Cybr Podcast
By Cybr, Inc.
Cybr PodcastAug 10, 2022
Infiltrating a cybercrime group wearing a wire with ex-FBI Supervisory Special Agent
Shane Sims is back on the show with a gripping story. Seriously, if Netflix decided to make a movie or mini-series about this, I wouldn’t even be surprised…except this really happened and you’re about to get a front-row seat to how it unfolded. Shane wore a wire and infiltrated a cybercrime group back in 2005 that was stealing intellectual property from organizations, including defense contractors. Normally when you think of cybercrime groups, you don’t think in-person meetings or “wearing wires” to catch them in the act. But this group primarily exploited wireless networks to exfiltrate IP and sensitive data, and then turned around to extort the organization. Catching them in the act required Shane to go undercover. They met in hotel rooms with SWAT teams on stand-by, they met in vans to carry out attacks, and they finally gathered enough evidence to arrest and charge the suspects. Hear about all of that from start to finish in this epic episode.
The evolution of cybercrime and career advice with ex-FBI Supervisory Special Agent Shane Sims
This is our most intense episode to date, and it's a fascinating one. Peer into the world of the FBI and its response to cybercrime all the way back to the 1990s. Shane was a Supervisory Special Agent responsible for building a cyber offense unit and capabilities & led all cyber offensive operations in support of counterterrorism, counterintelligence, and cybercrime matters. Later, he transferred to the FBI's Critical Incident Response Group to help develop and lead a crisis response organization charged with countering WMD threats on US soil working closely with the Department of Defense's Joint Special Operations Command, White House, and other government agencies. After the FBI, Shane worked at PwC and KPMG for a number of years, and he is now the CEO of Kivu, a full-service cybersecurity consulting firm that offers services in three core divisions: advisory services, managed services, and response services.
AWS Security: Getting started, in-demand jobs, and what to focus on
Land your first Pentester job without prior IT experience
DevOps, Containers, Kubernetes, and their security implications
Terraform and Infrastructure as Code with Derek Morgan
Starting a passwordless authentication company with Dan Frye
Vulnerability assessments, bug bounties, pentests, and red team engagements with Daniel Miessler
A day in the life of a Threat Researcher at the Microsoft Threat Intelligence Center
Roberto Rodriguez (@Cyb3rWard0g) talks to us about what it’s like to be a Threat Researcher at the Microsoft Threat Intelligence Center. We talk about how he got started, what a day in his life looks like, what the differences are between threat research, threat hunting, pentesting, etc...and we talk about resources that he’s created and that could help you out, including his online and interactive book called the Threat Hunter Playbook.
Becoming a Threat Intelligence Analyst and Warrior with Nicole Hoffman
Managing IT & Security for businesses with Joel Miller
From baker to Full-Stack Developer with Miwha Geschwind
How to get your first IT/cybersec job with Jenny Codes
How to get started and breakthrough in Bug Bounty Hunting with Hakluke
Building and maturing AppSec programs in startups
Landing your first job and certification in cybersecurity with Emily Pearson
Incident Response as a career with Matt Trostel
So you want to be CIO? Here’s how to stand out and make the cut (3 of 3)
Public schools are being targeted by Cybercriminals
In this episode, Eric Lankford and Doug Levin join us to shine a light on the disturbing and dangerous cyber threats academic institutions are facing. Cyberattacks are a significant and growing threat to our nation’s K-12 public schools, students, and employees. There were ~350 publicly disclosed cybersecurity incidents that impacted K-12 schools in 2019. They primarily consisted of data breaches resulting in unauthorized disclosures of student/staff data, ransomware and other malware attacks, phishing attacks, and other social engineering scams as well as denial-of-service attacks. With only 5% of surveyed IT teams feeling that student data is at high risk.
How to increase diversity & inclusion in IT organizations with Roshanda King
Have you heard of the National Cyber Moonshot initiative?
In this episode, our guests Bobbie Stempfley, Tom Patterson, and Eric Lankford explain and share what the National Cyber Moonshot initiative is, and the six strategic pillars for a safe and secure internet to bring economic growth, national security, enhanced privacy, technology advances, and global leadership benefits. Specifically, this episode focuses on the Cyber Education workshop, which is convening with leading experts and practitioners to look at breakthrough concepts and realities in use across the nation and around the world. The goal of the Education Pillar is to dramatically increase the availability, quality, and diversity of cybersecurity talent in the United States for Cybersecurity Moonshot Initiative strategic focus areas, while also educating all citizens of their shared responsibilities in creating a safe and secure internet environment. Bobbie has served at both DHS and CERT and now works for Dell’s office of the CISO. Tom is the Chief Trust Officer of Unisys, and Eric is the founding partner of K12 SIX.