Welcome to Cybersecurity Insights and Perspectives

Host Kevin Greene and guest Brian Knapp, industry renowned software developer discuss how speed in DevOps and enormous amount of technical debt impact software development.

Host Kevin Greene and guest Brian Knapp, industry renowned software developer discuss the importance of software engineering in modern software development. Brian discuss the need for “minimalism” in software development to help reduce technical debt, complexity and size of today’s software. Brian shares his thoughts on how organizations approach software development to improve software quality and security.

Host Kevin Greene and guest David Molnar, Computer Science Researcher at Microsoft discuss the importance of Artificial Intelligence (AI) in advancing cyber security practices. David discuss ways organizations can use fuzzing as service on-demand in the Azure Cloud to find critical vulnerabilities in software. David shares his thoughts on how organizations can codify and scale their intuitions into AI for better cyber security capabilities.

Host Kevin Greene and guest Jim Routh, Chief Security Officer at Aetna discuss the importance of developing a software security program designed to help reduce the cost to maintain software by detecting vulnerabilities early in the software development process. Jim discuss key observed software assurance practices and lessons learned from BSIMM that impact improving software security. Jim shares his thoughts on IoT and medical device security in the healthcare industry.

Host Kevin Greene and guest Caroline Wong, Vice President of Security Strategy at Cobalt discuss the challenges organizations face in adopting DevOps practices. Caroline discuss the importance of formulating a security culture and sound security practices for successful DevOps. Caroline draws from her experience with BSIMM as a key maturity model for shaping software assurance and AppSec in DevOps.

Host Kevin Greene and guest Dr. Diana Burley, Cybersecurity Expert and Professor at George Washington University discuss how human and social behaviors impact cybersecurity. Dr. Burley discuss the importance of building and replenishing our cyber workforce through programs like US Cyber Challenge and other activities to enhance cybersecurity skills.

Host Kevin Greene and guest Brian Glas, Director of Strategic Services at nVisium discuss the new changes to the OWASP Top 10. Brian discuss takeaways from the OWASP Global Summit to improve the OWASP Top 10. Learn about the latest changes to the OWASP Top 10.

Host Kevin Greene and guest Brian Glas, Director of Strategic Services at nVisium discuss the community concerns regarding the OWASP Top 10 for 2017. Brian discuss his blog, "Musings on the OWASP Top 10", highlighting some of the major issues with the formulation of the OWASP Top 10.

Host Kevin Greene and guest Ken Modeste, Global Principle Engineer at the Underwriter’s Lab (UL) discuss the status of cyber initiatives underway at the UL for certifying Internet of Things devices. Ken discusses the need to drive good cyber hygiene in products by incorporating secure design principles to reduce the cost to maintain software. Ken also shares ways the community can engage the UL process to help drive adoption.

Host Kevin Greene and guest Steve Marquess, Co-Founder of the OpenSSL Foundation discuss the resource and funding challenges for OpenSSL. In addition, Steve provides updates on the refactored and improved version of OpenSSL 1.1 release

Host Kevin Greene and guest Robert Graham, CEO at Errata Security discuss the growing challenges in security software and the Internet of Things. Graham shares his insights on improving IoT security, the potential impact of software certifications and the role of the community in helping shape the future direction for cyber initiatives. Graham also provides sound advice for establishing minimal security requirements and practices for security software and IoT devices. He discusses the importance of transparency and collaboration for initiatives like the Underwriter’s Lab.

Host Kevin Greene and guest Gavin Reid, vice president of threat Intelligence at Lancope, discuss how federal agencies can improve their threat intelligence, and ways to remove the barriers for information sharing between pubic and private sector. Reid also discusses why detecting lateral movement is so difficult in organizations.

Host Kevin Greene and guest Dr. Ronn Ross of NIST, a fellow at National Institute of Standards and Technology, discuss cybersecurity practices that can improve the way the federal government builds, designs and acquires software systems. Ross shares upcoming improvements federal agencies can expect as part of additions to NIST special publications, in particular NIST 800-53 and NIST 800-160.

Host Kevin Greene and guest Richard Clarke, Chairman and CEO of Good Harbor, discuss the impact of Yahoo’s massive data breach and the growing concern of citizen privacy. Clarke shares his insight on what the government needs to do to protect this nation’s voting and election process. Clarke also provides cybersecurity recommendations that he would like each presidential candidate to address as part of their cybersecurity strategy.

Host Kevin Greene and guest Steve Marquess, Co-Founder of the OpenSSL Foundation, discuss some of the lessons learned from the Heartbleed vulnerability that happened in 2014. Steve shares his insights on moving past Heartbleed, and things the foundation is doing to improve the OpenSSL codebase.