Ep. 154 - Security Awareness Series - Whispering Sweet Security Nothings with Ed Skoudis
In this episode, Chris Hadnagy and Ryan MacDougall are joined by Ed Skoudis. Ed is a SANS Institute Fellow, Instructor, and Director of Cyber Ranges. He is the founder of Counter Hack, an innovative cyber security company that works as trusted information security advisors to government, military, and commercial enterprises by providing in-depth security architecture, penetration testing, red teaming, incident response, and digital forensics expertise. Ed frequently presents industry keynotes based on the latest attack vectors he identifies during his team’s penetration testing projects, expert witness work on large-scale breaches, security research into late-breaking malware and exploits, and incident response engagements. Over his career, Ed has taught over 20,000 students in computer incident response and penetration testing. Ed and his team are also the creators of the SANS Holiday Hack Challenge, a free gift to the community every December challenging tens of thousands of people to build their cyber security skills in a fun, quirky adventure to save the holiday season. September 20, 2021 00:00 – Intro www.social-engineer.com Managed Voice Phishing Managed Email Phishing Adversarial Simulations Social-Engineer channel on SLACK CLUTCH www.innocentlivesfoundation.org 03:26 – Ed Skoudis Intro 05:26 – How did you get started, how did you get into this field? 09:18 – What do you looking for when building your team? 10:47 – How long will you observe a person to determine if they have the integrity or skill that you want? 12:44 – What advice would you give for companies to find people with the skill and integrity they need more quickly than observing them for 2-4 years? 22:00 – “Nothing new” in social engineering vs infosec, which is constantly changing 23:45 – Why do you feel experience like participating in CTF’s are so valuable for people in this community? 28:57 – What is your advice for people on how to find quality CTF’s? www.holidayhackchallenge.com www.ctftime.org www.wechall.net https://opentoallctf.github.io/ 32:04 – How long does it take your team to construct these challenges? 35:54 – If someone wants to sponsor this event, where can they go? www.holidayhackchallenge.com 36:42 – Who are the colleagues or mentors that have been most influential to you, people you wouldn’t be where you are today if not for them? Ed’s Nana – Evelyn Hiddings Manager at Bellcore - Miriam Hernandez Cagle SANS instructor, founder of In Guardians - Mike Poor Security Expert - Johnny Long SANS founder – Alan Paller 40:30 – What are some action steps corporations should start doing right now based on the advice you gave today to build a great team? Have a good corporate culture and leadership Be thoughtful and meaningful, make it fun, and challenge them Take input from your team and empower them 43:09 – Do you have any advice for employees dealing with burnout, how to practice self-care, or other coping mechanisms? Monthly meeting with state of the business, business reflections Rituals – Get a bagel and call mom on Saturdays, morning walk, calling friends out of the blue Gratefulness – when stressed, pause and think about what you’re grateful for Get off social media for a few days 50:27 – Book Recommendation The Code Book by Simon Singh 51:53 – Outro www.innocentlivesfoundation.org www.social-engineer.com