idea of sharing her story through blogs. She was instantly reminded of her first grade teacher. Patrice recalled Ms. Boynton saying, “Miss Cunningham, you know something, you have a responsibility. To share with your friends is not enough. You have to share what you know to everyone, so that everybody moves forward”. That’s what Patrice started to do with the blog, she began commitment to share everything that she has learned.

When Patrice began writing and speaking she began embracing her gifts. At the start of her career she was writing, speaking and educating others with real estate but later realized that her gift was in sharing information and teaching others in a broader way. Patrice began asking herself, “How can I feel the same joy I felt to help others get to the aha moment when buying a home but without the real estate transaction?”. She searched for answers and found examples but none done by a black woman. Though this was discouraging, there was enough supporting information to let her know that if she stepped into the unknown she’d define her own success.

Redefining your wealth and life is done through being intentional. It starts by doing what you adore and not being too tied with how much it pays. Setting intentions through your day, calendar, and time is a great place to start to begin understanding what you enjoy and what you can make into a career. Your career is not the only aspect of your life that generates wealth, your well-being is the vessel that guides you to wealth. Redefining your wealth and life means that you’re putting your health as a top priority.

Impactful Moments:

0:00 - Intro

0:52 - Patrice Washington on Hacker Valley Studio!

1:55 - Patrice’s background and dedication to hard work

6:04 - Going from seven figure business to zero and redefining wealth

9:47 - Identifying and applying purpose

15:08 - Dissolving the need for validation from others

20:32 - What others can do to disassociate their purpose from money

26:36 - Investing in your health NOW, not when you’re sick

31:15 - Advice for embarking on the journey of redefining wealth

Pre-order Redefine Wealth for Yourself: How to Stop Chasing Money and Finally Live Your Life's Purpose

Connect with Patrice Washington on LinkedIn and Twitter

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Episode 117 - Technically Unstoppable with Tia Hopkins

1 februari 2021 | 30 min

In this episode of the Hacker Valley Studio podcast, Ron and Chris are joined by Tia Hopkins, Founder of Empow(H)er Cybersecurity with the focus of empowering mentoring, educating, and providing opportunities for women of color. Tia is also VP, Global Solutions Engineering at eSentire.

The episode begins by Tia describing her early interests in technology. She began exploring her interest by taking apart her family computer - After her mom found out that she disassembled the computer, she quickly learned that she had to reassemble it before there were consequences. Early in Tia’s career she worked at phone companies installing DSL, IT operations, and managing technology focused teams. Tia has always been a doer and problem solver which led to resistance when first being called to become a leader. She was initially concerned that if she wasn’t hands-on with technical issues that she wouldn’t be as effective as a leader. However, she discovered that as a leader she can leverage her experience to have a broader impact through her team.

As the episode progresses, the cast chat about “Happy Accidents”. Tia had the opportunity to get involved with the Social Movement project by a coincidental conversation with a stranger at a cybersecurity conference many years ago. The premise of the project is 4 days to change the world. Tia’s challenge during the project was to solve racism issues by bringing brilliant minds together. Tia mentions that the challenge is a tall order but great minds in the world can solve any problem.

During COVID-19, a lot has changed for Hacker Valley Studio - Ron and Chris used to record in the same studio but now record separately due to the lockdown. Despite this difference in production, HVS has been able to scale and grow by dividing and conquering tasks. Tia can relate to this sentiment because without COVID-19 she likely would have not started Empow(H)er Cybersecurity. In addition to starting her foundation, Tia has also started a PhD program. When asked her about her superpower, Tia describes her ability to get things done. As a former athlete, Tia has a growth mindset and is determined to accomplish her goals.

Meaningful moments in the podcast:

0:00 - Intro

1:51 - Tia Hopkins on Hacker Valley Studio Podcast

2:39 - Tia’s background and start in technology

4:24 - Tia’s perspective on being a leader

7:17 - Induction in the American Football Hall of Fame

9:01 - Social Movement Season 2

14:30 - Developing and working on your craft

16:50 - What has changed since COVID-19

19:00 - Tia’s Superpower

24:13 - Personal resiliency techniques

28:47 - How to stay in touch with Tia Hopkins

Links:

Connect with Tia Hopkins on LinkedIn.

Follow Empow(H)er Cybersecurity on Twitter and LinkedIn

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor AttackIQ.

Episode 116 - Start-Up Secure with Chris Castaldo

26 januari 2021 | 36 min

In this episode of the Hacker Valley Studio podcast, Ron and Chris are joined by Chris Castaldo, Chief Information Security Officer at Crossbeam and author of Start-Up Secure: Baking Cybersecurity into Your Company from Founding to Exit. Throughout his career, Chris noticed that the same cybersecurity related problems surface but there are many different ways to solve them.

Chris has always been passionate about startups and has plans to one day start his own company. While going through lists of top 10 books for startups and entrepreneurs he didn’t find any that mentioned how to do cybersecurity at a startup. This a significant gap for startups, not baking in cybersecurity early results in expensive rework 4-10 years after the startup is founded. This led to Chris writing Startup Secure - his goal was to create a guide and methodology for startup founders to avoid the expensive mistake of not baking cybersecurity into the startup in the beginning.

As the episode progresses, Chris highlights the difference in challenges for startups that are B2B (Business-to-Business) vs B2C (Business-to-Consumer). Cybersecurity startups must weigh the risks of building a product and building a secure company. It’s easier to implement all of the security controls offered by a solution when the startup is 20 employees or less because there is less impact on users and business functions. When cybersecurity startups are selling to organizations with cybersecurity teams, the startup is asked tough questions. For example:

What is your vendor review process?
Is your startup leveraging cloud security controls?
What is your privacy policy?

As a cybersecurity professional, Chris emphases the importance of networking with other professionals. There is an increase in virtual conferences and adoption of LinkedIn. Asking questions to the leaders in the field and providing mentorship to others both provide a significant impact while cultivating your career. Chris also highlights the importance of following up on conversations to build relationships and securing opportunities.

When transitioning from engineer to CISO, Chris found that being intentional and purposeful with his time was impactful in his transition. He developed these skills by reading books about stoicism. He found that focusing on “the right thing to do” was tough because of constant distractions but being purposeful was the solution to distraction. Instead of focusing on all the things that were on his plate he would break down his goals into smaller chunks and give them his undivided attention for a specific amount of time.

Moments During This Podcast:

0:00 - Intro

1:57 - Chris Castaldo on Hacker Valley Studio Podcast

2:47 - Chris’ start in cybersecurity as a red team member

3:50 - Why did Chris write his book Startup Secure

6:58 - Challenges of implementing cybersecurity at a startup

9:56 - What excites Chris about cybersecurity

13:35 - How do you immerse yourself in learning about cybersecurity?

17:33 - Surprises when transitioning from engineer to CISO

22:43 - Core tenants of solving hard problems

25:53 - Protecting the crown jewels at an organization during a breach

33:38 - Advice on sharing knowledge with the world

Links:

Pre-order Start-Up Secure: Baking Cybersecurity into Your Company from Founding to Exit

Learn more about Chris Castaldo and connect with him on LinkedIn.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 115 - Podcast Takeover with Carole Theriault

20 januari 2021 | 41 min

The tables have turned on Ron and Chris this episode and they are interviewed by guest host, Carole Theriault! Besides being a two-time guest on the Hacker Valley Studio Podcast, Carole is producer and host of the Smashing Security Podcast and Sticky Pickles podcast. Carole put together 7 serious questions and 7 funny questions to interview Ron and Chris.

Question #1 - How did you get into podcasting?

Ron - describes his entry into podcasting as a surprise. Ron had set up a studio at his home in San Jose, California with the intention to create YouTube videos. When Chris relocated to the area, he suggested that the two get on the microphones and have a conversation to see where it goes - Where the two began speaking about Cybersecurity Alchemy.

Chris - Before moving to Silicon Valley, Chris experimented with content creation on Instagram and worked with professionals to document his weight loss journey. This experiment went well but left Chris hoping to make a greater impact through content creation.

Question #2 - What are the most surprising lessons you learned from podcasting

Carole begins by describing her most surprising lesson is the sheer amount of work.

Chris was surprised about all of the aspects that go into a quality production. For example, mastering the sound of the podcast.

Ron describes the most surprising lesson being the work that goes into show notes and the conversion of full-length topics into bite sized nuggets.

Question #3 - What trait do you like most in your podcast partner

Ron - Chris’ accountability and availability. We meet together daily during the week to discuss goals, challenges, and collaboration opportunities. When help is needed, Chris is consistently there to help.

Chris - Ron’s calm, understated competitiveness nature. The competitive nature pushes both of us to get better everyday.

Question #4 - What do you worry most about when creating an episode of Hacker Valley Studio?

Chris - Capturing great quality audio. During post-production, we can fix nearly everything like “ahs”, “ums”, awkward pauses but not poor quality audio. Carole can relate to this technical difficulty as she has experienced difficulties with hearing feedback from internal microphones on her podcasts

Ron - HVS has had over a hundred episodes and around 10% of the guests have never been on a podcast. When recording with the 10% that have not been on a podcast before Ron’s main goal and concern is to ensure that the guest is comfortable. Creating an environment where guests can share their story and as.king great questions creates raving fans of our content through our listeners and guests

Question #5 - Who does more of the work on the podcast?

Ron - Chris is the GOAT for the HVS podcast. In the very beginning, Ron said that he did most of the work. In the beginning Ron was editing the video and audio for the podcast but at some point, Chris became curious about the audio editing process and fell in love with the process and built a strong foundation for rapidly increasing the quality of Hacker Valley Studio content.

Follow up to Question #5 - Chris do you appreciate about Ron’s contribution to the podcast?

Chris - Our chemistry. Episode one shows our chemistry because even though we did not have any experience podcasting, we still had a great conversational flow. It didn’t take anytime for us to build this chemistry up because Ron is able to read expressions and see where I’m going with questions and answers. Ron has always been able to pick up where I left off and bring up topics that I may forget.

Question #6 - Which episode of HVS sticks out most in your mind and why?

Chris - Episode 40 with Daniel Meade. This episode started out with us speaking with Daniel about AppSec but had many turns where we got to experience Daniel’s authentic humor and moments of growth throughout his life. This episode helped shape the future of Hacker Valley Studio.

Ron - Episode 104 with Robin Black. This episode has very little connection with technology and cybersecurity but focuses on the auxiliary skills that make practitioners at any craft great. Robin is fascinated with his work and crossing the chasm to gain expertise from similar or related fields.

Question #7 - What does success mean for Hacker Valley Studio?

Ron - Having fun during the process. Chris and I are extremely successful at this point because we’ve been enjoying creating the process everyday. We are lucky enough to speak to experts, work with vocal coaches, and learn how to make quality productions each week.

Chris - The impact on the listener. We’ve received emails and messages on social media from listeners that have thanked us for helping them get into cybersecurity and promoted within their field. We’ve been able to create our own journey and be part of others journeys.

Moments During the Podcast

0:00 - Intro

1:22 - Carole Theriault takes over Hacker Valley Studio!

2:50 - How Chris and Ron got into podcasting

5:06 - Would you rather be 8 foot tall or have eight feet?

5:55 - What are the most surprising lessons you learned from podcasting?

8:13 - If you were on a desert island, what luxury item would you bring?

9:10 - What trait do you like most in your podcast partner?

11:17 - What's your favorite thing to do outside of work and family responsibilities?

14:07 - What do you worry most about when creating an episode of Hacker Valley Studio?

18:55 - What is one thing any friend or family member could do to make you laugh or smile?

20:28 - Who does more of the work on Hacker Valley Studio podcast?

24:50 - Who would play you in a movie?

27:30 - Which episode of HVS sticks out most in your mind and why?

37:16 - How would you define success for Hacker Valley Studio?

Links:

Our guest host Carole Theriault

Carole’s podcast - Smashing Security and Sticky Pickles

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 114 - The Good, Bad, and Ugly of Threat Intelligence with Patrick Coughlin

12 januari 2021 | 31 min

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview Patrick Coughlin, Co-Founder and CEO of TruSTAR. Patrick began his career as a security analyst in Washington D.C. and the middle east. By working with government contractors, multinational corporations, and counter-terrorism units, Patrick learned that the biggest challenge that security analysts have is retrieving the needed information from disparate data sources. This discovery led Patrick to founding TruStar. Patrick’s focus is to help organizations automate the collection and curation of threat intelligence data.

Patrick’s analytical prowess originated from working at Booz Allen Hamilton where he learned a fundamental skill that all cybersecurity analysts should have - how to put together a slide deck. This skill helped Patrick articulate the importance of threat intelligence to leaders in the government and private sector.

As the episode progresses, Patrick details the differences between threat intelligence requirements for national security and enterprise. For enterprise threat intelligence programs, the goal is to accelerate automation of detection and rarely attribution. Patrick also mentions automation is only as effective as the data is cleaned, normalized, and prioritized.

What about the good, bad, and ugly of threat intelligence? Patrick describes that an organization can thrive by leveraging internal intelligence. This can be overlooked when organizations are fixated on buying threat data feeds and subscribing to ISAC feeds. Most enterprise organizations have a detection and response stack that is constantly providing information about threats relevant to their organization - which serves as great threat intelligence data.

Chris and Ron ask Patrick about the science vs art aspects of cybersecurity and threat intelligence. Patrick describes that there is room for both art and science in threat intelligence. While new concepts are being discovered, there is art in finding the needle in the haystack. However, at some point, intuition can be described into steps that a machine can repeat. For example, after years of analytical practice an analyst can describe how and why they are tagging threat intelligence related data in such a way that can be repeated by other analysts or automation.

This episode covers an abundance of tactics and techniques for threat intelligence analysts. Patrick describes the best place to begin automating threat intelligence is detection. An analyst can ask the question, “How do I get sources of known bad indicators into my detection stack so that I could drive high fidelity detections?”. As false positives decrease, your mean time to detection (MTTD) and resolution (MTTR) decrease which makes your threat intelligence and security operation team members more effective.

0:00 - Intro

1:53 - This episode features Patrick Coughlin, Co-Founder and CEO of TruSTAR

2:30 - Patrick’s background and start as a security analyst

5:19 - How to automate threat intelligence while reducing analyst fatigue

7:05 - How Patrick cultivated his analyst prowess

8:43 - Articulating threat intelligence to government and enterprise organizations

11:09 - Can a threat intelligence program be automated?

17:21 - Patrick’s experience of “good” and “bad” threat intelligence programs

20:31 - Logic vs Intuition in threat intelligence

27:04 - Artificial Intelligence and Machine Learning to make threat intelligence decisions

28:42 - Where to start when automating threat intelligence

30:02 - How to stay in touch with Patrick Coughlin

Links:

Connect with Patrick Coughlin on LinkedIn

Link to Patrick’s company TruSTAR

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Take our FREE course for building threat intelligence programs by visiting www.hackervalley.com/easy

Episode 113 - Astonishing Stories with Neil Bearden

6 januari 2021 | 42 min

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview Neil Bearden, storytelling expert and founder of The Story School and Plot Wolf Ltd. Neil originally started his career by teaching statistics and behavioral economics but had an astonishing introduction to storytelling by a stranger in San Francisco.

The episode begins by Neil sharing that he began his career in academia by completing a PhD in psychology which led to him teaching statistics, behavioral economics and behavioral decision-making. At some point, Neil found that he had a passion for storytelling and started the first MBA course at our INSEAD university on storytelling called storytelling workshop. Teaching storytelling at university helped Neil discover that the storytelling market is the entire world! Which ultimately led to his recognition and founding companies that help individuals tell their greatest stories.

While completing his postdoctoral studies at Duke University in 2005, Neil attended a neuroscience conference in San Francisco where he decided to go for a walk and ran into a stranger that asked him, “Would you like to hear some poetry young man?”. After Neil agreed, the man said:

“They’re latent semantics embedded deep down inside these rambles; these aren't the ravings of a madman alone, the dark with candles.

These are my notes, the underground they were sent to me from the year 2012

Dusky as he said to a beat these lyrics, they were pinned in a prison cell

Caught up with a knife, sent to the compression of vacuum tubes that articulate expressions

Are readily answered with a question.

A rhythm that's progressing

It keeps the head nodding like you agreeing with the lesson

Your freedom, It's called the question - Free will. That's obsolescent.

It's a myth from long ago. It's no longer relevant to the present.

So you must obey then all your thoughts young man, you must replace them with this prism. You’re plugged into the system. You too are now in prison.

In the matrix of your mind known as walls, ancient wisdom in a system of symbols, encrypted and deeply hidden

In the depths of your unconscious as if it were forbidden from outside awareness, by the id who does its bidding”

The man introduced himself as Osiris, a poet. For several hours, Neil and Osiris shared life experiences together while Osiris recited poems at his own accord throughout the night. After departing, Neil never had the opportunity to meet Osiris again but did attempt to track him down years later with no luck.

After the introduction to Osiris, Neil made a commitment that he’d begin writing poetry and cultivate the courage to share his stories publicly. Neil learned that he could halt beer bottles from clinking, discussions happening, and have listeners lean in while telling a great story. This compelled Neil to pivot from teaching statistics at university to teaching storytelling. After teaching storytelling for many years, Neil realized that he wanted to make a bigger impact and become an entrepreneur and teach storytelling to anyone who needs it.

Today, Neil helps companies and individuals add spice to their stories by extracting the details of a story that helps listeners internalize and visualize the nutrient rich details of a story. Neil is often humbled by the fact that he was able to pivot to a psychology PhD to storyteller organically and is able to help so many through having conversations.

As the podcast progresses, Neil highlights the difference between a story and a “crappy little speech”. While telling a story, the presenter needs to invoke a visual experience for the audience and provide a mental movie. Providing description of looks, taste, and feel helps build a mental model for the audience when being told a story. Everyone has experiences and knowledge that is story worthy.

0:00 - Intro

2:52 - This episode features Neil Bearden, founder of The Story School and Plot Wolf Ltd

3:57 - Neil’s introduction to storytelling by Osiris, the poet.

12:20 - The search for Osiris after 2005

15:09 - How Neil helps companies and individuals with storytelling
18:03 - Difference between a story and a crappy little speech

23:51 - Shaking the dust off of a story and making it great

26:00 - Using previous experience from statistics to tell stories

36:36 - Advice for beginning to tell your story

41:00 - How to stay in touch with Neil Bearden

Links:

Connect with Neil Bearden on LinkedIn

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 112 - Cybersecurity and Ambient Computing with Dr. James Stanger

17 december 2020 | 25 min

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview the brilliant Dr. James Stanger, Chief Technology Evangelist at CompTIA and scuba diving aficionado. The episode is a kind of journey through time - touching on the past, present, and future of cybersecurity.

As the conversation begins, James looks to the past, sharing about himself and his background. He studied English Literature, worked as a technical editor and then writer, worked in education, and finally made his way to a position with CompTIA. All along, James demonstrated his propensity for combining aspects of his knowledge and experience, a propensity revealed most recently by the way in which his work for CompTIA merges education and cybersecurity. James’ background has an incredible evolution to it, and has set him up to be a well-rounded and knowledgeable addition to the cybersecurity field.

And his knowledge comes in handy, as much of James’s work involves answering client questions. James shares with Ron and Chris about current trends of questions he’s facing, as well as how he encourages agility in the face of emerging technology. Further, he explains the term, “ambient computing” and its tie to emerging tech, concluding that we are entering a hyper- or post-information age in which data is collected at an incredible rate. Data is in the air, captured, and processed, with massive stores of information about individuals available. This fact raises questions about how to ethically manage the data, and how to make sure it is used well. These questions, in turn, lead to considerations of business compliance, ramifications, and the like. As the conversation winds down, James shares areas of opportunity he sees in approaching cybersecurity from a business perspective, and explores ways in which he’d like to see the future of cybersecurity take shape - including an uptick in IT hiring, a stronger focus on implications, and more!

0:00 - Intro

1:41 - This episode features Dr. James Stanger, who begins by sharing about his background.

5:25 - What kinds of questions are companies and individuals asking these days?

8:04 - How is Dr. Stanger advising companies to pursue agility in light of emerging tech?

11:19 - What is ambient computing?

13:43 - The conversation turns to ethics, understanding of ramifications, and business compliance.

17:02 - What areas of opportunity does James see in approaching cybersecurity from a business perspective?

21:01 - James shares about what he wants the future of cybersecurity to look like.

Links:

Follow James Stanger on Twitter

Connect with James on LinkedIn

Learn more about CompTIA

Follow CompTIA on Youtube

Learn more about ByteChek

Want to take the Introduction to EASY Framework Course with Ron and Chris? Take it for FREE here: www.hackervalley.com/easy

Episode 111 - Getting Back to Happy with Suzanne Falter

14 december 2020 | 35 min

In this episode of the Hacker Valley Studio podcast, Ron and Chris are joined by Suzanne Falter, an author, motivational speaker, and podcaster who helps busy women find happiness through self care. In 2012, she ended her relationship, shut down her business, and her 22 year old daughter, Teal unexpectedly died. In the year that followed, she says she did nothing but take exceptional care of herself. Living in a friend’s guest room, she learned to slow down and practice self care.

Years later, Suzanne met the young woman who received Teal’s organs, and her mother, Debbie. Now, Debbie and Suzanne host the Back to Happy podcast together. Suzanne explains their instant chemistry, and how meeting them allowed pieces of life to fall together. These days in addition to the podcast, Suzanne has continued slowing down her life, working as an author and podcaster. She shares that she’s done this through choosing to slow down and practice meditation. She recommends taking a break from screens and starting to do small moments of life without them. It can be difficult, she says to start mindfulness from a healthy mental state, for those with depression or other mental health concerns, she says your first priority is to get help. Help can come in many forms, and it’s okay to reach out and ask for it.

To keep your alignment in check, and be able to sit in stillness, Suzanne says you have to have strong boundaries. This means recognizing what is encroaching on you. Once you’ve identified it and set that boundary, you can sit and do nothing which takes your brain into default mode. Default mode is where creativity and problem solving happens. In the midst of the pandemic, this can be difficult. Suzanne recommends small tasks that keep your hands busy, but allow your brain to relax as a start. She says avoid telling yourself what you “should” do, and think about what the next right thing to do is instead - one step at a time.

As the episode ends, Suzanne gives her advice to listeners for how to get back to happy.

0:00 - Intro

1:42 - Listeners are introduced to Suzanne and the episode ahead.

3:15 - Suzanne shares her background.

5:58 - How do you get back to happy after something tragic happens?

11:43 - Suzanne gives advice for how to slow down.

14:08 - Mindfulness practices.

21:53 - Suzanne explains the default mode.

24:42 - How can folks get back to happy in a pandemic?

32:41 - Suzanne’s advice to listeners.

Links:

Learn more about Suzanne Falter and connect with her on Twitter

Learn more about Suzanne’s books.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor Bytecheck.

Episode 110 - Becoming Material Security with Ryan Noon and Abhishek Agrawal

10 december 2020 | 33 min

In this episode of the Hacker Valley Studio podcast, Ron and Chris are joined by co-founders of Material Security, Ryan Noon and Abhishek Agrawal. They co-founded Material Security in 2017, today Ryan serves as the CEO, and Abhishek the CTO. Abishek has a background in engineering, infrastructure and analytics and his MBA from Harvard. Ryan’s background is in engineering and data analysis, and holds multiple computer science and security degrees from Stanford. Before they moved on to creating their own company, they worked together at DropBox.

While they both have a strong engineering background, they are developing a security product. Ryan explains that coding and engineering is why he’s able to work in cyber security, all his years of engineering helped him make a reliable and effective product. Abhishek agrees that both their different backgrounds have carried over into the security industry and says the lessons he learned in productivity and engineering have been incredibly useful. Despite these diverse backgrounds, Ryan says going into security was an easy decision. “Go to where the problems are,” he says. Around the time of the founding of Material Security, there were a lot of problems with email. Abhishek agrees, and says he’s always been interested in email and how it’s being destroyed by threats.

When hackers access your email, what are they looking for? Abhishek explains that they may be downloading all of its contents, or resetting passwords to services like Twitter or Instagram. Material Security works to ask those questions and stop the effectiveness of a breach in email security. This shifts the focus from all the ways someone may hack you, to the implications of that hack. Ryan likens it to a burglary, explaining that their security is less about all the doors and windows - ways to get into your home - but rather what someone may want once they’re inside.

There is a lot of hand wringing in startup land, Ryan says, but there is no one right way to do it. The startup can burn you out, and what made Material Security’s leadership work was the reliance on each other, both he and Abhishek and their third co-founder, Chris Park. For them, this was the magic answer, having a third person gives them a tie breaker and someone who could cut through the noise with clarity. Abhishek agrees, joking that they compliment each other by Ryan giving long detailed answers, and Abhishek can summarize his thoughts. In all seriousness, this balance of responsibility and strengths requires a level of trust and lack of ego but makes the team work smoothly. Having unique skill sets is important, but Abhishek explains overlap is important as well because you can speak the same language and push each other for the best solutions.

When you come from similar backgrounds, no one is the authority and ideas get pressure tested. One of the challenges is using this overlap of skills for good - not letting it paralyze you. Another challenge they faced is knowing where to question and press industry standards, versus where to accept and excel at current practices. When thinking over their challenges and journey they offer some advice to new founders. Ryan stresses, “stop trying to get into things.” People can fall into the trap of trying to get into college, programs, and industries, and end up giving up some of their productivity and creativity to others. He also encourages people to know their partners and communicate with them about everything. Abhishek says people should divorce the idea of leaving their job from starting a company. Instead you should decide if you’re ready to leave your current job and then if you want to go to a new company or start your own.

0:00 - Intro

1:40 - Listeners are introduced to co-founders of Material Security and the episode ahead.

3:05 - Ryan and Abhishek introduce themselves.

5:38 - How do engineering and cyber security intersect?

8:39 - Why did Ryan and Abhishek decide to go into security?

14:28 - Ryan and Abhishek explain what hackers do when they’ve gotten into email.

18:08 - How do Ryan and Abhishek navigate their relationship?

24:19 - Ron asks Ryan and Abhishek about the challenges of the founder’s journey.

26:45 - What piece of advice do they have for new founders?

Links:

Learn more about Material Security.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 109 - Honest Security with Jason Meller

8 december 2020 | 37 min

In this episode of Hacker Valley Studio podcast, Ron and Chris are joined by Jason Meller, Founder, and CEO of Kolide. Jason has over 10 years of experience in managing and leading security organizations. Jason’s interest in technology and cybersecurity began in the 1990s when he began programming in Visual Basic and building AOL Instant Messenger bots. Building offensive tools accelerated Jason’s interest in defending networks and helped him learn how much honesty plays part in building security solutions.

Jason mentions that the security monitoring software at most organizations have the same functionality as spyware or surveillance tools. In addition, these tools are designed to scrutinize all the actions that occur on a device. COVID-19 has increased the rate of organizations going through a digital transformation; as a result, users at an organization are not in a cubicle but at their home. This could mean that security teams have an extremely elevated level of access to devices without transparency as to what is being monitored to protect an organization. This is why Honest Security was created - to create a transparent relationship between security teams and end-users.

Jason has collaborated with Jesse Kriss from Netflix who is actively working towards incorporating user-focused security. Jason describes that organizations should build a culture based on trusting users, treating them like adults, giving them the tools that they need to do their job, and not treating them as suspects from day one. Instead, organizations and security teams should seek teachable moments by giving recommendations and educating users.

Throughout the episode, Jason describes situations that involve users and security team members maneuvering around security tooling obstacles to get their job done. Since working at home, traditional tools have created friction in the user experience. For instance, not having the ability to use USB ports on work devices, disabling corporate VPN to watch a YouTube video, and having to create a ticket to install software to help them with their job. When this friction is created, users will resort to using their personal devices for work activities and miss the opportunity to benefit from security. In some cases, there are “evil” applications found on a device created by a user - but often bad applications installed by users are Chrome extensions or helper utilities that are sending browsing history to a marketing firm.

In the Honest Security manifesto, there’s a section on empathetic intelligence, Jason describes this concept as thinking of the daily life users, thinking of what challenges are users attempting to solve in their workflow, and what part of that workflow could pose a risk to the organization. An example of this would be a security team member trying to empathize with someone who is a developer- and thinking of their daily workflow. When empathizing the security team may realize that the developer is attempting to fix issues on a production application. While fixing the production application, the developer may try to bring a copy of the application database to their local device. Creating a local copy of the database could pose a security risk the copy of the database is not deleted in a reasonable time or the user has their device auto-backup folders to their corporate or personal cloud storage solution (ie. Google Drive). Creating education for avoiding this mistake is a prime example of empathic intelligence when practicing Honest Security.

As the episode progresses, Jason goes into depth and explains more tenants of Honest Security - The goal is not to give unlimited power to the user or security team but to enable everyone to be in the position to make the right decisions and give appropriate recommendations. When consequences are articulated, users can understand that when maneuvering around security tools can pose a risk to their device and organization. Ie) disconnecting from the corporate VPN. When coaching and education are put as a priority when practicing security, James describes it as empowering the user to be successful and more transparent.

0:00 - Intro

2:28 - This episode features Jason Meller, Founder, and CEO of Kolide!

2:54 - Jason shares his background and his path into cybersecurity.

4:07 - What is Honest Security?

5:22 - Jason’s examples of dishonest security

8:08 - Collaboration with Netflix and User-Focused Security

16:00 - Jason describes Empathetic Security

19:17 - Tenants of Honest Security

35:32 - Wrap Up and Resources for Honest Security

Links:

Learn more about Jason Meller and connect with him on LinkedIn.

Learn more about Honest Security and read the manifesto.

Learn more about Jason’s company Kolide

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Episode 108 - Behind the Mic with Carole Theriault

2 december 2020 | 39 min

In this episode of the Hacker Valley Studio podcast, Ron and Chris host a special episode featuring one of their favorite guests. Carole Theriault is the co-host of both the Smashing Security podcast and the Sticky Pickles podcast, and she is also the founder and director of her own company, Tick Tock Social. Carole joins Ron and Chris to talk about her passion for being behind the mic, the impact of COVID-19 on the 2020 holiday season, and more!

As the interview gets underway, Ron and Chris ask Carole about her background and what she’s up to now. At this point, Carole says, she’s in “podcast land.” She works in tech and IT security, as well, and in her work with Tick Tock Social, she aims to help people simplify their messaging and make it palatable for the representatives of companies they’re propositioning. Turning to her podcasts, Carole shares about her co-host for Smashing Security, Graham Cluley, her friend (or frenemy, perhaps?) with whom she also previously worked for Sophos. To conclude her brief personal introduction, Carole notes that she also fills some of her time with hobbies, such as yoga, baking bread, and painting.

Moving forward in the conversation, Ron and Chris are first curious about how Carole got into podcasting in the first place. She explains that a business trip for Sophos involved her listening to This American Life and falling in love with the podcast medium. After she stopped working for Sophos, she started her own projects, and she was eventually able to convince Graham to host a podcast with her.

And it is this podcast that once included Chris as a guest! So, Chris asks, how did he do? The question kick starts a conversation about quality podcast and radio production, which involves voice quality, radio technique, and more. Fortunately, Carole finds that Chris (like Ron) has a great radio voice, and (unlike Graham) she also finds him to have a good laugh. While it can be challenging to find guests with strong radio presence, one benefit of 2020 is that people have had lots of opportunity in lockdown to work on the relevant skills!

Another area in which potential guests often struggle is that of communicating and making themselves the “star,” so to speak. Carole skillfully takes pressure off of guests and highlights them herself, and she is able to do so because she is not running her show for a boss or a company, but for herself and in order to have fun. Her work is designed to be light!

The lightness is born out of experience, though, as Carole is able to choose content for the show because of a well-developed instinct. She developed her instinct, in part, through her work at Sophos. Looking back, Carole details her transition away from Sophos. Over her 15 years there, the company grew and changed, Carole took on too much, and she found she needed to leave. She and Graham decided on the same day to leave Sophos, not knowing where their friendship was yet to lead!

Carole’s journey has certainly been one of stepping into her personal power, and her philosophy in all her endeavors is to be herself. While missing personal contact, she has navigated the pandemic well in her professional life. More personally, she, Ron, and Chris look ahead to the upcoming holidays, which will certainly be usual! They also share a benefit of the pandemic: people having more free time to join podcasts as guests. In fact, Carole is excited to feature Tim Harford of the BBC’s More or Less podcast soon (and, hopefully in 2021, Ron!).

As the conversation winds toward a close, Carole explains her approach to finding guests, which focuses on finding “win-win” scenarios. She likens the departure of co-host Anna (from Sticky Pickles) to a breakup, asks about Ron and Chris’s friendship, and offers advice both to a new podcaster and listeners looking to ensure their cybersecurity this holiday season!

0:00 - Intro

1:40 - This special episode features Carole Theriault!

2:44 - Turning to Carole, the hosts ask her to share her background and what she’s up to now.

5:00 - How did Carole get into podcasting in the first place?

6:50 - Chris asks, “How did I do?”

10:03 - What are some techniques to highlight a guest and make him/her the star?

12:10 - Carole and her hosts get into content selection.

15:13 - Carole tells the story of her decision to leave Sophos.

19:00 - This journey has been an experience of stepping into her own power.

21:01 - She is herself in her work; COVID-19 has not hindered this (though she misses people!)

23:26 - The group talks holiday preparations.

27:49 - Next, they talk future podcast guests and how to choose guests.

30:07 - How long have Ron and Chris known each other?

32:32 - What’s Carole’s advice for new podcasters and for holiday cybersecurity?

Links:

Learn more about Carole Theriault and connect with her on Twitter.

Learn more about the Smashing Security podcast and connect on Twitter.

Learn more about the Sticky Pickles podcast and connect on Twitter.

Learn more about Tick Tock Social.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about our sponsor ByteChek.

Introducing the Marqeta Leads Podcast

1 december 2020 | 26 min

Episode 106 - Stacking the Deck of Success with AJ Yawn

24 november 2020 | 39 min

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview AJ Yawn in an episode that is a mix between a master class and a founder’s journey. AJ is the founder and CEO of ByteCheck, with a personal and company goal to “make compliance suck less.” He is a cloud security expert, and brings to the conversation a wealth of wisdom on cybersecurity, leadership, and personal growth. The episode focuses on topics surrounding a major event in the past week for AJ and ByteChek, addressing AJ’s background, the work surrounding ByteCheck’s genesis, AJ’s thoughts on compliance, and more!

The interview begins with a look at AJ’s background. AJ grew up a military brat, and eventually found himself in the Army for a time. While he did not place much consideration on technology before he entered the Army, it was during his Army career that AJ developed an interest in cybersecurity. He became passionate about cybersecurity and the cloud, and he went all in! After he left the service, he began a job in cybersecurity consulting, and he’s been in the field ever since.

This episode is recorded at another momentous shift in AJ’s career, though, and Ron and Chris invite him to share about the past week, focusing on highs and lows. AJ shares about how he and his friend Jeff just launched ByteChek days ago, choosing as their launch date the significant holiday of Veterans Day! This choice was a way to honor AJ’s family members who served before him, and Ron and Chris also thank AJ for his own service to his country.

In light of this exciting time, AJ explains what the early days of the company have been like and considers some influences that have shaped him. In this stage of his company, AJ has capitalized on LinkedIn. He had previously not been accustomed to using the site or to the more general task of business promotion, but he’s found that networking on LinkedIn is a great way to grow a new business. He also explores ways in which his background in sports and as a middle child among nine siblings have shaped him as a cybersecurity worker and entrepreneur. Such factors of his youth helped him to foster a growth mindset and competitive nature, and also taught him to stand in his power.

Next, AJ talks about the thinking behind the tagline, “make compliance suck less,” which is honest, humorous, and relevant to the problem that drove AJ to start the company. As he navigates issues of business, compliance, and the like, AJ demonstrates remarkable capacities for focus. Ron and Chris wonder how he manages to focus on a single subject and to stay intentional for months or even years at a time, and AJ answers that he focuses on the process. In order to do so, he relies on the 90-91 model (which calls for the first 90 minutes of his day to be centered on a certain thing), as well as an array of goals.

AJ is also deeply committed to an active pursuit of personal growth. One of the clearest demonstrations of this commitment came in the years leading up to the launch of ByteChek. AJ saw the need for such a company years ago and had it in mind to start his own company, knowing that he needed to take a chance to make the impact he wanted to make. However, he also knew that he was not yet ready to start a business, so he created a masterclass for himself to prepare. Since, in first forming the company, he needed to place special focus on learning the business and marketing side of things, his successful navigation of LinkedIn is just one testament to the effectiveness of his intentional training.

Even in the midst of the fear surrounding the COVID-19 pandemic (and many problems for businesses), AJ was confident in betting on himself and launching ByteChek. And he’s confident in the future of the company, as well. He invests himself in making compliance exciting for clients, and among his projections for the future of compliance, he even includes plans for a ByteChek Academy! As the conversation reaches a close, AJ provides listeners with a final nugget of wisdom pertaining to the two most prominent themes of the conversation: betting on oneself and stepping into one’s personal power.

1:35 - This episode features AJ Yawn!

2:53 - AJ and his hosts turn to background info and what AJ is doing today.

4:35 - This past week has been huge for AJ because of his company launch!

6:33 - Did AJ’s interest in cybersecurity start while he was in the Army?

8:49 - The group speaks of AJ’s family background, including the fact that he is one of nine kids!

10:00 - Has being in the middle of a big family and playing sports shaped AJ?

12:52 - AJ and his hosts consider ByteChek’s tagline.

15:21 - How does AJ focus so well?

17:18 - Why did he launch the company now, even in the midst of COVID-19?

21:21 - AJ created a masterclass for himself.

25:38 - How does AJ make compliance exciting?

29:39- AJ is asked about the future of compliance.

33:45 - What’s one nugget of wisdom AJ can offer concerning two main themes of the episode?

Links:

Connect with AJ on LinkedIn.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about ByteChek, and mention Hacker Valley Studio to receive a limited time offer!

Episode 105 - Striving for Impact with David Tsao

18 november 2020 | 36 min

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview longtime friend David Tsao. David is a security advisor who leads security engineering at Marqeta, and he is an ever-innovating wealth of knowledge. Ron and Chris ask David about his background, philosophy of leadership, and more!

David took a nontraditional route into the security field, as he had a background in chemistry and pharma before breaking into the security community. Ron and Chris ask David to explain various aspects of his experience, including decisions regarding when to buy or build things, how vendors may find problems to tackle, and his own founder’s journey as a team builder. David’s story of team-building opens the door to conversation about his role as a leader in the field, and he tells Ron and Chris about his expectations about leadership and how they matched reality, strategies for assuring opportunity for team impact and giving individual employees opportunities, and what he looks for in his work of hiring employees.

Another major topic of conversation is David’s philosophy concerning the social commentary of the day. More specifically, Ron and Chris wonder how he thinks about issues surrounding both diversity and inclusion and wealth and income gaps. David explains his thoughts and desire to partner with others in work for change, and also shares the story of a past experience tasting social change and feeling like he made a difference. Finally, David offers advice to listeners eager to make an impact on their own community, as well as listeners looking with a broad vision and wanting to bring change to the world.

1:34 - This episode features David Tsao and starts with a look at his background.

3:48 - David handles questions of building vs. buying and operating as a vendor.

9:54 - The conversation turns to David’s founder’s journey.

13:26 - David is asked about his first step into leadership, including expectations and reality.

15:05 -David gets into some team strategies and ways to best serve individual employees.

20:48 - What does David look for in hiring people new to the security field?

23:59 - Ron and Chris want to know David’s philosophy on social commentary going on now.

28:14 - They ask David to share a story about seeing and contributing to social change.

30:47 - Where should people who want to make a community impact start?

33:37 - What’s one piece of advice to listeners wanting to bring change in the world?

Links:

Connect with David on LinkedIn.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about ByteChek, and mention Hacker Valley Studio to receive a limited time offer!

Episode 104 - Analyzing the Enemy with Robin Black

11 november 2020 | 37 min

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris provide a very special episode as they interview Robin Black. Robin is a martial arts practitioner and commentator, and he is arguably the best martial arts analyst in the world. He believes secrets to the universe lie in the sacred moments of combat - and that couldn’t be any more true in cyber security. So what does cyber security have to do with martial arts and analysis? Ron and Chris invite listeners into the conversation to find out!

As the conversation begins, Robin shares about his background, emphasizing the fact that he has the privilege of doing what he loves. Robin’s work involves taking events and crafting a story in real time; the task is in many ways similar to that of cyber security, but as a general rule, it requires more speed. And so, Ron and Chris wonder, what is Robin’s mindset as an analyst? Robin explains how he developed his interest and skill as an analyst, slowly building skill, sharpening his ability with language, and consciously deciding to go back to the roots of martial arts in his analysis rather than approaching the work as a television announcer typically would. He is an art curator of violence, so to speak, and is committed to “nutrient rich” commentary.

Moving forward in the conversation, Ron and Chris wonder about what advice Robin would offer to the “little guy.” Using the example of Brazilian Jiu Jitsu, Robin explains the value of knowing more, having more knowledge, being able to change, and being confident. Such strengths help the apparent underdog in both fighting and cyber security. Much like they considered unhackability with previous guests, Ron and Chris also raise the notion of an unbeatable fighter, and Robin details the reasons why such a fighter is a myth. Listeners will learn about such things as the cracks and flaws in fighting (which are located in the root of fighting - within belief systems), the workings and danger of muscle memory, how Robin dissects fighters, and how Robin thinks about cyber security!

1:45 - This special episode features Robin Black!

3:19 - The conversation first turns to Robin’s background and what he’s doing today.

5:31 - What is Robin’s mindset as an analyst?

11:21 - Ron and Chris wonder what advice Robin would give to the “little guy.”

14:02 - Is there such a thing as an unbeatable fighter?

17:17 - The episode turns to the flaws and cracks within fighting.

20:54 - What is the component of muscle memory, and what role does it play?

24:31 - Ron and Chris want to know how Robin dissects fighters.

33:24 - Does Robin have any questions about cyber security?

Links:

Follow Robin on Twitter, Instagram.

Follow Bellator MMA on Youtube.

Learn more about Hacker Valley Studio.

Support Hacker Valley Studio on Patreon.

Follow Hacker Valley Studio on Twitter.

Follow hosts Ron Eddings and Chris Cochran on Twitter.

Learn more about ByteChek, and mention Hacker Valley Studio to receive a limited time offer!

Episode 103 - Social Influence and Voting in Cyber with Kiersten Todd

2 november 2020 | 30 min

Episode 102 - Tale of Three C's Craig, Corey, and Cyvatar

28 oktober 2020 | 31 min

In this one-of-a-kind episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview two amazing founders who are disrupting the industry and bringing in unique perspectives. They are Corey White and Craig Goodwin, the founders of Cyvatar, a cybersecurity-as-a-service startup. The conversation centers on the business itself, Corey and Craig’s journey as founders, and more!

The conversation starts with Craig and Corey sharing a bit about their respective backgrounds. Craig has been a CISO for about 20 years, having moved into that line of work after spending the previous years working for the government of the UK and in security services. Corey has been in his current industry for about 25 years, and he details his work with companies such as Foundstone and Cylance that eventually led him to his present work. Craig and Corey share an entrepreneurial spirit that they’ve each had since childhood, but they have complementary backgrounds that help them to work well together, with Corey approaching the company from an industry perspective, and Craig from a CISO perspective.

Corey and Craig talk with their hosts about Cyvatar. They share about their first seed round, the gaining of their first customers, and their aim to be cyber avatars for their customers - putting customer needs first and taking a background role to make the customers look good. Further, Corey and Craig discuss the way they navigate dynamics of team synergy and collaboration when they live on different sides of the world, address their decision to include services with their startup, explain their slogan and the terminology they’ve developed, and finally share lessons they’ve learned from their journey.

0:56 - This is a one-of-a-kind episode!

2:05 - The conversation turns to Corey and Craig’s respective backgrounds.

5:18 - What is the background of the company?

8:45 - The focus shifts to Craig and Corey’s complementary skills.

13:19 - How did Corey and Craig realize they had an entrepreneurial spirit?

17:06 - A team needs synergy and collaboration.

20:40 - Corey and Craig decided to include services with their startup.

24:57 - The two founders introduced new technology.

27:21 - Corey and Craig are asked about lessons they’ve learned.

Get your free audiobook from Audible.com

Connect with Marco Figueroa on Twitter

Connect with Cyvatar on LinkedIn.

Follow Cyvatar on Twitter.

Connect with Corey White on LinkedIn.

Follow Corey White on Twitter.

Connect with Craig Goodwin on LinkedIn.

Follow Craig Goodwin on Twitter.

Email Corey at [email protected]

Email Craig at [email protected]

Learn about Cyvatar’s recent seed round and press release.

Episode 101 - US CyberWeek With Congresswoman Yvette Clarke and Laura Robbins

23 oktober 2020 | 57 min

Episode 100 - A Very Special Episode

21 oktober 2020 | 64 min

Episode 99 - Securityweek's 2020 CISO Forum: HVS Style

12 oktober 2020 | 31 min

Hacker Valley Red Finale - Marco Figueroa

6 oktober 2020 | 47 min

This episode of the Hacker Valley Studio podcast concludes the Hacker Valley Red series. In this finale, Ron and Chris interview their friend - and formerly their shared roommate - Marco Figueroa. Marco is a security researcher and cybersecurity speaker, and he is also a bug bounty enthusiast. He and the hosts constant improvement, bug bounty, and more, while also looking back at the conversations thus far in the season.

At the start of the conversation, Marco shares about his background and what he’s doing now. He runs through the past 7-8 years of his career, ultimately arriving at his current transition to Sentinel. Ron and Chris jump in to thank him for his contributions to their podcast, and to share with listeners about their friendship with Marco. Moving forward, Marco talks about how he first got into the security community, and eventually found a niche in reverse-engineering malware. He also involved himself in the bug bounty community, and in his various spheres of life, he is committed to building relationships and staying relevant. Marco explains his system of scheduling calls, his practice of (and future plans for) content creation, and love of learning and feedback.

Throughout the conversation, Ron and Chris lead the conversation to cover a wide variety of topics. They ask about the possibility of an unhackable device (which Marco denies), the mindset of a hacker, Marco’s philosophy in protection work, and the question of whether or not coding experience is needed for hacking. The group looks back to former conversation about the hacker mindset (with Ted), about community (with Alex), and about social engineering (with Rachel). In view of the whole season, the group considers two main takeaways: the value of mentorship and the need to put oneself out there and take a first shot. Marco shares a lot from his own experience, and makes sure listeners know to press on and trust the process.

-The episode features Marco Figueroa, and listeners are introduced to the content ahead.

-What is Marco’s background, and what is he doing now?

-Is there such a thing as an unhackable device?

-The group talks about Marco’s philosophy in his protection work, the place of social engineering, and the value of building relationships.

-What is the hacker mindset, and do you need coding experience to be a good hacker?

-If interested in the red side of the field, what should someone do first?

-Marco shares about what he sees on the horizon.

-The group considers two major season takeaways: the value of mentorship and the need to put yourself out there and take the first shot.

-Where is Marco planning to take his contact creation from here?

Links:

Connect with Marco on LinkedIn

Follow Marco’s Livestream

Hacker Valley Red Episode 7 - Maurice Ashley

6 oktober 2020 | 41 min

This episode of Hacker Valley Studio podcast’s Hacker Valley Red Series features guest Maurice Ashley, a chess grandmaster and author of Chess for Success. Maurice is a chess guru and has been playing it ever since his high school years. He is currently involved in commentating for chess events, teaching chess, and training national chess champions. In this episode, Maurice and the hosts talk about Maurice’s chess journey along with some parallels between chess and cyber security.

The hosts, Ron and Chris, start off the interview by pointing out one parallel between chess and cybersecurity: the art of training. Maurice responds by sharing about the rigorous training of chess, and of the different strategies and techniques that must be learned. He also takes some time to explain his own journey with training in chess and how it progressed through the years. In high school, he started playing with his brother, and then moved to playing in more formal settings with more challenging opponents. This eventually led to earning the title of chess grandmaster. Being the first black male to receive the Chess Grandmaster title, Maurice speaks on how this accomplishment inspired others to reach for their goals.

Circling back to the parallels between chess and cyber security, Maurice touches on the importance of practicing for performance. This means knowing your opponent, studying their strategies, and using their energy against them. Chris and Ron highlight how this parallels with cyber security in knowing how to approach the opponent. They then ask Maurice about his thoughts on an unbeatable chess player and how it relates to an unhackable system. Maurice responds by explaining that in the game if chess with its millions of possible outcomes, having an unbeatable player is impossible. Additionally, He emphasizes how this truth relates to cyber security. Rather than focusing on being unbeatable, Maurice encourages focus to be spent on readiness which is acquired through practice. In cyber security, Chris and Ron explain how readiness means having the ability to respond automatically to situations. They ask Maurice about blitz and bullet chess and how it relates to this kind of practice. According to Maurice, blitz and bullet chess rely heavily on instinct and experience.

The conversation ends as the hosts ask Maurice to share some tips for people interested in learning chess. Maurice encourages people interested in chess to download his new app, Learn Chess with Maurice Ashley, where he provides lessons on chess. He closes by encouraging others to reach for the greatness inside them. According to Maurice, greatness is defined as having the right mindset, doing the hard work, making the sacrifices, and learning through the process. This is the greatness that will be reflected in the end goal.

2:49 - Maurice introduces himself

6:46 - Maurice’s journey of becoming a grandmaster

9:20 - The impact of Exposure

11:07 - Maurice tells of the significance of being the first black male to earn the title of Chess Grandmaster.

15:00 - Maurice tells of the influence of his family in earning the title of Chess Grandmaster.

17:58 - Maurice speaks on practicing for performance and how it relates to cyber security.

22:00 -The parallels between an unbeatable chess player and an unhackable system

25:18 - Maurice explains blitz and bullet chess and how it relates to cyber security.

33:25 - Maurice gives some tips on how to get started playing chess.

37:04 - Maurice gives advice on how to reach greatness.

Links:

To learn more about Maurice Ashley, visit https://mauriceashley.com

Follow Maurice Ashley on Twitter and Instagram

Learn more about Maurice Ashley’s book Chess for Success and his app Learn Chess with Maurice Ashley

Hacker Valley Red Episode 6 - Lisa Jiggetts

6 oktober 2020 | 34 min

On this episode of Hacker Valley Studio, hosts Ron and Chris speak with Lisa Jiggetts, founder of Women’s Society of Cyberjutsu. Their conversation covers Lisa’s background, her current work and her involvement as a penetration tester.

Lisa says she’s always been a techie who loved gadgets, breaking things and trying to understand how they fit together. She knew she wanted to work with computers, but wasn’t sure what that meant, exactly. Out of high school she joined the military working in IT, but knew she wanted to be a hacker. Eventually, she made her way to pentesting apps and systems in the cloud. Lisa loves the game aspect of pentesting and the red team. She says she enjoys the challenge of trying to get into the box and “level up,” trying more and more ways in before reaching out for help.

In between jobs a few years ago, Lisa began dreaming of a hands on training group for women like herself. It began as a meet-up group, which grew into the Women’s Society of Cyberjutsu, (WSC). She wanted hands-on workshops and an opportunity for networking and building a network of mentors and mentees. The first workshops and members were women in IT and even outside of tech, who were looking for a change and challenge in their career. Now the organization is in a state of growth with chapters across the country. To anyone interested, she says WSC gives the opportunity for hands-on training and a network of support.

As the episode ends, Lisa shares her advice to anyone interested in the red team or the world of cyber security in general. Her number one piece of advice is networking, because that’s the way she’s found a lot of her work in the past. She also encourages listeners, regardless of where they’re starting, to get their skills up any way they can. The field is always changing, Lisa says, so the initiative to work and show up is invaluable.

2:12 - The episode and guest are introduced.

3:50 - Lisa gives an overview of her background.

10:00 - Lisa explains her breaker mentality.

15:57 - What made Lisa commit to pentesting and the red team?

20:34 - Lisa discusses the founding of the Women’s Society of Cyberjutsu.

29:44 - Lisa’s advice for listeners interested in the red team and cyber security.

Links:

Follow Lisa Jiggetts on Twitter

Learn more about WSC

Learn about Ted’s book, Hackable

Hacker Valley Red Episode 5 - Ted Harrington

6 oktober 2020 | 42 min

In this episode of the Hacker Valley Studio podcast’s Hacker Valley Red series, this time featuring guest Ted Harrington. Ted is an Executive Partner at ISE Security, an author, and a professional speaker. Hosts Ron and Chris speak with Ted about the concept of unhackability, his experience in the security field, an interesting story of an attack in real time, and more!

To start off the interview, Ted shares about his background. He currently works for a consulting firm that focuses on ethical hacking and aims to help companies solve their security problems, and his interest in the work of hacking goes back to a car-hacking experience in which he and his colleagues were inspired by a claim of unhackability and disproved the claim. Ted clarifies that there is effectively no such thing as an unhackable device or application, but that his work centers on closing attack vectors and making security systems stronger. In fact, he wants his legacy in the field to center on making things better. He shares about his own energy and motivation, and also explains the mindset of a hacker, which involves creativity and a certain way of thinking about and solving problems.

Ted has learned a great deal in his years in the hacking field, and Ron and Chris are eager to draw lessons out for listeners. Ted explains misconceptions about the red side of security before providing an extended example of hacking in real time: an example of cryptocurrency wallets that involved Ted and his team happening upon a real thief at work. Ted explains that people should not have a laissez-faire attitude about security, and that they should foster a right mindset and right partnerships. He clarifies that he sees many breakers start as builders, explains the utility of thinking from the perspective of a buyer, and offers advice for listeners looking to enter the field. This advice centers on mindset and hands-on activity; there are lots of opportunities to get involved with DEF CON, talks, contests, and even internships (including some at Ted’s company).

1:50 - The episode features Ted Harrington; listeners are introduced to him and the episode ahead.

3:05 - The conversation begins with Ted’s background.

7:21 - The group considers the term “unhackable,” closing attack vectors, and breakers starting as builders.

14:02 - “Think like a hacker.”

20:02 - Ted explains some lessons from real-life work, focusing on a cryptocurrency wallet example.

25:13 - What should people learn and do?

30:38 - Where do Ted’s energy and motivation come from, and what is the most interesting part of his work?

34:32 - Ted offers advice and shares what he hopes his legacy in the field will be.

Links:

Connect with Ted on LinkedIn or email him at [email protected]

Hacker Valley Red Episode 4 - Alissa Knight

6 oktober 2020 | 46 min

On this episode of Hacker Valley Studio, hosts Ron and Chris speak with Alissa Knight, author of the book Hacking Connected Cars and self described “recovering hacker.” Their conversation covers content creation, API’s and hacking cars.

Alissa grew up in Seattle, Washington where there was a big art scene. She began building her own computers and running her own boards at an early age. She says a lot of people don’t know that she started out in the BBS scene back in the 90’s. At seventeen she hacked into a government network and was arrested. Eventually, the charges were dropped on a technicality and she went on to work for the US Intelligence Community in cyber warfare.

Alissa’s first start-up was a web design company where she ran a Lennox webserver around the time the teardrop attack in Lennox servers. The people she rented office space from were teardropping her web hosting server. She picked up a book on cyber security, and got introduced into the world of cyber security through necessity. She had a passion for finding vulnerabilities, and understanding things that were difficult to understand, which is what brought her to embedded systems. The rest she says is history.

As the episode ends, Alissa talks about her YouTube Channel, KnighTV. She says she’s always been an artist, and always wanted to do things at 200%. Her following is relatively new, at the beginning of 2019 she only had 4 followers on Twitter and now she’s passed the threshold to be part of the YouTube Partner Program. She wanted a cinematic experience for the viewer to stand out and not be just another video for the viewer. For anyone interested in getting started in being a breaker, she’s posted a couple videos on the topic, and explains there are many resources at their disposal. She says this line of work takes grit, and in her opinion a passion for reading.

2:08 - The episode and guest are introduced.

3:19 - Alissa gives an overview of her background.

6:29 - How Alissa’s career began.

10:16 - Do you have to program to hack?

14:26 - What led Alissa to hacking cars?

24:55 - Alissa explains what people get wrong about the red team.

29:25 - Alissa answers the question, “is there an unhackable device?”

36:54 - How KnightTV came into being.

41:08 - Alissa gives her advice on where to start getting into cyber security

Links:

Follow Alissa Knight on Twitter

Subscribe to Alissa’s YouTube Channel

Connect with Alex Rice on Twitter

Hacker Valley Red Episode 3 - Alex Rice

6 oktober 2020 | 38 min

This episode of the Hacker Valley Studio podcast continues the Hacker Valley Red series by featuring Alex Rice. Alex is the CTO and co-founder of HackerOne, and he joins hosts Ron and Chris for a conversation about such topics as the beginnings of the researcher community, bug bounty, and the term “hacker.”

Alex first shares about his background leading up to what he’s doing today. He worked as a developer, and then about 20 years ago, he moved into the security field. Part of his career trajectory was motivated by his frustration over a lack of feedback loops, and he explains both how HackerOne came to be and some details about bug bounty. Ron and Chris are particularly interested in why HackerOne has the term “hacker” in it, even though the term can carry with it negative connotations (however inaccurate they may be). Alex clarifies that he and his colleagues do not want to beat around the bush, but want to be part of the work of dismantling false stereotypes about hacking.

Moving forward in the conversation, Alex covers a variety of topics related to his work. He addresses changes in hackers’ experiences with cease and desist orders, the bug bounty community, and the gamification of security and hacking. He shares about different motivations of security researchers, teenagers making a lot of income through bug bounty, hacking outliers and their personas, impacts of COVID-19, and writing reports. Ron and Chris ask Alex about whether or not unhackability is possible (spoiler: it’s not!), as well as about the closest thing to unhackable that can be achieved. Alex explains what he’s looking toward in the future, talks about his love of outdoor work, and finally offers encouragement to the person in bug bounty looking to keep progressing in the field.

1:34 - Listeners are introduced to Alex Rice and the conversation to come.

2:41 - What is Alex’s background, and what is he doing today?

7:45 - Alex explains why the term “hacker” is included in his company’s name.

10:45 - The group considers cease and desist orders, bug bounty community, and gamification of security and hacking.

18:11 - Alex addresses the reality of teenagers making millions through bug bounty, as well as the personas of hacking outliers.

22:43 - Alex talks bug bounty, COVID-19, and writing reports.

25:41 - Is unhackability possible? If not, what’s the closest we can get to it?

30:02 - The conversation concludes with Alex’s thoughts on the future, hobbies, and encouragement to people in bug bounty looking to continue in the field.

Links:

Connect with the Bug Bounty Community at hackerone.com/hacktivity

Hacker Valley Red Episode 2 - Rachel Tobac

6 oktober 2020 | 39 min

On this episode of Hacker Valley Studio, hosts Ron and Chris speak with Rachel Tobac, CEO of SocialProof Security and Chair of the Women in Security and Privacy Board. Their conversation covers everything from neuroscience to spearfishing and human’s place in cyber security.

Rachel is a human hacker, also known as a social engineer, and she begins the episode by explaining her background in social engineering and experience in the non profit space. She credits her success in the field to her background in neuroscience and behavioral psychology as well as training in improv. Her husband works in cyber security and encouraged her into the space even though she was nervous at first because she didn’t know how to code.

Rachel explains that she still does not know how to code, her most important skills in social engineering are the ability to persuade and improv. When working with companies, Rachel helps client facing employees to help confirm people are who they say they are. She sits down with them to go through processes that help her close the loopholes that allow hackers to mine information. Humans are the first line of defense, so they have to have their guard up. From there, keeping the organization up to date on the latest trends in cyber security and how hackers find their way in is key to getting the correct tools to prevent hacks.

As the episode ends, Rachel shares her next steps are working with hospitals to prevent ransomware and phishing attacks. She’s also turning her attention toward the election and educating people on what the 2020 Presidential election will look like and the time it may take to announce the winner. While she does not currently think elections can be done entirely from home, she considers it a goal for the future.

1:59 - Rachel Tobac and today’s episode of Hacker Valley Red is introduced.

8:50 - What are the skills needed to become a social engineer?

10:51 - Rachel leads Ron and Chris through an improv exercise.

13:59 - Rachel shares where she thinks technology is headed.

20:20 - Rachel shares the scariest part of social engineering hacks.

25:29 - Rachel’s key takeaways.

34:11 - Rachel is looking toward 2020 election security.

Links:

Follow Rachel Tobac on Twitter

Hacker Valley Red Episode 1

6 oktober 2020 | 30 min

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris introduce the podcast’s new series: Hacker Valley Red. After the previous season highlighted the defensive side of cyber security, this season will focus on the other side of the coin - the offensive side. Ron and Chris spend this initial episode talking about their experience with the offensive side of cyber security, what listeners can look forward to hearing in the episodes ahead, and what sorts of questions experts will field throughout the season.

As the conversation gets underway, Ron and Chris introduce the season, which will cover such topics as the background and personas of red teamers, information about red teaming technology, misconceptions from the blue side, and what red teaming really looks like. The hosts then share their own backgrounds in red teaming. While they both had some prior experience with red teaming, they learned a lot through hosting the episodes in the season. As they introduce the series ahead, Ron and Chris touch on the social side of red teaming, analogies by which red teaming can be explained, Ron’s exploitation video, the value and use of red teaming within organizations, the shared community of red and blue teaming, purple team engagement, the concept of unhackability, and more.

In the episodes ahead, Ron and Chris will ask guests what other aspects of life and technology help them with red teaming, and there are particular topics from the episodes that they are most excited to consider with listeners. These topics include the issue between blue and red teams, the concept of a hacker, the idea of unhackability, and different perspectives of paths into the field of red teaming and to mastery within it. Ron and Chris conclude their introductory conversation with two lessons they hope listeners will take from the season: the lesson that creation is a process and that the best red teamers learn to love the process, and the lesson that both red and blue team members are on the same team.

0:48 - The podcast is now moving to the other side of the coin: the offensive side of cyber security.

2:48 - Ron and Chris share their respective backgrounds in red teaming.

7:25 - What other aspects of life and technology help guests with red teaming?

10:50 - Chris asks about Ron’s exploitation video.

12:52 - The hosts address the iterative improvement of an organization’s security posture.

18:14 - Ron and Chris talk about purple team engagement.

21:12 - Is unhackability real or possible?

24:53 - Hacking can have to deal with a human, rather than a device or application.

26:34 - What key takeaways do the hosts want listeners to take from the season?

28:10 - What do Ron and Chris want listeners to learn?

Links:

Hacker Valley Blue Season Finale

1 september 2020 | 35 min

In this episode of the Hacker Valley Studio podcast’s Hacker Valley Blue series, Ron and Chris wrap up the season with a recap of its past episodes and major takeaways, as well as a look at what’s to come for them personally and for the podcast.

Looking back on the season, Ron and Chris consider the importance of communication in the field of threat intelligence, specifically thinking of insights from their talk with D’Arcy and lessons in poetry and delivery from Valentina. They cover the surprise of Jack’s willingness to share personal thoughts, review their discussions of bias (specifically highlighting talks with Jon and Susan), and recount things learned about the concept of unhackability. Listeners will hear about the inevitability of mistakes in threat intelligence work, the “easy button” framework, the season theme of sharpening oneself outside of work, and the dynamic of a threat intelligence team.

The episode then turns toward Ron and Chris, themselves. Ron first puts Chris in the hot seat and asks what the future of threat intelligence is for him. Chris explains that, while he thinks his days as an individual contributor for threat intelligence are over, he is still doing some quiet, yet-to-be revealed work, and is turning much of his attention to giving back to the field. Ron, in explaining his own work, talks about bouncing between tasks, building tools for others, distilling information into simple messages, and continuing to navigate issues of automation. Finally, Ron and Chris thank people involved with the season and address what the future holds for the Hacker Valley Studio podcast. Listeners hear the exciting announcement of the next season: Hacker Valley Red!

0:47 - Ron and Chris talk about the importance of communication in the field of threat intelligence.

2:56 - What was one surprise in this season?

3:52 - The hosts review their conversations about bias.

6:55 - The episode turns to the “easy button” framework and the need for personal sharpening outside of work.

16:15 - Ron and Chris consider the inevitability of analysts missing things and the building of a team.

20:22 - What is the future of threat intelligence for Chris and Ron?

27:50 - The hosts review their insights about the possibility of an unhackable device or app.

29:43 - What is next for the Hacker Valley Studio podcast?

Links:

Learn more about RiskIQ

Hacker Valley Blue Episode 7 - D'Arcy Webb

1 september 2020 | 34 min

Ron and Chris host their vocal coach, D’Arcy Webb, for this episode of the Hacker Valley Studio podcast’s Hacker Valley Blue series. Since threat intelligence is a communications-based function, Ron and Chris look to “The Speech Diva” for insight. She has experience as an actress, was a coach for TEDxCambridge, and loves teaching people how to access the power of language to touch people’s hearts and change their minds.

As the conversation begins, D’Arcy explains her background to listeners. She explains how an acting incident early in her career turned her attention to the topic of vocals, and clarifies that she has spent the last 25 years teaching and exploring this aspect of performance. D’Arcy is passionate about treating the voice as the instrument that it is, and she works with students such as Chris and Ron to help them discover the musical and magical components to language and improve their own speaking practice. The way we speak, she insists, impacts people, and so it is well worth pursuing excellence in this area.

The conversation also highlights various details pertaining to vocal training. D’Arcy lists some of her favorite speakers and the reasons why she loves them (going out of her way to point listeners to NPR’s Fresh Air and its host, Terry Gross) She also speaks to the nature of vowels and consonants, the usefulness of pauses and variety in speech, how listeners can grow through coaching and - even today - through working on their breathing, the place of filler words in language, and the ideal of comfort with one’s own technique. Listeners will hear about Pablo Nerudo, onomatopoeia, vibrations, and so much more!

1:29 - Listeners are introduced to D’Arcy.

4:35 - The group considers Ron and Chris’s progress in speech.

6:08 - D’Arcy believes that magic and music are inherent in language.

8:48 - Who are D’Arcy’s favorite speakers, and what is the value of pauses?

12:03 - People wanting to grow need to learn the fundamentals.

17:05 - D’Arcy addresses filler words.

19:31 - The group thinks about comfortable technique, Pablo Neruda, onomatopoeia, and more.

27:52 - D’Arcy speaks to the power of speech and the importance of proper breathing.

Links:

Learn more about D’Arcy Webb

Connect with D’Arcy on Facebook

Email D’Arcy at [email protected]

Learn more about our sponsor RiskIQ

Hacker Valley Blue Episode 6 - Brandon Dixon

1 september 2020 | 44 min

This episode of the Hacker Valley Studio podcast’s Hacker Valley Blue series is a bit unique. It features Brandon Dixon, the VP of Strategy at RiskIQ, a major sponsor of the podcast. Brandon co-founded Passive Total in 2014, and it was later purchased by RiskIQ. He is the quintessential guest, invested in fitness, philosophy, tech, and leadership. He is an expert in both the practice and business of threat intelligence, and he shares with Ron and Chris about himself, his work, and the field.

Much of the conversation focuses on Brandon and his work background. Brandon explains his journey into the threat intelligence field, from his early interest, through jobs in tech and academia, and to work in espionage research. Eventually, he and friend Steve McGinty saw a need and tried to solve it; their efforts took shape in the company they co-founded, Passive Total. Brandon explains to listeners the process by which he and Steve created Passive Total, as well as the way in which they arrived at the deal to sell Passive Total to RiskIQ. Brandon was heavily involved in the integration of Passive Total into RiskIQ, before eventually settling into a specific role within RiskIQ that capitalizes his love of the business side of the field. He aims to work in light of his personal philosophy on life and success, which he also details.

The conversation touches on many practically relevant details of the threat intelligence field, as well. Brandon addresses the changes in the field and motivation he draws from these changes, bias and intelligence collection, and lessons that have arisen through his specific experiences. Other topics covered include intelligence leads and the future of threat intelligence, unhackability, the place of circumstances in life and business, and how intelligence leaders can improve their programs. As Brandon anticipates that threat intelligence will only become a more pervasive field, listeners will doubtless benefit from his own insights, as well as his recommendations of such resources as Malcolm Gladwell’s Outliers and RiskIQ workshops.

0:26 - The conversation begins with an introduction to this unique episode, its guest, and his background.

2:43 - The group considers the changing business of threat intelligence and what drives Brandon.

8:24 - The next topics are bias and intelligence collection, as well as what surprises Brandon.

13:00 - Brandon shares the story of Passive Total and its integration into RiskIQ, also addressing the business side of the field and lessons learned through his experience.

24:04 - Brandon addresses intelligence leads and the question of unhackability.

34:44 - What is Brandon’s philosophy on life and success?

39:37 - Brandon explains what threat intelligence leaders need to do to improve their programs.

Links:

Follow Brandon on Twitter

Learn more about our sponsor RiskIQ

Follow RiskIQ on Twitter

Connect with RiskIQ on YouTube

Hacker Valley Blue Episode 5 - Susan Peediyakkal

1 september 2020 | 40 min

This episode of the Hacker Valley Studio podcast is the fifth installment in this first season of the Hacker Valley Blue series, and features guest Susan Peediyakkal, an expert in building threat intelligence programs. Susan is a cyber threat intelligence consultant, the founder of BSides Sacramento, and a member of the advisory boards for several cybersecurity companies. She joins hosts Ron and Chris to speak to her background, the future of threat intelligence, and much more.

Susan first details her background, running through the highlights of her approximately 16 years in cybersecurity, which have focused mostly on threat intelligence. Susan began her career in the air force, and is still a reservist. She worked with radar, and eventually decided to cross-train and branch into IT. The following years saw her in a number of roles with various organizations, and move decisively into the threat intelligence field. Eventually, Susa noticed that her career trajectory was moving her toward building threat intelligence programs for government entities. She built programs for such varied clients as the government of Abu Dhabi, USPS, US courts, and industry leaders. She recently paused her work to pursue further education, but has since returned to work as a threat intelligence practitioner..

As the conversation continues, Ron and Chris ask Susan to share insights on several topics. The group considers the importance of community and a human element within the threat intelligence field, ways Susan has faced misconceptions when starting threat intelligence programs, the concept of unhackability, and what stakeholders outside the field get wrong about it. Returning to a topic that has been forefront on Ron and Chris’s minds recently, Susan also shares about bias in her line of work and how threat intelligence analysts go wrong in dealing with it. Moving into more personal topics, the group discusses Susan’s podcast-worthy voice, clarity, and articulation. Susan explains how experts in threat intelligence can cultivate a new wave of speakers, and the conversation ends with a look at what the future holds for both Susan and the field of threat intelligence.

1:40 - Listeners are introduced to the episode and today’s guest, Susan Peediyakkal; Susan then shares her background.

5:41 - The group considers the importance of community, misconceptions Susan has noticed about her field, and the artistry and human element of threat intelligence.

16:02 - What kind of bias is Susan running into, and where do analysts go wrong with regard to bias?

21:38 - Susan addresses the term “unhackable.”

24:35 - Susan and her hosts turn to matters of podcasting, voice, and speaking.

31:40 - What do people outside the field get wrong about it?

33:48 - What’s the future look like for Susan, her field, and the workforce?

Links:

Connect with Susan on LinkedIn

Follow Susan on Twitter

Hacker Valley Blue Episode 4 - Jon DiMaggio

1 september 2020 | 40 min

This episode of the Hacker Valley Studio podcast features Jon DiMaggio, a Senior Threat Intelligence Analyst at Symantec. Jon is a researcher and longtime bad guy chaser, and Ron and Chris fill this installment of Hacker Valley Blue with Jon’s thoughts on ransomware, threat research, attribution, and more!

Jon introduces himself to listeners who may not yet know much about him, explaining that he started his career as an engineer and that his work for the government in the early 2000s forced him to focus a lot on defending against nation-state attacks. He developed into an expert in the field, and transitioned about 13-14 years ago into his current line of work. He now teaches alongside his work as an analyst, and he moved from a government position to Symantec in 2014. Jon’s specialty is still nation-state, but he has also ventured into enterprise ransomware. He shares about these areas of specialization with Ron and Chris, detailing what a nation-state is and how to combat it within the context of threat intelligence, and addressing the economics of ransomware.

As the conversation continues, Ron and Chris raise a variety of other topics for Jon to address. Jon considers the threat of a future major worm attack, and provides listeners with insight on how to become established in his line of work. There are a lot of available resources that people can use to develop their own skills and increase their visibility. However, becoming a government hacker, and so having an offensive rather than a defensive role, is much more challenging. Moving toward the conclusion of the conversation, Jon offers tips on navigating attribution and bias (such as being sure to have evidence before making public claims!), explains how he mentally organizes and recalls information, and speaks to the nature of strong communication.

1:41 - Listeners are introduced to Jon DiMaggio and the episode before Jon explains his background..

5:04 - The first major topic Jon shares about is that of nation-states, specifically speaking to the work of combating nation-state attackers.

12:57 - The conversation turns to the economics of ransomware.

18:39 - What are Jon’s thoughts on the possibility of another major worm attack?

20:26 - Jon is asked about how people can enter his field or that of hacking.

24:54 - How should listeners approach attribution and bias, and how has Jon navigated bias in his own life?

31:31 - The group considers Jon’s mental organization, his recall of information, and the topic of communication.

Links:

Access the recent work and research on Symantec’s threat intelligence feed

Hacker Valley Blue Episode 3 - Valentina Palacín

1 september 2020 | 37 min

In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris welcome Valentina Palacín for the third episode in the Hacker Valley Blue series. Valentina is a threat hunter who used to work as a translator, and she is currently a senior cyber threat intelligence analyst. She joins Ron and Chris to talk about her background in languages, poetry and the impact of words, and much more.

As the conversation gets underway, Valentina explains her background to listeners. She studied translation before starting her career in that field, but transitioned to information technology about two years ago. In her free time, she researches threat hunting in her home country of Argentina. It was challenging for Valentina to change her career path, since she had no background in computer science, but she took multiple steps - working in web development, learning to do programming, taking courses, and more - ultimately becoming a threat intel analyst and speaker. Though the journey was difficult, Valentina feels she was born to work in her current field, and has found her past experience, including knowledge of over 7 languages, to be helpful in her work.

The episode also features Valentina’s insights into threat intelligence. She and her hosts discuss how knowledge of programming can aid a threat intel analyst, Valentina’s philosophy of MITRE, the relationship between intelligence and threat hunting, and how to keep up with changes in the field. They arrive at the conclusion that, while it is helpful to stay up to date on political and cyber news, analysts must realize that they cannot know everything, and people in general must realize that threat intelligence is not a catch-all. The group bridges the gap between personal and professional aspects of life by talking about the importance of hobbies outside of work; most notably, the group addresses poetry and its usefulness for threat intelligence. Finally, the conversation turns to Valentina’s work with BlueSpace Security.

1:38 - Listeners are introduced to Valentina, her background, and her challenging process to enter into the large intel community in Argentina .

5:24 - Did knowledge of language impact Valentina’s threat intelligence work?

7:55 - Valentina shares about her programming experience and details her journey into threat intel.

14:23 - What are Valentina’s thoughts about MITRE and the relation between intelligence and threat hunting?

18:06 - The group considers how to keep up with changes in the field, and acknowledges that threat intelligence will not catch everything.

22:48 - One thing that Valentina is passionate about pursuing is hobbies outside of work.

27:56 - Does poetry help with threat intelligence work?

32:53 - The conversation turns to Valentina’s community, focusing on BlueSpace Security.

Links:

Connect with Valentina Palacín on Twitter

Connect with Valentina on LinkedIn

Hacker Valley Blue Episode 2 - Jack Rhysider

1 september 2020 | 45 min

Fan-favorite Jack Rhysider of the Darknet Diaries podcast joins Hacker Valley Studio hosts Ron and
Chris for the second episode of Hacker Valley Blue! Jack joins the show again during an ideal season - one focused on threat intelligence - and this episode will focus on Jack’s past in the field of threat intelligence, as well as on a major issue faced daily by analysts in the field: that of managing bias.

As the conversation begins, the group focuses on threat intelligence and Jack’s work in the field. Jack has been pouring himself into his own podcast, leaning into the fact that threat intelligence is a form of knowing what has happened in the past by his sharing of stories. Jack explains what has surprised him recently in his work, how he maintains a sharp sense of focus, and what sort of continuity he sees between the news-sharing of his current role and a more formal practitioner role within the field of threat intelligence.
Jack’s podcast work necessitates practical skill in his field, and demands an ability to share complex concepts through simple expression.

The work also necessitates strong skills of managing bias, and it is to this topic that the group turns. Jack makes a practice of putting aside negative personal feelings about a person and looking for areas of agreement with the individual. This practice, along with his feedback loop and his efforts to listen to actual voices, help Jack to tell both sides of the stories he shares. In discussing the counteraction of bias, Jack touches on concepts of assumptions, bias toward self, empathy, and humanization. And as the conversation winds toward a close, listeners will hear about Jack’s use of audio books, balancing fact and listener interest, appealing to different audiences, and navigating questions of personal privacy.

1:40 - Listeners are introduced to Jack and the episode ahead.

4:13 - How is Jack currently thinking about storytelling?

8:40 - The group dives into some topics related to Jack’s work: his focus and need for practical skill.

12:37 - The conversation turns to the subject of bias.

28:28 - What is Jack doing for research today, and how does he navigate technical questions of storytelling?

36:35 - Finally, Jack and his hosts turn to considerations of personal privacy.

Links:

Learn more about Jack Rhysider

Follow Jack on Twitter

Learn more about Darknet Diaries

Hacker Valley Blue Episode 1

1 september 2020 | 42 min

Hosts Ron and Chris welcome you to today’s episode! This episode of Hacker Valley Studio is the start of a new season, Hacker Valley Blue, a series dedicated to threat intelligence, exclusively for listeners.

The episode begins with Ron and Chris sharing their backgrounds in threat intelligence and cybersecurity. Chris picked intelligence as his job field in the United States Marine Corps, and eventually went on to The National Security Agency and United States Cyber Command. He focused on the how, who, and what of all the cyber-attacks happening at the time. Chris then went on to create his own company, and do consulting work in threat intelligence for over a decade.

Ron has always had an interest in cybersecurity, and at 16 he found a mentor who took him under his wing in the trade. After a couple of years working in offensive attacks, he transitioned to a job building intelligence tools that dealt with threat data. While Chris focused more on the operational side of threat intelligence, Ron’s was more technical, and their experience converged well.

Throughout the rest of the episode, you will hear about what threat intelligence can do for businesses. Ron and Chris discuss how analysts can build rapport with the employees and stakeholders using their intelligence, and what questions companies should ask of analysts for the best results. They do this by walking listeners through Chris’ EASY framework.

1:07 - The new season of Hacker Valley Blue is introduced.

3:43 - Chris shares his background in intelligence.

6:15 - Ron shares his background in intelligence

11:43 - What can threat intelligence do for an organization?

17:50 - The EASY Framework

18:41 - Elicit Requirements

21:40 - Asses Collection Plan

26:03 - Strive for Impact

30:24 - Yield the Feedback

Links:

Learn more about Owl Cyber Defense

Episode 82 - What is Old is New Again with Brian Romansky

24 augusti 2020 | 31 min

Hosts Ron and Chris welcome you to today’s episode! This episode of Hacker Valley Studio features Brian Romansky, the Chief Innovation Officer at Owl Cyber Defense. You will hear about his ideas, inventions, and how hardware is helping us in cybersecurity today.

The episode begins with Brian sharing his background, and journey into the cybersecurity space. He always knew he wanted to do something with technology and thought he may go into robotics. The transition into the cyber world was a natural one when he was working on a team that was moving mechanical postage metering to happen electronically. These machines were often trying to be hacked, and the team also began working on e-commerce and shipping platforms. From then, he continued to work on cybersecurity, data, and cryptography.

Today, at Owl Cyber Defense Brian works on cross domain solutions for the US Department of Defense, and other government organizations, as well as commercial customers. It gets him up in the morning because it combines many of the electrical and cryptography space that interests him, with hardware. His hope for the future, is that there is a paradigm shift in cybersecurity, making it less of a cat and mouse game by using hardware enforced mechanisms.

He doesn’t have a lot of free time, but as the episode wraps up, you will also hear about what Brian is interested in, and working on outside of work.

:29 CIO of Owl Cyber Defense, Brian Romansky is introduced to the show.

4:33 Brian shares his journey from electrical engineering to cybersecurity.

6:25 Brian explains the work he does today.

14:16 Brian hypothosizes on the future of cybersecurity

16:58 Brian answers the question “Is there an unhackable system?”

19:55 Advice for organizations relying more on technology during work from home.

27:48 What does Brian do outside of work?

Links:

Learn more about Brian Romansky

Episode 81 - Communicating in a Crisis with Christopher Budd

18 augusti 2020 | 32 min

Security and Privacy Expert and author, Christopher Budd, is welcomed to the Hacker Valley Studio podcast! You will hear some great communication tips and how to handle people who fear worst case scenarios during a crisis. He explains how to showcase your authority and credibility during a tough situation. He talks about traits that make someone great at handling these situations, the importance of temperament, and improvisation.

In this episode, Christopher Budd shares his journey to becoming an expert in crisis communication. He spent ten years with the Microsoft Security Response Center. He has worked with other security and technology companies as a consultant and full-time employee. He says, “...and if I can sum up what it is I do best, I always say, I take awful news and make it just bad.” Christopher gives some examples of his communication approach. 1) He says he is upfront about news being bad news. He recommends getting credibility by leading with the truth. 2) He then explains reasons why it is a bad situation. 3) Finally, he explains reasons why the situation could be better than you think it might be.

He explains that you are not only dealing with the situation itself but also peoples’ fears and projections of the situation. Christopher talks about different personality types and how they handle crisis management. He explains the importance of temperament, the ability to compartmentalize, and thinking about action steps. As the episode draws to a close, Christopher shares some of his thoughts on the workplace today and some of the changes in the COVID environment. He elaborates on topics like privacy and communication. He highlights how technology has allowed us to function as well as it has in the past few months.

Links: