In this episode of the Security by Default podcast, host Joe Carson speaks with Secretary Harry Coker Jr. about his journey into cybersecurity, the importance of mentorship, and the challenges faced in leadership roles. They discuss the evolving role of AI in government and cybersecurity, the significance of resilience in the face of failures, and personal interests that help them unplug from their busy lives. The conversation emphasizes the need for clarity in chaos and the importance of learning from every experience.

Takeaways

• Bringing clarity to chaos is essential for success.
• Mentorship plays a crucial role in career development.
• Every day in leadership presents new challenges and opportunities.
• Learning from both successes and failures is vital.
• Trust but verify is a key principle in leadership.
• AI is transforming government operations and cybersecurity.
• Cyber resilience is becoming more important than ever.
• Personal interests help leaders to unplug and recharge.
• Success is often shared, while failure is solitary.
• The human element must remain in AI decision-making.

Chapters

00:00 Introduction to Cybersecurity and Personal Journeys

06:05 The Importance of Mentorship and Teamwork

11:48 A Day in the Life of a Cybersecurity Leader

17:51 Lessons Learned from Challenges and Failures

21:53 The Impact of AI on Cybersecurity and Governance

29:42 Personal Interests and Unplugging from Work

Resources

The following books and resources were mentioned:

1. "Character" by retired U.S. Army General Stan McChrystal - Harry Coker mentioned he started reading this book and found it insightful, particularly about self-awareness and challenging oneself.
2. "The Power of Now" - Joseph Carson mentioned this book as one he was recommended to read and was working towards.

In this special edition episode of the Security by Default podcast, Mikko discusses his extensive career in cybersecurity, his transition to a new role in drone defense, and the innovative Museum of Malware that showcases the intersection of art and cybersecurity. He reflects on his journey, memorable experiences, and the importance of storytelling in engaging audiences

Takeaways

• Mikko's alternative career choice was journalism.
• He started in programming and transitioned to cybersecurity.
• Keynote speaking at Black Hat involves storytelling.
• Experience reduces anxiety in public speaking.
• The Omega virus was Mikko's first memorable malware.
• The Museum of Malware archives the history of cyber threats.
• The museum features art inspired by malware and cyberattacks.
• Mikko is transitioning to a drone defense company.
• He sees parallels between cybersecurity and drone defense.
• Mikko expresses gratitude for his 34 years in the cybersecurity industry.

Resources:

https://www.withsecure.com/en/experiences/museum-of-malware-art

In this episode of the Security by Default podcast, Joseph Carson and Evandro Goncalves discuss the critical topic of machine identities also known as non-human identities (NHI), exploring their definitions, challenges, and best practices for management. They delve into the complexities of managing non-human identities in cybersecurity, emphasizing the importance of visibility, risk management, and the principle of least privilege.

The conversation also highlights experiences from the NATO Lock Shield event, showcasing the real-world implications of identity security. Evandro shares insights on staying updated in the cybersecurity field and the importance of hands-on learning.

Takeaways

• The podcast aims to make security accessible to everyone.
• Machine identities are non-interactive identities used in IT environments.
• Organizations may have up to 80 machine identities for every human identity.
• Visibility and management of machine identities are significant challenges.
• Over-privileged accounts are a common issue in organizations.
• Applying the principle of least privilege is crucial for security.
• Communication and coordination are vital during cybersecurity events.
• Hands-on experience and laboratories are effective for learning new technologies.
• Staying updated with threat reports is essential for cybersecurity professionals.
• Networking through platforms like LinkedIn is beneficial for knowledge sharing.

Keywords

machine identities, cybersecurity, identity security,

non-human identities, security management, best practices, NATO Lock Shield,

visibility, risk management, zero trust