HOU.SEC.CON.'s first keynote speaker is returning for our 15-year anniversary! This week Michael and Sam are talking to cybersecurity legend Jeremiah Grossman about his start in cyber at just 19 years old, what we can learn from cybersecurity insurance companies, and what to expect at HOU.SEC.CON. 2025! Things Mentioned: · What Works in Cybersecuri…

Michael and Sam are catching up with Principal Consultant and Co-Founder at Cavalry Solutions, Sean Curry! Sean talks about his transition from the military to the private sector, the importance of standards like IEC 62443 for OT security, and the best way to align IT and OT teams. Things Mentioned: · New study reveals 92% of industrial sites at ri…

In this episode Michael and Sam are talking to malware researcher Dr. Marcus Botacin. Dr. Botacin discusses his journey from early work in sandboxing to advanced malware detection through machine learning, his recent efforts combining LLMs with GANs to create an iterative malware generation system that enhances evasion capabilities, and the importa…

Today’s episode looks a little different as Michael and Sam are talking to the entire YOUTH.SEC.CON. team! Arthi Vasudevan, Reynaldo Gonzalez, and Mary DiFiore-Smith joined the podcast to discuss all aspects of our first event focused on 9th – 12th grade students. Listen now to learn about the talks and activities, eligibility, registration, safety…

Sam and Michael are joined by Offensive Security Advisor, Darin Fredde! They discuss the need to move beyond compliance checkboxes, the importance of continuous pen testing, and the disconnect between marketing claims and real-world security implementations. Things Mentioned: Having trouble with your OT.SEC.CON. or EXEC.SEC.CON. ticket? Reach out t…

Michael and Sam are joined by Field CTO, Steven Schmidt! They discuss the early days of application security, the evolution of AppSec tools and processes, and challenges in balancing developer speed with security requirements. Thank you to Snyk for sponsoring this episode! Learn more about building secure applications at https://snyk.io and chat wi…

In today’s episode Michael and Sam are catching up with Security Consulting Manager, ICS/OT at Accenture, Stuart Bailey! Stuart shares his journey from a career in social work to cybersecurity, the challenges of working on OT environments, and the importance of network monitoring for critical infrastructure. Things Mentioned: · Romanian energy supp…

This week Michael and Sam are catching up with Bugcrowd CISO, Trey Ford. They chat about his evolution from consulting to the C-Suite, how to know if the CISO role is right for you, and what alignment between security leadership and the board should look like. Things Mentioned: · Key strategies to Enhance Cyber Resilience - https://www.csoonline.co…

Michael and Sam are gearing up for OT.SEC.CON. with keynote speaker, Marco Ayala! Marco is an ISA Fellow, and President of InfraGard Houston with over 30 years of experience in industrial automation controls and OT/IT security. They chat about some exciting OT Cybersecurity initiatives in Texas, the incident that led him to cybersecurity, and what …

Hosts Michael and Sam are covering another HOU.SEC.CON. 2024 presentation, this time with Security Architect Stephen Alexander! They discuss how audits, while annoying, can provide significant value by offering insights for organizational improvement, help ensure compliance, and educate companies on how to strengthen their security operations. Thin…

We’re kicking off season 3 with our good friend Len Noe! Len wears many hats, including whitehat hacker, technical evangelist, international speaker, podcast host, and most recently, author. In this episode, Michael and Sam chat with him about his new book, transhumanism, and his upcoming projects. Things Mentioned: · Google's AI-Powered OSS-Fuzz T…

Michael and Sam are on their own for our last episode of the year. They chat about all of the growth HOU.SEC.CON. saw over 2024, highlight the countless sponsors, volunteers, and speakers that make all of our initiatives happen, and discuss what to expect in 2025! Things Mentioned: · Submit an abstract for our monthly user group: https://www.hscuse…

On our latest episode Michael and Sam are talking to the Security Fairy Godmother herself, Dawn Cappelli! They discuss her transition from programming to security, her passion helping SMB’s, and how that passion pulled her out of retirement to create free resources for the OT community. Things Mentioned: · OT Cert Link - https://www.dragos.com/comm…

In this episode, Jason Haddix, CEO & Hacker & Trainer at Arcanum Information Security, joins the podcast to discuss his HOU.SEC.CON. 2024 talk, “Tales from the Breach.” In his conversation with Michael and Sam, Jason shares his unconventional introduction to hacking, his journey from CISO to Founder, and how companies can apply what he learned from…

Dr. Marian Zaki, Assistant Professor of Computer Science and Cybersecurity at Houston Christian University, joined Michael and Sam on this week’s episode of HOU.SEC.CAST.! They discuss how Marian’s career pivoted from working for the Egyptian Armed Forces to education, the growing threat of quantum computing, and the cybersecurity programs she’s de…

Hosts Michal and Sam catch up with EXEC.SEC.CON./HOU.SEC.CON. speaker and Cyber Point Advisory Founder Dd Budiharto! They talk about how she (accidentally!) ended up in her first cybersecurity role, her personal experience as a whistleblower, and the need for integrity in the industry, particularly as organizations grapple with ethical dilemmas in …

In this episode, hosts Sam and Michael are chatting with Harris Fort-Bend County ESD #100 Director of Technology, and HOU.SEC.CON. Speaker, Dennis Maldonado! They discuss their first meeting at HOU.SEC.CON. 2012, how Dennis found himself working in cybersecurity while still in school, how he built WestCom, and his 2024 talk. Things Mentioned: AT&T,…

We have a very special guest on this week’s show, opening keynote speaker Gene Spafford! Hosts Michael and Sam chat with him about his start in cybersecurity and academia, his new book, and what to expect during his talk. Things Mentioned: · CTF Link (Opens September 14, 2024) - https://www.cisa.gov · Cybersecurity Myths and Misconceptions: Avoidin…

This week hosts Michael and Sam are joined by our day one closing keynote speaker, Andy Ellis! In this episode they discuss an article authored by Andy that covers the growing issue of admin access and its role in cybersecurity vulnerabilities. They also get into Andy’s transition from the Air Force to 21+ years at Akamai, his book, 1% leadership, …

About this episode: HOU.SEC.CAST. Is back after a short summer break and we’re kicking things off with the one and only John Kindervag! In this episode the guys discuss the importance of securing ALL technology, John’s journey into cybersecurity, and his top secret HOU.SEC.CON. keynote presentation. Things Mentioned: · Swiss cow and calf dead after…

Today Michael and Sam are catching up with DevSecOps manager and 2023 HOU.SEC.CON. speaker, Christopher Pope. They discuss the importance of integrating security from the beginning of the development process, the need for building relationships and understanding between developers and security professionals to create secure applications, and the si…

CISOs are typically not the owner of their organization's most critical (or even non-critical) assets and data. There are usually business unit leaders assigned to that, and the CISO's role is to help reduce the risk to those assets. If the CISO does have direct access to those assets, it's a bad architectural design. That's today's #CyberSunday to…

Security conferences and events are often built with a certain audience in mind. Some are for a a general audience, and others are focused on the CISO. But if an event has a focus on the CISO, it should be for a good reason. I discuss some of those reasons in today's #CyberSunday. Things Mentioned: https://www.linkedin.com/posts/kane-n_its-sad-to-s…

Every year HOU.SEC.CON. partners with local universities to involve cybersecurity students at the conference. Today Michael and Sam are sitting down with Samir Saber, Dean of Digital & Information Technology at Houston Community College and long-time champion of HOU.SEC.CON. They discuss Samir's journey in cybersecurity education, the importance of…

Does practice make perfect? Probably not perfect, but it does make you better. That also applies when performing tabletop exercises. But is it feasible to practice as much as you SHOULD when everyone has other jobs to do? That's what Michael is talking about in today's #CyberSunday. Things Mentioned: · Peter Sacawaker’s LinkedIn Post - https://www.…

In today’s show Michael and Sam are joined by Cybersecurity Executive and Adjunct Faculty Member, Dr. Branden Williams. They discuss Branden’s journey into cybersecurity and how those looking to enter the field can get started. They also dive into his 2023 HOU.SEC.CON. talk on automation and bot attacks and the issues organizations and customers ar…

In mentorship, it's often thought that the mentor is doing the teaching and the mentee is doing the learning. But mentors should also be open to and seek out lessons that they can take from the mentee. In this #CyberSunday, I talk about how tenured #cybersecurity professionals can learn about new tech and new concepts from those who are newer to th…

The 2024 RSA Security Conference is here. While I am not going this year, I do want to give a few professional networking pointers for folks who are going, especially if you are a new conference attendee. These conference habits have helped me in my professional career, and I hope they help you as well. #CyberSunday #RSA2024 #securityconference #cy…

Co-hosts Michael and Sam are joined by co-speakers Mak Foss and Rachel Schwalk to discuss their HOU.SEC.CON. presentation on business email compromise. In this episode they talk about their individual journey’s into cyber, the complexities of detecting business email compromise, and the significance of monitoring email rules. Things Mentioned: · Te…

Attack vectors and methods tend to by cyclical, meaning attackers will come back to see if old tricks will yield new results. I talk about one such attack vector that might be coming back in style... with a slight twist. Want to reach out to the host? Email us at [email protected] Hosted By: Michael Farnum Editing By: Lauren Lynch Keep up w…

SIEM (Security Incident and Event Management) has been a round a long time. But there are some recent trends and new vendors that are creating fresh ways to implement and operationalize SIEM. I'm discussing a couple of the larger SIEM and security operations trends on today's #CyberSunday. Want to reach out to the host? Email us at podcast@houstons…

Your favorite co-founders and co-hosts Michael Farnum and Sam Van Ryder are reunited for the latest edition of HOU.SEC.CAST. with special guest David Balcar! In today’s episode they discuss: · The evolving landscape of insider threats and the vulnerabilities they exploit. · The importance of vigilance in monitoring outbound traffic and the need for…

How can you tell if a new #cybersecurity concept (think Zero Trust) in cybersecurity is a just a flash in the pan or a valuable idea that can be utilized in your program? In this #CyberSunday, I talk about an unusual method for being able to potentially tell the difference. Want to reach out to the host? Email us at [email protected] Hosted…

Co-Host Sam Van Ryder flies solo for this episode with Executive Industry Consultant, Roya Gordon! They share insights on SBOMs and their significance in OT security, discuss what current security conferences are doing right (and where they could improve!), and the importance of building local cybersecurity communities. Things Mentioned: · Southern…

There is a lot of fear of the security implications about AI and other new and/or improved technologies. And while some fear is healthy, we also can't let it keep us from thinking about uses for that same tech to improve security. Let's talk about it in this #CyberSunday. Want to reach out to the host? Email us at [email protected] Hosted B…

Michael talked about security control monitoring a few weeks ago. In this #CyberSunday, he is digging in a bit around an essential part of control monitoring: configuration management/monitoring. What is config management/monitoring, what do you need to do before you can even start monitoring and managing configs, etc. Want to reach out to the host…

In this episode, hosts Michael and Sam pull HOU.SEC.CON. Program Director (and HOU.SEC.CAST. producer) Lauren Lynch in front of the camera to share her perspective as HSC’s first full time employee! They chat about her start in marketing and cyber, other cybersecurity communities she’s engaging with to level up, and why it’s important to get involv…

There is a lot of talk and advice on social media, blogs, etc. about the Cybersecurity job market. There's no doubt it's a tough market right now, but does that mean you should stay away? Here's my opinion on the topic and some quick advice of my own for experienced cyber folks who are having trouble getting interviews. Things Mentioned: https://ww…

An X/Twitter thread about technology vs communication in #cybersecurity inspired today's video. Which one do you think is more important or more difficult? Watch today's #CyberSunday to get Michael's opinion. Things Mentioned: https://x.com/mikepsecuritee/status/1760299590337622309?s=20 Want to reach out to the host? Email us at podcast@houstonsecc…

In this episode, hosts Michael and Sam meet with Arthi Vasudevan, a cybersecurity product line leader at GE Vernova and the author of the popular children's book "Cyberama." They delve into the recent legislative developments extending online protections for children, Arthi’s journey into cybersecurity, and how her experience at HOU.SEC.CON. inspir…

Today's #CyberSunday is about monitoring controls regularly (as opposed to a point-in-time assessment). Michael gets into some methods of monitoring and what you should monitor them against (hint: monitoring is NOT just technical). Want to reach out to the host? Email us at [email protected] Hosted By: Michael Farnum Editing By: Lauren Lync…

Many of us were affected by the cell carrier outage last week. Some initial explanations have come out, but are those explanations plausible? And is a #cyberattack just - or more - plausible than the explanation that AT&T gave? On today's #cybersunday, Michael talks about the outage, the explanations both given and imagined, and some ideas on what …

We have a special episode today featuring EXEC.SEC.CON. hosts Marc Crudgington and Kyle Lai! They’ll talk a bit about their backgrounds and what qualifies them to host an event of this caliber, how they started the CISO Track that lead to this stand-alone event, and what to expect at the conference. Things Mentioned: · Marc’s Books - https://www.am…

Indecision and apathy from alert fatigue are big issues in #cybersecurity. But have you thought about how FUD marketing can cause some of the same problems? And it's not just vendors throwing the FUD. In today's cybersunday, Michael talks about the issues with FUD and how you need to watch out for it from some unusual sources. Things Mentioned: htt…

It's #cybersunday, and it's also time for the Big Game (can't use the real name because reasons). Michael is a big American Football fan, so he's getting into #cybersecurity football analogies. But he's also trying to dig a little deeper and staying away from some obvious analogies. Let us know what you think about them! Want to reach out to the ho…

In this episode hosts Michael and Sam talk to HOU.SEC.CON. speaker and CEO and Founder Dan Gunter. They discuss his career journey from the Air Force to founding Insane Forensics, insights on threat hunting in industrial networks, and the importance of adaptability in operational technology. Things Mentioned: · US disabled Chinese hacking network t…

Michael is in the snow in Michigan to record today's Cyber Sunday. The cold weather and road conditions inspire a cybersecurity analogy around making decisions and determining priorities for your security program. Want to reach out to the host? Email us at [email protected] Hosted By: Michael Farnum Editing By: Lauren Lynch Keep up with HOU…

In today’s episode Michael and Sam chat with HOU.SEC.CON. speaker and Deputy CTO of Tenable, Marty Edwards. Their conversation revolves around the need for collaboration between IT and OT teams, the importance of implementing cybersecurity fundamentals before investing in products and solutions, and the real-life consequences that result from not p…

Michael is wrapping up his Risk Management/Assessment series on today's #CyberSunday. His two points today are around risk assessment frameworks and a caution about GRC tools. We hope you enjoyed the series! If there's anything you'd like to see Michael cover in future videos, let us know! Want to reach out to the host? Email us at podcast@houstons…

About this episode: In our first episode of 2024 Michal and Sam chat with Principal Industrial Hunter John Burns to talk about his presentation “The Distinct Imperatives of Threat Hunting in OT Environments”. In this conversation John also touches on his interesting industrial IT origin story, shares insights into his role as a principal industrial…