Episodios

  • This week, Audra is joined by Mark Montgomery, senior director of the FDD’s Center on Cyber and Technology Innovation and director of the CSC 2.0. Today’s discussion focuses on the progress made implementing the recommendations of the Cyberspace Solarium Commission’s 2020 report and securing critical infrastructure more broadly, including insights from Mark on the need for a distinct military force focused exclusively on cybersecurity.

    Mark Montgomery serves as senior director of the Center on Cyber and Technology Innovation, where he leads FDD’s efforts to advance U.S. prosperity and security through technology innovation while countering cyber threats that seek to diminish them. Mark also directs CSC 2.0, an initiative that works to implement the recommendations of the congressionally mandated Cyberspace Solarium Commission, where he served as executive director. Previously, Mark served as policy director for the Senate Armed Services Committee under the leadership of Senator John S. McCain, coordinating policy efforts on national security strategy, capabilities and requirements, and cyber policy.

    Mark served for 32 years in the U.S. Navy as a nuclear-trained surface warfare officer, retiring as a rear admiral in 2017. He was assigned to the National Security Council from 1998 to 2000, serving as director for transnational threats. Mark has graduate degrees from the University of Pennsylvania and the University of Oxford and completed the U.S. Navy’s nuclear power training program.

    For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e277

  • This week Eric and Arika discuss the process of creating real innovation in cybersecurity with Audra Simons, Director of Forcepoint’s Innovations Labs.

    For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e276

  • ¿Faltan episodios?

    Pulsa aquí para actualizar resultados

  • Joining us this week is Peter W. Singer, a New York Times bestselling author of books including Ghost Fleet, LikeWar and the techno-thriller Burn In. He shares details on the New America volunteer, non-profit organization and its awesome #SharetheMicinCyber program helping to bring diversity of thought to the cybersecurity front lines. We also discuss the future of social media, what defines a cyberwar, Ukraine’s leverage of social media to garner global support this year, and the great work Useful Fiction is delivering to organizations to address the age old problem of translating complex themes (such as cyber) into compelling business narratives audiences understand and can learn from. And definitely take a few minutes to learn more about Passing the Mic’s cybersecurity fellowship program this week. Read more here: https://www.newamerica.org/the-thread/passing-the-mic-introducing-new-americas-cybersecurity-fellowship/

    Peter Warren Singer is Strategist at New America, a Professor of Practice at Arizona State University, and Founder & Managing Partner at Useful Fiction LLC.

    A New York Times Bestselling author, described in the Wall Street Journal as “the premier futurist in the national-security environment” and “all-around smart guy” in the Washington Post, he has been named by the Smithsonian as one of the nation’s 100 leading innovators, by Defense News as one of the 100 most influential people in defense issues, by Foreign Policy to their Top 100 Global Thinkers List, and as an official “Mad Scientist” for the U.S. Army’s Training and Doctrine Command. No author, living or dead, has more books on the professional US military reading lists. His non-fiction books include Corporate Warriors: The Rise of the Privatized Military Industry, Children at War, Wired for War: The Robotics Revolution and Conflict in the 21st Century; Cybersecurity and Cyberwar: What Everyone Needs to Know and most recently LikeWar, which explores how social media has changed war and politics. It was named an Amazon and Foreign Affairs book of the year and reviewed by Booklist as “LikeWar should be required reading for everyone living in a democracy and all who aspire to.” He is also the co-author of a new type of novel, using the format of a technothriller to communicate nonfiction research. Ghost Fleet: A Novel of the Next World War was both a top summer read and led to briefings everywhere from the White House to the Pentagon. His latest is Burn-In: A Novel of the Real Robotic Revolution. It has been described by the creator of Lost and Watchmen as “A visionary new form of storytelling—a rollercoaster ride of science fiction blended with science fact,” and by the head of Army Cyber Command as “I loved Burn-In so much that I’ve already read it twice.”

    For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e274

  • Joining the podcast this week is Tony Sager, Senior Vice President and Chief Evangelist for the Center of Internet Security and shares insights from his 45+ years on the security front lines, including 34 years at the NSA. Risk was a big theme of the discussion particularly looking at risk through a similar lens as we view other risky domains, such as the great work being done with the Cyber Safety Review Board. (And he shares color on the power of being okay with the risk of being wrong sometimes.) He also shares perspective on moving to incentive-based cyber models (such as what’s been done in Ohio and Connecticut), and the criticality of translating technology, attacks & attackers into public policy and market incentives. And it can’t be a great cyber discussion without addressing the growing sophistication of cyber criminals and their organizations – really becoming the defacto organized crime success path today.

    Tony Sager, Senior Vice President and Chief Evangelist for the Center for Internet Security

    Sager is a SVP and Chief Evangelist for CIS. He leads the development of the CIS Critical Security Controls™, a worldwide consensus project to find and support technical best practices in cybersecurity. Sager champions of use of CIS Controls and other solutions gleaned from previous cyber-attacks to improve global cyber defense. He also nurtures CIS’s independent worldwide community of volunteers, encouraging them to make their enterprise, and the connected world, a safer place. In November 2018, he added strategy development and outreach for CIS to his responsibilities.

    In addition to his duties for CIS, he is an active volunteer in numerous community service activities: the Board of Directors for the Cybercrime Support Network; and a member of the National Academy of Sciences Cyber Resilience Forum; Advisory Boards for several local schools and colleges; and service on numerous national-level study groups and advisory panels.

    Sager retired from the National Security Agency (NSA) after 34 years as an Information Assurance professional. He started his career there in the Communications Security (COMSEC) Intern Program, and worked as a mathematical cryptographer and a software vulnerability analyst. In 2001, Sager led the release of NSA security guidance to the public. He also expanded the NSA’s role in the development of open standards for security. Sager’s awards and commendations at NSA include the Presidential Rank Award at the Meritorious Level, twice, and the NSA Exceptional Civilian Service Award. The groups he led at NSA were also widely recognized for technical and mission excellence with awards from numerous industry sources, including the SANS Institute, SC Magazine, and Government Executive Magazine.

    For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e273

  • Joining us this week is Jennifer Cook, Senior Director of Marketing at the National Cybersecurity Alliance and we discuss all the hot and trending online scams facing consumers today including the growing prevalence of romance scams ($1.3B in losses last year!), job seeker scams, tax fraud scams, sextortion, and the latest scam making the rounds – pig butchering scams. Jennifer shares insights on the many free resources available to consumers – and the awesome work being done by the National Cybersecurity Alliance working with partners and champions around the globe – that raise awareness of what to look for and how to avoid online and mobile scams that take advantage of our day-to-day engagement channels including email, social media and, increasingly, mobile text messages.

    Jennifer Cook, Senior Director of Marketing at the National Cybersecurity Alliance

    Jennifer Cook is the Senior Director of Marketing at the National Cybersecurity Alliance (NCA). Jennifer leads the development and coordination of NCA’s growing suite of campaigns and programs, including Cybersecurity Awareness Month and Data Privacy Week. She joined the National Cyber Security Alliance in 2017 and holds a degree in Marketing from Drexel University.

    For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e272

  • This week we dive into the hot topic of cyber insurance with Dr. Josephine Wolff, Associate Professor of Cybersecurity Policy at Tufts University The Fletcher School and author of the book “You’ll See This Message When it is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches” (MIT Press 2018). We explore the dynamic industry of cyber insurance and key policy areas such as defining cyber war, the impact of the increase of ransomware the last two years (some stats put it at 150% increase!), and how to change security behaviors. She also shares insights on AI and the always looming theme of bias as well as the importance of always keeping a human in the loop. And, be sure to look out for her new book on cyber insurance with MIT Press coming out in August 2022.

    Josephine Wolff - Associate Professor of Cybersecurity Policy at Tufts University's The Fletcher School

    Josephine Wolff is an associate professor of cybersecurity policy and has been associated with The Fletcher School at Tufts University since 2019. Her research interests include international Internet governance, cyber-insurance, security responsibilities and liability of online intermediaries, government-funded programs for cybersecurity education and workforce development, and the legal, political, and economic consequences of cybersecurity incidents. Her book "You'll See This Message When It Is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches" was published by MIT Press in 2018. Her writing on cybersecurity has also appeared in Slate, The New York Times, The Washington Post, The Atlantic, and Wired. Prior to joining Fletcher, she was an assistant professor of public policy at the Rochester Institute of Technology and a fellow at the New America Cybersecurity Initiative and Harvard's Berkman Klein Center for Internet & Society. She received received a Ph.D. in Engineering Systems and M.S. in Technology and Policy from MIT, and an A.B. in mathematics from Princeton. As a student, she also spent time at Microsoft, the Center for Democracy and Technology, the White House Office of Science and Technology Policy, and the Department of Defense.

    https://www.linkedin.com/in/josephine-wolff-1baa414b/

    For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e271

  • Want to know what this week’s episode title means? Listen to our two-part episode with Juan Andrés Guerrero Saade (aka JAGS), principal researcher at SentinelOne and Adjunct Professor of Strategic Studies at Johns Hopkins School of Advanced International Studies (SAIS). JAGS takes us on an exciting and educational ride through his research efforts on Moonlight Maze, one of the first widely known cyber espionage campaigns in world history, and how he came to be a featured hologram in the International Spy Museum in Washington, D.C. He also shares insights on the epic trolling endeavor through the recent “Meteor Express” wiper attack of an Iranian railway and possible ties to early versions of Stardust and Comet malware. And you won’t want to miss his perspective on monetization, Linux flying below the radar, why it’s important to get more savvy in determining what you want from vendors and how a philosophy major found his way into the threat intel space.

    For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e270

  • Want to know what this week’s episode title means? Listen to our two-part episode with Juan Andrés Guerrero Saade (aka JAGS), principal researcher at SentinelOne and Adjunct Professor of Strategic Studies at Johns Hopkins School of Advanced International Studies (SAIS). JAGS takes us on an exciting and educational ride through his research efforts on Moonlight Maze, one of the first widely known cyber espionage campaigns in world history, and how he came to be a featured hologram in the International Spy Museum in Washington, D.C. He also shares insights on the epic trolling endeavor through the recent “Meteor Express” wiper attack of an Iranian railway and possible ties to early versions of Stardust and Comet malware. And you won’t want to miss his perspective on monetization, Linux flying below the radar, why it’s important to get more savvy in determining what you want from vendors and how a philosophy major found his way into the threat intel space.

    For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e269

  • Buckle up for this week’s episode because it is quite a ride! Greg Crabb, founder of TenEight Cyber and former CISO for the United States Postal Service shares insights from his more than 25 years in law enforcement and bringing cyber criminals to justice. And hear perspective on CISO best practices for a 630k+ employee organization with 43k facilities and 160 million daily delivery points and how he took a 40 person cyber team to 600 in just a few years. Also learn how his team partnered with CISA to secure the 2020 U.S. election, how postal inspectors serve as first responders (hint: anthrax vs cornstarch), the importance of identifying and quantifying risk for your organization today and the DevSecOps opportunity ahead. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e268

  • This week Leonard Bailey, Head of Computer Crime and Intellectual Property Section’s (CCIPS) Cybersecurity Unit for the Department of Justice (DOJ), Criminal Division, joins us this week. We dive into the role of the DOJ in addressing the vast and ever-changing landscape of cybersecurity. Bailey shares insights on partnering with federal agencies as well as the private sector, navigating information sharing pathways, evolution of incident and cyber threat reporting procedures, and the recent release of the Harmonization of Cyber Incident Reporting to the Federal Government. He also helps debunk information sharing myths and spotlights available tools and benefits of cyber threat information disclosure.

    Leonard Bailey

    The Head of Computer Crime and Intellectual Property Section’s (CCIPS) Cybersecurity Unit and Special Counsel for National Security in the Department of Justice’s (DOJ) Criminal Division. He has prosecuted computer crime cases and routinely advised on cybersecurity, searching and seizing electronic evidence, and conducting electronic surveillance. He has managed DOJ cyber-policy as Senior Counselor to the Assistant Attorney General for the National Security Division and then as an Associate Deputy Attorney General. He has also served as Special Counsel and Special Investigative Counsel for DOJ’s Inspector General. Bailey is a graduate of Yale University and Yale Law School. He has taught law courses at Georgetown Law School and Columbus School of Law in Washington, DC.


    For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e267

  • Stacy is a self starter with a passion for cyber security. Co-Founder of Connected Transport Business Unit at Irdeto. Evangelist and active speaker on cyber security for the connected transportation space. Strong and demonstrated Stacy Janes, Head of Security at Waymo

    technical history in cyber security areas such as PKI, authentication/authorization, end-point security and ethical hacking. Proven history of building teams to solve difficult industry problems.

    For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e266

  • This week we welcome guest Combiz Abdolrahimi, a national security lawyer and Emerging Technology and Innovation Leader at Deloitte. We deep dive into today’s critical infrastructure vulnerabilities and navigating the path forward to address the threat with systems that weren’t originally designed with cybersecurity in mind. (Hint: don’t approach 21st century cyber challenges with 20th century thinking) And he shares perspective from his time in government at the U.S. Departments of State, Treasury, and Commerce, among others, as well as insights across today’s hot topic themes including ransomware, cryptocurrency regulations, international enforcement, and the criticality of information sharing and reporting requirements.

    For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e265

  • We’re excited to welcome to the podcast David Travers, Director of the Water Infrastructure and Cyber Resilience Division at the U.S. Environmental Protection Agency (USEPA). During our discussion he addresses key themes including, why are water infrastructure systems targeted by ransomware; how cyberattacks on water systems impact the surrounding community; and the role of cyber hygiene in protecting water systems. He also shares what we like to call an “origin story” for the sometimes-winding career pathways that lead to awesome opportunities to make a positive impact on communities at large. Water impacts all of us and you won’t want to miss any of the many insights David shares with us!

    Dr. David Travers, director of the Environmental Protection Agency’s Water Security Division

    Director of EPA’s Water Security Division in the Office of Water, Dr. Travers manages a team of engineers and scientists in providing tools, training, and direct technical assistance to the 152,000 drinking water systems and 16,000 wastewater systems in the US. Each year, the Water Security Division trains over 5,000 water/wastewater utilities, state/tribal officials, and federal emergency responders to become more resilient to any natural or manmade incident—including cyberattacks, climate change, hurricanes, drought—that could endanger water and wastewater services. Prior to David’s current role, he directed the Drinking Water Infrastructure Survey which assessed the current and future capital investments needs of drinking water systems. David has a PhD in environmental engineering and a Master of Public Health from the University of Michigan, and a Bachelor’s in History from the University of Chicago

    For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e263

  • We’re excited to welcome to the podcast Lauren Zabierek, Senior Policy Advisor to the Cybersecurity and Infrastructure Security Agency (CISA). She deep dives into CISA’s Secure by Design principles and approaches for secure by design software launched in April 2023 - with version two published on October 17, 2023. Lauren shares insights on the path to creation of CISA’s Secure by Design principles and how this ‘living document’ will continue to evolve in the dynamic and ever-changing landscape that is cybersecurity. We also discuss the global collaboration and interest in co-sealing the Secure by Design guidance across a multitude of international cybersecurity agencies - and moving forward this ‘need we can all agree on’. And it wouldn’t be To The Point podcast episode without Lauren’s awesome origin story and career pathway to today, including co-founding the online social media movement #ShareTheMicInCyber. You don’t want to miss this episode!

    Lauren Zabierek, Senior Policy Advisor and Lead Expert in Secure-by-Design at the Cybersecurity and Infrastructure Security Agency (CISA)

    In January 2023, Lauren Zabierek was named a Senior Policy Advisor to the Cybersecurity and Infrastructure Security Agency. Previously, she was the Executive Director of the Cyber Project at Harvard Kennedy School’s Belfer Center. She came to this role as a 2019 graduate of the Kennedy School's mid-career MPA program. Her work focused on strategic, national security issues in cyber and tech--ranging from international conflict, cooperation, and norms to domestic collaboration, diversity, privacy, and supply chain issues. She was also the first woman participant in the Elbe Group discussions on cybersecurity, having been a part of the cyber-focused dialogue in 2019 in Stockholm, Sweden and again in 2021 virtually.

    Lauren is the co-founder of the online social media movement called #ShareTheMicInCyber, which aims to dismantle racism in cybersecurity and privacy. #ShareTheMicInCyber started as an online conversation on Twitter and LinkedIn but has become so much more--it is breaking down barriers in the cyber industry through individual and collective action. Since its inception, the movement has garnered over 100 million Twitter impressions and featured participation by the nation's cyber leaders.



    For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e262

  • This week we are joined by Kenneth Bible, the Chief Information Security Officer (CISO) for the DHS Office of the Chief Information Officer (OCIO). He breaks down the National Cybersecurity Strategy Implementation Plan (NCSIP) introduced in July and provides great insights on how the plan was developed, the five key pillars of the plan, actioning each of the five elements, and the role government agencies have to play in executing against the plan and its 65 initiatives. He also provides perspective on international collaboration and partnership in achieving shared goals with the U.S. and how this will help “all boats rise” in strengthening cybersecurity across regions. And he shares what Audra likes to call one’s “origin story” on the career path that led to cybersecurity. Lots of valuable insights this week you won’t want to miss!

    Chief Information Security Officer (CISO) for the DHS Office of the Chief Information Officer (OCIO)

    Kenneth W. Bible serves as the Chief Information Security Officer (CISO) for the DHS Office of the Chief Information Officer (OCIO). In this role, he is responsible for all matters relating to information and securing and strengthening the Department’s information security program and information technology (IT) posture. Prior to his current role, Mr. Bible served under the Headquarters Marine Corps Deputy Commandant for Information (DCI) as the Assistant Director for the Information Command, Control, Communications, and Computers Division (IC4). In this capacity, he also served as the Marine Corps’ Deputy Chief Information Officer and CISO, formulating and providing broad policy guidance for IT, cybersecurity, and communications infrastructure and applications. Among his many accomplishments, he delivered ADVANA, the U.S. Department of Defense’s single authoritative source for audit and business data analytics, and led Risk Management Framework reform across the Marine Corps by guiding production of the first fully accredited secure software development (DevSecOps) pipelines. Previously, Mr. Bible served with the Space and Naval Warfare Systems Command (SPAWAR) for almost two decades, starting as a lead engineer integrating commercial Geospatial Information Systems technology, then heading the Networks Engineering Division of the SPAWAR Systems Center Atlantic. He later became the Assistant Program Executive Officer (Engineering) for PEO Enterprise Information Systems, serving as the PEO’s chief engineer as assigned by SPAWAR headquarters.



    For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e261

  • Dr. Siwei Lyu, SUNY Empire Innovation Professor at the University at Buffalo
    Dr. Siwei Lyu received his B.S. degree (Information Science) in 1997 and his M.S. degree (Computer Science) in 2000, both from Peking University, China. He received his Ph.D. degree in Computer Science from Dartmouth College in 2005. From 1998 to 2000, he worked at the Founder Research and Development Center (Beijing, China) as a Software Engineer. From 2000 to 2001, he worked at Microsoft Research Asia (then Microsoft Research China) as an Assistant Researcher. From 2005 to 2008, he was a Post-Doctoral Research Associate at the Howard Hughes Medical Institute and the Center for Neural Science of New York University. Starting in 2008, he is Assistant Professor at the Computer Science Department of University at Albany, State University of New York. Dr. Lyu is the recipient of the Alumni Thesis Award of Dartmouth College in 2005, IEEE Signal Processing Society Best Paper Award in 2010, and the NSF CAREER Award in 2010. He has authored one book, and held two U.S. and one E.U. patents. He has published more than 50 conference and journal papers in the research fields of natural image statistics, digital image forensics, machine learning and computer vision.

    For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e260

  • This week we deep dive into privacy with Mozilla Foundation’s Privacy Not Included content creator Zoë MacDonald. She shares fascinating insights from the deep research the *Privacy Not Included team undertakes to assess just how private is your data when using popular apps, driving in your connected car, etc. It was quite eye opening just how little privacy there is for connected car owners – giving up all kinds of privacy in the name of modern convenience. In fact, Zoë breaks down how and why all of the 26 car brands researched earner the *Privacy Not Included label. (Hint: that’s not a great thing.) She also shares some insights how Privacy Not Included got started in 2017 and the awesome buying guides they’ve been putting out to help everyone learn more about protecting their privacy with the products and services they use every day. Check out http://privacynotincluded.org to learn more!

    Zoe MacDonald, Content Creator, Privacy Not Included at Mozilla

    Zoë is a writer and digital strategist based in Toronto, Canada. Before her passion for digital rights led her to Mozilla and *Privacy Not Included, she wrote about cybersecurity and e-commerce. When she’s not being a privacy nerd at work, she’s side-eyeing smart devices at home.

    For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e259

  • We’re excited to welcome back to the podcast global security expert, speaker and author Mikko Hypponen who currently serves as Chief Research Officer at WithSecure. We dive into his book “If It’s Smart, It’s Vulnerable” and how cybersecurity has evolved and changed in the last year since it was published. He also shines a light on the ever-present topic of AI – the opportunity, risks, emerging regulations, deepfakes, geopolitical attack capabilities and so much more! And we talk about his road to cyber (more than 30 years!) and the spark of an article from 1983 on AI. Another great episode from Mikko you won’t want to miss!

    Mikko Hypponen, Chief Research Officer, WithSecure

    Mikko Hypponen is a global security expert, speaker and author. He works as the Chief Research Officer at WithSecure and as the Principal Research Advisor at F-Secure. Mr. Hypponen has written on his research for the New York Times, Wired and Scientific American and he appears frequently on international TV. He has lectured at the universities of Stanford, Oxford and Cambridge. He was selected among the 50 most important people on the web by the PC World magazine and was included in the FP Global 100 Thinkers list. Mr. Hypponen sits in the advisory boards of t2 and Safeguard Cyber.

    For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e258