Cyber Consulting Room

Gordon Draper

The Cyber Consulting Room Podcast and Meetup Network is your gateway to a world of knowledge and collaboration in the ever-evolving realm of cyber security and consulting. Our podcast, hosted by Gordon Draper, brings you in-depth interviews with industry leaders, experts, and trailblazers, offering invaluable insights, strategies, and experiences. From award-winning professionals to those paving the way for diversity in the field, we delve into the most pressing issues and emerging trends. But we're not just a podcast; we're a network, connecting like-minded individuals through our Meetup events. Here, you can engage in lively discussions, share expertise, and build your professional network in a supportive and enriching community. Whether you're an established consultant or just beginning your journey in the field, The Cyber Consulting Room Podcast and Meetup Network is your go-to source for staying informed and connected in the world of cyber security and consulting. Join us on this exciting journey, and let's learn and grow together.

read less
TechnologyTechnology

Episodes

Episode 15: The Best Practices for Building a Transparent Cyber Security Consultancy with Matt Strahan
Nov 21 2024
Episode 15: The Best Practices for Building a Transparent Cyber Security Consultancy with Matt Strahan
Can you believe there was a time when cybersecurity wasn’t a priority for most organizations? Just 20 years ago, simple passwords and basic firewalls were seen as enough protection. So, what changed? How did we go from minimal defenses to a world where cybersecurity is critical for survival?In this episode of the Cyber Consulting Room podcast, host Gordon Draper sits down with Matt Strahan, director of Volkis Offensive Security Consultancy. They discuss Matt’s nearly two-decade journey in cybersecurity, from his university days to becoming a penetration tester and co-founding Volkis with Alexei Doudkine.The conversation highlights the evolution of cybersecurity, emphasizing the importance of creativity in penetration testing and the challenges of industry commoditization. Matt shares insights into Volkis’s transparent approach to security, the significance of effective reporting, and the growing trend toward continuous testing to tackle emerging threats.They also explore the dual role of offensive security—identifying vulnerabilities while helping organizations address them. Effective communication, empathy, and technical skills are essential in this field. The integration of AI in security practices is discussed, along with the need to balance technology with human intuition. Networking and continuing education are highlighted as vital for professional growth and community support.Don’t miss this insightful episode! Subscribe to the Cyber Consulting Room podcast for more expert discussions, and connect with us on social media to join the conversation.In This Episode:(00:36) Background in cybersecurity(01:02) Early career and penetration testing(02:18) Learning and development(04:09) Challenges in obtaining jobs(05:04) Vulnerability discovery(07:43) Evolution of cybersecurity risks(11:50) Creative problem solving(24:47) Focus in cybersecurity(48:23) Gaps in access control(01:15:57) Passion for education(01:17:10) Community engagement(01:18:13) Conference atmosphere(01:18:01) Closing remarksNotable Quotes[01:02] "Back then, cybersecurity was more of a curiosity, a hobby that people might get attracted to just because it was a bit of fun. It wasn't serious like it is now." — Matt Strahan[45:22] "The identity of the user is now one of the security boundaries, and that raises a lot of complexity with the interaction of multiple software service applications." — Matt StrahanOur GuestMatt Strahan is the Managing Director of Volkis, a leading offensive security consultancy specializing in penetration testing and red teaming. With 17 years of experience in the cybersecurity field, Matthew has played a pivotal role in helping organizations strengthen their defenses against evolving cyber threats. Beyond offensive security, he has guided companies in shaping their security strategies, enhancing compliance, optimizing operations, and managing risk. His expertise spans both technical and strategic aspects of cybersecurity, making him a trusted advisor in the field.Resources and LinksCyber Consulting RoomCyber Consulting RoomGordon Draperhttps://cybermarket.com/https://www.linkedin.com/in/gordondraper/Matt StrahanFor more episodes like this visit https://cyberconsultingroom.com You can find more information about Cyber Consulting Room Podcast Host at https://www.linkedin.com/in/gordondraper/
Episode 14: Bridging the Gap: How to Make Cybersecurity Relevant to Business Leaders with Simona Dimovski
Oct 19 2024
Episode 14: Bridging the Gap: How to Make Cybersecurity Relevant to Business Leaders with Simona Dimovski
Did you know that Australian businesses are facing a rapidly evolving cybersecurity landscape? In this episode of the Cyber Consulting Room podcast, host Gordon Draper interviews cybersecurity expert Simona Dimovski. Simona shares her journey into the field, emphasizing the importance of understanding business strategy and the human element in technology. She offers advice for aspiring cybersecurity professionals, stressing continuous learning and networking. The discussion covers current trends and challenges in Australian cybersecurity, including regulatory compliance and ransomware. Simona also discusses her roles in the Australian Information Security Association and as a New South Wales Cyber Ambassador, focusing on raising cybersecurity awareness and promoting best practices.In This Episode:(00:02) Introduction of Simona Dimovski(01:08) Simona's journey into cybersecurity(02:39) Advice for aspiring cybersecurity professionals(03:35) Networking opportunities at conferences(04:22) Redefining networking(06:15) Mentorship and community support(08:25) Current trends in cybersecurity(17:36) Cyber awareness initiatives(23:10) Secure by design(24:52) Cultural shift in security practices(34:34) Ongoing security awareness initiatives(53:59) Challenges of transitioning to local government(57:52) Impact of COVID-19 on digital transformation(59:02) Closing remarks and contact informationNotable Quotes[01:21] "My journey into cybersecurity was a natural progression from technology and risk management, and as I took on more leadership roles, I saw how integral cybersecurity was to business continuity and success." — Simona Dimovski[34:34] "Security is actually everyone's responsibility. It's not something you can just assign to one person to take care of the whole organization." — Simona DimovskiOur GuestsSimona Dimovski is a visionary executive with over 20 years of experience in digital and data strategy development. She excels in optimizing business strategies, driving innovation, and transforming business models. Simona creates high-performing teams, fostering a culture of collaboration, trust, and continuous development. As a humanistic designer of solutions, she sets a futurist strategy for customer experience through digital enablement, leveraging her passion for technology to drive business value and growth.Resources and LinksCyber Consulting RoomCyber Consulting RoomGordon Draperhttps://cybermarket.com/https://www.linkedin.com/in/gordondraper/Simona Dimovskihttps://au.linkedin.com/in/simona-dimovski-100For more episodes like this visit https://cyberconsultingroom.com You can find more information about Cyber Consulting Room Podcast Host at https://www.linkedin.com/in/gordondraper/
Episode 13: The Greatest Insights from Black Hat USA and DEF CON 2024
Sep 19 2024
Episode 13: The Greatest Insights from Black Hat USA and DEF CON 2024
Are cybersecurity conferences just another industry event, or are they the driving force behind the next big leap in the field? When you think about the future of cybersecurity, do you consider the role of gatherings like Black Hat USA and DEF CON?In this episode of the Cyber Consulting Room podcast, host Gordon Draper explores the recent Black Hat USA and DEF CON conferences. He is joined by Edward Farrell, an offensive security expert and owner of Mercury Information Security Services, and Shanna Daly, an incident response specialist with Khrushchev. Edward discusses his career in vulnerability hunting and the importance of mentorship, while Shanna shares her experiences as a speaker coach and Call for Papers review board member. They reflect on conference highlights, emerging cybersecurity trends, and the value of community engagement and networking in the ever-evolving field of cybersecurity.In This Episode:(01:07) Guests introduction(01:34) Mentorship in cybersecurity(19:23) Themes from the conferences(19:36) Black Hat research focus(20:28) Vendor tools at Black Hat(24:11) AI in cybersecurity discussions(27:08) Threat intelligence insights(31:56) Conference attendance strategy(39:39) Managing health at conferences(40:34) Post-conference recovery(41:21) Sensory overload in Vegas(43:14) Defcon badge discussion(46:38) Volunteering at Defcon(49:39) Future of cybersecurity innovation(51:35) Consolidation in cybersecurity practices(53:02) Human element in cybersecurityNotable Quotes[00:02:14] "The reward for me wasn't necessarily gaining knowledge or imparting it as I have done in previous years, but mentoring a brand new speaker at B-Sides and supporting my own team who attended DEF CON." — Edward Farrell[00:09:52] "You don't need to prove anything to anyone at this point. The fact that you got selected is already a really, really, really awesome thing. Now you just tell your story." — Shanna DalyOur GuestsShanna Daly, with 20+ years in information security, excels in data breach investigations and leading expert consulting teams.Edward Farrell, a cyber security consultant with 14 years of experience, leads Mercury and has managed over 900 audits and incident responses. With IRAP accreditation and board roles at ISC2 and CREST, he excels in technical, operational, and strategic consulting. Edward also presents globally and develops training materials for the Australian Defence Force.Resources and LinksCyber Consulting RoomCyber Consulting RoomGordon Draperhttps://cybermarket.com/https://www.linkedin.com/in/gordondraper/Shanna Daly https://www.linkedin.com/in/shannadaly/https://mercuryiss.com.au/Edward Farrellhttps://www.linkedin.com/in/31337au/?originalSubdomain=auhttps://mercuryiss.com.au/For more episodes like this visit https://cyberconsultingroom.com You can find more information about Cyber Consulting Room Podcast Host at https://www.linkedin.com/in/gordondraper/
Episode 12: How Secure Is Your Digital Life? The Alarming Reality of Tech Trust Issues
Aug 19 2024
Episode 12: How Secure Is Your Digital Life? The Alarming Reality of Tech Trust Issues
Can we ever truly trust the technology that runs our lives? Think about it: every time we use a phone, share a photo, or shop online, we’re putting a lot of trust in these digital systems. But how safe are they?In this episode of the Cyber Consulting Room podcast, host Gordon Draper continues his conversation with Helen Patton, a distinguished cybersecurity executive advisor and former CSO of Cisco.In part one, Helen shared her belief that superior business outcomes hinge on empowering people within an organization. She discussed her strategies for fostering a security culture and leveraging industry connections for business success. Now, in part two, Helen delves deeper into influencing public policy for positive change in cybersecurity and building trust in an increasingly technological world.They explore the challenges of ensuring trustworthy technology, the impact of AI on cybersecurity, and the importance of transparency and ethics in tech development. Helen emphasizes managing complexity, promoting transparency, and integrating ethical practices to build trust in technology. The discussion also covers how AI can enhance security measures and its potential impact on the cybersecurity workforce.Tune in to stay ahead in the ever-evolving world of cybersecurity!In This Episode:(02:33) Complexity in technology(02:57) User interface and trust(06:11) Ethics in technology development(07:12) Trust in cybersecurity consultants(08:11) AI security challenges(09:22) Trustworthy AI testing(11:01) Data bias in AI(12:01) Evaluating AI security(12:15) Return on investment in AI(12:59) AI in healthcare(14:01) AI's impact on cybersecurity(27:25) Learning resources for cybersecurity(31:30) Advice for new cybersecurity graduates(35:45) Future of cybersecurity(40:21) Three recommended cybersecurity booksNotable Quotes[01:24] “For me, trustworthy means it's going to behave the way I expect and be available when I need it.”-Helen [38:24] “Within a university setting. I think cyber security should be its own college.”-Helen Our GuestHelen Patton is an accomplished CISO and business leader with extensive experience in transforming security teams and cultures across various industries. She has held pivotal roles, including CISO at Cisco and The Ohio State University, where she earned the 2018 ISE North American Academic/Public Sector Executive of the Year award. Helen advocates for industry collaboration, improved diversity, and mentorship in security. She holds a master’s in public policy and serves on multiple cybersecurity advisory boards, teaching security leadership and risk management.Resources and LinksCyber Consulting RoomCyber Consulting RoomGordon Draperhttps://cybermarket.com/https://www.linkedin.com/in/gordondraper/Helen Pattonhttps://www.cisohelen.com/https://www.linkedin.com/in/helenpatton/https://x.com/CisoHelenMentioned BooksFor more episodes like this visit https://cyberconsultingroom.com You can find more information about Cyber Consulting Room Podcast Host at https://www.linkedin.com/in/gordondraper/
Episode 11: Cultivating a People-Centric Approach to Cybersecurity with Helen Patton
Jul 19 2024
Episode 11: Cultivating a People-Centric Approach to Cybersecurity with Helen Patton
Did you know that your organization's security culture could be its strongest defense—or its weakest link? In today's digital landscape, where cyber threats lurk around every corner, relying solely on technological safeguards isn't enough. Building a resilient security culture within your organization is paramount.This episode of The Cyber Consulting Room Podcast features part one of an insightful conversation between host Gordon Draper and Helen Patton, a distinguished cybersecurity executive advisor and former CSO of Cisco.During the conversation, Helen shares her fascinating journey into cybersecurity, highlighting the crucial role of intentional certifications and mentorship. The discussion dives into her unique approach to building robust organizational security cultures, revealing how she harnesses her extensive industry connections to convert cybersecurity efforts into tangible business success across various sectors. Helen's vast experience in shaping public policy offers invaluable insights into creating a more secure and trustworthy digital landscape.Throughout the episode, Helen shares her strategies for fostering effective security cultures and discusses the evolving role of security in driving business objectives. She underscores the power of communication, storytelling, and networking within the cybersecurity community. This episode is packed with valuable insights on influencing public policy, bridging departmental gaps, and the critical importance of benchmarking and metrics in advancing meaningful security discussions.Join them for a compelling conversation brimming with practical advice and visionary ideas to elevate your organization's security framework.In This Episode:(00:08) Introduction to Helen Patton(01:25) Helen’s accidental entry into cybersecurity(02:40) Education and certifications(04:06) Advice on the intentional use of certifications(06:05) Advice for someone starting out in cybersecurity(09:16) The perception of cybersecurity(22:23) Metrics for board and C-suite(25:24) Common cybersecurity challenges(29:21) Impact of SEC regulations(36:40) Benefits of engaging in the security community(41:03) Finding and expanding professional connectionsNotable Quotes[06:18] “Rather than thinking about what kind of security you want to do, think about what kind of problem you want to solve.”-Helen Patton [10:15] “The  purpose of security isn't security. Actually, the end isn't to be as secure as possible.”  -HelenOur GuestHelen Patton is an accomplished CISO and business leader with extensive experience in transforming security teams and cultures across various industries. She has held pivotal roles, including CISO at Cisco and The Ohio State University, where she earned the 2018 ISE North American Academic/Public Sector Executive of the Year award. Helen advocates for industry collaboration, improved diversity, and mentorship in security. She holds a master’s in public policy and serves on multiple cybersecurity advisory boards, teaching security leadership and risk management.Resources and LinksCyber Consulting RoomCyber Consulting RoomGordon Draperhttps://cybermarket.com/https://www.linkedin.com/in/gordondraper/Helen Pattonhttps://www.cisohelen.com/For more episodes like this visit https://cyberconsultingroom.com You can find more information about Cyber Consulting Room Podcast Host at https://www.linkedin.com/in/gordondraper/
Cyber Consulting Room - Episode 4 - Yianna Paris
Nov 19 2023
Cyber Consulting Room - Episode 4 - Yianna Paris
In this riveting episode of The Cyber Consulting Room, host Gordon Draper engages in a thought-provoking conversation with the exceptionally talented Yianna Paris, a seasoned cybersecurity professional with a journey that is as unconventional as it is inspiring. Yianna's entrance into the cybersecurity realm, fueled by her early fascination with breaking video games, sets the stage for an exploration of her diverse and impactful career. From running her own business and inadvertently becoming the go-to tech support for hacked accounts to joining SEEK as a software developer, Yianna's trajectory is marked by a unique blend of hands-on experience and formal education, including a Bachelor of Digital Media Design and a Bachelor of Computer Science. As a trusted advisor, Yianna shares insights into the challenges of hiring the right consultant for the right position, emphasizing the significance of adaptability and the potential clash between traditional governance and agile environments. Drawing from her consulting experiences in the Netherlands, Yianna unveils memorable moments, including the surprising revelation that even cows can be hackers. Throughout the interview, Yianna dispels myths surrounding the consulting industry, emphasizing its diversity and the hands-on nature of the work.Listeners are treated to invaluable advice, from pacing oneself in the overwhelming field of cybersecurity to the importance of admitting when one doesn't know something. Yianna highlights her go-to tools and frameworks, including JupyterLab, Jupyter Notebooks, Obsidian, Miro, and the power of search engines. Beyond the technical realm, she shares her favorite hacker movie, her dream of living in Iceland, and recommends three cybersecurity books, adding a personal touch to the conversation.For more episodes like this visit https://cyberconsultingroom.com You can find more information about Cyber Consulting Room Podcast Host at https://www.linkedin.com/in/gordondraper/
Cyber Consulting Room - Episode 3 - Jane Frankland
Oct 21 2023
Cyber Consulting Room - Episode 3 - Jane Frankland
In this thought-provoking episode of The Cyber Consulting Room, host Gordon Draper engages in a captivating conversation with the accomplished and visionary Jane Frankland. Jane's journey in the tech and cyber security arena is nothing short of extraordinary. From building a seven-figure global business as a single mother in just two years to becoming an acclaimed figure in the world of cyber security, she has shattered traditional boundaries. Jane's career spans over two decades, during which she has held senior executive roles, actively contributed to industry organizations, and worked with some of the world's leading brands, delivering remarkable revenue growth.Beyond her professional achievements, Jane is a fervent advocate for gender diversity in the male-dominated tech field, and her mission-led approach is reflected in her authored works, including the Amazon Best Seller "IN Security" and her initiatives, the IN Security Movement, Code of Conduct, and The Source. During this episode, listeners will gain invaluable insights into Jane's unique journey, her pioneering efforts to empower women in the field, and her ongoing commitment to gender equality. Join us as we explore the fascinating world of cyber security and the profound impact of Jane Frankland in this enlightening episode of The Cyber Consulting Room.For more episodes like this visit https://cyberconsultingroom.com You can find more information about Cyber Consulting Room Podcast Host at https://www.linkedin.com/in/gordondraper/
Cyber Consulting Room - Episode 2 - Ger van Hees
Oct 21 2023
Cyber Consulting Room - Episode 2 - Ger van Hees
In this engaging episode of The Cyber Consulting Room, host Gordon Draper engages in a compelling discussion with Ger van Hees, a distinguished Trusted Information Security Advisor and the Managing Director of "Van Hees Consulting." With a career dedicated to guiding organizations on their path to optimizing information security and reducing risk, Ger brings a wealth of experience and expertise to the forefront. He has a track record of advising boards and executives on balancing cyber risk with innovative progress, aligning security strategy with organizational goals, and facilitating the seamless integration of modern technology while maintaining robust security governance. Drawing from his deep understanding of information security across various industries, including finance, education, and business services, Ger helps organizations identify security risks and offers strategic advice on mitigating those risks. He's a strong advocate for fostering a risk-aware culture within organizations and optimizing information security to enhance resilience. By sharing his insights, Ger empowers modern organizations to achieve greater profitability, resilience, and a stable workplace culture – making this episode a must-listen for those seeking expert guidance on the path to enhanced information security and risk reduction.For more episodes like this visit https://cyberconsultingroom.com You can find more information about Cyber Consulting Room Podcast Host at https://www.linkedin.com/in/gordondraper/