Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest today is Tim Brown. If you don’t’ know who Tim Brown is, he is the CISO at SolarWinds, and as such, is one of us. Or maybe in a way, he is all of us, really. Tim advises and has held various other roles in the past, including product roles, which our listeners know are well-respected s…

What can we established cybersecurity practitioners ACTUALLY do to help those new in the field besides blathering back and forth about the problem in the echo chamber that is LinkedIn? Drew got the clever idea of inviting three folks who are brand new to the field or barely started on their cyber journey, and, get this: ASKING them what they're exp…

Howdy, y’all! Our guest today is Wade Baker, cybersecurity researcher, entrepreneur, professor… Wade is a Board of Directors member of the FAIR Institute, was an Advisory Board Member at the RSA Conference, was VP of Strategy & Risk Analytics at ThreatConnect, and is now Co-Founder of Cyentia Institute, which aims to advance cybersecurity knowledge…

Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest is Michael Santarcangelo, Founder and President at Security Catalyst. He’s a former podcaster – co-creator of Business Security Weekly, he even did a stint on Down the Security Rabbit Hole with Raf and James. True fact, hearing Santa (as his friends call him) and Paul Asadoorian on Bus…

Your organization runs on commercial software far more than it does open source. But all you are delivered is binaries. What is your technical control to ensure that you are safe from this software? Such software is composed of: Open source libraries Proprietary code 3rd-party proprietary libraries You need to be able to see it, understand it, prob…

This is our third and final episode of this miniseries. In this episode we are joined by Ross Young, a well-established member of the cybersecurity community with a storied background and penchant for giving back via various means. Ross joins Allan and Drew in exploring the role of technology in the People, Process and Technology triad. Questions c…

Howdy, y'all! In part two of our three-part miniseries, we tackle Process with Malcolm Harkins. Malcolm is former CISO at Intel, a good friend of Allan's, former Cylance Chief Trust and Security Officer, member of the board of director over at TrustMAPP (where Allan used to be COO), and is now at Hidden Layer, working to secure AI. Hidden Layer did…

Thanks for listening, y'all! Our next show is all about Process (we already did a show on People) and after that comes Technology. Y'all be good now!By Allan Alford

Jeremiah Roe has held many roles in cybersecurity: Field CISO, Red Teamer, Advisor, Consultant, Etc. He currently advises for OffSec, who provide quality cybersecurity training. Drew Simonis and Allan Alford determined that Jeremiah would be a great guest for launching a 3-part mini series - each of the three shows exploring People, Process and Tec…

Drew and Allan were skeptical about SABSA, as it is a model one CISO friend described as being "only good for a graduate student writing a paper!" Another CISO pointed out that SABSA was designed long before modern engineering practices. Andrew Townley, a long-term SABSA consultant, on the other hand, gets straight to the practicality of it. There …

Hang on to your saddle for this one! Drew Simonis joins Allan as his new co-host in a show where the two of them explore alternative models for selling and funding the cyber mission! You probably know about corporate social responsibility initiatives. Did you know that it's not a a new idea in the history of capitalism, but rather a throwback? Befo…

Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest toda is Tomer Schwartz, co-founder and CTO over at Dazz Yup! He’s a vendor! And OMG he’s a sponsoring vendor too! Whatever will we do? But wait, y’all know Allan's rule: Vendors are allowed on the show if and when they can add more value on a given subject vs. any practitioners in The …

If leadership exists in good and bad forms, so must followership. Leadership can exist both by designation, and dynamically, as manifested by folks who may not have an official leader title. And yet we don't measure followership, and our measurements of leadership leave something to be desired... Join Allan Alford as he flies solo this week explori…

Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest is Nathan Case, who is a previous guest from a multi-guest show. Nate has been a CISO, CTO, Strategist, consultant, CEO, and all kinds of other things. His career is as colorful and varied as Allan's – maybe even more so. Nat's chosen topic is “There is no such thing as security!” So w…

In this show, Allan interviews seven guests and asks them questions from a list of 21: Omkhar Arasaratnam “How do we leverage LLMs for our own use in cybersecurity?” "How do you challenge your own precepts and assumptions to stay current in your role?" Ofer Klein “How do you describe what you do in cybersecurity to someone at a cocktail party who k…

In this show, Allan interviews seven guests and asks them questions from a list of 21: Chris "Cpat" Patteson “Why do so many CISOs think cybersecurity insurance is snake oil?” Johann Balaguer “People, process, technology - Which is the most important and why?” "What do you want your fellow community of CISOs to know?" Lee Krause “What are we still …

In this show, Allan interviews nine guests and asks them questions from a list of 21: Dr. Deanna Caputo “How do you measure and articulate risk to the business?” “People, process or technology?” Carlos Guerrero “How do we foster community in cybersecurity?” Elliott Franklin “Governance, Risk Management, and Compliance – Which of the three is most i…

Howdy, y’all, and welcome to The Cyber Ranch Podcast… AND The Audience 1st Podcast! What you are about to hear was recorded LIVE! at the CISO XC conference in Dallas-Fort Worth, Texas (my very favorite conference!) I am your host, Allan Alford, CEO of Alford & Adams Consulting. I have co-host on this episode, Dani Woolf, of the Audience 1st podcast…

Howdy, y’all, and welcome to The Cyber Ranch Podcast… AND The Audience 1st Podcast! What you are about to hear was recorded LIVE! at the CISO XC conference in Dallas-Fort Worth, Texas (my very favorite conference!) I am your host, Allan Alford, CEO of Alford & Adams Consulting. I have co-host on this episode, Dani Woolf, of the Audience 1st podcast…

Howdy, y’all, and welcome to The Cyber Ranch Podcast! That’s Drew Simonis, CISO @ Juniper Networks, former CSO @ Hewlett Packard Enterprise, former CISO at Willis – you get the idea. Drew’s posts on LinkedIn are pure fire – not in the hot takes way, but because of the quality of the thinking behind them. Drew has also been on the show a couple of t…

Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest today is Ankur Ahuja, 2x CISO, Ted-X Speaker, Startup Investor, Board Advisor, etc. etc. Ankur is currently SVP and CISO at Billtrust, and he’s got some Big 4 in his DNA too (ten years, in fact!). Ankur wanted to chat about how CISOs can drive business growth, so I asked him to come on…

Melanie Ensign is a communications strategist and corporate anthropologist for cybersecurity, privacy, and risk organizations. She is founder and CEO of Discernible, a multi-disciplinary Center of Excellence for security, privacy, & risk teams. Her team includes experts in communications, product development and management, compliance, security and…

In this episode, Allan tackles the idea of selling the CISO mission. He deconstructs the types of CISOs and the "selling" they must do. Sometimes you really are selling, but most of the time you should be solving business problems. Allan speaks to: Business objectives met Business risks reduced Maturity And also deconstructs the art of selling itse…

Our guest this week is Jonathan Rau, VP and Distinguished Engineer over at Query, and a proponent of what he calls "SecDataOps". Jonathan is quite active on LinkedIn and his takes, though often spicy, tend to be spot-on. Allan has come to enjoy following Jonathan's posts, and he was excited to have Jonathan come on the show and share his insights. …

This is part two in our neurodiversity series. Our guest roster this time also includes Dr. Ursula Alford, a psychologist who routinely works with the neurodiverse populace. The lineup of guests covers ADHD, Autism, challenges unique to women with neurodiversity, how leaders should manage neurodivergent team members and more. Y'all be good now!…

Geoff Hancock is Deputy CEO and CISO for Access Point Consulting, Former Global Director and CISO over at World Wide Technology. He’s also a Senior Fellow and Adjunct Professor at George Washington University and has held various C-suite and executive roles at Verizon, CGI Federal Advanced Technology, Microsoft, and Advanced Cybersecurity Group. He…

Join Allan LIVE! at Zero Trust World in Orlando as he asks 12 guests "What does Zero Trust Mean to You?" and a wide variety of other questions. Conference highlights are discussed as well, including hacker activities, hacker demonstrations, incredible talks, etc. Allan also learns all about The Tech Degenerates, and organization furthering partners…

How does cybersecurity relate to the four horsemen of the apocalypse? Famine, Pestilence, War, and Death? In this episode, Dr. Chase Cunningham, renowned Zero Trust expert, author, instructor, Chief Strategy Officer, advisor, etc., examines the 4 conditions on our planet represented by the four horsemen, ties it all to cybersecurity, and then solve…

Howdy, y'all! Allan went down to Orlando, Florida and recorded three LIVE! shows at Zero Trust World, a conference sponsored by ThreatLocker. This is the first of those three shows. James Keeler of LMT Technology Solutions has a steady hand on the incident response wheel and a lot of experience under his belt as well. After seeing James speak on a …

This week Allan is joined by Leigh Honeywell (CEO of Tall Poppy) Nathan Case (Federal CISO at Snyk), and Ryan Macababbad (Currently looking. HIRE HER!), three cybersecurity professionals with broad backgrounds in cyber, and all three of whom are neurodivergent. Allan in fact, has been recently diagnosed as being on the autism spectrum, albeit 'high…

Fun fact: There are more vulnerabilities and exploits below the OS layer than above it! CPUs, BIOS, Firmware, embedded Linux, FPGAs, UEFI, PXE... The list goes on an on. What are we supposed to do about that? Allan asked Yuriy to come down to the 'Ranch to discuss this issue with him. Yuriy is CEO at Eclypsium, member of the Forbes Technology Couns…

In this episode, Allan flies solo, as he is finally willing to speak on an issue he has been mulling and fussing over for some time: the two-fold CISO laments of: "We have all the accountability and none of the authority!" "We don't own the risk - we advise the business" Allan is refuting both of these claims. Allan calls up examples such as projec…

We declared a while back that 'not having a seat at the table' was a tired CISO topic. So we decided to solution the complaint. Hopefully we pulled it off. Join Allan and Jim McConnell, Principal at Ask McConnell, LLC and former Fellow in Corporate Security Protection Operations at Verizon, as they take on the challenge of solving this common lamen…

Pat Benoit, CISO at Brinks, returns to the 'Ranch to visit Allan and to chat about his newest achievement - Pat got a NACD Directorship Certification! Allan has often thought about doing this as well, so he got Pat on the mic to talk about his whole experience: Why did you do it? How hard was it? What was involved? What do you hope to get out of it…

Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest is Ayman Elsawah, who, like Allan these days, is a fractional CISO and founder of his own security company. He has done the fractional CISO thing many times. He has also been a professor, a security consultant, and a cloud-specific security consultant. His tenure includes eBay, NCC Gro…

This one was recorded LIVE! in Podcast Alley at the CyberMarketingCon 2023 put on by the Cybersecurity Marketing Society in Austin, Texas. Marketing!?!!? Say what!?!? Yup! Allan went down to Austin to catch up with industry players and to participate in the conference as a "creator", i.e., podcaster. While there Allan ran into his friend Tom LeDuc,…

Howdy, y'all, and welcome to The Cyber Ranch Podcast! Our guest is Andrew Wilder, Retained CISO at Community Veterinary Partners, Member of the Board of Directors at Washington University in St. Louis, Advisory Board Member, former Global CISO, former Regional CISO... He's got a real history in this game. What we're talking about today is retained,…

Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest this week is John Checco, aka "Checco", who is overdue for being on the show we freely admit! John is a presence on LinkedIn and in our industry. He’s the author of “Zero Trust: From Aspirational to Overdue”. He’s also involved, as you can imagine, in many other things – various adviso…

Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest is Luke Jennings, VP of Research & Development at Push Security, former Chief Researcher at Countercept, Principle Security Consultant at MWR… He’s been around the industry. Luke is passionate about tracking the evolution of attacks – how are the bad guys morphing and changing their ga…

Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest is Adam Bateman, CEO and Co-Founder at Push Security, based in the UK. Another of our cyber friends from across the pond! Is a former director at the security consultancy MWR who were renowned in the industry for their specialist research and red team capability. Adam started off as a …

Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest is Geoff Hancock, Deputy CEO and CISO for Access Point Consulting, Former Global Director and CISO over at World Wide Technology. He’s also a Senior Fellow and Adjunct Professor at George Washington University and has held various C-suite and executive roles at Verizon, CGI Federal Adv…

In this SPECIAL EDITION! Allan interviews the 3 CISOs who created the CISO XC series of conferences: Cecil Pineda Jaimin Shah Randy Potts CISO XC is the only conference for CISOs (and their reports) that is put on my a team of 3 CISOs and an awesome all-CISO advisory board. And the amount of money CISO XC gives to charity is MIND BOGGLING. Hint: Th…

Allan takes the show on the road again, this time at his all-time favorite conference: CISO XC! He asks a unique question of each guest, who represent a great deal of breadth in our industry: Dave Belanger, CISO at Bestow Insurance - What is the most effective way to demonstrate and communicate security program progress to the board? Tera Davis, CE…

Howdy, y'all! Allan is taking this week off to spend time with family and to give thanks for all the wonderful things in his life - including y'all! For those who don't track it, there is no Cyber Ranch Podcast four times a year: American Thanksgiving week Christmas week Black Hat week RSA week That gives Allan enough breaks throughout the year to …

Warning, there might be some naughty language in this one! The challenge was issued!!!! Allan teamed up with TWO other podcasts to take on the insufferable marketing that floods the cybersecurity industry in the month of October! Who won??? "Won"? That's right! Allan, along with George K and George A from Bare Knuckles & Brass Tacks joined forces w…

Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest today is Evan Wolff, partner at Crowell & Moring, and Allan's favorite cyber attorney. Evan has led and managed 100s of investigations including cybersecurity, data breach, insider threats, security incidents and suspected terrorist incidents. Evan also teaches a class at Columbia Univ…

Howdy, y’all, and welcome to The Cyber Ranch Podcast! That’s Tim Rohrbaugh, Founder/Principal at DefaultDenySec, former CISO for JetBlue Airways, advisor, investor: yup! Another Cyber Ranch guest with an awesome history! Tim and Allan were chatting a while back about budgeting cybersecurity programs, and they found out that they disagreed on a rath…

Howdy, y’all, and welcome to The Cyber Ranch Podcast! We're joined today by Jacqueline (AKA “Jack”) Powell, CISO at Allianz Life and former Deputy CISO at Hanes. She has also consulted, and has worked at Chevron, General Dynamics, and SACI. Jack has an illustrious career! Jack is here today talking with Allan about the new SEC regulations about cyb…

Howdy, y’all, and welcome to The Cyber Ranch Podcast! That’s Kymberlee Price, strategic security consultant, Black Hat content review board member, former Sr. Director of Product Security at New Relic, former Principal Security Manager at Microsoft – Kym has held a variety of roles in our industry, but with one common theme: Kym is an outstanding t…

Chris Tillett is a well-known figure in our industry. He is in product management and R&D at Palo Alto Networks. He is also a great guy, funny, and can wield the snark quite well. He is the perfect foil for Allan Alford as the two of them take the gloves off, pick on one another, and tear apart bad vendor and bad CISO behaviors. LIVE! At Black Hat!…