loader from loading.io

Securing the DevOps Pipeline - You Can Do It the Way Intel Does! - with Darren Pulsipher

IoT: The Internet of Threats

Release Date: 06/06/2022

Cybersecurity Ratings: A New Dawn in IoT or Just Another Day? with Larry Pesce, Product Security Research and Analysis Director, Finite State show art Cybersecurity Ratings: A New Dawn in IoT or Just Another Day? with Larry Pesce, Product Security Research and Analysis Director, Finite State

IoT: The Internet of Threats

On this episode of the IoT: The Internet of Threats podcast, host Eric Greenwald and Larry Pesce (Finite State Director of Product Security Research and Analysis) delve into the recently announced U.S. Cyber Trust Mark, a cybersecurity labeling program for IoT devices - a long-anticipated directive of Executive Order 14028.   Larry and Eric explore how, in contrast to static ratings like ENERGY STAR, this dynamic IoT security score will attempt to reflect the continually evolving landscape of cybersecurity threats and controls. They delve into the efficacy of this voluntary labeling...

info_outline
AI and Cybersecurity: A Love Story or Security Nightmare? Pass the Popcorn, Please! with Alexander Fleischer show art AI and Cybersecurity: A Love Story or Security Nightmare? Pass the Popcorn, Please! with Alexander Fleischer

IoT: The Internet of Threats

In the latest episode of IoT: The Internet of Threats, podcast host Eric Greenwald sat down with guest Alexander Fleischer for a thought-provoking dialogue. They delved deep into the escalating symbiosis between artificial intelligence (AI) and cybersecurity. Fleischer elaborated on the rapid and complex evolution of AI, particularly in relation to its increasing role in cybersecurity procedures.  The conversation also extended to the potential implications of AI on the future job market and the nature of human-AI interactions. A significant portion of the discussion was dedicated to the...

info_outline
How Big is Your Data? The Increasing Demand for Detailed, Actionable Information in Cybersecurity, with Dino Boukouris, Founder and Managing Director, Momentum Cyber show art How Big is Your Data? The Increasing Demand for Detailed, Actionable Information in Cybersecurity, with Dino Boukouris, Founder and Managing Director, Momentum Cyber

IoT: The Internet of Threats

In this episode of the IoT: The Internet of Threats podcast, host Eric Greenwald and Dino Boukouris, Founder and Managing Director of Momentum Cyber, delve into the increasing demand for detailed, actionable data in providing cybersecurity services. Eric and Dino scrutinize the role of regulations, assessing whether they inspire innovation or inadvertently stifle growth. They also examine the crucial part that data analytics and Software Bill of Materials (SBOM) play in today's risk management practices.  Will the increased prevalence of AI and emerging regulations bring about significant...

info_outline
The FDA will soon require SBOMs for medical devices. Are you ready? with Larry Pesce, Product Security Research and Analysis Director, Finite State show art The FDA will soon require SBOMs for medical devices. Are you ready? with Larry Pesce, Product Security Research and Analysis Director, Finite State

IoT: The Internet of Threats

On this episode of the IoT: The Internet of Threats podcast, host Eric Greenwald and Larry Pesce (Finite State Director of Product Security Research and Analysis) explore the FDA's new Refuse to Accept (RTA) decision process and what it means for successful premarket submissions of medical devices. Together, Larry and Eric examine how prepared the industry is for the coming changes and assess how medical device manufacturers may weigh the new risk-benefit calculus. Eric and Larry also look at how past cyberattacks lead companies to forge enduring changes in cybersecurity culture and controls...

info_outline
Coming Soon? Getting Sued for Crappy Software? with John Banghart, Senior Director for Cybersecurity Services, Venable LLP show art Coming Soon? Getting Sued for Crappy Software? with John Banghart, Senior Director for Cybersecurity Services, Venable LLP

IoT: The Internet of Threats

On this episode of the IoT: The Internet of Threats podcast, host Eric Greenwald meets up with John Banghart, Senior Director for Cybersecurity Services at Venable LLP, a law firm that provides cybersecurity and privacy risk management advisory to clients of all shapes and sizes across a wide variety of sectors. Venable also runs a called the Center for Cybersecurity Policy & Law that connects private-sector companies with government organizations to discuss policy and standards issues.    John Banghart has nearly 30 years of federal government and private sector experience in...

info_outline
The SBOM Challenge: Wait ... there was a contest?  Who won?? with Matt Wyckhouse, Founder & CEO of Finite State show art The SBOM Challenge: Wait ... there was a contest? Who won?? with Matt Wyckhouse, Founder & CEO of Finite State

IoT: The Internet of Threats

On this episode of the IoT: The Internet of Threats podcast, host Eric Greenwald interviews Matt Wyckhouse, Founder and CEO of Finite State. Throughout his career, Matt has spearheaded complex national security programs ranging from detection of malicious integrated circuits in the supply chain to next-generation intrusion detection systems for automotive systems. Matt directed numerous intelligence programs related to the security of embedded and IoT devices and has been a speaker on the subject at security events.   Together, Eric and Matt revisit February's S4x23 event and its SBOM...

info_outline
So, What the Heck Are You Supposed to Do with an SBOM? with Dr. George Shea, Chief Technologist at the Foundation for Defense of Democracies show art So, What the Heck Are You Supposed to Do with an SBOM? with Dr. George Shea, Chief Technologist at the Foundation for Defense of Democracies

IoT: The Internet of Threats

On this episode of the IoT: The Internet of Threats podcast, host Eric Greenwald interviews Dr. George Shea, the Chief Technologist of the Transformative Cyber Innovation Lab (also known as the TCIL or the Lab) of the Foundation for Defense of Democracies (FDD), a nonprofit, nonpartisan 501(c)(3) research institute that concentrates on foreign policy and national security. George is also a member of the Operational Resilience Framework (ORF) Task Force, Cybersecurity Canon, and a contributor at The CyberWire.    Together, Eric and George examine the continuous visibility that SBOM...

info_outline
What's Going on with ICS Security, and What's SBOM Got to Do with It? with Dale Peterson, ICS Security Catalyst and Founder of S4 Events show art What's Going on with ICS Security, and What's SBOM Got to Do with It? with Dale Peterson, ICS Security Catalyst and Founder of S4 Events

IoT: The Internet of Threats

On this episode of the IoT: The Internet of Threats podcast, host Eric Greenwald interviews Dale Peterson, a widely recognized name in the OT cybersecurity field and, specifically, in ICS (industrial control system) security. Dale is the founder of S4, the premiere event in ICS security. Dale created the event in 2007 to showcase the best offensive and defensive work in ICS security and to build connections within the industry. He founded Digital Bond, an ICS / SCADA cybersecurity consulting company in 1998 and serves as its CEO.    Together, Eric and Dale examine the origins of...

info_outline
Mind of a Hacker, Role of a Defender, with Larry Pesce, Product Security Research and Analysis Director at Finite State show art Mind of a Hacker, Role of a Defender, with Larry Pesce, Product Security Research and Analysis Director at Finite State

IoT: The Internet of Threats

On this episode of the IoT: The Internet of Threats podcast, host Eric Greenwald sits down with Larry Pesce, a lifelong tinkerer whose obsession with how things work led him to his role as Finite State's new Product Security and Analysis Director. Together they explore how Larry began his long and accomplished career as a pen tester and security and research expert. Eric and Larry also examine the pressure that lower production budgets impose on product security professionals, the questionable value of regulation as a catalyst to drive product security investment and improvements, and the...

info_outline
The Cyber Insurance Questionnaire: Please Tell Me There's Another Way!, with Davis Hake, Co-Founder of Resilience show art The Cyber Insurance Questionnaire: Please Tell Me There's Another Way!, with Davis Hake, Co-Founder of Resilience

IoT: The Internet of Threats

On this episode of the IoT: The Internet of Threats podcast, Davis Hake, Co-Founder of Resilience, joins podcast host Eric Greenwald to explore the cybersecurity insurance marketplace and how a startup insurer like Resilience can differentiate itself in the space. Eric and Davis discuss how the increasing frequency and severity of ransomware and supply chain attacks are driving increases in premiums, how insurers evaluate a company's cyber risk, and how they can guide companies to improve their cybersecurity ecosystems.    Interview with Davis Hake    Davis Hake co-founded...

info_outline
 
More Episodes

In this episode of the IoT: The Internet of Threats podcast, host Eric Greenwald and the Vidovich brothers Nick and Sam hack the headlines – they discuss the latest news in security and offer their perspectives. Eric also interviews guest Darren Pulsipher, Chief Solutions Architect at Intel Corporation, about supply chain security at Intel.

 

Hacking the Headlines:

 

  • Researchers warn of the huge risks involved in the rapid deployment of AI in agriculture, noting that cyberattacks on high-tech farm equipment could threaten the global food supply chain.
  • Netgear recently issued a security advisory outlining vulnerabilities in two popular router models. According to Netgear, they are unfixable. Is this a responsible disclosure, or does it just raise more questions/concerns than it addresses? 
  • A malicious Python package that performs supply chain attacks was spotted in the PyPI registry. It was downloaded 325 times before being removed. Is this more serious than funny, or more funny than serious? 

 

Interview with Darren Pulsipher:

Darren has been working on security solutions with Intel for 12 years. He’s seen from the inside how to build robust security into the software development and supply chain processes. In addition to his day job, he hosts his own tech podcast and is part of a standards body working to articulate how organizations should use the Software Bill of Materials (SBOM) to secure software and meet regulatory requirements. 

 

Eric and Darren discuss:

  • Intel’s process for analyzing third-party software and scanning for vulnerabilities
  • Securing the DevOps pipeline
  • Balancing value and risk in using open-source software
  • Potential impacts of Executive Order 14028 on improving the nation’s cybersecurity

 

Find Darren on LinkedIn: https://www.linkedin.com/in/darrenpulsipher/

 

Thank you for listening to this episode of the IoT: The Internet of Threats podcast, powered by Finite State — the leading supply chain cyber-security solution provider for connected devices and embedded systems.

 

If you enjoyed this episode, click subscribe to stay connected and leave a review to get the word out about the podcast.

To learn more about building a robust product security program, protecting your connected devices, and complying with emerging regulations and technical standards, visit https://finitestate.io/.