Once a month, a new 20-30 minute podcast by two self proclaimed grumpy security professionals talk security risk, how they’ve managed it in the past and looking forward discussions with guests working in information security and risk management. Co-hosts Doug Leece and Tim McCreight have been approaching security risk management from both the technical and managerial levels for a number of years yet share a common philosophy.
Guest #5 – Dave Tyson
Dave Tyson is the President of Apollo Information Systems, a concierge Cyber Security consultancy with operations across the USA and Canada. Over 30 years of experience in Cyber & Physical security leadership, battling organized crime and nation state attackers has prepared him for all aspects of Enterprise Security Risk Management. He is also the co-founder of Cyber Easy Learning, an online and classroom Cyber Security training program that teaches Cyber Security in plain English!
His previous role was as Chief Information Security Officer for SC Johnson, a global consumer package goods firm. Prior to joining SCJ he led security programs for the largest Power Utility in the USA, was the Global Security operations lead for the largest E-commerce company in the world, and the Chief Security Officer for the Host City of the 2010 Winter Olympics.
Dave has a Master’s degree in Business Administration (MBA), specializing in Digital Technology Management. He’s also Board Certified in Security Management and obtained his Certified Protection Professional (CPP) designation. Dave is also a Certified Information Systems Security Professional (CISSP).
Dave is frequent speaker at conferences and education events in North and South America, ASIA and Europe. He has published dozens of articles in industry magazines and published the first book on Security Convergence via Butterworth Heinemann.
Here’s a quick excerpt from our interview with Dave!
Guest #4 – Terry Ingoldsby
Terry Ingoldsby has acquired over 25 years of cybersecurity experience. He is the President of Amenaza Technologies Ltd., and the chief technical architect of their advanced, attack tree based threat modeling.
He regularly teaches an advanced attack tree analysis course to aerospace and defense contractors, critical control system operators and IT providers.
Terry has conducted consulting engagements around the world! That’s an incredible accomplishment for a firm headquartered in Calgary, Alberta Canada! Terry has achieved his BSc in Physics, and his MSc in Computer Science. He’s also active in the Calgary IT community and has done presentations and interviews on attack tree threat modeling.
Here’s a quick excerpt from our interview with Terry!
Guest #3 – Scott Klososky
Scott began his career fresh out of high school, where his job in a new computer division of an office products company was his springboard into the world of technology. He became the leader of their new computer sales division and then purchased it as his own company. It was eventually built into a twelve-store operation in three states.
His next endeavor was as founder and CEO of Paragraph, Inc., a Soviet/American joint venture founded in 1988, as this country was just opening up to western business models. Half of the company was sold to Silicon Graphics, and the other half sold as well a few years later.
Scott then collaborated with H.R. Haldeman to publish a diary of his years as the Chief of Staff to President Nixon, which was a bestseller (Putnam Publishing), and involved Sony Interactive in the release of a book companion CD-ROM.
In 1995 Scott started another company named Avant Digital Marketing which was later renamed Webcasts.com. This start-up was an early producer of webcasted media ranging from corporate and government communications to sporting events and entertainment. It was sold in 2000 for $115 million.
In 2007 Scott once again founded a start-up called Alkami Technology. This company developed a second-generation online banking platform with innovative features non-existent in current systems. The company is today headquartered in Dallas and has over 250 employees.
Along the way Scott has participated as a board member with a number of firms. Examples include WeGoLook which sold in 2017 for approximately $40 million and First Fidelity Bank in Oklahoma and Phoenix.
He is the author of four books including his most recent title, Did God Create the Internet? The Impact of Technology on Humanity.
Here’s a quick excerpt from our interview with Scott!
Guest #2 – Winn Schwartau
Winn has lived Security since 1983, and now says “I think, maybe, I’m just starting to understand it“. His predictions about the internet and global security problems have been scarily spot on. He coined the term “Electronic Pearl Harbor” while testifying before Congress in 1991 and showed the world how and why massive identify theft, cyber-espionage, nation-state hacking and cyber-terrorism would be an integral part of our future. He was named the “Civilian Architect of Information Warfare” by Admiral Patrick Tyrrell of the British Ministry of Defense.
He is currently the Chief Visionary Officer, running Research & Development for SAC Labs, developing techniques to enhance human resilience to social engineering attacks on businesses, individuals and global critical infrastructures.
His new book, “Analogue Network Security” is a mathematical, time-based and probabilistic approach to justifiable security. His goal is to provide a first set of tools and methods to “fix security and the internet”, including fake news, spam, phishing, Distributed Denial of Service (DDoS) attacks and more.
There’s a great quote from Winn that came from his testimony to the Congressional Subcommittee on Technology and Competitiveness, Committee on Science, Space and Technology about the state of security in the private sector and government:
“Government and commercial computer systems are so poorly protected today they can essentially be considered defenseless – an Electronic Pearl Harbor waiting to happen. As a result of inadequate security planning on the part of both the government and the private sector, the privacy of most Americans has virtually disappeared.“
The testimony we’re quoting was provided June 27, 1991. Almost thirty years ago…
Here’s a quick excerpt from our interview with Winn!
Guest #1 – Rachelle Loyear
As Vice President of Innovation and Product Management for G4S Americas, Rachelle Loyear leads the G4S Innovation team and the Enterprise Security Risk Management approach at G4S.
Rachelle has spent her career managing programs in corporate security organizations. Focusing strongly on security risk management, she has been responsible for ensuring enterprise resilience in the face of many different types of risks, both physical and cyber.
In 2017, she released the book The Manager’s Guide to Simple, Strategic, Service-Oriented Business Continuity, and is a co-author of the 2018 book, Enterprise Security Risk Management: Concepts and Applications.
Rachelle serves on the Cybersecurity Advisory board for SIA, and the IT Security Community, ESRM, and Crisis Management steering committees of ASIS International. She is a Certified Information Security Manager (CISM) through ISACA, a Master Business Continuity Professional (MBCP) through DRI International, an Associate Fellow of Business Continuity International (AFBCI) and a certified Project Management Professional (PMP) through the Project Management Institute (PMI).
She’s also working on some really cool projects:
- She’s refining and releasing a Global ESRM approach to customer solution development for G4S,
- She’s part of the team revamping the ASIS Protection of Assets material to include an ESRM underlying philosophy, and
- She’s working with customer focus groups to understand what the security industry really needs to manage risk – using Design Thinking principles.
Here’s a quick excerpt from our interview with Rachelle!!