Senior VP of Cyber Operations at KnowBe4, Rosa Smothers, talks about her career as an early cybersecurity professional in what she describes as the Wild, Wild West to her path through government intelligence work.Rosa shares how she always knew she wanted to be involved with computers and how being a big Star Trek nerd and fan particularly of Spock and Uhura helped shape her direction. Following 9/11, Rosa wanted to work for the government and pursue the bad guys and she did just that completing her bachelor's degree and starting in the Defense Intelligence Agency as a cyber threat analyst focusing on extremist groups. She joined the CIA and worked on things you see in the movies, things that are science fictionesque. Rosa recommends talking with people to get your feet wet to find your passion. We thank Rosa for sharing her story with us.Learn more about your ad choices. Visit megaphone.fm/adchoices
Weitere Episoden von „CyberWire Daily“
![Encore: Rosa Smothers: Secure the planet. [Intelligence] [Career Notes] (1)](data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw== "Encore: Rosa Smothers: Secure the planet. [Intelligence] [Career Notes] (1)")
Encore: Rosa Smothers: Secure the planet. [Intelligence] [Career Notes]vor 13 Stunden7:17Senior VP of Cyber Operations at KnowBe4, Rosa Smothers, talks about her career as an early cybersecurity professional in what she describes as the Wild, Wild West to her path through government intelligence work.Rosa shares how she always knew she wanted to be involved with computers and how being a big Star Trek nerd and fan particularly of Spock and Uhura helped shape her direction. Following 9/11, Rosa wanted to work for the government and pursue the bad guys and she did just that completing her bachelor's degree and starting in the Defense Intelligence Agency as a cyber threat analyst focusing on extremist groups. She joined the CIA and worked on things you see in the movies, things that are science fictionesque. Rosa recommends talking with people to get your feet wet to find your passion. We thank Rosa for sharing her story with us.Learn more about your ad choices. Visit megaphone.fm/adchoicesVerpasse keine Episode von “CyberWire Daily” und abonniere ihn in der kostenlosen GetPodcast App.
- A hacking keeps you humble.vor 2 Tagen38:39Microsoft’s President admits security failures in congressional testimony. Paul Nakasone joins OpenAI’s board. The feds hold their first AI tabletop exercise. CISA reports on the integration of space-based infrastructure. Cleveland city hall remains closed after a cyber attack. Truist commercial bank confirms a data breach. Rockwell Automation patches three high-severity vulnerabilities. University of Illinois researchers develop autonomous AI hacking agents. Arynn Crow, Sr Manager of AWS User Authentication Products, talks with N2K’s Brandon Karpf about security through MFA and FIDO Alliance passkeys, and her work on the Digital Identity Advancement Foundation. Can an AI run for mayor?Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app.Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.CyberWire GuestIn the first of our interviews captured during the AWS re:Inforce event this past week, guest Arynn Crow, Senior Manager of AWS User Authentication Products, talks with N2K’s Brandon Karpf about security through MFA and FIDO Alliance passkeys, and her work on the Digital Identity Advancement Foundation.Selected ReadingMicrosoft Admits Security Failings Allowed China's US Government Hack (Infosecurity Magazine)OpenAI adds Trump-appointed former NSA director Paul M. Nakasone to its board (The Washington Post)CISA leads first tabletop exercise for AI cybersecurity (CyberScoop)New CISA report addresses zero trust in space, boosting security for satellites and ground infrastructure (Industrial Cyber)CISA adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog (Security Affairs)Insurance giant Globe Life investigating web portal breach (Bleeping Computer)Cleveland remains paralyzed by cyberattack (News 5 Cleveland)Truist Bank confirms breach after stolen data shows up on hacking forum (Bleeping Computer)Rockwell Automation Patches High-Severity Vulnerabilities in FactoryTalk View SE (SecurityWeek)Researchers at the University of Illinois have developed AI Agents that can Autonomously Hack Websites and Find Zero-Day Vulnerabilities (MarkTechPost)Wyoming mayoral candidate wants to govern by AI bot (Ars Technica) Share your feedback.We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.Want to hear your company in the show?You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [emailprotected] to request more info.The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.Learn more about your ad choices. Visit megaphone.fm/adchoices
- Whistleblower warns of profit over protection.vor 3 Tagen34:17A whistleblower claims that Microsoft prioritized profit over security. U.S. warnings of global election interference continue to rise. Cyber insurance claims hit record levels. Location tracking firm Tile suffers a data breach. A new phishing kit creates Progressive Web Apps. Questioning the government’s cyber silence. On today’s Threat Vector segment, host David Moulton, Director of Thought Leadership at Unit 42, is joined by Data Privacy Attorney Daniel Rosenzweig. Together, they unravel the complexities of aligning data privacy and cybersecurity laws with technological advancements. AI powered cheating lands one student in hot water.Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app.Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.Threat Vector SegmentIn this segment of Threat Vector, host David Moulton, Director of Thought Leadership at Unit 42, is joined by Data Privacy Attorney Daniel Rosenzweig. Together, they unravel the complexities of aligning data privacy and cybersecurity laws with technological advancements. Daniel shares his insights on the critical partnership between legal and tech teams.To hear David and Daniel’s full conversation and learn how a deep understanding of both legal and tech realms can empower businesses to navigate evolving legal frameworks, particularly in light of emerging AI technologies, listen here. Check out Threat Vector every other Thursday in your favorite podcast app.The information provided on this segment is not intended to constitute legal advice. All information presented is for general informational purposes only. The information contained may not constitute the most update, legal or interpretative compliance guidance. Contact your own attorney to obtain advice with respect to any particular legal matter.Selected ReadingMicrosoft Chose Profit Over Security and Left U.S. Government Vulnerable to Russian Hack, Whistleblower Says (ProPublica)Microsoft president to testify about security lapses (IT News)Spy agencies’ foreign influence hub says it is issuing more private warnings (The Record)Cyber Insurance Claims Hit Record High in North America (Infosecurity Magazine)Hacker Accesses Internal ‘Tile’ Tool That Provides Location Data to Cops (404 Media)New phishing toolkit uses PWAs to steal login credentials (Bleeping Computer)Microsoft’s Recall puts the Biden administration’s cyber credibility on the line (CyberScoop)Turkish student creates custom AI device for cheating university exam, gets arrested (Ars Technica)Share your feedback.We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.Want to hear your company in the show?You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [emailprotected] to request more info.The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.Learn more about your ad choices. Visit megaphone.fm/adchoices
- COATHANGER isn’t hanging up just quite yet.12.6.202431:22Dutch military intelligence warns of the Chinese Coathanger RAT. Pure Storage joins the growing list of Snowflake victims. JetBrains patches a GitHub IDE vulnerability. A data broker hits the brakes on selling driver location data. Flaws in VLC Media player allow remote code execution. Patch Tuesday updates. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey, taking on Domain 8, Software Development Security. Farewell, computer engineering legend Lynn Conway.Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app.Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.Learning LayerOn our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey using N2K’s comprehensive CISSP training course, CISSP practice test, and CISSP practice labs. Sam and Joe take on Domain 8, Software Development Security, and tackle the following question:At which step of the SDLC should security considerations be first integrated?Functional requirements definingProject initiation and planningTesting and evaluation controlSystem design specificationSelected ReadingDutch intelligence says Chinese hacking campaign ‘more extensive’ than previously known (The Record)Pure Storage confirms data breach after Snowflake account hack (Bleeping Computer)Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051) (Help Net Security)GitHub phishing campaign wipes repos, extorts victims (SC Magazine)Data broker shuts down product related to driver behavior patterns (The Record)VLC Media Player Vulnerabilities Allow Remote Code Execution (Cyber Security News)Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs (Bleeping Computer)ICS Patch Tuesday: Advisories Published by Siemens, Schneider Electric, Aveva, CISA (SecurityWeek)Column: Lynn Conway, leading computer scientist and transgender pioneer, dies at 85 (LA Times)Share your feedback.We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.Want to hear your company in the show?You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [emailprotected] to request more info.The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.Learn more about your ad choices. Visit megaphone.fm/adchoices
- Hijacking your heritage.11.6.202433:5023andMe’s looming bankruptcy could pause class-action privacy lawsuits. The FCC focuses on BGP. The White House looks to big tech to help secure rural hospitals. Cylance confirms a data breach. Arm warns of GPU kernel driver vulnerabilities. The world's largest law firm faces class action over the MOVEit hack. SAP releases high priority patches. Apple redefines AI - literally - and offers up Private Cloud Compute at their developer’s conference. Guest Chris Novak, Senior Director of Cyber Security Consulting at Verizon, shares highlights and key takeaways of their recently published 2024 Data Breach Investigations Report (DBIR). Share your love — but not your passwords.Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app.Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.CyberWire GuestGuest Chris Novak, Senior Director of Cyber Security Consulting at Verizon, shares highlights and key takeaways of their recently published 2024 Data Breach Investigations Report (DBIR).Selected ReadingUK and Canada Launch Joint Probe Into 23andMe Breach While District Judge Says Bankruptcy Is Imminent (Metacurity)FCC Advances BGP Security Rules for Broadband Providers (bankinfosecurity)White House enlists Microsoft, Google for rural hospital cyberdefense (Beckers Health IT)Cylance confirms data breach linked to 'third-party' platform (bleepingcomputer)Arm warns of actively exploited flaw in Mali GPU kernel drivers (bleepingcomputer)Law firm Kirkland sued in class action over MOVEit data breach (Reuters)SAP Patches High-Severity Vulnerabilities in Financial Consolidation, NetWeaver (SecurityWeek)Here's how Apple's keeping your cloud-processed AI data safe (and why it matters) (ZDNET)When things go wrong: A digital sharing warning for couples (Malwarebytes)Share your feedback.We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.Want to hear your company in the show?You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [emailprotected] to request more info.The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.Learn more about your ad choices. Visit megaphone.fm/adchoices
- Rethinking recalls.10.6.202436:53Microsoft makes Recall opt-in. The Senate holds hearings on federal cybersecurity standards. Snowflake’s scrutiny snowballs. New York Times source code is leaked online. Ransomware leads to British hospitals' desperate need for blood donors. Cisco Talos finds 15 serious vulnerabilities in PLCs. Sticky Werewolf targets Russia and Belarus. Frontier Communications warns 750,000 customers of a data breach. Chinese nationals get prison time in Zambia for cybercrimes. N2K’s CSO Rick Howard speaks with Danielle Ruderman, Security GTM Leader, AWS about what keeps CISOs up at night. DIY cell towers can land you in hot water.Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app.Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.CyberWire GuestN2K’s CSO Rick Howard speaks with Danielle Ruderman, Security GTM Leader, AWS about what keeps CISOs up at night and learnings from AWS CISO Circles. Today, our team is at the AWS re:Inforce this week. Stay tuned for our coverage.Selected ReadingWindows won’t take screenshots of everything you do after all — unless you opt in (The Verge)US Senate Committee holds hearing on harmonizing federal cybersecurity standards to address business challenges (Industrial Cyber)What Snowflake isn't saying about its customer data breaches (TechCrunch)New York Times source code stolen using exposed GitHub token (Bleeping Computer)London Hospitals Seek Biologics Backup After Ransomware Hit (GovInfo Security)Cisco Finds 15 Vulnerabilities in AutomationDirect PLCs (SecurityWeek)Sticky Werewolf targets the aviation industry in Russia and Belarus (Security Affairs)Frontier warns 750,000 of a data breach after extortion threats (Bleeping Computer)22 Chinese Nationals Sentenced to Long Prison Terms in Zambia for Multinational Cybercrimes (SecurityWeek)Two arrested in UK over fake cell tower smishing campaign (The Register)Share your feedback.We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.Want to hear your company in the show?You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [emailprotected] to request more info.The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.Learn more about your ad choices. Visit megaphone.fm/adchoices
- Encore: Geoff White: Suddenly all of the pieces start to line up. [Journalism] [Career Notes]9.6.20248:01Investigative journalist and author Geoff Whitetalks about tracing a line through the dots of his career covering technology. Geoff shares that he has always been "quite geeky," but came to covering technology after several roles in the journalism industry. Newspapers, magazines and television were all media Geoff worked in before covering technology. Geoff got into journalism not due to the glamour sometimes associated with it, but because he wanted to fight for the public to cover stories that helped those who didn't have massive amounts of money, power or a huge lobbying campaign in political circles. When writing his book, Crime Dot Com, Geoff reflected on the cybercrime and cybersecurity stories he's covered and saw how things started falling into place. Our thanks to Geoff for sharing his story with us.Learn more about your ad choices. Visit megaphone.fm/adchoices
- Riding the hype for new Arc browser. [Rsearch Saturday]8.6.202427:51Jérôme Segura, Senior Director of Threat Intelligence at Malwarebytes, is discussing their work on "Threat actors ride the hype for newly released Arc browser." The Arc browser, newly released for Windows, has quickly garnered positive reviews but has also attracted cybercriminals who are using deceptive Google search ads to distribute malware disguised as the browser.These malicious campaigns exploit the hype around Arc, using techniques like embedding malware in image files and utilizing the MEGA cloud platform for command and control, highlighting the need for caution with sponsored search results and the effectiveness of Endpoint Detection and Response (EDR) systems.The research can be found here:Threat actors ride the hype for newly released Arc browserLearn more about your ad choices. Visit megaphone.fm/adchoices
- A snapshot of security woes.7.6.202432:00Microsoft's recall raises red flags. SolarWinds fixes flaws unearthed by NATO. Ukraine's CERT sounds alarm. Russian hacktivists cause trouble in EU elections. DEVCORE uncovers critical code execution flaw. LastPass leaves users locked out. Apple commits to five years of iPhone security. An AI mail fail. Inside the FCC's plan to strengthen BGP protocol. Dave sits down with our guest Camille Stewart Gloster, Former Deputy National Cyber Director at the White House, as she shares a retrospective of her public service career. And let’s all Cheers to cybersecurity.Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app.Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.CyberWire GuestGuest Camille Stewart Gloster, Former Deputy National Cyber Director at the White House, shares a retrospective of her public service career. Camille’s full conversation with Dave can be found on our weekly cybersecurity law, policy and privacy podcast, Caveat. You can listen to it here.Selected ReadingMicrosoft’s Recall Feature Is Even More Hackable Than You Thought (WIRED)Microsoft Research scientist gives non-answer when asked about Windows Recall privacy concerns (TechSpot)TotalRecall: A New Tool that Extracts Data From Windows 11 Recall Feature (Cyber Security News)Exclusive: Senators express "serious concern" with Pentagon's Microsoft plan (Axios)SolarWinds Patches High-Severity Vulnerability Reported by NATO Pentester (SecurityWeek)UAC-0020 used SPECTR Malware to target Ukraine defense forces (Security Affairs)Russian hacktivists vow mass attacks against EU elections (The Register)Ransomware Actor Exploited CoinMiner Attacker's Proxy Server (Cyber Security News)Critical PHP Remote Code Execution Flaw let Attackers Inject Malicious Scripts (Cyber Security News)Users furious after LastPass down for hours (Cybernews)Apple Says iPhones Will Get Security Updates for at Least 5 Years (SecurityWeek)EmailGPT Exposed to Prompt Injection Attacks (Infosecurity Magazine)FCC Proposes BGP Security Reporting for Broadband Providers (SecurityWeek)Unpacking the SEC 10-K cyber disclosures (PwC)Apple set to launch Passwords app, taking on LastPass and 1Password (TechSpot)Wineloader Mimic As Ambassador Of India To Start The Infection Chain (Cyber Security News)Share your feedback.We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.Want to hear your company in the show?You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [emailprotected] to request more info.The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.Learn more about your ad choices. Visit megaphone.fm/adchoices
![Encore: Rosa Smothers: Secure the planet. [Intelligence] [Career Notes] (1)](https://i0.wp.com/getpodcast.com/assets/images/square.png "Encore: Rosa Smothers: Secure the planet. [Intelligence] [Career Notes] (1)")
![Encore: Rosa Smothers: Secure the planet. [Intelligence] [Career Notes] (4)](https://i0.wp.com/getpodcast.com/assets/images/app/ios/de.svg "Encore: Rosa Smothers: Secure the planet. [Intelligence] [Career Notes] (4)")
![Encore: Rosa Smothers: Secure the planet. [Intelligence] [Career Notes] (2024)](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8/h8AAvMB+NzmkbcAAAAASUVORK5CYII=)