Host John Hubbard is back with another season of Blueprint Podcast, and in true John fashion, things just keep getting better and better. In addition to some fancy new tech putting a nice professional polish on the series, this season Blueprint is branching out into topics not covered before, John says.
Dive on in, the cyber defense waters are fine
To kick season three off right, we’re releasing the first three episodes today, July 12.
Parsing ICS security with Dean Parsons
In the first episode of season three (episode 25), John has fellow SANS Institute instructor Dean Parsons on, to talk about infrastructure attacks and security for ICS/OT. The topic has never been more relevant, given current geopolitical tensions.
“There’s nothing that grabs attention like a cyber-attack that has implications on people’s health and safety, or just wide disruptions in any kind of kinetic sort of way,” John says.
Dean joins the podcast to chat about the similarities and differences between cyber defense for a traditional IT network versus OT.
“Because Dean is a person who’s seen it all,” John says. “He’s worked a lot of cases and done a lot with that kind of environment in the past. And so he drops a whole bunch of knowledge of what we should be looking for and shares specific threat modeling considerations for anything in ICS/OT environments.”
Detecting insider threats with James Rowley
Insider threats might not seem as frequent as some of the external threats, but they can be really bad when they do happen, John says. In episode two of season three (episode 26), James Rowley lays out what you need to consider when it comes to insider threat detection.
With a $15 million average incident cost for insider threats, how do you defend against attackers who are supposed to have access to organization data to do their jobs? What are the signs to look for that an employee of your business may be becoming a threat?
Insider threats are a whole different ball game, and you don’t want to skip this fascinating conversation with James, who runs an insider threat defense program for a large organization and knows this topic back to front, John says.
(Machine) learning with David Hoelzer
In the third episode of this season (episode 27), John talks with fellow SANS Instructor David Hoelzer, who is the author of SANS’s new AI and machine learning detection engineering course, SEC595.
David shares his perspective on what machine learning is for and isn’t for, differences between AI and ML as well as the applications for each, and what are teams successfully using it for today.
“And when you’re going to buy something, and the vendors are like, ‘Oh, we’ve got machine learning and all this fancy stuff in it,’ is that something we should believe and count as a positive?” John says. “Or should we recognize that that’s a bullet point that every vendor kind of uses right now?”
David gives us his one-of-a-kind perspective.
But that’s not all…
And that’s just for our season three launch! We have a whole season of fascinating discussions ready to hit the airwaves weekly.
You won’t want to miss future episodes like a double interview episode featuring two different perspectives on MacOS security. Then later in the season, John will chat with a red teamer to get a glimpse at what an attack looks like from the attackers perspective. Need to learn more about MITRE ATT&CK®? How about Azure AD logs and Microsoft monitoring? John has plenty of valuable topics set to explore this season.
Exploring seasons 1 & 2
But don’t let all the excitement of the new episodes overshadow the tremendous value you can still find in the first couple of seasons. “The previous topics are absolutely still relevant, if not more so,” John says. “But really, the things we’ve been talking about the entire time—cloud and scripting, automation and PowerShell, adversary emulation, and data science and machine learning—all of that stuff is just really growing in relevancy and importance.”
So just look through the episodes and identify the topics that are most important to you and your job, zero in on those and hit your priority topics first. Then, circle back around and listen to all episodes because you will want to hear for yourself all the gems of wisdom from these expert guests.
Follow your blueprint to cyber defense success
Season three of the Blueprint Podcast launches July 12, and host John Hubbard is kicking off the new season with the release of the first three episodes, featuring insightful discussions with actionable advice from infosec experts Dean Parsons, James Rowley, and David Hoelzer.
Find all Blueprint episodes here, and subscribe wherever you listen to your podcasts to be alerted to new episodes when they’re released weekly.
At SANSFIRE 2022 this week, John is hosting a panel discussion with some of the brightest minds in cyber security: Heather Mahalik, Katie Nickels, and Jeff McJunkin. John and his guests will share their wisdom on trends they are seeing in the cyber industry and offer advice as to how we should be looking at cyber defense in 2022 and beyond. Anyone can join us for this special live Blueprint Podcast episode from wherever they are in the world – just head to this link and register, and anyone attending SANSFIRE In-Person is welcome to sit in on the live panel discussion face-to-face.