This week's episode of Tech Done Different features Ben interviewing Andrew Lemon, Principal Security Engineer at Red Threat. They talk about what it means to be a "good hacker".
You will learn:
- Why "cut and paste" penetration tests miss the point
- The mindset of learning to become an ethical hacker
- What can make a security assessment fun and exciting
- Why "stealing a baby" can actually be a good goal for a security professional
- The role of specialization and generalization in security management
This week’s episode of Tech Done Different features Debasish Biswas, CTO of Aware. Ben sits down and talks with Debasish about collaboration and how we should think about the permanent changes in the way people work for the better.
You will learn:
- What your “digital senses” are
- How to think about securing information when it exists in many different platforms
- Why we shouldn’t look as virtual/in-person engagement as better or worse but rather how to make engagement effective using all our tools
- Why information in Slack, Teams and other casual chat is not “throwaway information”
- Why virtual collaboration ultimately is a step forward in how we work and provides new avenues for productivity
Matt Brown literally makes a living hacking things (and, as we learned on this episode, would probably still do it even if he had unlimited money). Join Ted and Ben in a fun interview with a hacker talking about all things hacking.
- What common assumption leads to many security failures
- How both businesses and consumers can think about better securing their solutions
- What Build a Bear looks like in the eyes of a hacker
On this week's episode of Tech Done Different, Ben is joined by Cody MacDonald the CTO of IPT Global. Ben and Cody sit down to talk about why it’s never too late to reinvent yourself and your career.
- How Cody went from a Cherry Farmer, to Geologist, to CTO of a software company
- why the more something makes you uncomfortable the more you need to pursue it
- How to handle the stress in your job when what you create or the work you do has a large impact other people and the environment
On this very special episode of Tech Done Different — live in studio for the first time ever! — Ted sits down with artist and fellow TEDxFrankfurt speaker, Sabela Garcia Cuesta, to discuss creativity. Being creative doesn’t mean you have to sing, paint, or dance but includes all types of people and industries from sciences to entrepreneurs.
You will learn:
•How the way an artist’s solves problem can help you solve yours too
•Why Einstein was the biggest artist of all time
•How to clear the mind so you can see thing more clearly
•How to push past the self-sabotage and imposter syndrome
•Why it’s okay to be vulnerable as a leader
Jako Bär is a musician, creative, and fellow speaker from TEDxFrankfurt. He joins the show to explain the creative process and how to apply those principles to whatever you're trying to innovate.
- whether or not it's true that some people are creative and others are not
- what to do when you find yourself in the "pit of despair" on a project
- how creating music is like building tech
On this week's episode of Tech Done Different, Ben is joined by Michael Goetzman the CISO of Solano Security and creator of CypherCon. Tune in to hear Michael and Ben discuss why CyberPunk is the past and SolarPunk is the future. You'll learn why the tech industry should move to a space where we have a more positive and less dystopian view of the future of technology.
What makes a problem worth solving? How do you prioritize competing concerns in addressing those problems? What role does the voice of the customer play in all this? On this special episode -- where Ted is joined for the first time by new co-host Ben -- we are joined by Barry Phetteplace to share from his experience as both a hands-on developer and then later a leader of developers.
In this very special edition of Tech Done Different, you are introduced to Ted's new cohost! Ben shares insights about how to relate to people and talk clearly about technical concepts.
- how (and why) to be a better listener
- what happens when you ask better questions
- how to bring your whole self to a conversation
Buyers want to be informed, and the internet has made finding the info the need easy to do. In this episode, product marketing expert Greg Coticchia shares insights in how buying behavior is changing, and how to think differently about selling too.
- Why buying behavior is changing
- How to think differently about the interplay between marketing, sales, and more
- Why you need to make buying easy
We are joined by the Founder & Chair of Bugcrowd, Casey Ellis, to discuss where security research is today, where it is going, and many other aspects of how to think about securing systems.
- where security research is today, and where it is going
- why businesses should be incentivized to secure systems (hint: not just because it's the right thing to do)
- how to think about security of open source systems
In this episode of Tech Done Different, you'll hear from Aaron Day, the CEO of Amaze, about how and why to build a vision statement.
- why a vision statement matters
- how to build a vision statement
- how to communicate the vision statement
- how to use the vision statement to guide daily decisions
A season veteran in building software businesses, Mark Edwards joins Tech Done Different to share the common pitfalls that software companies make and what to do about it.
- why (and how!) to identify your areas of excellence and areas of weakness
- what happens when you are always operating with your exit strategy in mind
- why to not be fearless, but to "fear less"
Carla Donev, the VP and CISO at NiSource, joins Tech Done Different to share her experiences as a female in the male dominated field of technology, and how she went from being an accountant to a CISO.
- how to get more women into the cyber fields
- why to say yes when opportunities present themselves
- how to balance your business needs with your security challenges
- when you should use your gut and common sense
- and more
Jonathan Kite, the founder & CEO of Rent Ready, joins Tech Done Different to share insights in how he built his software company, and how they overcame many obstacles along the way.
- how to fail forward
- what happens when your vision needs to change
- how to think through solving complex problems
- how to interview for adaptability to change
- and more
Nicole Little joins Tech Done Different to explain Web 3.0, what it is, and how to think about security around it. She's a security researcher who currently works in the content protection team at Disney.
- what Web 3.0 is and why it matters
- what security challenges that Web 3.0 introduces
- how to think about the security versus benefits tradeoffs of this emerging technology
- why independent security assessments matter
- and more
As CISO of a cloud startup, Jonathan Rau fields tons of security questionnaires. He joins the show to explain the many struggles the vendors receiving such questionnaires face, and what to do about it.
- why questionnaires need to be customized
- why it's lazy to send the same questions to everyone
- why VRM is really about building trust, not just about answering questions
- and more
What happens when you remove friction? Better yet, what happens when you focus on small, incremental gains that compound on each other rather than aiming for big massive wins? On this episode, we are joined by ex-Facebook & ex-Microsoft tech leader Josh Twist to dig into these topics and more.
- why small wins are better than big wins
- why it's mission critical to make things easy
- why UX doesn't win deals (but it does earn advocacy)
- why feature growth can kill (rather than help) a product
As the Head of Juniper Threat Labs at Juniper Networks, Mouir Hahad knows a thing or two about threat intelligence, and he joins Tech Done Different to share those insights.
- what threat intelligence, and why it matters
- why it's important to share information
- how to think about outsourcing, insourcing, or some combination
- and more
In this episode, we are joined by long time medical device veteran Chris Barron, to help walk us through the many challenges that early stage medical device startups face, and how to overcome them.
- why fundraising is a long process
- what you need to make clear to investors in order to get them to invest in your startup
- what role your mission has in deciding where to allocate resources
- why to apply your passion
Sometimes the best ideas are the craziest ones. In this episode of Tech Done Different, entrepreneur Zach Belanger walks us through how to think big, think creatively, and pursue big goals.
- why sometimes the right ideas sound the craziest
- why crazy ideas are better than boring ideas
- why to do it "indie" rather than "industry"
- why to ask if it's ever been done before (and what to do with the answer you get)
- why to start as soon as possible
As we build complex software systems, we also need to ensure we understand what to some might feel unscientific: how does this system make me feel? Mariana Muntean joins Tech Done Different to help us understand the differences between artistic thinkers and engineers, and how the two can partner to produce great results.
- why creatives and engineers butt heads
- why abstraction is an important skill
- why to use visuals to communicate
- why an experienced UI/UX designer saves time and money
- why to get feedback from outside the team building the thing
Candice Lu joins Tech Done Different to teach us about entrepreneurship, building teams, and developing leaders.
- why being a founder is about control
- why autonomy matters
- how to create a culture that people want to be part of
- why emotional intelligence is the most important factor to being truly consultative
- why doing right by your people creates lasting positive impact
- why to grow you must let go
What is the interplay between hard skills, soft skills, and personality? How can leaders groom people in all of these areas? Sameer Ranjan, the CTO of Catenate, joins Tech Done Different to explain how data science drives all of this.
- why no amount of money will keep a person in a role that's not right for them, and why we need to put the right people in the right roles
- what the difference is between hard skills, soft skills, and personality traits
- how leaders should groom people based on personality
- how our brains are wired to learn
Author & business consultant Craig Perkins joins Tech Done Different to help us understand how to reject conventional thinking and live more entrepreneurially. Whether you are a leader, individual contributor, or entrepreneur, these principles are for you.
- why to move towards fear
- how to learn about yourself in order to find your passion
- why to do what gives you goodsbumps
- what it means to listen to your authentic self
- how to persevere over obstacles
As CISO for Oracle SaaS, David Cross has to balance both engineering and business priorities. He joins Tech Done Different to teach us how to get veterans involved in cybersecurity, how to grow & pivot your career, and the ways to establish influence.
- why the core values that many veterans have are a great fit for security roles
- how to think about transition careers, roles, and companies
- how to build an ecosystem of mentors
- why to partner with someone whose strengths complement your weaknesses
- why to seek feedback that stings
Former special agent John Toney joins Tech Done Different to provide insights gleaned from the Secret Service, and how he applies those insights now as a Global CISO in the private sector. You'll learn how protecting a US President is pretty much the same as protecting your digital assets, as well as how to build teams, foster culture, and so much more.
- when to move and when not to move
- why incident response needs to be done in advance
- how stress prevents good decisions
- why (and how) to be your own best self advocate
- why it matters for leaders to coach their teams on how to share information
Entrepreneurial legend Richard Thalheimer joins Tech Done Different to teach us the many things he learned by starting and growing The Sharper Image.
- how to adapt to disruptive technology
- why it's common for people to say No (hint: it's safe)
- why to execute "management by opportunity"
- why you should talk about your idea to everyone you meet (and why witholding it actually holds you back)
- what to look for in people you hire, and how to make room for them to grow
- why to disregard formal training and prioritize on the ground training
- why to be nice
Fellow security author Loren Kohnfelder joins Tech Done Different to teach us how developers (and their managers) should think about building more secure software.
- why to understand threats as the starting point in building software
- why collaboration between developer and security teams matters
- why to ask "what's the worst that could happen?" as a way to think about secure software
- why empathy is the most important soft skill for building secure software
As the Security Research Director for Bitdefender, Jay Balan has lived on both sides of the responsible disclosure process: he is a researcher himself, submitting vulnerabilities to companies -- and he has a built his own bug bounty program at Bitdefender, to receive vulnerabilities. He joins Tech Done Different to discuss the current state of relations between researchers and the companies they study, and what needs to change.
- why it matters to have a security contact at your company
- why to hire a security company, and how to vet them
- why it is good to allow white hat hackers to hack you (yes, seriously)
- why "no vulnerabilities" is not the goal
Chloe Messdaghi joins Tech Done Different to help illuminate how to create better workplaces, what motivates employees today, how to avoid burnout, and more.
- why mental health matters
- what causes burnout
- why depression is on the rise
- how to think about notifications
- what to do when you go on vacation
As the AI Ethics Lead Architect for Intel. Ria Cheruvu commonly gets asked about the ethical implications of artificial intelligence... especially if the machines will rise up to be our overlords soon. She addresses this and more in this episode of Tech Done Different.
why AI is at the intersection most domains
why the state of AI is nowhere near the problems as depicted in science fiction... but some much more problematic issues are already present today (and what to do about it)
what each of us should do in order to address the many ethical, scientific, and practical challenges of AI as it exists today (and will years from now
Leadership coach, author, and entrepreneur April Sabral joins Tech Done Different to teach us why leaders need to become more aware in order to create better connections.
- why these three pillars of leadership success matter: Accept, Create, and Teach
- why to measure performance but not judge the performer
- why emotions matter in leadership and how to think about them
- how to ask better questions, and use questions to lead better
- why leaders must have a positive effect
Author and leader Shamane Tan joins Tech Done Different to teach insights from her new book Cyber Mayday about what to do before, during, and after a security incident.
- what to do before, during, and after a security incident
- why allies matter, and should be the first thing to establish for a new security executive
- why to prioritize different efforts in the security program
- how to think about empathy in the midst of a security breach
- why it's dumb (and a complete misunderstanding of how security works) to make the CISO be the "fall guy" in the event of a security breach
Security researcher, advocate, and fellow ginger John Hammond joins Tech Done Different to provide insights on how to think like both attackers and defenders, and how a technical person can become a good communicator of ideas.
- Why the defender only needs to be right once
- Why to know thy enemy, and how you have some control over the information the attacker can collect
- What a hacker really is, and why this distinction matters
- What it means to "defend forward"
- Why it matters to teach, learn, repeat
- Why the more things change in security the more we need to adhere to the fundamentals
As the Director of Security Initiatives for Intel's Security Center of Excellence, Camille Morhardt gets to learn from some of the brightest minds in all of tech. As the co-host of one of the biggest public podcasts in the game today Cyber security Inside, she brings those bright minds to the audience. She joins Tech Done Different to teach us how to communicate complex ideas simply.
- why good questions are the key to communicating simply
- why to not let go of a line of questioning until you fully understand (and then keep asking more)
- how an unusually long pause can lead to the insights you're looking for
- how to get to the heart of the matter
- the 3 phase process for success in security: 1) get started 2) don't stop learning and 3) gain insights from outside of your sphere
As an advisory CISO and published author, Helen Patton advocates for how to get people into the security industry, and how to navigate a career in the field. She joins Tech Done Different to provide insights from her new book and explain the Cybersecurity Canon, a collection of books to help security professionals.
- why writing a book enables you to "mentor at scale"
- why we should hire based on potential, not demonstrated experience
- why recruiting for security should include going to middle and high schools
- why self care is so important in a security career
- why you need to understand your "why"
- why security is a business enabler
Researcher, bestselling author, and supermom Sabreet Kang Rajeev joins Tech Done Different to help us understand the immigrant experience and how it manifests in the workplace. You'll learn:
- what it means to "other" and why it's a problem
- why "fitting in" is as much about performance as it is about being liked
- why burn out is so problematic for certain cultural upbringing
- why it matters to be kind
Along with his business partner Ron Eddings, Chris Cochran has built a podcast universe to highlight the stories of leaders in tech. He joins Tech Done Different to share how he did it, the key lessons about tech leadership he's learned from his guests (and own experiences), and how to think about the emerging tech that is Web 3.0.
- why good stories come from good questions
- why your value has to come from within, and not external validation
- why to talk to smart people every day
- why imposter syndrome is only going to get worse in tech
- how to create a learning environment, and how it is the antidote to imposter syndrome
- how leaders can create a safe environment for learning, through vulnerability
- how (and why) to solicit feedback
- what Web 3.0 is and why it matters
At 6am, Rashid Ahmed -- the CISO of Velocity Group USA -- received the call no one wants to receive: the entire filesystem was encrypted and held for ransom. He joins Tech Done Different to walk us through how he was able to not only avoid paying the ransom, but had the system back up and running in less than 4 hours!
- why it matters for all levels of an organization to understand security
- why not only do backups matter, but also the frequency matters too
- how to think about the cost-benefit tradeoff of more regular backups
- what things impact the speed to recovery from a ransomware incident
- why dialogue with leadership and the broader business matters
Security executive, researcher and professor Ken Pyle joins Tech Done Different to dig deep into security research and what we can all do better.
- why complacency exists everywhere, and why it's a problem
- why it's a problem when a system works as designed but not as intended
- why you have to put in the work if we ever hope to make things more secure
Security entrepreneur Terry Dunlap joins Tech Done Different to talk both about the mechanics of reverse engineering, as well as to explore what he did right to help get his company acquired by Microsoft.
- the difference between "vulnerable" vs. "exploitable," and why the distinction matters
- the role of outside security validation, testing, and certification
- why it's imperative that we fix security vulnerabilities
- why the most successful companies stick to what they know, and resist the temptation to expand when customer present adjacent opportunities
- why to become "best in class"
From running a third party security program at the scale of Salesforce, to building one from the ground up at a startup, Kyle Tobener has seen many flavors of how to manage third party security risk. He joins Tech Done Different to share many insights on this critical security domain.
- why companies that have a unified system for third party / vendor security risk management are always in the best shape
- why experience in third party security is like an MBA for a future career as a CISO
- how to balance depth with any specific vendor vs breadth across assessing risk of many vendors
- why (and how) security should build relationships, educate, and set timelines with business units
- why you want to establish as many methods of communication as possible between security and the business units
- how to build incentives (and disincentives) into your security processes so you encourage people to want to do the right security
- why transparency matters
What does nutrition, rest, and movement have to do with peak performance in your career? Surgeon Dr. Glen Robison, MD joins Tech Done Different to help explain. You'll learn:
- why people will do anything to escape pain, and when you're in pain, cognition diminishes
- why to eat organic, and avoid the toxins & chemicals omnipresent in food, which lower your immune system
- what it means to "eat to your body temperature" and how to do it
- why good nutrition delivers better performance, more energy, more stamina, less stress, less anxiety, and more clarity
- why "movement is life" and the best way to think about exercise
- what happens when you think differently about your sleep patterns
As a security consultant who transitioned to lead product security in-house, Jason Geffner has seen both sides of the application security process. He joins Tech Done Different to provide insights about consulting vs. in-house, leadership, the role of kindness in team dynamics, and managing third party security risk.
- why it's the consultant's job to find vulnerabilities, but not necessarily to fix them
- why it's ok to accept risk sometimes
- why there is no such thing as "perfect security"
- why hiring is always the hardest part of managing teams
How is making meatless meat similar or different from hacking software? to answer that (and more), we're joined by Josh Nixon, CTO of meat alternative pioneer Prime Roots. We discuss what tech even is (hint: not always software), and how to think about the acceleration of innovation.
- why tech typically refers to software (but it shouldn't)
- how the idea of accidental discovery drives innovation
- why you don't need to know the science behind something to know it
- why "we don't know crap"
- what happens when you build on the work of others
Human-centered Design | Guest: Maritza Johnson
How do we build things with the user in mind? How do we marry convenience and usability? How do we make the most secure way also be the path of least resistance? As a security researcher focused on human-centered design, Maritza Johnson studies these questions every day. She joins Tech Done Different to share insights from both her research, and her forthcoming center at University of San Diego.
- what human-centered design is, and why it matters
- why users are lazy, but that's not necessarily a bad thing
- what evolutionary purpose cognitive bias plays
- how to think about the intersection of security and simplicity
As the Executive Director of the Cyber Project at Harvard's Belford Center, Lauren Zabierek is working on the front lines of how to think about the many ways cybersecurity is synonymous with national security. In this episode of Tech Done Different, she walks us through the issues and what to do about it.
- why cybersecurity IS national security
- what happens in that gap between private sector and public sector (and why adversaries love it)
- why diversity is national security
- why diversity is like defense in depth
- why we need different perspectives
- how to think about security as a leadership issue
Is it your job to innovate? Should you be creative? Can big changes result from small, daily moments? If you listen to Josh Linkner (which you absolutely should), the answer is a resounding YES to all. An entrepreneur, venture capitalist, and New York Times bestselling author, Josh is an innovation guru who joins Tech Done Different to help unleash the innate creativity in all of us.
- why your mindset, habits, and tactics unleash creativity
- why creativity is a skill to develop, not a talent you're born with
- what happens when you see the differences between major innovations and micro innovations
- why to understand that risk and fear prevent creativity, and how to remove or reduce those barriers
- why it's the responsibility of leaders to unleash the creative capabilities innate within the people we serve
- why mistakes are part of the process, and should be accepted not avoided
From developer to manager to leader to developer of leaders, Emad Georgy has seen the problems of leadership in technology from every angle. He joins Tech Done Different to explain leadership principles, in ways that apply to tech in particular.
- why to apply engineering principles to leadership
- why you need to create something bigger than yourself
- what it means to scale leadership
- why leadership doesn't need to be the next step for a talented technical person
- why it's a problem that most people in tech don't understand where they are in their own career path
- why you need to define and communicate the expected standards for both leadership and culture
You need to understand how attackers think. How they operate. How they’ll break your system.
We know how you feel.
From newly funded startups to Fortune 10 enterprises, we’ve helped companies of many varieties overcome these same security challenges. We’ve published security research on solutions across a range of systems, including cars, phones, IoT, password managers, medical devices, blockchain, AI, AR, and more. You need a partner who can help you find and fix your vulnerabilities. Who can help you get better.
You’re in the right place.
Whether you need testing, consulting, or simply some advice: we're here to help.