Security Stories 4: Building the best cybersecurity team, with Mark Weatherford

For the Security Stories podcast, I try and interview people who have had a tremendous impact on the cybersecurity industry, and have a really interesting story to tell.  This is very much the case for Mark Weatherford, whom I chat to in our latest episode (available to listen to now).

Mark has one of the most impressive cybersecurity CVs I’ve ever seen. He sits on quite a few security advisory boards – I counted seven but it might well be more than that now! This includes being on the board of directors for the National Cybersecurity Centre.

He became the first deputy under-secretary for cybersecurity at the US Department of Homeland Security from 2011 to 2013. He was also a US Navy cryptologic officer and led the Navy’s Computer Network Defense operations and the Naval Computer Incident Response Team.

After that he became the CISO for both the state of California (hired by Arnold Schwarzenegger to help “change the way California did technology”) and the state of Colorado, and was instrumental in working with the state’s legislature to get laws passed to formerly establish a security program for the first time.

He’s a fascinating person to listen to, and he has now reached a point now where he wants to give back and develop new cybersecurity talent. So, this interview is brimming with advice for security leaders, and it has one or two things to ponder over….

“For a lot of security professionals, we’re looking at how do we gain credibility within our organizations. FUD (Fear, uncertainty and doubt) was the easy way to do that in the past, but thankfully we’ve veered away from that now. Because you can build a security program around FUD, but it will be a program built on sand, not rock.”

Oh, and we also talk about Batman…

For our ‘On this Day’ feature, Ben and I go back in time to 1999. We uncover the origins of ‘Snort’, and its journey from a fun rainy day and weekends project through to entering InfoWorld’s Open Source Hall of Fame as one of the “greatest pieces of open source software of all time”.

And finally, for our ‘emerging threats’ feature, Ben talks about a new breed of RAT (Remote Access Trojan) recently discovered by Cisco Talos which we’re calling ‘PoetRAT’.  Learn what it is, who it’s targeted, and how to protect against remote access trojans.

You can listen to Security Stories on Apple Podcasts, Spotify, Google Podcasts, or wherever you normally get your podcasts from! You can also listen right here and now:

We’ll be back with another episode in two weeks time. Listen to the first three episodes with more incredible guests, here: Security Stories website.