Ep. 154 - Security Awareness Series - Whispering Sweet Security Nothings with Ed Skoudis

53:17
 
Share
 

Manage episode 302665375 series 2394563
By Christopher Hadnagy and LLC. Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio is streamed directly from their servers. Hit the Subscribe button to track updates in Player FM, or paste the feed URL into other podcast apps.

In this episode, Chris Hadnagy and Ryan MacDougall are joined by Ed Skoudis.  Ed is a SANS Institute Fellow, Instructor, and Director of Cyber Ranges.  He is the founder of Counter Hack, an innovative cyber security company that works as trusted information security advisors to government, military, and commercial enterprises by providing in-depth security architecture, penetration testing, red teaming, incident response, and digital forensics expertise. Ed frequently presents industry keynotes based on the latest attack vectors he identifies during his team’s penetration testing projects, expert witness work on large-scale breaches, security research into late-breaking malware and exploits, and incident response engagements. Over his career, Ed has taught over 20,000 students in computer incident response and penetration testing.  Ed and his team are also the creators of the SANS Holiday Hack Challenge, a free gift to the community every December challenging tens of thousands of people to build their cyber security skills in a fun, quirky adventure to save the holiday season. September 20, 2021

00:00 – Intro

www.social-engineer.com  

Managed Voice Phishing    

Managed Email Phishing    

Adversarial Simulations    

Social-Engineer channel on SLACK    

CLUTCH    

www.innocentlivesfoundation.org

03:26 – Ed Skoudis Intro

05:26 – How did you get started, how did you get into this field?

09:18 – What do you looking for when building your team?

10:47 – How long will you observe a person to determine if they have the integrity or skill that you want?

12:44 – What advice would you give for companies to find people with the skill and integrity they need more quickly than observing them for 2-4 years?

22:00 – “Nothing new” in social engineering vs infosec, which is constantly changing

23:45 – Why do you feel experience like participating in CTF’s are so valuable for people in this community?

28:57 – What is your advice for people on how to find quality CTF’s?

www.holidayhackchallenge.com

www.ctftime.org

www.wechall.net

https://opentoallctf.github.io/

32:04 – How long does it take your team to construct these challenges?

35:54 – If someone wants to sponsor this event, where can they go?

www.holidayhackchallenge.com

36:42 – Who are the colleagues or mentors that have been most influential to you, people you wouldn’t be where you are today if not for them?

Ed’s Nana – Evelyn Hiddings

Manager at Bellcore - Miriam Hernandez Cagle

SANS instructor, founder of In Guardians - Mike Poor

Security Expert - Johnny Long

SANS founder – Alan Paller

40:30 – What are some action steps corporations should start doing right now based on the advice you gave today to build a great team?

Have a good corporate culture and leadership

Be thoughtful and meaningful, make it fun, and challenge them

Take input from your team and empower them

43:09 – Do you have any advice for employees dealing with burnout, how to practice self-care, or other coping mechanisms?

Monthly meeting with state of the business, business reflections

Rituals – Get a bagel and call mom on Saturdays, morning walk, calling friends out of the blue

Gratefulness – when stressed, pause and think about what you’re grateful for

Get off social media for a few days

50:27 – Book Recommendation

The Code Book by Simon Singh

51:53 – Outro

www.innocentlivesfoundation.org

www.social-engineer.com

148 episodes