The Security Podcast of Silicon Valley

In this episode of a YSecurity.io production, we have the pleasure of speaking with Biff W. Clark, the Managing Partner and Cyber Security Consultant of Coefficient Technologies LLC. With an impressive career spanning over 25 years in sales and sales leadership, including 15 years dedicated to consulting on information technology and cyber security solutions, Biff brings a wealth of knowledge and experience to the conversation.

Biff shares his journey from obtaining a BA in Business Management from Midland University to earning an MS in Cyber Security, Cyber Operations from Utica College. His passion for cyber security is matched only by his commitment to community and education, as evidenced by his roles with The Hidden Genius Project, Mindblown Labs, and Telescopic Ventures. Biff discusses the importance of mentoring the next generation, particularly black male youth, in technology, leadership, and entrepreneurship.

Listeners will gain insights into the evolving landscape of cyber security, the challenges businesses face in protecting their digital assets, and the innovative solutions that can help mitigate these risks. Biff's experience in selling and consulting provides a unique perspective on how companies can navigate the complex world of information security.

In addition to his professional achievements, Biff's involvement in non-profits and advisory roles highlights the intersection of technology, education, and social impact. He speaks on the significance of financial education through gamification and the potential of emerging technologies to transform industries and societies.

Join us in this YSecurity.io production for an inspiring and informative discussion with Biff W. Clark. Whether you're a cyber security professional, a technology enthusiast, or someone interested in the broader implications of digital security on society, this episode offers a comprehensive look at the challenges and opportunities in the field, underscored by Biff's dedication to making a difference both within and beyond the cyber security community.

Listeners interested in learning more about Biff's work or reaching out for consulting services can contact him at bwclark@coefficient.us. This episode is a must-listen for anyone looking to deepen their understanding of cyber security's current state and future directions, all through the lens of a seasoned expert and community leader.

Join us for an engaging episode of a YSecurity.io production featuring Paul Nguyen, the Co-Founder and Co-CEO of Permiso Security. Paul brings a wealth of knowledge and innovative insights from his journey in the cybersecurity industry, particularly in enhancing security posture and protecting against evolving threats.

In this conversation, Paul shares the story behind founding Permiso Security, highlighting the challenges and opportunities that led to the creation of a company dedicated to redefining how businesses approach their cybersecurity strategies. With a focus on leveraging cutting-edge technologies and methodologies, Paul discusses Permiso Security's mission to empower organizations with comprehensive insights and controls to navigate the complex digital landscape securely.

Listeners will dive into the nuances of building a cybersecurity startup, from identifying market needs to developing solutions that address the sophisticated tactics employed by modern threat actors. Paul also sheds light on the importance of fostering a culture of security awareness and resilience, emphasizing the role of leadership in cultivating environments where security is prioritized and integrated into every aspect of business operations.

Moreover, Paul offers his perspective on the future of cybersecurity, including emerging trends and how companies can stay ahead of threats by adopting proactive and intelligence-driven security measures. His insights provide valuable guidance for businesses of all sizes looking to enhance their security posture in an increasingly interconnected world.

Tune into this YSecurity.io production for a fascinating discussion with Paul Nguyen. Whether you're a cybersecurity professional, business leader, or tech enthusiast, this episode offers a deep dive into the strategies and innovations shaping the future of security. Join us as we explore the journey of Permiso Security and the vision driving its mission to protect and empower the digital enterprise.

In this insightful episode of a YSecurity.io production, we're joined by Dan Sherry, Founder and CEO, and Grace Chi, Co-Founder and COO, of Pulsedive, for an in-depth discussion on the pivotal role of Threat Intelligence in today's cybersecurity landscape. Dan and Grace share their journey of building Pulsedive, a platform dedicated to simplifying complex data problems in security and the instrumental role of community feedback in shaping their solutions.

The conversation kicks off with Dan and Grace explaining the genesis of Pulsedive and their mission to make Threat Intelligence accessible and actionable for organizations of all sizes. They delve into the challenges businesses face in understanding and leveraging threat data, emphasizing how Pulsedive's innovative approach transforms overwhelming data streams into clear, concise insights.

Listeners will gain an understanding of the nuances of Threat Intelligence, including how it can proactively protect against emerging threats and inform strategic security decisions. Dan and Grace highlight the importance of community-driven development, sharing how user feedback and collaboration have been crucial in refining Pulsedive's offerings to meet the evolving needs of the cybersecurity community.

Moreover, the discussion explores the balance between automation and human expertise in analyzing threat data, the significance of a dynamic and adaptive security posture, and how Pulsedive is contributing to a more secure digital ecosystem through education and empowerment.

Join us on this YSecurity.io production for a compelling conversation with Dan Sherry and Grace Chi. Whether you're a cybersecurity professional seeking to enhance your organization's defense mechanisms, a technology enthusiast curious about the latest trends in Threat Intelligence, or someone interested in the intersection of community collaboration and security innovation, this episode provides valuable insights into making complex data problems simple and the critical role of community feedback in achieving security success.

Tune in to explore how Pulsedive is leading the charge in demystifying Threat Intelligence and shaping the future of cybersecurity through community-driven innovation.

Dive into the intersection of cybersecurity, military discipline, and endurance sports in this episode of a YSecurity.io production featuring Robert Rounsavall, Co-Founder and President of Trapezoid Inc. Robert's journey from a childhood fascination with security, through a distinguished military career, to leading innovation in firmware security, provides a compelling narrative of resilience, innovation, and leadership.

In this interview, Robert shares pivotal experiences from his youth that sparked his interest in security, laying the foundation for a career that spans both the high-stakes worlds of military operations and cutting-edge technology. His insights into the challenges and rewards of working in security architecture, particularly within large datacenter and cloud provider spaces, highlight the complexities of protecting digital infrastructure at scale.

Robert's military background as a Navy Crypto-Linguist Chief Petty Officer, combined with his leadership in incident response for enterprise and federal government organizations, showcases the depth of his expertise and the breadth of his impact on national security. His contributions extend beyond operations, as evidenced by his patent for a large-scale network security system, authorship in the Computer and Information Security Handbook, and involvement in key industry initiatives like the Open Data Center Alliance.

Drawing an intriguing parallel between the perseverance required in startups, security, and Ultramarathon running, Robert offers a unique perspective on the endurance, determination, and strategic thinking that define success in each of these domains. This comparison not only sheds light on his personal philosophy but also serves as inspiration for professionals navigating the long-distance challenges of the cybersecurity field.

Listeners will gain not only an appreciation for the technical intricacies of firmware security and cloud computing but also a deeper understanding of the leadership qualities that drive innovation and resilience in the face of evolving threats.

Join us for an engaging and insightful conversation with Robert Rounsavall. Whether you're a cybersecurity enthusiast, a veteran, an aspiring leader, or someone intrigued by the parallels between physical and cyber endurance, this episode offers a rich exploration of the skills and mindset required to excel in both the digital and physical arenas.

In this compelling episode of a YSecurity.io production, Michael Malone, the visionary Founder and CEO of SmallStep, takes us on a deep dive into the critical realms of Identity, Certificates, X.509, and Authentication. Michael unfolds the journey of SmallStep, from its initial focus on Authorization to its strategic pivot towards Authentication, highlighting the evolutionary path of the company and its contribution to enhancing digital security.

Michael recounts the origins of SmallStep, sharing the story of its humble beginnings and the pivotal moments that led to its reorientation towards Authentication. This shift underscores the dynamic nature of the cybersecurity landscape and SmallStep's agile response to emerging needs and challenges.

Beyond the technicalities of digital security, Michael delves into his underlying philosophy of hiring, work ethics, and business development. He emphasizes the importance of assembling a team that not only possesses the requisite technical skills but also shares a common vision and commitment to advancing cybersecurity solutions. Michael's pragmatic approach to building a business is rooted in a clear understanding of the market, customer needs, and the continuous pursuit of innovation.

Listeners will gain insights into the complexities of managing digital identities and the critical role of certificates and authentication mechanisms in securing online interactions. Michael's expertise sheds light on the significance of robust authentication processes and the ways in which SmallStep is contributing to a more secure digital future, one small step at a time.

Join us for an engaging and enlightening conversation with Michael Malone. Whether you're a cybersecurity professional, a technology enthusiast, or someone interested in the intricacies of digital identity management, this episode offers a comprehensive look into the challenges and solutions at the forefront of securing the digital landscape.

Tune in to explore how SmallStep is navigating the cybersecurity ecosystem, the philosophical and practical considerations behind building a tech company, and the steps being taken toward realizing a more secure future for digital identities and transactions.

In this thought-provoking episode of a YSecurity.io production, we're joined by Dylan Ayrey, the Founder and CEO of Truffle Secure, for a deep dive into the transformative power of open-source projects in cybersecurity. Dylan, the brain behind the renowned open-source tool Truffle Hog, shares insights on leveraging open-source projects to forge a more secure, resilient, and transparent digital future.

Dylan begins by addressing the critical task of uncovering secrets hidden within GitHub repositories, including the Git history, and the role of tools like Truffle Hog in mitigating potential security risks. This conversation not only highlights the practical aspects of security in software development but also underscores the broader implications of sensitive data exposure.

Skeptics of open-source projects often question their viability for building real companies or securing software. Dylan challenges this skepticism by illustrating the tangible benefits and successes achieved through open-source initiatives. He delves into the distinction between Community and Open Source, elucidating why these concepts, while overlapping, cater to different aspects of the software development ecosystem.

The discussion then turns to the importance of open-source projects for engineers, particularly those at the onset of their careers. Dylan advocates for the engagement with open-source as a means of skill development, networking, and contributing to the greater good of the tech community. He shares strategies for engineers and advocates within large organizations to champion the development and adoption of open-source projects, highlighting the business and security value these initiatives can bring.

Listeners will be treated to a rich exploration of how open-source projects like Truffle Hog are instrumental in advancing security practices and fostering a culture of collaboration and transparency in the tech industry. Whether you're an engineer, a cybersecurity professional, or simply interested in the impact of open-source on the future of technology, this episode offers compelling reasons to engage with and support open-source initiatives.

Join us for an enlightening conversation with Dylan Ayrey on the pivotal role of open-source in shaping a more secure digital landscape. Tune in to understand the nuances of discovering hidden risks in code, the symbiotic relationship between open-source and community, and how early career engagement with open-source projects can propel both personal growth and industry-wide advancements.

In this deeply insightful episode of a YSecurity.io production, we are honored to have Fredrick Lee ("Flee"), the Chief Security Officer at Gusto, share his experiences and the profound impact of diversity on building engineering and security teams. Flee's journey from his childhood, through his formative years at a boarding school in the deep south, to his role as a leading figure in cybersecurity, is not only inspiring but also illuminates the critical role diversity plays in fostering innovation and resilience.

Flee recounts his early fascination with computers and his discovery of the hacker magazine 2600, which opened a new world of security challenges and opportunities. Inspired by pioneers like John Lee (John Threat), Flee's narrative is a testament to the power of representation and the importance of diverse role models in the tech space. His journey is a reflection of how a community of diverse outcasts, connected by their passion for computing, can shape one's path in cybersecurity.

The conversation then shifts to the core of diversity's value in engineering and security teams. Flee articulates why building diverse teams is not just a social imperative but a technical necessity. He explains how diversity brings a multitude of perspectives that enhance problem-solving and innovation, leading to more resilient teams and products. Flee argues that the varied experiences and backgrounds of a diverse team contribute to a richer understanding of security challenges and more creative solutions.

Collaboration and open-source are highlighted as vital components of the security community, promoting a culture of sharing and collective growth. Flee shares how these practices have been instrumental in his work and the broader cybersecurity landscape, enhancing the community's ability to respond to threats and vulnerabilities effectively.

One of the most poignant moments of the interview comes when Flee describes his best days as the CSO at Gusto, particularly in the wake of George Floyd's murder. He reflects on the significance of empathy, leadership, and the responsibility of organizations to not only acknowledge societal issues but to actively contribute to positive change.

Join us for an unforgettable conversation with Fredrick Lee on the indispensable role of diversity in building effective, resilient, and innovative security teams. Whether you're in the cybersecurity field, passionate about diversity and inclusion, or interested in the intersection of social justice and technology, this episode offers invaluable insights into the power of diversity as both a moral and technical imperative for the future of tech.

In this thought-provoking episode of a YSecurity.io production, we welcome Michael Brooks, the Chief Information Security Officer at Trava, to dissect the complex world of cyber risk, ransomware attacks, business preparedness, and risk management strategies. Michael brings a wealth of knowledge and experience, offering deep insights into the foundational challenges and strategic imperatives of cybersecurity.

At the heart of our discussion is the critical importance of data security. Michael prompts us to consider the intrinsic value of our data, urging businesses to reflect on whether they can operate without certain datasets. This perspective shifts the conversation from theoretical security measures to practical, business-critical imperatives. It's not just about protecting data for the sake of compliance or fear of breaches, but recognizing data as the lifeblood of modern business operations.

Michael delves into the anatomy of ransomware attacks, shedding light on the tactics used by attackers and the vulnerabilities they exploit. He emphasizes the need for businesses to not only fortify their defenses but also to cultivate a deep understanding of their risk profile. This involves identifying which data sets are vital for business continuity and ensuring they are adequately protected against potential threats.

The conversation also explores the broader landscape of cyber risk management, highlighting the importance of preparedness and resilience. Michael shares strategies for businesses to assess their vulnerabilities, implement robust security protocols, and develop incident response plans. He stresses that risk management is not a one-size-fits-all solution but requires a tailored approach that aligns with the unique needs and risk tolerance of each organization.

Listeners will gain practical advice on enhancing their cybersecurity posture, from the technicalities of safeguarding against ransomware to the nuances of cyber risk management. Michael's insights underscore the significance of understanding the value of data and the critical role it plays in determining security priorities.

Join us for an engaging and enlightening conversation with Michael Brooks on navigating the complexities of cyber risk and the pivotal steps businesses can take to ensure their data—and by extension, their operations—are secure. Whether you're a cybersecurity professional, a business leader, or simply interested in the dynamics of digital security, this episode offers valuable perspectives on protecting what matters most in the digital age.

In this episode of a YSecurity.io production, we sit down with Prakash Darji, General Manager of the Digital Experience Business Unit at Pure Storage, for an insightful conversation about the evolving landscape of storage and security. Prakash brings a wealth of knowledge and experience to the table, offering a glimpse into the future of these critical technology sectors as envisioned by one of the industry's leaders.

The discussion kicks off with an exploration of Pure Storage's strategic acquisition of Portworx, a move that underscores the company's commitment to leading in the storage and security domains. Prakash elaborates on how this acquisition enhances Pure Storage's offerings, particularly in addressing the complex needs of containerized applications and cloud-native technologies, which are at the forefront of digital transformation efforts across industries.

Prakash then delves into the pressing issue of ransomware, sharing valuable insights into how businesses can bolster their defenses and recover quickly from such attacks. He emphasizes the importance of resilience and preparedness, highlighting innovative solutions and best practices that Pure Storage offers to help organizations mitigate risks and minimize the impact of security breaches.

Listeners will be treated to Prakash's forward-looking perspectives on the future of storage and security. He discusses emerging trends, the increasing integration of AI and machine learning technologies, and the critical role of advanced storage solutions in securing and managing the exponentially growing volumes of data generated by modern digital activities.

This conversation is not just about understanding the current state of storage and security; it's an invitation to think about the future possibilities and the strategic moves companies like Pure Storage are making to address the challenges and opportunities ahead.

Join us for a lively and informative discussion with Prakash Darji on the future of storage and security. Whether you're a tech enthusiast, a professional in the IT sector, or someone keen on understanding the directions in which these essential technology pillars are heading, this episode offers a comprehensive overview of what lies on the horizon.

Join me for an interview with Leigh Honeywell. As founder and CEO of Tall Poppy, she's building tools and services to help companies protect their employees from online harassment and abuse.

Together, we share many vulnerable and authentic moments as we explore online harassment, abuse, and how Tall Poppy helps humans navigate difficult situations while still building a thriving business that makes the web better for all of us.