Joining the podcast this week is Eric Mill. He’s Senior Advisor on Technology and Cybersecurity to the Federal CIO in the Office of Management and Budget (OMB). We discuss some of the latest and impactful security initiatives, policies, and technologies in the U.S. Government today, including highlights from some that OMB is helping to drive.

Joining us this week is Peter W. Singer. He’s a New York Times bestselling author of books including Ghost Fleet, LikeWar, and the techno-thriller Burn In. He shares details on the New America non-profit organization and its awesome #SharetheMicinCyber program helping to bring a diversity of thought to the cybersecurity front lines. 

This week we officially welcome Petko Stoyanov as the new co-host for the To The Point podcast. Petko shares his perspective on how he found his way to cyber, the origin of the name “Petko”, and differences in working in government and the private sector. We also discuss the state of the cybersecurity landscape and the ongoing challenge of attribution – which is really asking the question, “Who is smarter” in executing cyber attacks?

We’re excited to welcome back Derek Weeks, recognized as the world’s foremost researcher on the topic of DevSecOps and securing software supply chains! Derek shares insights on how little has changed relative to securing software supply chains and using SBOMs in the two years since we last caught up with him.

Joining the podcast this week is Eva Galperin, Director of Cybersecurity for the Electronic Frontier Foundation (EFF). She is also the co-founder of the Coalition Against Stalkerware and has long been a champion for providing digital privacy and security for vulnerable populations around the world. “What is stalkerware?” many may ask. Stalkerware is considered a more personal way of invading someone's privacy such as using malware to track a person’s activity on a device.

 Joining us this week are Richard Grabowski, Acting Program Manager for CISA’s CDM Program, and Jonathan McBride, Chief of Adversary Pursuit for CISA’s Threat Hunting Subdivision. We dive into the hot topics of threat hunting, adversary pursuit, the evolution of CISA over the years including the growth and maturity of the organization, the power of public/private partnerships, and the drive for innovation.

Joining us this week is Christian Folini (@chrfolini), co-lead of the OWASP Core Rule Set project, co-author of the second edition of ModSecurity Handbook, and one of the few teachers on this subject. He brings a first to the podcast – a discussion on ModSecurity and the OWASP project! For those that are new to these topics, Christian shares many insights on the OWASP volunteer organization mission and how it serves as the first line of defense against web application attacks.

Closing out Insider Threat Awareness Month with us is Dr. Maria Bada, Ph.D., a Lecturer in Cyberpsychology at Queen Mary University in London and a RISCS Fellow in cybercrime. Maria shares insights on the insider risk challenge through a human-centric lens and the criticality of educational awareness, transparency, and training (Note: check out AwareGo!) to better mitigate the threat. When 98% of organizations are vulnerable to insider risks, and the “accidental” insider is the one most often reported, empowering employees with tools and knowledge to understand and be aware of the threats can really make a positive impact.

Bill Evanina, Founder and CEO of the Evanina Group and former Director of the National Counterintelligence and Security Center, joins the podcast this week to take a deep dive view into an insider threat as September is Insider Threat Awareness Month.

Joining the podcast this week is Ellen Nakashima, National Security Reporter for The Washington Times, and shares insights into the ongoing Taiwan-China conflict. Ellen provides perspective on the much-publicized Pelosi trip to Taiwan and why the timing of that trip raised concerns in China as well.