mnemonic security podcast

When we talk about securing an organisation’s assets, we most often mean its data, devices, servers, or accounts, but are we doing enough to secure the group of people leading the company? Or the ones doing high risk work on behalf of the organisation?

To discuss the importance of securing high-risk individuals, like journalists, politicians and executives, Robby is joined by an expert in this field, Runa Sandvik, journalist, security researcher and founder of Granitt. At Granitt, Runa works with digital security for journalists and other at-risk people, building on her experiences working at The New York Times, Freedom of the Press Foundation and The Tor Project.

During the conversation, they talk about how to secure devices when travelling to high-risk countries, what tools to use and at what time, and how threat actors usually target individuals. Runa also shares how she works to secure accounts and devices for her clients.

Send us a text

For this episode, Robby is once again joined by Eoin Wickens, Technical Research Director at HiddenLayer, an organisation doing security for Machine learning (ML) and Artificial Intelligence (AI). 

It is not too long ago since Eoin last visited the podcast, (only 7 months,)  but lots has happened in the world of AI since. During the episode, he talks about some of the most significant changes and developments he’s seen the last months, how models are getting smarter, smaller and more specific, and he revisits his crystal ball predictions last episode.

Robby and Eoin discuss potential security risks posed by using AI tools, how to secure AI powered tools, and what you should think about before using them. Eoin also gives some new crystal ball predictions and recommendations to organisations starting to utilise AI adjacent technologies.

Send us a text

Data Brokers and Data Removal Services

What does the process of removing your online presence look like? And how would you handle the data brokers that have collected your personal information with just a few clicks of the mouse to sell to other companies?

To answer this, we’re joined by an expert in this field; Darius Belijevas, Head of Incogni, a service that automates user personal data removal from data brokers.

Darius shares from his research on data brokers and their business models, and explains what a typical data broker looks like, the most commons methods they use to collect our data, and who some of the most popular data brokers are.

This brings the conversation to the growing market for data removal services, and the two also talk about new legislative measures that might be changing the landscape these organisations operate in.

Send us a text

For this episode, Robby is joined by Levi Gundert, Chief Security Officer at the cybersecurity company Recorded Future and author of the book The Risk Business – what leaders need to know about intelligence and risk-based security.

Levi shares from his decades of experience in the threat and risk space – and Robby picks his brain about a broad set of security topics ranging from telling the risk story and categorising risk, to darknet monitoring and infiltration, and using chatbots for security analysis and risk management.

Send us a text

Ethical social engineering

Even the best pentesters out there can be fooled by a social engineering attempt under the right circumstances. But how do we treat the ones that have been tested and failed?

Ragnhild «Bridget» Sageng, Senior Security Advisor at Norwegian Customs, has several years of experience from the IT and cybersecurity industry, and hands-on experience working as an ethical hacker specialising in social engineering.

In her conversation with Robby, she shares what goes through her head during social engineering  assignments, and discusses the importance of company culture and management expectations when doing these kinds of assessments.

Ragnhild is particularity interested in the other side social engineering and how we should meet the humans that are involved in these assignments. During this episode she explores what ethical responsibilities we have, what a pentester should demand from a company before accepting an assignment, and what a company should demand back from a pentester.

Send us a text

How will AI impact the next generation of people working with computer science?

This question is probably relevant for anyone making their way through school now, in all fields of study. Without looking for a definite answer, but to help him navigate this question, Robby has invited two people with quite different backgrounds: Richard Stiennon, author of Security Yearbook 2023 and Founder and Chief Research Analyst at IT-Harvest, and High School Junior, Athena Contos. 

Athena was recently visiting colleges, together with her father Brian Contos, a long-time veteran of the mnemonic security podcast. They both noticed a lot of excitement and concern regarding AI amongst those about to embark on their higher education, and questions about how AI will impact their choices of schools, majors, careers, and ultimately their future.

In this episode, Athena and Richard share their perspectives on AI’s potential in education, the ethics of using AI in this context, and how we can go from combating the use of AI in the classroom to making it a useful tool for learning.

Send us a text

How does cybersecurity play a part in ensuring food security?

As part of the ISACA series of the mnemonic security podcast, we’re welcoming Karianne Kjønås, Cyber & Privacy Associate at PwC Norway. Karianne recently won the ISACA master’s thesis award with her thesis on how cybersecurity incidents can affect Norwegian food production.

During her conversation with Robby, she shares some of her major research findings, and how data, automation, IoT and AI play an important role in food production these days.

They also discuss the state of cybersecurity in farming technologies and some of the most common cybersecurity threats to the food supply chain.

Send us a text

Conflictual coexistence

Today’s guest, Raymond Andrè Hagen, holds over 20 years of experience in cybersecurity and information security, and is currently researching advanced persistent threats for his PhD in Computer and Information Systems Security. 

He also has experience as a Security Specialist at the Norwegian Digitalization Agency (Digdir), including being Chief Security Officer at Altinn, the Norwegian authorities' solution for reporting and dialogue with business and industry.

In his conversation with Robby, Raymond shares from his threat research on predicting APT attack behaviour, including his hypothesis, prediction models and some preliminary findings.

 Raymond and Robby also discuss conflictual coexistence between nation states, especially US-China and US-Russia relationships, and how this has affected the cyber landscape historically, and will continue to affect it in the future.

Send us a text

To join Robby for this episode on Russian cybercrime and ransomware, we’re welcoming Sam Flockhart, Cyber Threat Intelligence Manager at Santander UK.

Sam has a background in military intelligence from the British army, where he has spent a large part of his career looking at Russian influence in Eastern Europe. Including experience from the British army’s support mission to Ukraine.

Sam goes through his presentation “From Russia with ransomware” presented at FS-ISAC EMEA Summit last month. Robby and Sam discuss ransomware groups with direct relationships with Russian intelligence services, their tactics, and how likely it is that ransomware will be used as a weapon in the short – medium term.

To watch Sam’s presentation, visit the video episode on our YouTube channel: youtube.com/mnemonic

Send us a text

Metaverses

Have you been to the metaverse yet? And are you among the 78% that believe the metaverse will provide a significant value to their organisation in the future?

To join Robby for this episode, we’re welcoming Julia Hermann, Senior Technology and Innovation Manager at Giesecke+Devrient, where she works on identifying opportunities in the metaverse.

Julia shares what companies are utilising metaverses well, and where she sees the most opportunities in enterprise, commercial and industrial metaverses. They also talk about ethical dilemmas in, and fair and equal access to metaverses. As well as limitation to the current metaverses, and their technical challenges and cybersecurity risks.

Send us a text

Defending EVE Online

How does combatting botting, hacking, and fraud in a virtual game relate to fighting real cybercrime?

To share his take on this, Maksym Gryshchenko joins us to share how he works as a Security analyst at CCP Games, a leading game developer based in Iceland, and the developers behind the sci-fi role-playing game EVE Online.

EVE Online is known for having an immensely complex market economy system for the game's internal industry and trade between players, and Maks explains to Robby how he and his team works to maintain the integrity of this economy and the game itself. And in the case of EVE, this means more than catching cheaters.

Send us a text

Last year, threat researchers all over the world got a sneak peek into the inner workings of the Russian defence contractor NTC Vulkan. 

The Vulkan files leak provided an interesting behind the scenes look at Russian cyber capabilities and scalability, and the ways state sponsored organisation work. 

Joe Slowik, managing threat intelligence at the cybersecurity company Huntress, joins Robby to talk about how he worked through the hundreds of pages of data from the leak, and what he learned from them.

Send us a text

Cryptology is fundamental for the way the internet works today. But what exactly is modern cryptology, and what are the most common areas in which it’s being used?

To guide us through this complex area, Robby’s joined by Bor de Kock, PhD. in Cryptology and Assistant Professor at NTNU.

They talk about some of the main challenges to cryptology these days, encryption security and its limitations, and how Bor expects quantum computing to affect cryptology.

Bor also shares what makes him both optimistic and pessimistic when it comes to the future of internet security.

Send us a text

Physical penetration testing | ISACA series

For this episode that is part of our ISACA series, we’re joined by Rob Shapland, Ethical Hacker/Head of Cyber Innovation at Falanx Cyber.

Rob talks about what he’s learned from his 15 years of testing physical and cyber security for his clients, including more than 200 building intrusions assignments. He explains how these kind of testing assignments work, what usually does work – and what happened the one time he actually didn’t get in.

Robby and Rob talk about the evolution of security testing, and how testing techniques have had to adapt and become more subtle especially the last five years. They also go into the importance of training after assignments like these.

Send us a text

Artificial intelligence (AI) and machine learning (ML) models have already become incorporated into many facets of our lives. In this episode, we discuss what happens if these models are attacked.

How can the models that AI and ML are built upon be attacked? And how can we defend them?

Eoin Wickens, Senior Adversarial ML Researcher at HiddenLayer, an organisation doing security for AI and ML, joins Robby to talk about this often overlooked aspect of AI.

During the episode, they also discuss the power AI/ML has to augment how we work in security, and the amount of community collaboration within these fields. 

Eoin also shares what he spends the majority of his time talking to customers about today, and what he believes he will be using most of his time on in the future.

Send us a text

What do you really know about your vendors? And about your vendors' vendors?

To talk about supply chain attacks, and how to best mitigate and meet these risks, Robby is joined by a pair with a lot of experience on this topic: Roger Ison-Haug, CISO of StormGeo, and Martin Kofoed, CEO of Improsec.

Martin and Roger discuss what a supply chain attack looks like these days, how to prepare for when a compromise happens, and how to get an overview of your organization's exposure. They also highlight the importance of knowing what happens if someone accesses your infrastructure, and fixing your basics.

Send us a text

How to succeed with bug bounties

Responsible disclosure and vulnerability reporting have come a long way in recent years, and have gone from being feared and even something you took legal action against, to something that is appreciated for its value.

Ioana Piroska, Bug Bounty Program Manager at Visma, joins Robby to share how Visma has succeeded with their bug bounty program. She talks about Vismas’ approach to these kind of programs, and the actual value they receive from them.

Ioana and Robby discuss the difference between penetration testing and a bug bounty program, and how they complement each other. And how Visma also uses their live hacking competitions and public responsible disclosure program to improve their vulnerability detection capabilities. 

Video version (with presentation) available on our YouTube channel!

Send us a text

Influencing the board

What are some of the most effective methods of gaining a board’s support, and how do you maintain this trust and improve it over time?

Our guest today has worked with a lot of boards, and joins us to share his experiences providing boards with the tools to ask the right questions when it comes to cybersecurity, and conveying to them why cybersecurity is important for their organisation.

Roger Ison-Haug has worked in IT for close to 30 years and is now working as the CISO & DPO at the data science and weather intelligence provider StormGeo. He is also currently working on his PhD in cybersecurity and leadership.

Roger and Robby discuss the most common challenges that boards experience, and what kind of questions they usually ask. They also talk about what it’s actually like being a board member, Roger’s best advice to security people wanting to influence a board, and what kind of questions security people usually aren’t very good at answering – but should be.

Send us a text

KraftCERT trusselvurdering 2023 | In Norwegian only

Our podcast guest this week is Espen Endal, previous mnemonic colleague and currently OT Security Analyst at the Norwegian energy sector CERT: KraftCERT/InfraCERT.

InfraCERT is an ISAC (Information Sharing and Analysis Center) and an IRT (Incident Response Team). Mainly working to update their members about relevant vulnerabilities and threats to make them able to better detect and respond to digital attacks. They are also part of the Norwegian national response organisation. 

During their conversation, Robby and Espen discuss KraftCERT/InfraCERT's annual threat report, what they consider the most serious threats for their member organisations, both long term and short term, and what techniques they often see being used against their members.

Espen also talks about the push to the cloud, the trade-off this entails particularly in these sectors, as well as the impact NIS and eventually NIS2 will have on their members.

Send us a text

Avoiding overload and managing stress in cybersecurity

For today’s episode, Robby’s joined by Lisa Ventura, Cybersecurity Specialist, Author, and qualified Mental Health First Aider. After many years of experience from the industry, she’s become particularly interested in the human aspects of cybersecurity, especially when it comes to mental health issues, stress, and burnouts.

During their conversation, Lisa explains how common stress and burnouts are in InfoSec and cybersecurity, and discuss how the pandemic impacted these numbers. As well as what the main factors contributing to stress and burnout in our industry is, and how these symptoms manifest themselves.

She also shares some advice on how to combat overload and stress both on an individual and organisational level.

If you’d like to also see Lisa’s presentation, feel free to visit our YouTube channel to watch the full recording of the episode.

Send us a text

Asset Intelligence

Imagine a scenario where your organisation discovers that a threat actor currently possesses more knowledge about your environments than you do. Let’s find a way to make sure we don’t end up there - but how?

For this episode, Robby is joined by a serial entrepreneur and serial guest at the mnemonic security podcast. For the fourth time, we’re welcoming Brian Contos. Today, to discuss his latest role as Chief Strategy Officer at Sevco, a company specialising in asset intelligence.

Brian talks about the importance of having an accurate and comprehensive understanding of your assets' security and compliance status, especially in the governance, risk, and compliance (GRC) landscape. As well as how asset intelligence is gaining renewed attention in the industry.

Send us a text

Operationalising Threat Intelligence

What can you do to get the most out of your threat intelligence initiatives?

A good place to start, is picking Kyle Wilhoit’s brain. Kyle’s the Director of Threat Research at Palo Alto Network's Unit 42, and author of the book Operationalizing Threat Intelligence: A guide to developing and operationalizing cyber threat intelligence programs.

During his chat with Robby, he provides some advice on how organisations should be handling their threat intelligence, what you can leverage from your vendors and partners, and what you need to do yourself to achieve full value from your threat intelligence.

He also shares the major trends that Unit 42 are seeing when it comes to hacking tools, attack frameworks, campaigns, malware, and ransomware.

Send us a text

Crypto Finance

How does a crypto finance agency work with security?

To answer this question, and provide insight into security in the world of crypto, we’re joined by Dr. Dominik Raub. He has more than 10 years of experience from the financial industry, a Doctor of Sciences in Cryptography, and works as CISO at Crypto Finance AG, an organisation providing crypto and blockchain services to institutional clients.

Dominik talks about the threat landscape they are in, the adversaries in the space, and what he’s learned about their TTPs. As well as the mechanisms his organisation uses to help them distinguish bad transactions and stop large-scale issues.

Robby and Dominik also discuss the recent developments in the crypto finance market, and Dominik shares what he predicts will happen in the market in the years to come.

Send us a text

Office IoT 

Can you say for certain that you have a full overview of the IoT devices that are set up in your office environment? Smart Lighting, thermostats, locks, appliances, security cameras, sensors... perhaps even a fish tank? 

To talk about the importance of securing our office IoT, and specifically our printers, Robby is joined by Quentyn Taylor, Senior Director – Information Security and Global Response at Canon.

During their conversation, Quentyn shares from his vast experience working with both IT and information security, and the security evolution he’s observed in office IoT throughout his career.

He also shares his expert advice on how to secure these products, the main security challenges associated with them, and how zero trust affects this conversation.

Send us a text

Passwords and their managers

How do you create your passwords? Do you get help from a password manager, or is your personal “system” bulletproof?

Robby has invited two guests passionate about passwords, and how we manage them. Not surprisingly, they can with confidence say that our own “systems” are highly guessable, and not as unique as you might think.

Our experts this episode, Cecilie Wian from the Norwegian consultancy Bouvet, and Per Thorsheim CISO and password & digital authentication researcher, share why are they so fascinated with passwords. They also discuss under what circumstances password managers work best, and how to convince your staff to actually use them. As well as what they see for the future of passwords.

Interested in this topic? Feel free to check out this conference! https://passwordscon.org/

Send us a text

Darkwebs

Most of us have our ideas and perceptions of what the Dark Web is. But could it be more than just the dark side of the World Wide Web? 

To talk about the Dark Web, Robby is joined by Keven Hendricks, Dark Web Subject Matter Expert at The Ubivis Project. Keven has worked in law enforcement in the US since 2007, in areas such as computer and mobile device forensics, and Dark Web investigations. In 2021, Hendricks founded The Ubivis Project – StopDarkwebDrugs.com as a medium for both law enforcement and civilians to report Dark Web vendors and overdoses. 

Holding more experience than most within this area, he now works to break the stigmas out there about what the Dark Web is, what you can find on the Dark Web, and particularity what you can do as an investigator or researcher involving the Dark Web. He also teaches this to law enforcement and other public sector entities including the Department of Defense.

Keven and Robby dive into the misconceptions around the Dark Web, what Keven’s learned about Dark Web investigations, how accessible the different Darknets have become, as well as why the Dark Web has become important for privacy and free speech in some countries.

Send us a text

The importance of identity within our field has been established. According to analysis from CrowdStrike, 8/10 attacks are identity-based. But what does that actually mean? How do we even define identity these days, and how has it changed?

To look into this, Robby has invited an expert within the field, Peter Barta. Peter works as a Senior Cloud Security Engineer at Rothesay, the UK's largest specialist pensions insurer, securing pensions for over 810 000 people, and has previously worked in Norges Bank Investment Management (NBIM) which manages the Norwegian Government Pension Fund Global.

During their conversation, Peter takes us both to the far side of Security Engineering, as well as goes though some of the more standard best practice most organisations should have on their radar.

They talk about how you can design and create something that is user-friendly enough for everyone in an organisation, also the users not interested in identity or security. As well as the developer side of secret management, dynamic sessions, zero trust, and what he thinks security engineers should focus more on.

Send us a text

Bots; they can be both helpful assistants and harmful pests, and you’ll find them all over the internet targeting most public facing applications in some way or another. But what actually are they?

To explore the bad bots on the Internet, Robby is joined by someone that has spent the last seven years studying them, Dan Woods, Global Head of Intelligence, F5.

They talk about why Dan became fascinated by bots, real-life examples of how bots are being used, and what separates the sophisticated bots from the rest.

They also discuss if we are underestimating the sophistication and the motivation of the organisations behind these automations, how botnets and human click farms work, and whether Elon Musk will be able to solve his bot problem on Twitter.

Send us a text

House of Pain: new EU cyber regulations

NIS2, DORA, the Cyber Resilience and Artificial Intelligence acts; have you started to familiarise yourself with the new EU cyber regulations that are coming into force?

In this episode, Robby welcomes Rolf von Roessing, former Vice Chair of ISACA Global, and CEO of FORFA Consulting, a German company specialising in senior level consultancy and advisory work.

During their conversation, Rolf provides an introduction to a few new and upcoming EU regulations many are now starting the familiarise themselves with; the Network and Information Security Directive, version 2 (NIS2), the EU Cyber Resilience Act, the Artificial Intelligence Act and the Digital Operational Resilience Act (DORA).

Rolf walks us through these upcoming regulations, and provides an overview of the main differences between them, who the regulations are for and who they will affect.

Feel free to check out the video version of the podcast on ISACA Norway's channel - https://www.youtube.com/@isacanorwaychapter

Send us a text

This episode is for anyone working within cybersecurity that has ever had to explain what they actually do, or defend why they are investing in security.

We’re happy to welcome Jeff Barto back to the podcast, to go through his presentation “We are Defending” that he presented at mnemonic’s C2 summit this summer. Jeff is the CISO of a large hedge found in the US, and has worked in security for over 20 years. He will share some of the key lessons from his presentation that aims to explain what it is we, the defenders out there, actually do. 

During his presentation, Jeff goes through the importance of continuous improvement in security, testing, and how to identify what your major gaps are and what you need to take care of in 2023.

To follow Jeff’s PowerPoint presentation, Feel free to check out the video version of the podcast on ISACA Norway's channel - https://www.youtube.com/@isacanorwaychapter

Send us a text

What happens when cyber criminals don’t get what they believe they're owed?

For this episode, Robby is joined by John Fokker, Head of Trellix Threat Intelligence. John shares from his long experience fighting cybercrime, where he among other places has worked for the Dutch National High-Tech Crime Unit (NHTCU), the Dutch National Police unit dedicated to investigate advanced forms of cybercrime. John was also one of the co-founders of the NoMoreRansom Project.

They discuss John’s encounter with an insider in a ransomware group, the valuable information these situations provide the security community, and what we have learned from them.

John also talks about how cybercrime has changed during his career, and how the war in the Ukraine has affected organised cybercrime.

Send us a text

Network detection and response (NDR): the value of evidence

What exactly is NDR, how have these technologies changed over the years, and are they more relevant now than ever?

To help answer these questions, Robby is joined by Jean Schaffer. She’s had, to say the least, an interesting career with more than 33 years of experience from the US Department of Defense. Including managing the network of the NSA, and holding the position of CISO of the Defense Intelligence Agency. Currently she’s the Federal CTO at Corelight, an open-source network detection and response company.

During their conversation, they talk about the differences, limitations and benefits of EDR and NDR, what evidence based detection really is, and President Biden’s Executive Order on Improving the Nation's Cybersecurity.

She also shares some of the most common pain points she’s observed that organisations are looking to solve, as well as go into how the adaption of cloud affects the value of NDR, and her take on the future of NDR.

Send us a text

Industrial Control Systems (ICS) in the cloud

Can the cloud fundamentally revolutionise Operational Technology (OT) security?

To help Robby understand some of the nuances of OT security and help connect the dots between IT and OT, we’re joined by Vivek Ponnada from the OT, ICS & IoT security company Nozomi Networks.

Vivek shares from his 24 years of experience working with ICS, and explains how much cloud is and is going to be utilised within OT in the years to come.

He also shares what threats he is seeing in the OT space, as well as some examples of what’s up-and-coming in OT security

Send us a text

Enterprise Security Architecture

Most organisations find it challenging to protect themselves against the ever-evolving list of risks and threats. The fact that most of us do this with a limited set of resources makes this even more complicated.

Knowing what you should spend your time and efforts on is far from straight forward. But hopefully this episode on enterprise security architecture can give some guidance on where to start mapping out the best path for your organisation.

We’re joined by both Nick Murison, CISO at Ardoq, a tool for enterprise architecture that helps companies understand the interdependencies between their technology and people, and Angel Alonso, a CISO for hire and team lead for the Governance, Risk and Compliance (GRC) department in mnemonic.

During their conversation with Robby, they discuss mapping and identifying an organisation’s security gaps, IT cost management, and the importance of traceability in security.

Related reading:

https://www.ardoq.com/blog/mnemonic-enterprise-security-architecture

https://www.mnemonic.io/solutions/enterprise-security-architecture/

Send us a text

Azure monitoring & hardening

What is the best way to build and automate security in the world of Azure?

For this episode, Robby has invited someone that spends all their time doing exactly that, or more specifically, identifying all the things that can go wrong within the Microsoft ecosystem; Rik van Duijn, Hacker & Co-Founder of the Dutch cybersecurity company Zolder B.V.

They discuss what’s beneficial for organisations to manage themselves – and what the realistic expected workload is. They also discuss hardening of Azure tenants, deployment and tuning of Azure Sentinel, importance of logging for incident responders and other Azure central components that are noteworthy. 

During their conversation, Rik also shares what he would recommend automating, and what he would not automate. As well as what the biggest challenges his clients most often experience are.

Send us a text

Who are the people helping us to keep the lights on? And what are our adversaries doing to get in the way of this? 

This episode of the mnemonic security podcast is directing some love and attention toward the people working with Operational Technology (OT) / Industrial Control Systems (ICS). 

To help him navigate this field, Robby is joined by Michael Weng, Senior Security Consultant OT/ICS at the security company WithSecure (formerly known as F-Secure for Business).

They talk about cyber warfare directed at critical infrastructure in the Ukraine, what trends Michael  are seeing in the OT security space, and what the main concerns of the experts in the field are these days. Michael also shares his views on venturing into cloud, and what common challenges he’s observed when it comes to testing/assessments, resilience, and incident response.

Send us a text

What does mobile security mean in 2022? And what are defenders doing to keep the bad guys out of our pockets?

To provide some insight into these questions, Robby has invited someone who has worked his entire career in Android security; Dario Durando, Android Malware Analyst at the Dutch security company ThreatFabric.

During their conversation, they chat about the top attack vectors in this space, and Dario shares his thoughts about why mobile security isn’t getting more attention. They also go into specific mobile malware, and where the malware industry seems to be going next.

Send us a text

As a follow up from last week’s episode on the malicious use-cases of drones with Mario Bartolome Manovel, Robby chats with Pablo Ruiz Encinas, Security Consultant at mnemonic. He recently did a course on drone security – the Drone Security Operations Certificate (DSOC) by DroneSec - and hence has a lot to say on the subject.

Pablo did not only bring with him his drone certification to the recording, but also had something that caught Robby’s eye; a Flipper Zero (a dolphin looking device, that markets itself as a portable multi-tool for pentesters). 

So what does Flipper have to do with drones?

(If you haven’t had the opportunity to listen to last week’s episode on Drone Security yet, we recommend you check that out first.)

Send us a text

Drones: malicious use-cases and how to counteract them.

As unmanned aerial vehicles (UAVs), or drones, are growing in popularity commercially, their use-cases are also growing in numbers. 

To discuss them from a security professional’s view point, Robby has invited Mario Bartolome Manovel, Offensive Security Engineer at Telefonica. 

Mario talks about how drones are regulated these days, their potentially malicious use-cases and how to counteract them.

(And If you’re interested in seeing what the drones Mario has built look like, check out our video podcast at youtube.com/mnemonic).

Send us a text

Application Programming Interfaces (APIs)

Why is Gartner predicting that API-based attacks will become the most frequent attack vector for applications? 

Although APIs deserve the credit for a lot of digital transformation and innovation, they’re also an attractive target for bad actors. To explain how APIs are being used these days, and why they are getting more attention as an attack vector, Robby has invited Sunil Dutt from Salt Security.

Sunil talks about the evolution of APIs, the techniques the attackers are using, as well as Salt’s approach to addressing the problem.

Send us a text

From the 14th to the 16th of November, the annual Industrial Security Conference will take place in Copenhagen, Denmark. 

Are you interested in Operational Technology and Industrial Control System security, and
wonder what's going on in that part of our industry? Or just curious about the conference, and some of the speakers that will be there? Robby’s caught up with a few of them to get a sneak peak into what you can expect from their presentations and demonstrations during the conference.

In this special edition episode, he chats with the following security professionals about what they’ll be speaking about at this year’s conference and why it’s important:

• Søren Egede Knudsen, CEO and OT expert at Egede, “S***, we have factories in Russia”
• Tibor Földesi, Security Analyst at Norlys, “Lessons learned in CTI land”
• Ron Brash, VP of Technical Research & Integrations, aDolus Technology, “Doctor StrangeFormat: How I learned to be an archeologist for SBOMs”
• Andrea Son, Headhunter, CSA CPH, "The biggest threat is a lack of competence - how is the situation in Denmark, and what can we do?"
• Martin Scheu, Security Engineer, SWITCH-CERT, “Incident Response Training in Electrical Substations”
• Dr. Maureen McWhite, Owner, 4Gen Consulting Services LLC, “Supply chain cybersecurity with an emphasis on the transportation sector”

Find out more about the conference and the program here: https://insightevents.dk/isc-cph/program/ 

Send us a text

Securing LinkedIn

For this episode, Robby welcomes the CISO, and VP of Engineering for LinkedIn, Geoff Belknap.

Geoff has more than 20 years of experience in security and network architecture, and has previously also held the CISO positions at Slack and Palantir. 

He shares some advice on navigating the security job market, and reflects on his role at LinkedIn, the challenges of his organisation, and the journey his team has been through the last few years.

Send us a text

Lessons learned from a real incident: Nordic Choice Hotels

What can we learn from the Nordic Choice Hotels supply chain attack of December 2021, and how it was handled?

For this episode, we’re happy to welcome Kari Anna Fiskvik, Vice President Technology at Nordic Choice Hotels, that will share some of her lessons learned from being at the centre of attention as Nordic Choice had to shut their systems down at one of their most busy times of the year.

Kari Anna has 20 years of experience with Tech, Digital Transformation, and Business Process and Strategy, and has been named one of the Top 50 Women in Tech 2022 in Norway. She shares with us how Nordic Choice reacted to the attack, what they were able to see of the threat actor from their side of things, and their considerations around balancing security and being service-minded and a customer-friendly organisation.

Robby and Kari Anne also talk about the importance of a security partner, and communicating cybersecurity in a language that people understand.

Sound engineering by Paul Jæger

Send us a text

Threat Intelligence-Based Ethical Red-teaming

In most organisations, there’s more to security than preventive measures. This means that testing your capabilities within detection, investigation and containment can be just as relevant as looking at preventive capabilities. One way of doing so, is by following the Threat Intelligence Based Ethical Red-teaming (TIBER) framework, and simulating a real adversary and how you organisation would do against such a threat.

To explain how a TIBER test is performed and it’s most common use-cases, Robby is joined by Stan Hegt, Etical hacker, Red teamer and Co-founder of the Dutch security company Outflank. Stan also shares his observations of the evolution of red teaming, the main differences between pentesting and red teaming, and what challenges they often meet when preforming these tests.

A special thanks to Dennis Nuijens at Cqure for helping us to find our guest for this episode!

Sound engineering by Paul Jæger

Send us a text

Security leadership essentials for managers

What knowledge base should a CISO have? And what is the best approach to shaping the next generation of security leaders?

Our guest today is better equipped than most to answer these questions. Frank Kim, former CISO of and currently a Fellow and Curriculum Director at SANS Institute, joins Robby to discuss leadership essentials for security managers.

Frank shares how SANS and their classes approach teaching strategic leadership in security, and how this can help CISOs both navigate the politics in the boardroom and craft a business plan that makes sense for their entire organisation.

They also discuss to whom security ultimately report to, and how to lead, motivate and inspire security teams to get their work done.

Sound engineering by Paul Jæger

Send us a text

Zero trust vs. castle and the moat

What does zero trust have to do with electric cars?

For this episode, Robby is joined by Tony Fergusson CISO – EMEA at Zscaler. Tony has more than 25 years of experience in IT networking and security in Manufacturing, Information Technology and Financial Services, and even more importantly, he loves talking about zero trust – and has done so for more than a decade.

Tony chats with Robby about his article “What IT can learn from Tesla about disrupting the status quo”, and why he believes the zero trust security model represents "an elegantly simple" path forward. They also talk about what the biggest obstacles to the zero trust model are, and why he thinks some people and companies are scared of the zero trust concept.

Related reading: “Stop trying to make firewalls happen: What IT can learn from Tesla about disrupting the status quo“ https://revolutionaries.zscaler.com/insights/stop-trying-make-firewalls-happen-what-it-can-learn-tesla-about-disrupting-status-quo

Sound engineering by Paul Jæger 

Send us a text

Security of things

“IoT security today is like what IT security was in the early 90s”.

This is how our returning guest introduces this episode’s topic; IoT security, and how it affects organisations and companies.

For the third time, Robby is joined by Brian Contos, serial security entrepreneur and now Chief Security Officer at Phosphorus Cybersecurity, a company providing IoT and OT defense solutions for enterprise customers.

Brian explains the meaning behind his not so uplifting statement above, and shares some of the most common IoT security issues they observe among their customers. He also discusses whether certain IoT devices pose a larger threat for organisations than others do, and why it’s so difficult for many organisations to create an inventory of their IoT devices.

Sound engineering by Paul Jæger

Send us a text

mnemonic, all government agencies and the majority of organisations in the security community advise against paying ransom to the criminal groups behind ransomware extortions. There are also legal considerations that need to be considered depending on the country or industry you are operating in. 

There is however, a value in knowing more about how these criminal groups work. To shed some light on this, we’ve invited someone that often has been faced with the dilemma of whether or not to pay the ransom together with his clients; Rickey Gevers, Co-Founder of Responders B.V., a Dutch incident response company. These days most of the incidents he deals with are related to ransomware, and Rickey shares his experiences from negotiating with close to 30 ransomware groups on behalf of his clients – including also helping to pay them.

He shares his advice for how to prevent and prepare against ransomware threats. As well as what concerns most of his clients have when deciding how to deal with these groups, the main challenges they meet when negotiating with them, and how negotiating with ransomware groups requires a different approach than traditional negotiating tactics.

Sound production by Paul Jæger

Send us a text

Encrypted traffic management

TLS, SSL, HTTP,  keys, authentication, clients, servers and ciphers - encryption is complicated.

To help shed some light on how enterprises can remove the "blind spot" of encrypted network communication, we’ve invited David Wells, co-founder of Netronome, who is a pioneer in the SSL/SSH inspection  space.

David explains why being able to see and analyse encrypted traffic is necessary in order to gain full security value out of your network data, and shares his experiences since he inadvertently invented a tool for SSL inspection in 2003.

Technical level: 4/5

Sound engineering by Paul Jæger

Send us a text

What can we actually learn about cybercrime and what really goes on inside of criminal organisations from the Conti leaks?

This episode we welcome Sergey Shykevich,  who has more than a decade of experience within threat intelligence and defence. He’s currently leading the threat intelligence research group in Check Point, and Robby has invited him to share his findings after examining the data leaks from the predominantly Russian-based double extortion group Conti.

The large data leak included more than 400 000 messages and access to internal forums providing information about everything from offices, bonuses and recruitment, to organisational structure, information flow, and whether or not members are aware of the fact that they’re working for a crime syndicate.

Produced by Paul Jæger

Send us a text

Send us a text

Control Validation & Cyber Insurance

How can private-sector cyber insurers accurately understand and price risk?

To discuss this and the critical role insurance can play in risk mitigation strategy, we’re joined by Levi Gundert, Senior Vice President of Global Intelligence at the cybersecurity company Recorded Future.

Levi shares from his vast experience from the industry, from previous roles as VP of Cyber Threat Intelligence at Fidelity Investments, Technical Leader at Cisco Talos, Principal Analyst at Team Cymru and US Secret Service Special Agent within the Los Angeles Electronic Crimes Task Force (ECTF).

He’s joining the podcast to discuss his recent paper “A New Cyber Insurance Model: Continuous Control Validation”, analysing the current state of the cyber insurance market and providing a new framework for insurers to evaluate risk.

Recommended reading: https://www.recordedfuture.com/new-cyber-insurance-model-continuous-control-validation/

 Produced by Paul Jæger

Send us a text

For this episode, we’re welcoming Frank Fransen, Senior Scientist - Cyber Security, and Reinder Wolthuis, Senior Consultant and Program Manager - Cyber Security, from the Dutch not for profit research and consultancy organisation, TNO. 

They joined Robby to talk about the SOCCRATES research project, where TNO, mnemonic and seven other European organisations are combining efforts to build a platform for security operations centres (SOCs) and incident response teams, to help them be more efficient, better detect attacks, and make the correct decisions on how to handle them. 

The research project is part of the European Union's Horizon 2020 Research and Innovation program (https://www.soccrates.eu/), and aim is to produce a platform that will be as open-source as possible. 

During their conversation, Frank and Reinder share why they saw the need for a platform like this, what it’s like to coordinate a project between public and private organisations, different expertise fields and across countries borders, and what the plan is for the upcoming pilot. 

Produced by Paul Jæger

Send us a text

What caused a nation like Norway to become amongst the first pioneers of satellite-based communications?

To explore this, Robby is joined by Ronny Klavenes, CISO at Space Norway, a company building and investing in space related infrastructure, especially focusing on critical infrastructure. Space Norway was established on an initiative from The Norwegian Space Agency, a government agency promoting the development of national space activities. Among other things, Space Norway owns the underwater fibre optic cable between Svalbard and mainland Norway, a key element of Norway’s infrastructure in the Arctic.

Ronny explains why Norway cares about space infrastructure, and how one approaches securing infrastructure like this. He also shares what their threat landscape look like, and how their technology can be used to among other things monitoring earthquakes and ice blocks detaching from glaciers, search and rescue services, as well as collaborations with SpaceX.

Produced by Paul Jæger

Send us a text

Deception technology

Deception as an attack tactic has been used in many forms, for many years. Both on the battleground in the physical world, and in the digital sphere.

For this episode on deception technology, Robby is joined by Ofer Israeli, Founder & CEO of Illusive, a cybersecurity company aiming to remove the vulnerable connections that enable attackers to move undetected, and replace them with deceptive versions that reveal the attacker’s presence.

Ofer explains how he suggests moving away from a reactive mind-set to avoid always playing catch-up with attackers, how deception technology has evolved beyond honeypot-based approaches, and the importance of detection for this to succeed.

Produced by Paul Jæger

Send us a text

How does one of the world’s largest cybersecurity companies collect and share their Threat Intelligence? 

For this episode, Ryan Olson, Vice President of Threat Intelligence (Unit 42) at Palo Alto Networks, joins Robby for a chat about Palo Alto Networks’ telemetry pool and how Threat Intelligence has evolved over the last decade.

His team, Unit 42, are responsible for collecting, analysing and producing intelligence for a large number of organisations worldwide, and Ryan shares what goes on in the Unit 42 team when an event like Log4shell occurs.

He also looks back at the major trends they observed in 2021, and what new adversary techniques and potential attack paths interests him the most these days.

Produced by Paul Jæger

Send us a text

Insider threats | In Norwegian only

Where should organisations start to protect themselves from insider threats?

For this episode on insider risks, Robby is joined by Frode Skaarnes, COO at Lørn, a startup creating digital learning programs, with long experience from The Norwegian National Security Authority (NSM), as well as Kristian Haga from mnemonic’s Governance Risk and Compliance department.

They share from their experience working to help organisations minimise their risks of insider threats towards both the public and private sector, discuss how insiders often operate and why it’s especially important to separate between intentional and unintentional insiders.

Frode and Kristian also go into what organisations can do to pre-emptively minimise their own risks, and how working from home during the pandemic has impacted how we approach this risk. 

Related reading:
https://nsm.no/regelverk-og-hjelp/rad-og-anbefalinger/grunnprinsipper-for-personellsikkerhet/introduksjon/
https://www.mnemonic.no/globalassets/security-report/we-need-to-talk-about-insider-threats.pdf 

Producer: Paul Jæger

Send us a text

Does your managed SOC suck?

Are you fighting today’s war with yesterday’s weaponry?

Morten Munck, Engagement Manager at the cybersecurity advisory company Improsec, joins Robby to discuss his much-shared article “Does your managed SOC suck?” with the top ten red flags suggesting that your managed SOC provider should step up their game.

Morten has a background from finance and telecommunication and holds a strong profile within Blue Teaming - particularly SIEM, SOC and detection engineering, and has long experience helping customers build and operate their SOCs.

During this episode, they discuss gathering the right telemetry, stale use-case catalogues, and how you know if it’s time to start looking elsewhere.

Related reading: https://improsec.com/cyber-blog/does-your-managed-soc-suck

Produced by Paul Jæger

Send us a text

Project 2030: Future trends in security

To share the findings from his new report and webseries called Project 2030, Rik Ferguson, the Vice President of Security Research at Trend Micro, chats with Robby about what role cybersecurity will play in year 2030.

Rik has used his over twenty-five years of experience in information security looking forward, sharing what he’s found when trying to anticipate the next ten years of technology, and what opportunities that will mean for cybercriminals. As well as their impact on security, both for the enterprise and for society as a whole.

In their discussions they go into what will change in the sensors and wearables space, and topics like 4D printing, neuralink and cyber-implants. As well as the ethical considerations to the worth of our data and technical tools helping us telling facts from fiction. Rik also shares what he considers the biggest collective risks going forward from a security perspective.

Related reading: https://2030.trendmicro.com/

Produced by Paul Jæger

Send us a text

CMMC: Cybersecurity Maturity Model Certification

Your security reflects your maturity.

For this episode, Robby is joined by two of mnemonic’s security experts from our Governance, Risk and Compliance department to talk about CMMC and the alphabet soup that comes with it.

Both of them have experience preparing organisations for what CMMC actually means for them. Anders Hval Olsen as an Information Security Management Implementation subject-matter expert, and Kenneth Crawford, using his long experience with US Defense and defense contracting, among other things as a Cybersecurity Manager at Lockheed Martin.

They discuss how the new cybersecurity requirements to work with the US Defense industry will influence both US organisations and international subcontractors performing everything from software development to human resource services. As well as what CMMC actually means for securing your supply chain and investing in your security posture, why they believe every security professional should have knowledge of CMMC and how CMMC 2 differs from the original certification model.

Related reading: https://www.mnemonic.no/blog/cmmc/

Producer: Paul Jæger

Send us a text

The business of cyber security: Mergers & Acquisitions

What separates the acquisitions that go well from those that don’t?

To discuss the business side of security, Robby is joined by Brian Contos; returning guest, fellow podcast host, serial security entrepreneur and CISO & Vice President of Mandiant Security Validation. 

Mandiant Security Validation, previously known as Verodin, was acquired by Mandiant little over two years ago. In this episode, Brian shares from his experience going through that process, as well as other similar transitions he’s been a part of throughout his 25 year long career in security.

In their discussions, they go into everything that leads up to an acquisition decision, picking the right company with the right DNA and how to get the two companies to fit together.

Brian also shares what he’s learned about how to start your own security company, and why he believes there’ll be more mergers and acquisitions happening in the security space in the next years than we’ve seen in the last two decades.

Producer: Paul Jæger

Send us a text

Initial Access Brokers (IABs)

The growth and professionalisation of the Initial Access Market has fascinated many in recent years. Few know as much about who the threat actors operating in these markets are, and how the market of providing others with remote access to corporate networks work as   Dmitry Shestakov, Head of Cybercrime Research at the cyber intelligence company Group-IB. 

In his conversation with Robby, Dmitry shares some of his findings after researching these underground communities over several years. He also goes into how his team of researchers work with Initial Access Brokers, and shares some light onto some of their on-going investigations.

They also discuss where these groups operate from, how many of them manage to remain uncovered, and who they actually sell their information to.

Producer: Paul Jæger

Send us a text

Communicating threat intelligence to management

For this episode, Robby has invited someone with a unique expertise of the threat landscape in the finance industry. Freddy works as a Senior Threat Intelligence Analyst at the Nordic Financial CERT, a nonprofit organisation owned by the financial institutions in Norway, Sweden, Demark, Finland and Iceland.

By receiving data from and supporting their 220 member financial institutions on tasks like incident response, anti-fraud and threat intelligence, the Nordic Financial CERT has a one of a kind overview of the threat these organisations are facing.

Freddy shares with Robby how they work to make sure their members are defending themselves against their most relevant threat actors, how they approach intelligence, and translating technical analyses to a language understood by the entire business.

They also discuss what the data the Nordic Financial CERT has access to can tell us about changes in the ecosystem of organised crime groups targeting financial institutions.

Producer: Paul Jæger

Send us a text

Buying security products

Purchasing cybersecurity solutions and services can be challenging. Not only is the industry rapidly evolving, but there is rarely a case where solutions can be compared "apples to apples."  

In this episode, we explore the procurement of cybersecurity solutions. Robby is joined by Thor Milde, SVP - Head of IT Access Management at DNB, sharing his experiences from one of the largest banks in the Nordics, and Øyvind Nordvik, BID Manager in mnemonic, with more than 10 years of experience from procurement.

They discuss where the seller and customer side have mutual interests, and the role of procurement departments. And they try to answer the question; how can we make sure we buy the right services? For the right price?

 Producer: Paul Jæger 

Send us a text

How is it possible for the insurance industry to adapt to a cyber threat landscape that is continuously changing?

To try to answer that, and explain the evolution the cyber insurance field has gone through the last few years, Robby is joined by Jens Zakarias and Paul Jæger from Riskpoint, a global insurance underwriter agency.

They dive into how cyber insurance differs from more traditional insurance, and the five things every organisation needs to have in place for an insurance company to even consider them as a client.

 Producer: Paul Jæger 

Send us a text

Can threat intelligence be automated?

If so, what can be automated, and what should still be left in the hands of human analysts?

With us today, we have PhD. Martin Eian, Head of R&D in mnemonic. He sits down with Robby to speak about his team’s part in building a security platform to prevent cyber-threats together with nine other European organisations. The research project bringing these organisations together is called SOCCRATES, and is part of the European Union's Horizon 2020 Research and Innovation program (https://www.soccrates.eu/).

Martin describes how the research project aims to semi-automate threat intelligence in a platform for security operations centres (SOCs) and incident response teams, to help them better detect attacks and make the correct decisions on how to handle them.

He also shares some of his experience with how companies are actually working with threat intelligence today.

Technical level: 3/5

Producer: Paul Jæger

Send us a text

Luck favours the prepared.

For this non-technical episode, Robby welcomes someone with a lot of experience working with a particular consequence of security incidents: crisis communication expert Lasse Sandaker-Nielsen. Lasse is a Senior Advisor at First House, one of Norway's largest communications and public affairs agencies, and joins Robby for a discussion on crisis communication best practices from the cybersecurity space, and the most effective ways to respond when you're in crisis mode.

Lasse also shares some of his communication war stories, and his take on whether or not honesty is in fact the best policy.

 Producer: Paul Jæger

Send us a text

Try to prevent what you can, detect what you can’t prevent and hunt for what you can’t detect.

For this episode about threat hunting, Robby is joined by Andreas Bråthen, Team Lead for threat hunting at mnemonic. Andreas has worked on mnemonic’s threat hunting program for the past three years and shares some of his insights into why the threat hunting domain is so difficult to navigate, and how he defines this somewhat abstract term.

He also goes into detail about the process behind the way mnemonic does threat hunting on a daily basis, what kind of technology you need to support this kind of program, and the difference between the structured and unstructured approach to threat hunting.

Producer: Paul Jæger 

Send us a text

Why should a CFO care about security?

Is the Chief Financial Officer (CFO) role inherently occupied with saving money, or is it clear for someone in that role that there’s value in spending the extra dime on something like security? Or is the answer somewhere in between?

To help him find the answer to this, Robby welcomes Øyvind Sten Bjerkseth, the new CFO at mnemonic, both to the company and the podcast. 

Prior to joining mnemonic, Øyvind served 5+ years in CFO roles and brings 15 years of experience from Management Consulting, Corporate Finance and Private Equity. He chats with Robby about how security people can get the attention of someone like a CFO, the importance of risk management, and how the CFO role has evolved beyond cost-savings.

Producer: Paul Jæger

Send us a text

Stress and security

How do you manage your stress level when the very nature of your work is to be on high alert?

In this episode we step away from the technology to focus on the stress of working in security, how it impacts our health and personal lives, and methods for keeping stress in check.

Stress is something we’re all familiar with, especially in our field of work. Diving into this topic, Robby is joined by Edwin Doyle, Global Cyber Security Strategist at Check Point, and Emiliya Zhivotovskaya, CEO and Founder of The Flourishing Center. Edwin has more than 20 years of first-hand experience in stress in the security industry, and Emiliya holds degrees specialising in Applied Positive Psychology and has trained more than 1,500 practitioners around the world. Together they navigate the stress landscape of the cybersecurity industry, the science of stress, and discuss various tools and methods to deal with stress.

https://www.mnemonic.no/podcast 

Send us a text

Internet of Things | Privacy miniseries

Previously in this miniseries, we’ve discussed the challenges of online privacy with experts in that field. In many ways, what can be known about us through our online behaviour pales in comparison to what someone can find out about us by monitoring measurements of the real world, through ours and others’ Internet of Things (IoT) devices. 

This is what we’ll be talking about today, as we’re joined by Tim Panagos, Co-Founder and CTO of Microshare, a company helping data owners securely store and act on high-volume IoT data using policies with what they call “ridiculous levels of auditing”.

Robby and Tim discuss what happens to privacy when there is no “opt-out button”, and Tim shares his take on how we can organise privacy rules and principles in complex IoT ecosystems.

 Producer: Paul Jæger 

Send us a text

In this episode, you’ll learn about the digital canaries; honeypots.

Honeypots are passive monitoring systems that appear to be legitimate parts of an organisation’s core infrastructure, designed to alert you about someone trying to illegitimately enter your infrastructure, and help you get insight on the attacker’s tactics, techniques, and procedures. 

Someone with a lot of experience using honeypots is IT & OT Industrial specialist Mikael Vingaard. Mikael has experience working with OT security in industrial control systems (ICS)/ SCADA environments from many of the major energy institutions in Denmark, like Energinet.dk, Danish Energy Agency and EnergiCERT, and now works to educate others about the benefits of honeypots and providing in-house honeypots to organisations. 

Mikael is joining Robby from his test lab to speak about the benefits of using honeypots, the threat landscape for OT systems, as well as what kind of organisations can use honeypots and the maturity level required for doing so.

https://www.honeypot.dk/

Producer: Paul Jæger

Send us a text

The World of Open Source

How do you know that the open source you are using is secure?

This episode, Robby is joined by Daniel Wisenhoff to talk about open source management. Daniel is the CEO & Co-Founder of Debricked, a Swedish company aiming to help organisations use open source securely in their own software development.

During their conversation, they discuss how most organisations work with open source, and how we can become better at using it. As well as what potential security risks are associated with open source, like vulnerabilities, license issues and poor community health.

https://debricked.com/

Producer: Paul Jæger

Send us a text

The future of privacy | Privacy miniseries

Is privacy a myth for anyone with a smart phone? Can we actually control what our devices are sharing about us?

We’re continuing our miniseries about privacy with Edwin Doyle, Delegate & Constituent for the World Economic Forum Taskforce on Data Intermediaries, and Global Security Strategist at Check Point.

Eddie chats with Robby about what the Taskforce on Data Intermediaries is working on, and how it might change how we share information in the future, the role of blockchain in this vision and making information about what is being shared about us more accessible.

Stay tuned for more episodes on privacy in the coming weeks.

Host: Robby Peralta 

Producer: Paul Jæger

Send us a text

What's the worst that can happen with your email?

For this episode, Robby has invited Korstiaan Stam, Digital Forensics & Incident Response Manager in PwC Netherlands, to pick his brain about Business Email Compromise (BEC).

Korstiaan has a lot of experience working with email fraud, and throughout their conversation he shares many of his war stories. He explains the many different ways adversaries are exploiting organisations through this attack vector, and what they can actually do once they gain access to your email.

They also discuss the professionalisation of BEC, what steps are essential when doing BEC investigations, and SolarWinds.

https://github.com/PwC-IR/Business-Email-Compromise-Guide

Host: Robby Peralta 
Producer: Paul Jæger

Send us a text

We’re continuing our new miniseries about privacy with cyber security researcher Hanna Linderstål. 

Hanna is the Founder and CEO of Earhart Business Protection Agency, a company providing research for governments and organisations on disinformation and online threats. Robby has invited Hanna to discuss modern cyber espionage and lawful intercept; the practice of enabling agencies with legal authorisation to do electronic surveillance of individuals.

They also chat about how cyber espionage has changed after the COVID-19 pandemic, the SolarWinds supply chain attack, and how much data we are giving up about ourselves without really thinking it through when installing and using apps.

Stay tuned for more episodes on privacy in the coming weeks.

Technical level: 1/5

Host: Robby Peralta
Producer: Paul Jæger

Send us a text

Your phone is spying on you | Privacy miniseries

Do you know what your favourite apps are doing with your data? And who exactly are these entities that are capitalising on selling this kind of information?

We’re kicking off our new miniseries about privacy with investigative journalist Martin Gundersen.

Martin works at NRK, the Norwegian public broadcaster, where he writes about IT security, privacy and social media. He’s here to tell Robby about what he’s found after working on a news story about data brokers, companies that gain access to mobile app data, since 2019. His findings have received international attention, and he talks with Robby about the privacy risks associated with these companies and shares his thoughts about what we can do to prevent or limit being tracked.

Stay tuned for more episodes on privacy in the coming weeks.

https://nrkbeta.no/2020/12/03/my-phone-was-spying-on-me-so-i-tracked-down-the-surveillants/

Technical level: 1/5

Host: Robby Peralta
Producer: Paul Jæger

Send us a text

What are you doing to make the internet a safer and more private place?

This episode, Robby welcomes John Todd, Executive Director of the non-profit organisation Quad9. Quad9 is a free, recursive DNS solution that partners with threat intelligence providers from all over the world to block websites that try to harm our computers (through things like malware, spyware, botnets, phishing sites, etc.).

John chats with Robby about their DNS system, how they’re different from most paid services, and their charter to making the internet a safer and more private place. He also shares some war stories and discusses what effects they’re seeing from COVID-19 in their feed.

https://www.quad9.net/

Technical level: 2/5

Host: Robby Peralta

Producer: Paul Jæger

https://mnemonic.no/podcast 

Send us a text

Nuclear cyber security | OT miniseries

We’re continuing our Operational Technology (OT) miniseries where we look into the security challenges in the OT space.

This time, Robby is joined by Nicholas Burnet and Guido Villacis from EDF Energy, Europe’s largest nuclear provider. EDF owns and operates eight (soon nine) nuclear power stations in the UK, and Nicholas and Guido work at EDF’s unit for New Nuclear Build, as CISO and Instrumentation & Control (I&C) Cyber Security Lead respectively.

During their conversation, they discuss where IT fits in in a modern nuclear power plant, and where the boundary between IT and OT is in their organization. Nicholas and Guido also share how they navigate their threat landscape, and finding the balance between what you connect and what you choose to disconnected from the wider world.

Technical level: 1/5

Host: Robby Peralta

Producer: Paul Jæger

https://mnemonic.no/podcast 

Send us a text

We're kicking off 2021 with a timely conversation about software security, this time with two individuals that are more than qualified for the job - Dr. Daniela S. Cruzes and Espen Johansen.

Dr. Cruzes  is a Professor at the Norwegian University of Science and Technology (NTNU) and Senior Research Scientist at SINTEF, and has been working with Espen Johansen (Product Security Director at Visma) on strategies to incorporate security into development processes. As you will tell from their conversation they have made tremendous progress, and have lots of experience to share for those of you that would like to do the same. 

Building an Ambidextrous Software Security Initiative:
https://www.igi-global.com/gateway/chapter/259177

Technical level: 1/5

Host: Robby Peralta

Producer: Paul Jæger

https://www.mnemonic.no/podcast 

Send us a text

Technology isn't the problem | OT miniseries

For our last episode in 2020, we’re continuing our Operational Technology (OT) miniseries where we look into the security challenges in the OT space. 

This episode, Robby is joined by Mitchell Impey, ICS Security Analyst at the Danish Energy and Telecommunications company Norlys. Mitchell explains how he does threat hunting in their OT environment, affecting their more than 1,5 million customers. He also dives into what you need to have in place to do proper threat hunting.

But what does all of this have to do with lemons?

https://www.businesswire.com/news/home/20201020005075/en/Cybersecurity-is-the-New-Market-for-Lemons-Research-Supports

Technical level: 2/5

Host: Robby Peralta

Producer: Paul Jæger

https://mnemonic.no/podcast   

Send us a text

SIEM is DEAD?

Ready to time travel through the last 20 years of security monitoring? To guide us we have Dr. Anton Chuvakin, recognized security expert and the man behind the term EDR! Anton shares from his long experience in the field, among other as VP of Research and Distinguished Analyst at Gartner and working with security solution strategy at Google Cloud.

Anton chats with Robby about the evolution of Security Information Event Management (SIEM) technology, its mission and reputation. As you can imagine, he also has a lot to say about the future of security monitoring.

Technical level: 4/5

Host: Robby Peralta

Producer: Paul Jæger

https://www.mnemonic.no/podcast 

Send us a text

Are we secure enough? Are we exposed? What are our key cyber risks?

Our podcast guest this week is a veteran in the IT space in the financial sector, and has extensive experience communicating security posture to stakeholders. Erik Blomberg, CISO in the Swedish Handelsbanken, chats with Robby about what management really is wondering about, and how to communicate the value your security team is delivering to the organization. 

He also shares how he’s worked to translate tech terms into actual business value, and how the CISO role has changed in recent years.

Technical level: 1/5

Host: Robby Peralta

Producer: Paul Jæger

https://www.mnemonic.no/podcast 

Send us a text

Morten and Robby recorded this session as part of their virtual presentation at the CERT-IS conference in Iceland last month. The episode is also available in video: https://youtu.be/Izfb7-wA_0I 

For this episode, Robby welcomes Morten Weea from mnemonic’s Threat Intelligence team. Morten is a PhD candidate researching decision-making in incident response and an experienced Incident Handler that often works with advanced persistent threats (APTs).

Robby picks his brain about what actually goes down when a customer calls after realizing what shouldn’t have happened, has happened.
Or even more importantly, what his advice is for organizations before a serious incident occurs. They also discuss when it’s appropriate to trigger a full-scale incident response, and what sort of incidents shouldn’t. 

Technical level: 2/5

Host: Robby Peralta

Producer: Paul Jæger

Send us a text

For this episode, we’re happy to have Sebastian Takle from the DNB Financial Cyber Crime Center (FC3) with us to share how one of the largest banks in the Nordics works with Threat Intelligence. Sebastian is Subject Lead for Threat Intelligence at FC3, and in his conversation with Robby he explains their threat actor centric approach to TI.

We also get to hear what threat actors they are observing and are most concerned about, and the importance of identifying who.

Technical level: 1/5

Host: Robby Peralta

Producer: Paul Jæger

https://www.mnemonic.no/podcast 

Send us a text

Why is it so difficult for security people to speak to developers? And the other way around…

For this episode, Robby has invited a veteran to the software security game, Nick Murison, Security Practice Lead at Miles. Nick started off as a penetration tester, and has been passionate about software security and training developers to think about security upfront for close to two decades.

They speak about software security within the development lifecycle, and bridging the gap between developers and security people. Nick also explains how he believes more organizations can get security into their development, and dives into the question “is DevOps really increasing or decreasing your security risks?"

Send us a text

Forensic Readiness | OT miniseries

We’re continuing our Operational Technology (OT) miniseries where we look into the security challenges in the OT space. 

This time around, Robby’s invited a fellow security podcaster and former head of forensics at Volvo, Rikard Bodforss.

Rikard has been working with security in the Industrial Control Systems (ICS) and OT space for a long time, both from the private sector and as IT and Security Manager in the City of Gothenburg’s water and waste department. In his conversation with Robby he shares from his experience in the field, and explains what exactly forensic readiness is, and why it’s important. He also shares what he believes are some generic truths and recommendations for organizations that operate in ICS and OT environments.

Stay tuned for more episodes in our OT miniseries coming soon.

Technical level: 2/5

Host: Robby Peralta

Producer: Paul Jæger

https://mnemonic.no/podcast 

Send us a text

How do we go from data to information, and from information to intelligence in the cyber world?

Who better to try to explain this than the former Director of the national communications and security agency in the Netherlands, Job Kuijpers, and his colleague and trusted advisor for Threat Intelligence, Piet Kerkhofs. After more than 15 years in the Dutch government's cyber program the two of them founded the cyber security company EYE, and in their conversation with Robby they share from their vast and hands-on experience working with threat intelligence.

In this episode, you’ll hear about the most common misconceptions about threat intelligence that they’ve come across, and how much and what should be automated in threat intelligence – and what shouldn’t.

They also discuss what’s required by an organisation buying/receiving threat intelligence, and how to evaluate if your organisation actually needs threat intelligence tools for its security work.

Technical level: 2/5

Host: Robby Peralta

Send us a text

This time, Robby has invited his most recent online friendship and the uncrowned king of open source, Simon Simonsen, to the podcast. Simon also happens to have a lot of experience developing and utilising security architecture defense strategies, or as he calls it; utilising your home court advantage.

Simon has over a decade of experience in security and is working as a Senior Information Security Officer at the Danish energy trading house Danske Commodities (DC).

In his discussion with Robby, he explains his mostly open source approach to protecting his home court by using OODA Loops (Observe, Orient, Decide and Act) and by knowing that as long as you know your network better than any adversary, you should come out winning. He also shares his approach to making sure you do know your network better, as well as his journey with OODA Loops.

Hunting ELK: https://github.com/Cyb3rWard0g/HELK 

The Open Source Security Events Metadata (OSSEM): https://github.com/OTRF/OSSEM

Security Onion: https://securityonion.net/

Sentinel ATT&CK: https://github.com/BlueTeamLabs/sentinel-attack

Technical level: 4/5

Host: Robby Peralta

Send us a text

How can we prove cybersecurity effectiveness?

With USD 124 billion being spent worldwide on IT security last year alone, it's no wonder this is a question many would like the answer to. However, finding a quantitative metric to evaluate security investments, outside of positive effects like diminishing risks and reducing the amount of bad things happening, is not straight forward.
 
To help us navigate this question, Robby is joined by someone with a lot of experience making security investments effective. Brian Contos has a long list of merits after his more than two decades of experience working in the cybersecurity field. He has also written several security books and is an award-winning podcaster. Brian is now CISO & VP Technology Innovation in Mandiant Security Validation, also known as Verodin, a business platform for measuring and managing cybersecurity effectiveness.

Technical level: 1/5

Host: Robby Peralta
Producer: Paul Jæger

https://mnemonic.no/podcast

Send us a text

For this Norwegian episode of the mnemonic security podcast, Robby and co-host for the day Manager of Governance, Risk & Compliance at mnemonic, Gjermund Vidhammer, are joined by two major actors in the Norwegian cyber landscape: Robin Bakke, Specialist Director for Cyber Security at the Ministry of Justice & Public Security, and Bente Hoff, Director National Cyber Security Center (NCSC) at the Norwegian National Security Authority (NSM). 

They discuss the importance, and the many different arenas, of private-public cooperation both in Norway and internationally, and share the Ministry and NSM’s thoughts on what’s important for digital security these days – and where they see most risk.

Related reading:
Nasjonal strategi for digital sikkerhet: https://www.regjeringen.no/no/dokumenter/nasjonal-strategi-for-digital-sikkerhet/id2627177/
Nasjonal Sikkerhetsmåned: https://norsis.no/nsm/

Technical level: 1/5

https://mnemonic.no/podcast 

Send us a text

How can we best apply data science techniques to gain security visibility? 

What data you collect obviously affects your detection capabilities, but as many have painfully experienced; there can be too much of a good thing!

In this episode, Robby is joined by Jeff Barto. He is the Chief Security Officer at a large hedge fund in the US, has worked in security for over 20 years and has a lot of experience asking himself the question “how much data is enough?”. Jeff takes us through what types of data is he collecting and why, and how to collect data smartly to get the detection capabilities you need. 

Robby and Jeff also discuss their take on the future of data science and security visibility, and whether now is the time to ditch people and leave security for the machines? 

Technical level: 3/5

https://mnemonic.no/podcast 

Send us a text

How effective is the use of Key Performance Indicators (KPIs) in security? Are they even relevant, and if so, do KPIs work differently for security teams than others?

In this episode, Robby chats with someone that’s had a lot to do with KPIs, both in his position as the former Head of the government CERT in Denmark (GovCERT), as well as a SOC Analyst for more than 10 years. Marc Andersen shares his experiences chasing KPIs, and discusses whether self-governance is a better alternative for security teams. 

Technical level: 1/5

Host: Robby Peralta

Producer: Paul Jæger

https://mnemonic.no/podcast 

Send us a text

Who better to continue our Operational Technology (OT) miniseries with than KraftCERT, the Norwegian Energy and Control System CERT!

KraftCERT helps industrial control system (ICS) related industries establish incident response teams, build digital security processes, and get a better understanding of the threat landscape. With us for this episode, we've invited someone that has been with KraftCERT from the start; Senior Security Analyst Lars Erik Smevold.

Lars Erik shares with us what affects the threat landscape for KraftCERT's member organisations, the most common threats he's seeing targeting them, and how he hopes the industry will continue to move towards making cyber incidents targeting ICS and OT systems public.

Stay tuned for more OT specific episodes, where we look into the security challenges in the OT space, in the coming weeks.

Technical level: 1/5

Send us a text

For this episode, Robby has invited two experts that see privileged access management (PAM) from two different viewpoints. From the customer side he has Thor Milde, SVP and Head of IT Security Services in Norway's largest bank DNB, share his PAM journey - and from the consultant side Michele Paci, IAM Executive Architect in IBM, explains what he's learned after working with identity and access for a large portion of his professional life.

In the episode, they share insights from both sides of the fence on how most companies are handling PAM today, the effects of cloud on the PAM world and how they would like to see PAM evolve in the future.

Technical level: 3/5

Host: Robby Peralta

Producer: Paul Jæger

https://mnemonic.no/podcast 

Send us a text

In this episode, we continue our Operational Technology (OT) miniseries where we look into the security challenges in the OT space. 

This time, Robby chats with PhD Andrea Carcano on the importance of visibility in OT environments. Andrea is passionate about the security of industrial control systems (ICS), and the Co-Founder of Nozomi Networks, a US based industrial cyber security company helping many of the largest industrial sites around the world.

They discuss the role of threat intelligence in the OT sphere, how to understand what you actually have inside your critical infrastructure, and what challenges he talks to his customers about nowadays.

Stay tuned for more OT specific episodes in the coming weeks.

Technical level: 2/5

Host: Robby Peralta
Producer: Paul Jæger

https://mnemonic.no/podcast

Send us a text

In this episode, Robby chats with Erlend Gjære, Co-founder and CEO of Secure Practice, on how to turn an organisation’s users into its last line of defense against email threats. 

Erlend has spent most of his career studying people and their email habits. At Secure Practice he combines scientific research and employee behavior to find out how to best reach through with security awareness messaging in organisations, by identifying why people do what they do, how they do it, and most importantly, how to make them do it securely.

Robby and Erlend discuss email as an attack vector, and what companies are doing to protect themselves. They also talk about what is actually working nowadays in terms of security awareness, and what the most successful companies are doing. 

Technical level: 1/5

Host: Robby Peralta
Producer: Paul Jæger

Suggested reading:
https://www.mnemonic.no/security-report-2020/the-missing-link-in-email-security

https://mnemonic.no/podcast

Send us a text

The CISO role in Operational Technology (OT) means securing environments where digital and physical worlds meet, and where a service disruption in the digital space can have a direct and immediate impact on our physical world.

In this episode, Robby wants to know how a CISO handles the challenge of securing both IT and OT environments.

To kick off our miniseries on OT, Robby welcomes Karsten Duus Wetteland, CISO at BKK. BKK is a leading organisation within renewable energy, working to replace fossil fuels by electrifying everything from fishfarms, cars and cruise ships, to the oil and gas industry's offshore power supplies.

Karsten shares how they are finding new methods to identify risks when the risk spectrum spans from trees falling over power lines to hacked fish tanks. And how to avoid IT risks becoming OT risks.

Stay tuned for more OT specific episodes in the coming weeks.


Technical level: 1/5

Host: Robby Peralta
Producer: Paul Jæger


https://mnemonic.no/podcast

Send us a text

In this episode, Robby chats with two experts from mnemonic that are highly passionate about microservices; security researcher Andreas Claesson and Head of Development of our Argus security platform, Joakim von Brandis.

Andreas explains how he works with microservices with customers, and what the dark side of microservices are regarding security. Joakim returns to the podcast to show how mnemonic's Argus security platform made the transition over to microservices. If you haven't heard Joakim's first episode, we recommend you check it out (episode 4 - Under the hood of Argus).

Have a listen to learn how microservices are useful, and what companies that use microservices should be monitoring for.

Technical level: 3/5

Host: Robby Peralta
Producer: Peter Harket

Show notes:
https://www.mnemonic.no/security-report-2019/ 
https://www.mnemonic.no/globalassets/security-report/serverless-security.pdf
https://www.mnemonic.no/mnemonic-security-podcast/episode-4/
https://aws.amazon.com/whitepapers/

https://mnemonic.no/podcast 

Send us a text

How to best avoid being stuck in Groundhog Day?

In the second part of our mini series about SOAR, Robby chats with a gentleman that was referred to as The Godfather of SOAR in the first episode of the series.

Rob Gresham, SANS Instructor specialising in automation for Security Operation Centers and a Security Solutions Architect at Splunk, takes us through how to be successful with automation, the evolution of Phantom and what he thinks he will be spending his time on going forward.

Technical level: 2/5

Host: Robby Peralta
Producer: Paul Jæger

Show notes:
"Hacking your SOEL. SOC Automation and Orchestration – SANS Security Operations Summit": https://www.youtube.com/watch?v=_mnxZ1iSUGg

https://mnemonic.no/podcast 

Send us a text

Do it smart, so you won't have to do it again.

In this episode, we chat with Tibor Földesi, Security Automation Analyst in Norlys, one of the largest Telco & Energy companies in Denmark. At Norlys, his main motivation is to get more time to enjoy his coffee, which directly correlates with his ability to automate what can be automated.

Tibor and Robby discuss what we can and cannot automate within security, as of now. And Tibor shares his recommendations for SOAR vendors.

Technical level: 2/5

Host: Robby Peralta
Producer: Paul Jæger

Send us a text

In this episode, we chat with the people in charge of the healthcare and sensitive data collected in what is amongst the world's largest COVID-19 studies to date.

The study known as the Corona Study, is lead by the Oslo University Hospital and aims to examine how the coronavirus spreads in Norway. At the time this episode was recorded the study had been available for 19 days and more than 122 000 people had already answered the questionnaire. 

Dr. Gard Thomassen and Leon Charl du Toit work in an organisation called TSD at the University of Oslo. TSD (in Norwegian) is an abbreviation for "Service for sensitive data" and is a big data/ security platform that researchers use to carry out their studies. 

We talk about how the sensitive data collected is handled in terms of security, and how they were able to set up the infrastructure for the study in less than 24 hours. 

Technical level: 2/5

Show Notes:
https://tv.nrk.no/serie/nyheter/202004/NNFA41017520/avspiller (from minute 12:20)

https://www.uio.no/english/services/it/research/sensitive-data/ 

https://www.usit.uio.no/om/aktuelt/2020/koronastudien.html 

Host: Robby Peralta
Producer: Peter Harket

Send us a text

Who should own Identity and Access Management in an organisation?

In this episode,  Robby speaks to Espen Skjøld from Sailpoint about the evolution of Identity and Access Management - and he also found some interesting people to discuss this with from Equinor and UCPH on the floor of the Nordic Cyber Series in Copenhagen. 

Technical Difficulty: 1/5

SailPoint: Espen Skjøld 
Equinor: Deric Stroud
UCPH: Poul Halkjær Nielsen

Host: Robby Peralta
Producer: Paul Jæger

https://mnemonic.no/podcast 

Send us a text

In this episode, we speak with a security expert that is actually willing to pay money to "hackers" - the Product Security Director in Visma, Espen Johansen.

As you can imagine, eliminating software vulnerabilities in a company with 5,000 developers is no easy task. Mr. Johansen and his developers always aim to improve the security of their software, among other things through organising both private and public bug bounty programs. If you are interested in bug bounty programs, this interview is a great place to start! As he shares his advise for when and what it takes for an organisation to be ready for bug bounty.

Technical difficulty: 2/5

 Host: Robby Peralta
 Producer: Paul Jæger

Related reading:
https://hackerone.com/visma

https://www.visma.com/trust-centre/smb/security-and-privacy/operational/responsible-disclosure/

https://www.visma.com/trust-centre/smb/security-and-privacy/operational/responsible-disclosure/hall-of-fame/

Send us a text

In this episode, we chat with the former Head of the SOC at the Norwegian National CERT, and current member of mnemonic’s Threat Intelligence team. She also happens to have a personal interest in the "Internet of Things" and medical devices. 

In 2011, Marie Moe received a pacemaker to help her heart maintain a consistent beat. As a security researcher, she felt the need to do her homework and figure out everything she could about the device that had newly been introduced to her body. What she found prompted her to join the "I Am The Cavalry" group,  an organisation focusing on the impact computer security has on public safety and human life, which since then has lead a revolution in the medical device industry. 

Technical level: 1/5

Host: Robby Peralta
Producer: Paul Jæger

Show notes:

Hippocratic Oath for Connected Medical Devices: https://www.iamthecavalry.org/domains/medical/oath/

Software Transparency and the SBOM multistakeholder process at the US NTIA: https://www.ntia.doc.gov/SoftwareTransparency

New EU regulations for medical devices: https://ec.europa.eu/growth/sectors/medical-devices/new-regulations_en

Send us a text

In this episode, we chat with the CISO of consumer goods conglomerate Orkla - Antonio Martiradonna. 

In 2017, he accepted the task of building up a security organisation to secure 300 brands, helping us to keep food in our fridges and beauty products in our bathrooms. In our conversation, we discuss the following:

·       How it has been to build a security organization from the ground up

·       How to work with the governance of so many brands

·       Security around the physical production of products

Technical level: 1/5
 
 Host: Robby Peralta
 Producer: Paul Jæger

Send us a text

In this episode we pick the brain of a Senior Vice President and CISO for a multinational insurance enterprise – Bjørn Watne of Storebrand. 

In our discussions with Mr. Watne, we touch upon the topics of:

-          3rd party risk management,

-          “Selling” IT-security to the business, and

-          Security awareness training & programs

Technical level: 1/5

Host: Robby Peralta
Producer: Paul Jæger

Send us a text

In this episode we chat with two of the main contributors to the #OutofControl report, Finn Myrstad, Digital Policy Director for the Norwegian Consumer Council and Tor Bjørstad, Application Security Lead in mnemonic.

The report uncovers how every time we use apps, hundreds of shadowy entities are receiving personal data about our interests, habits, and behaviour. This information is used to profile consumers, which can be used for targeted advertising, but may also lead to discrimination, manipulation and exploitation.

Want to read the report? Click here: https://www.forbrukerradet.no/out-of-control/

Technical level: 1/5

Host: Robby Peralta
Producer: Paul Jæger

Send us a text

In this episode we chat with a cyber insurance underwriter for one of the largest insurance enterprises in the Nordics - Erlend Hjelle from Gjensidige.

We discuss the development of the market, and which types of organizations have been early adapters. Erlend also shares some insight into the types of discussions he has with his clients, and the important considerations which should be taken into account for a company that is interested in such an insurance.

Technical level: 1/5

Host: Robby Peralta
Producer: Paul Jæger

Send us a text

In this episode we chat with a hacker for hire aka pentester for mnemonic - Harrison Sand.

We start out with an update on how it is to work as a pentester these days, where Mr. Sand explains how he works with his customers and what his typical engagements entail. We then move into the concept of crowdsourcing security testing, and Harrison shares his opinions on when an organization should consider using such services, and the differences they should expect when crowdsourcing as opposed to using a "traditional" security consultant. 

Technical level: 3/5

Host: Robby Peralta
Producer: Paul Jæger

Send us a text

In this episode we interview one of the founding fathers of the Argus platform - Joakim von Brandis.
 
He tells us about the background of the platform, why it was created, what it does, and how it is used by security analysts working within mnemonic and its customers. He also touches on the differences between Argus and other security solutions, such as SIEM, IDS and SOAR systems, and how they all work together to detect and respond to security incidents.

Technical level: 4/5

Host: Robby Peralta
Producer: Paul Jæger

Send us a text

In this episode we chat with Angel Alonso, a CISO for hire and team lead for the Governance, Risk and Compliance department in mnemonic.

He shares his experience and opinions around the topic of "cloud security," and provides insight into what organizations should be doing to avoid the front pages due to a misconfiguration.

Technical level: 1/5

Host: Robby Peralta
Producer: Paul Jæger

Send us a text

In this interview we interview the boss of the SOC - Stig Nordby in mnemonic.
 
Stig has worked with dozens of large organizations to build out their cyber defense strategies, and is today a 3rd line security analyst and senior consultant for companies working to build a detection and response capabilities. In this episode, we pick his brain on the following:
 
 - Which types of companies should consider having a SOC?
 - Where should companies start with their security operations journey?
 - What do companies need in terms of resources to make it all work?

Technical level: 3/5

Host: Robby Peralta
Producer: Paul Jæger

Send us a text

In this episode we chat with PhD candidate, and former CISO for mnemonic - Siri Bromander. 

She’s been dedicating her time the past years on improving threat intelligence, specifically the way we can use automation to enrich security incidents and share analysis without losing context. In our discussion we take a closer look at the ACT (Semi Automated Threat Intelligence) platform, which is an open-source platform that Siri has been helping to develop together with the team at mnemonic and several research partners in Norway. If you work in a SOC, or with threat intelligence, this podcast is for you!

Technical level: 3/5

Interested in ACT? Check out the links below!

https://act-eu1.mnemonic.no/

https://github.com/mnemonic-no/act-platform

Host: Robby Peralta
Producer: Paul Jæger

Send us a text