Adversarial Content

— Browse our blog posts, articles, and episodes of The Adversarial Podcast
The Adversarial Podcast Ep. 8 - Pagers and Supply Chain Attacks, GitHub stealers, “Founder Mode”

(00:00) Intro (02:24) Exploding pagers: are psychological attacks worse than breaches? (20:21) Are credit card breaches still a concern in 2024? (24:57) Infostealer delivered through GitHub Issues: how are trustworthy services being abused? (31:45) Founder mode: when is it time to switch from "founder mode" to "manager mode?" (44:02) Is open-source more secure than closed-source? The Adversarial Podcast Ep. 8 - Pagers and Supply | RSS.com Stories and books mentioned: * “Israel plant

The Adversarial Podcast Ep. 5 - Why Boards want more Joe Sullivans and Tim Browns and less CISOs - Jerry Perullo live at Evanta

Episode notes Speaking live at the Evanta CISO Summit in Atlanta in June 2024, host Jerry Perullo talks candidly about why CISOs are failing to land Board Director roles. The Adversarial Podcast Ep. 5 - Why Boards want mo | RSS.com

The Adversarial Podcast Ep. 4 - CrowdStrike Lawsuits, Overhyped Exploits, and Fake Remote Employees

Episode notes Join former CISOs-turned-founders Jerry Perullo, Mario Duarte, and Sounil Yu as they discuss upcoming lawsuits related to the recent CrowdStrike outage, switching costs, overhyped security vulnerabilities and their effect on practitioners' responsibilities, fake employees from North Korea, the information stealers and the state of password managers, and the increasing threat of deepfakes. The Adversarial Podcast Ep. 4 - CrowdStrike Lawsui | RSS.com Stories * “CrowdStrike i

The Adversarial Podcast Ep. 3 - CrowdStrike, Wiz Acquisition Rumors, and SolarWinds

Episode notes In this episode, former CISOs-turned-founders Jerry Perullo, Mario Duarte, and Sounil Yu discuss the recent Crowdstrike outages, PR in the recent Wiz acquisition rumors, stakeholder value in Rapid7, and the SEC dropping charges in the SolarWinds case. Stories: - Activist Jana has a stake in Rapid7. There are two paths to bolster value at the cybersecurity company: https://www.cnbc.com/2024/06/29/two-paths-for-jana-to-bolster-shareholder-value-at-rapid7.html - Google Near $23

The Adversarial Podcast Ep. 2 - Chrome Extension Vulns, Cyber Job Market, Mouse Jigglers, and the Ransomware Plague

Episode notes In this episode, former CISOs-turned-founders Jerry Perullo, Mario Duarte, and Sounil Yu discuss malicious Chrome extensions, the cybersecurity job market, mouse jigglers and security policy, and the impact of the recent ransomware wave. They share insights from their experiences, exploring the challenges of managing browser security policies, job burnout, and banning ransom payments. Stories: * Millions under threat from malicious browser extensions — what to do: https://www.t

The Adversarial Podcast Ep. 1 - Snowflake, Shared Fate, and the Gili Ra’anan Model

In this episode, former CISOs-turned-founders Jerry Perullo, Mario Duarte, and Sounil Yu discuss the recent wave of cyber-attacks using Snowflake and the model of shared fate. They debate the effectiveness of banning ransom payments and explore the complexities of cybersecurity regulation, using recent events involving UnitedHealth and Jerry's former employer as case studies. The conversation also touches on the ethical dilemmas CISOs face when interacting with venture capital, highlighting pers

Season 02 Episode 02 - The Interim CISO

Joined by fellow Interim CISO veterans Yael Nagler of Yass Partners and Aurobindo Sundaram of RELX, host Jerry Perullo reflects on his experience as the Interim CISO of Silicon Valley Bank and explores the challenges of the role from hiring manager and candidate perspectives. Yael Nagler: https://www.linkedin.com/in/yaelnagler/ Aurobindo Sundaram: https://www.linkedin.com/in/aurobindosundaram/ 00:16:30 Why hire an Interim CISO? 00:21:00 Is there such a thing as KTLO in the CISO role? 00:30:3

An open letter to a fresh cybersecurity hire

Congratulations on your first cybersecurity job! Whether you are just entering the workforce or pivoting to a new field, here are some inside tips that may help you succeed. 1. Never say "that isn't my job". The colleagues I've seen advance and realize success in their cyber careers were willing to pitch in and help without regard to job description. This will be magnified if your employer is a smaller company, but the general idea is that companies and cultures are forged by the people who c

Vulnerability management is dead. But GRC is hiring...

I used to have a TVM team. Threat & Vulnerability Management. The individuals in there had the word "Vulnerability" in their titles. It's how a lot of shops roll. TVM seemed to become a default piece of the "build a cyber shop playbook". And if you survey big CISO organizations today, you'll still find a lot of TVM departments. I'm not sure how this came to be, but I can't think any of us ever organically decided that we needed an individual - no less a team - specifically tasked with managing

Season 01 Episode 04 - The CISO Professor

Episode notes In this Episode host Jerry Perullo talking about cybersecurity in higher education. A Professor of the Practice in the Georgia Tech School of Cyber Security and Privacy, Perullo thinks aloud on the challenges that have prevented cyber from taking off at the undergraduate level before focusing on specific steps you might take to pursue this career path. 00:00:55 A Brief History of Cyber in Higher Ed 00:03:11 The Archetype Cyber Curriculum 00:08:03 Enter the CISO: t-5 00:13:25 W