Joining the podcast this week is Eva Galperin, Director of Cybersecurity for the Electronic Frontier Foundation (EFF). She is also the co-founder of the Coalition Against Stalkerware and has long been a champion for providing digital privacy and security for vulnerable populations around the world. “What is stalkerware?” many may ask. Stalkerware is considered a more personal way of invading someone's privacy such as using malware to track a person’s activity on a device.

 Joining us this week are Richard Grabowski, Acting Program Manager for CISA’s CDM Program, and Jonathan McBride, Chief of Adversary Pursuit for CISA’s Threat Hunting Subdivision. We dive into the hot topics of threat hunting, adversary pursuit, the evolution of CISA over the years including the growth and maturity of the organization, the power of public/private partnerships, and the drive for innovation.

Joining us this week is Christian Folini (@chrfolini), co-lead of the OWASP Core Rule Set project, co-author of the second edition of ModSecurity Handbook, and one of the few teachers on this subject. He brings a first to the podcast – a discussion on ModSecurity and the OWASP project! For those that are new to these topics, Christian shares many insights on the OWASP volunteer organization mission and how it serves as the first line of defense against web application attacks.

Closing out Insider Threat Awareness Month with us is Dr. Maria Bada, Ph.D., a Lecturer in Cyberpsychology at Queen Mary University in London and a RISCS Fellow in cybercrime. Maria shares insights on the insider risk challenge through a human-centric lens and the criticality of educational awareness, transparency, and training (Note: check out AwareGo!) to better mitigate the threat. When 98% of organizations are vulnerable to insider risks, and the “accidental” insider is the one most often reported, empowering employees with tools and knowledge to understand and be aware of the threats can really make a positive impact.

Bill Evanina, Founder and CEO of the Evanina Group and former Director of the National Counterintelligence and Security Center, joins the podcast this week to take a deep dive view into an insider threat as September is Insider Threat Awareness Month.

Joining the podcast this week is Ellen Nakashima, National Security Reporter for The Washington Times, and shares insights into the ongoing Taiwan-China conflict. Ellen provides perspective on the much-publicized Pelosi trip to Taiwan and why the timing of that trip raised concerns in China as well.

Joining the podcast this week is Tony Sager, Senior Vice President and Chief Evangelist for the Center of Internet Security. He shares insights from his 45+ years on the security risks front lines, including 34 years at the NSA. Risk was a big theme of the discussion, particularly looking at risk through a similar lens as we view other risky domains, such as the great work being done with the Cyber Safety Review Board. (And he shares color on the power of being okay with the risk of being wrong sometimes).

Joining the podcast this week is Stefan Soesanto, Senior Researcher in the Cyberdefense Project with the Risk and Resilience Team at the Center for Security Studies (CSS) at ETH Zurich. He recently authored the excellent research report “IT Army of Ukraine” that examined in detail how it was stood up out of necessity for what many have called the ‘first cyberwar.’

Join us this week for a discussion with Brian Knappenberger, a producer and director renowned for such documentaries as Web of Make Believe: Death, Lies and the Internet, The Internet's Own Boy: The Story of Aaron Swartz, We Are Legion: The Story of the Hacktivists, and Turning Point: 9/11, to name a few. He shares insights from his recent documentary series Web of Make Believe and also  discusses the trajectory of misinformation through a lens from the 2016 election forward.

We go deep into the dark web and ransomware 2022 with this week’s guest Tom Hofmann, SVP, Intelligence at Flashpoint. He tracks ransomware from its beginnings in 1989 through to present-day ransomware gang shenanigans including Maze double extortion tactics that attackers have enthusiastically embraced. He also gets real on what’s happening on the dark web – and the things that you can’t unsee.