Content provided by Advanced Persistent Security and Joe Gray, Advanced Persistent Security, and Joe Gray. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Advanced Persistent Security and Joe Gray, Advanced Persistent Security, and Joe Gray or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

6+ y ago 1:00:07

MP3•Episode home

Archived series ("Inactive feed" status)

When? This feed was archived on July 28, 2021 10:09 (3y ago). Last successful fetch was on August 17, 2019 01:14 (5y ago)

Why? Inactive feed status. Our servers were unable to retrieve a valid podcast feed for a sustained period.

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Security of Mainframes (with Cheryl Biswas & Tracy Maleeff)

Advanced Persistent Security

Advanced Persistent Security Podcast

Episode 41

Guests: Cheryl Biswas and Tracy “Infosec Sherpa” Maleeff

April 5, 2018

If you enjoy this podcast, be sure to give us a 5 Star Review and “Love Us” on iTunes; Like us on Google Play, Stitcher, Sound Cloud, Spreaker, and YouTube.
NOTE: The opinions expressed in this podcast are ours alone and do not reflect those of our employers

Security of Mainframes (with Cheryl Biswas & Tracy Maleeff)

Show Notes

Segment 1

In this episode, Tracy and Joe interview Cheryl Biswas. We introduce Cheryl and she shares what she is seeing in industry from the mainframes and Industrial Control Systems (ICS) perspectives. Cheryl discusses her habits of reading all night and the passion that we all share for security. We share our origin stories. Joe showcases his authentic southern accent. Joe talks about the Navy’s mentorship mentality and how he applies it to security mentoring (what eventually will have gone onto become Through The Hacking Glass).

For “current events,” we discuss Vault 7. Joe details his “Workplace Crossfit” and “Workplace Yoga” programs in jest. Cheryl shares her insight as a Canadian regarding how the US Intelligence Community operates.

Segment 2

Cheryl begins to discuss the financial sector and how ransomware impacts it. Cheryl shouts out to Soldier of Fortran (@mainframed767) and Big Endian Smalls (@bigendiansmalls). Cheryl talks about the ability to access mainframes from the internet and the relation to another Stuxnet.

Examples as to how Nation States could exploit and disrupt operations using mainframes are explained. For the sake of entry level listeners, Cheryl explains the difference between servers and a mainframes. We get an education about the operating systems of mainframes – Z/OS and how it relates to commercial software like UNIX and Java. To learn about mainframes, Cheryl recommends we check out her blog, Cyber Watch/White Hat Cheryl, Big Endian Smalls’ Mainframe Security, and Soldier of Fortran’s Mainframe Hacking.

Cheryl talks about ransomware and how it is impacting banks. She talks about fileless ransomware and (the lack of) awareness programs. Joe gets on the user training soapbox regarding the lack of commitment. We agree that it will get worse before it gets better. Joe and Cheryl talk about virtualizing mainframes using Hercules. Joe attempts to sing a Cher cover regarding mainframes, TERRIBLY.

ABOUT Cheryl

Security of Mainframes (with Cheryl Biswas & Tracy Maleeff) — Cheryl Biswas

Cheryl Biswas, aka @3ncr1pt3d, has landed her dream job as a Strategic Threat Intel Analyst with TD in Toronto, Canada. Prior to that she was a Cyber Security Consultant with KPMG and worked on GRC, privacy, breaches, and DRP. Her areas of interest include APTs, mainframes, ransomware, ICS SCADA, and building threat intel. She blames this on her ITIL certification and degree in Political Science.She actively shares her passion for security in blogs, online, via podcasts, and speaking at conferences.

Contacting Cheryl:

Twitter: @3ncr1pt3d
Blog: Cyber Watch/White Hat Cheryl

About Tracy:

Tracy Z. Maleeff is a Cyber Analyst in the Security Operations Center for global pharmaceutical company GSK. She holds a Master of Library and Information Science degree from the University of Pittsburgh. She has 15+ years’ experience as a law firm librarian and also worked as an independent consultant who specialized in social media, research, and Information Security awareness training. Tracy received the Wolters Kluwer Law & Business Innovations in Law Librarianship Award in 2016 and the Information Systems Security Association Women in Security Leadership Award in 2017. Tracy has presented at a variety of conferences including the Special Libraries Association, Security BSides, O’Reilly Security, and DEF CON’s Recon Village.

Contacting Tracy:

Twitter: @infosecsherpa
Newsletter
Website: Sherpa Intel

Thanks for stopping by and checking out our podcast. We would appreciate if you could subscribe (assuming you like what you hear; we think you will). This is meant to be informative and to provide value to anyone who listens – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.

Enter your email address:
Delivered by FeedBurner

SUBSCRIBE TO OUR MAILING LIST

* indicates required

Email Address *

First Name

Last Name

52 episodes