Conference Podcasts

2016 Episode 9: AnubisNetworks Team Talks Asia-Pacific, Growth of Mobile (18:05 +0100)

Join the interview in progress! The discussion dives into the very relevant issues that the AnubisNetworks team has been researching and fighting that have been arising out of the Asia-Pacific region. Chris chats with Joao Gouveia, CTO at AnubisNetworks and Nuno Vieira da Silva, Head of Sales at AnubisNetworks. AnubisNetworks has been a supporter and sponsor of the Annual FIRST Conference since 2015.

2016 Episode 8: Sharing is Caring - Alex Sierra and Alex Pinto of Niddel (18:00 +0100)

Join the interview in progress! Martin chats with Alex Sierra, CTO of Niddel and Alex Pinto, Chief Data Scientist at Niddel about their presentation, "Sharing is Caring: Understanding and Measuring Sharing Effectiveness." This presentation was delivered at the 28th Annual FIRST Conference in Seoul, South Korea, June 13, 2016.

2016 Episode 7: A Global Perspective on Voluntary vs. Mandatory Information Sharing with Stuart Murdoch, Founder and CEO at Surevine (12:09 +0100)

Join the interview in progress! Stuart Murdoch and Chris John Riley tackle the messy subject of breach disclosures and how different companies and countries are handling the information sharing process. Does mandating this type of information sharing actually reduce the amount of information being shared? What are the platforms/infrastructure available? Stuart is Founder and CEO of Surevine, an SME specializing in smart and secure collaboration technology. Surevine is the official sponsor of the Ice Breaker Reception at the 28th Annual FIRST Conference in Seoul, South Korea. Meet Surevine on Sunday evening, June 12th and then again Tuesday, June 14th-16th at FIRSTCON16.

2016 Episode 6: How to Discover Cyber Security Talents – Moataz Salah of CyberTalents (12:08 +0100)

Join the interview in progress! Founder of Bluekaizen (a company focused on cyber security education), Moataz joins Chris Jon Riley to discuss the global issue facing organizations today – identifying and hiring skilled cyber security professionals. Moataz presents his full presentation on Wednesday, June 15th @ 16:00-16:30 at the 28th Annual FIRST Conference in Seoul, South Korea.

2016 Episode 5: Decade of Change: Tom Cignarella & David Lenoe from Adobe (12:07 +0100)

Join the interview in progress! Tom and Dave give insights on their upcoming presentation focusing on the lessons learned along the way at Adobe and the landscape to come. Tom and Dave present on Tuesday, June 14th @ 13:00-14:30 at the 28th Annual FIRST Conference in Seoul, South Korea.

2016 Episode 4: Does It Pay to be Cyber-Insured? Featuring Marie Moe (SINTEF) and Eireann Leverett (Concinnity Risks) (15:23 +0100)

Join the interview in progress! While cyber-insurance isn’t necessarily anything new, it has emerged as a hot topic amongst the C-suite and those in charge of mitigating corporate risk in recent years. Marie and Eireann discuss their thoughts and research on the area of cyber-insurance, real-life cases, and why CERTs should be collaborating with insurance companies. Join Marie and Eireann for their full presentation at FIRST 2016 Seoul on Tuesday, June 14th at 15:00.

2016 Episode 3: An Interview with Jason Jones from Arbor Networks (14:40 +0100)

Join the interview in progress! This week’s podcast features Jason Jones, Senior Security Researcher for Arbor Networks’ ASERT team. Jason talks a little bit about his current research at Arbor that focuses on issues in South Korea as well as his upcoming presentation at FIRST 2016, “Tasty Malware Analysis with T.A.C.O.: Bringing Cuckoo Metadata into IDA Pro.” Jason presents on Monday, June 13th at 17:00.

2016 Episode 2: Art Manion and Chris King, CERT/CC | Coordinated Vulnerability Disclosure for Vendors (22:13 +0100)

Join the interview in progress! Art and Chris discuss their upcoming tutorial session at FIRST 2016, “Coordinate Vulnerability Disclosure for Vendors.” Their upcoming session is aimed to help vendors, providers, and CSIRTs grow their capability to handle vulnerability reports from external researchers. Art and Chris are both members of the Vulnerability Analysis Team at CERT/CC. Check their session on Monday, June 13 at 13:00 at the 28th Annual FIRST Conference.

2016 Episode 1: Koichiro ‘Sparky’ Komiyama, Conference Liaison 2016 (17:37 +0100)

Join the interview in progress! FIRST’s podcast duo of Martin McKeay and Chris John Riley sit down with Sparky Komiyama (JPCERT/CC) and talk about his role as conference liaison, some hints on the annual banquet dinner, and what to expect in Seoul. Gain insights in to the upcoming conference program, keynotes, and some presentations that Sparky is looking forward to hearing at the 28th Annual FIRST Conference, June 12-17, 2016 in Seoul, South Korea.

2015 Episode 7: Live from FIRST 2015, Sponsor Highlight – Ray Stanton, Executive VP, BT Advise (15:42 +0100)

Recorded live from the 27th Annual FIRST Conference in Berlin, Germany. Martin and Chris chat with long-time supporter of the FIRST community and annual conference, Ray Stanton about the growth of the organization, attendee profiles, and what to expect next. Ray is Executive Vice President with BT Advise and has more than 27 years or experience in information technology and security.

2015 Episode 6: Live from FIRST 2015, Sponsor Highlight with Ulf Feger, CSO, Huawei Germany (17:25 +0100)

Recorded live from the 27th Annual FIRST Conference in Berlin, Germany. Martin and Chris chat with Ulf Feger, CSO of Huawei Germany to gain a better understanding of why organizations like Huawei sponsor and support FIRST’s incident response community.

2015 Episode 5: Live from FIRST 2015, An Interview with Mikko Hypponen (14:47 +0100)

Recorded live from the 27th Annual FIRST Conference in Berlin, Germany. Martin and Chris interview keynote and long-time supporter of the FIRST community, Mikko Hypponen, Chief Risk Officer, F-Secure. Mikko presented, “Securing Our Future,” on Tuesday, June 16th.

2015 Episode 4: Interview with Seth Hanford, Update on CVSS (15:02 +0100)

Join the interview in progress featuring Seth Hanford, Manager of the Detection & Response Team at TIAA-CREF and chair of the CVSS Special Interest Group (SIG). Hear the latest updates on the specification and what to expect during conference week. Seth will be leading the CVSS v3 Hands-on Training session on Wednesday, June 17th at 10:30. There is also a scheduled CVSS Birds of a Feather session set for Monday, June 15th at 11am.

2015 Episode 3: Interview with Jake Kouns, “Bring Your Own Internet of Things” (22:41 +0100)

Join the interview in progress featuring Jake Kouns of Risk Based Security. Coffee machines, HVAC systems… What are the present-day issues facing enterprise corporations as more and more of our daily devices become connected? Jake gives some brief insight on his upcoming presentation at FIRST 2015. Jake and co-presenter, Carsten Eiram (Risk Based Security) present, “Bring Your Own Internet of Things,” Tuesday, June 16th at 14:45.

2015 Episode 2: Interview with Dr. Marie Moe and Eireann Leverett - I’m Sorry to Inform You… (20:30 +0100)

Join our interview in progress featuring Marie Moe and Eireann Leverett. Marie and Eireann discuss their upcoming presentation, “I’m Sorry to Inform You…,” focusing on last summer’s spear-phishing attacks on Norwegian Oil, Gas, and Energy sectors and the challenges of victim notification. “I’m Sorry to Inform You…,” is scheduled for Monday, June 15th at 13:00.’

2015 Episode 1: 2015 Program Chair, Robert Floodeen & Conference Liaison/Board Member, Derrick Scholl (17:42 +0100)

Kicking it off with key 2015 players – Conference Liaison and Board Member, Derrick Scholl and 2015 Program Chair, Rob Floodeen. Gain insight on the creative process behind assembling and identifying conference content and the challenges of chairing a FIRST conference. Learn about our local hosts, events, and what to expect this June. *Please note that since the recording, there have been several program and keynote changes. For the latest program agenda, please be sure to view https://www.first.org/conference/2015/program.

2014 Episode 8: Live from FIRST2014 – “Using Anthropology to Study Security Incident Response” (15:07 +0100)

Join the interview in progress featuring Raj Rajagopalan, Senior Principal Research Scientist at Honeywell; Simon Ou, Associate Professor of Computer Science at Kansas State University; and Dan Moor, Technical Lead, Digital Investigation Services at HP. Listen to the trio discuss the study, how they came up with the idea, and the importance of their findings in this ongoing study. The three presented their findings on June 25th at the 2014 FIRST Conference in Boston.

2014 Episode 7: Live from FIRST2014 – Holly Stewart, Microsoft (16:37 +0100)

Join our interview in progress featuring Holly Stewart, Senior Program Manager at the MMPC. Recorded live from the 26th Annual FIRST Conference in Boston, MA. Holly presented on Wednesday, June 25th on the “MMPC’s Coordinated Malware Eradication.”

2014 Episode 6: Live from FIRST2014 – Eugene Spafford (15:18 +0100)

Join our interview in progress, live from the 26th Annual FIRST Conference in Boston, MA. Chris and Martin spend some quality time with the renowned Eugene Spafford of Purdue University.

2014 Episode 5: “Pass-the-Hash” – Tim Slaybaugh, Forensic/Malware Analyst, Northrup Grumman (16:36 +0100)

Join our interview in progress featuring Tim Slaybaugh, Forensic/Malware Analyst at Northrup Grumman as he gives us some insight into his presentation, “Pass-the-Hash: Gaining Root Access to Your Network” at the 26th Annual FIRST Conference. Tim has presented at the Federal Law Enforcement Training Center and often speaks at national and international conferences on current topics in computer forensic analysis. Tim presents on June 24th 10-11:00 in the Terrace Ballroom at the Boston Park Plaza.

2014 Episode 4: Art Manion, Member of the Vulnerability & Analysis Team, CERT/CC – SEI (14:27 +0100)

Join our interview in progress featuring Art Manion of CERT/CC. Art discusses his research findings, the trend of bug bounties, responsible disclosure and where he sees vulnerability markets going in the next 12-months. Art is a member of the vulnerability & analysis team at CERT where he analyzes, coordinates, and discloses vulnerabilities. He presents, “A Survey of Vulnerability Markets,” Thursday, June 26th at the Boston Park Plaza Hotel.

2014 Episode 3: Ken van Wyk, FIRST Steering Committee & 2014 Conference Liaison (20:21 +0100)

Join our interview in progress featuring FIRST Steering Committee member and 2014 Conference Liaison, Ken van Wyk. Learn some fun facts about FIRST firsts and the importance of this year’s theme to reflect on our past in order to move forward. Ken is an internationally recognized information security expert, author and one of the founders of the Computer Emergency Response Team (CERT). He has also served as Chairman of FIRST.Org.

2014 Episode 2: Seth Hanford, Manager, Threat Research Analysis and Communications, Cisco (12:59 +0100)

Do you use CVSS; are you new to CVSS? Chris chats with Seth Hanford, Manager of Cisco’s Threat Research Analysis and Communications about the rollout of CVSS v3, the lessons learned and improvements made since the release of v2 and what to expect at the conference. The Common Vulnerability Scoring System assists incident responders through standard characteristic classification and severity scoring for software vulnerabilities. Seth presents on Monday, June 23rd at 11:00-12:00 in the Imperial Ballroom.

2014 Episode 1: Getting Back to the Roots…Jeff Boerio, 2014 Program Chair, FIRST.Org (11:44 +0100)

Welcome back! Martin and Chris kick off our 2014 podcast series with this year’s Program Chair, Jeff Boerio of Intel. Gain insight into the program planning process, the roles and responsibilities of the program committee and find out what’s in store for attendees this June. Jeff is a Senior Information Security Specialist at Intel and has been a long-time supporter of FIRST. He has volunteered his time year-after-year as a member of the program committee and finally stepped up the challenge as chair for 2014.

2013.8: Live from FIRST2013 - Katie Moussouris (00:00 +0100)

Join our interviewers in progress, Chris John Riley and Martin Mckeay at the 25th Annual FIRST Conference in Bangkok, Thailand as they talk to Katie Moussouris, Senior Security Strategist at Microsoft talk about the latest in happenings at Microsoft. Katie presents on Thursday of the conference, "Vulnerability Handling Processes: When Hackers Come A-Knockin."

2013.7: Naoshi Matsushita - Cyber Security Trends in Japan (00:00 +0100)

Listen in to the conversation between Martin McKeay and Naoshi Matsushita, Senior VP of the MSS Division and COO of the US branch at NRI SecureTechnologies. Naoshi covers some of the security trends featured in their 9th annual security trend report--the basis of his presentation, "Cyber Security Trend in Japan – Annual Review 2013." Naoshi will be presenting along with his co-presenter Kazuya Hiradate, Senior IT Security Analyst at NRI SecureTechnologies. Both Naoshi and Kazuya present on Wednesday, 29 June at 14:25 under the Technical Foundations track.

2013.6: Interview with Michael Jordan, Head of Research at Context (00:00 +0100)

Join the interview in progress with Michael Jordan, Head of Research at Context. Michael briefs us on his upcoming FIRST presentation, "Intelligent defence: deriving malicious intent using domain registrar information." Michael has 12 years of experience within the IT security, software development and incident response fields, as well as having developed IT security tools such as the Context App Tool (CAT). Michael is slotted to present on Thursday, 20 June at 14:25 under the Deep Technical Dives track at the 25th Annual FIRST Conference – Incident Response: Sharing to Win.

2013.5: 2013 DRG & FIRST Security Challenge - 2.0 - James Pichardo (00:00 +0100)

New to the FIRST Conference? Didn't attend Malta 2012? Be sure to listen in to this interview in progress with DRG's (Dragon Research Group) James Pichardo. James talks briefly about 2012's inaugural FIRST challenge and the challenge to be presented to our 2013 Bangkok attendees. The DRG is a volunteer research organization dedicated to further understanding of online criminality and to provide actionable intelligence for the benefit of the entire Internet community. Registration for the challenge starts onsite and they'll be headquartered in the Geek Lounge in London 2 at the Conrad Bangkok. Look for more information as you arrive for registration.

2013.4: Gavin Reid & David Jones of Cisco..."Securing Windows" (00:00 +0100)

Chris John Riley interviews a FIRST Program Chair Alumni – Gavin Reid, Manager, Information Security CSIRT at Cisco and David Jones, Senior Information Security Architect at Cisco. Just how difficult is it to secure the Windows OS? Is the system still suffering from legacy issues? The gentlemen jump straight into conversation and provide a preface of their presentation, "Secure Windows—Mitigating Windows Vulnerabilities to Deter APTs." David is a Senior Security Architect for Cisco's InfoSec team leading technical security strategy IT and across the entire enterprise. Gavin is a computer security specialist with more than two decades of experience. Gavin has worked with the gamut of individuals – from leaders in the vanguard of infosec to hackers in the computer underground. Gavin and David present Monday, 17 June @ 16:40 under the Technical Foundations track.

2013.3 Interview with Eireann Leverett, Security Researcher at IOActive (00:00 +0100)

Join our host Chris John Riley as he chats SCADA and ICS with Eireann Leverett, Security Researcher at IOActive. Integrity of data; security of data; what kind of threats await for us in the world of increasingly connected industrial control systems? Listen in to the interview in progress… Eireann has a BEng in Artificial Intelligence and Software Engineering from Edinburgh University and MPhil in Advanced Computer Science from Cambridge University. He presents regularly to academics and government agencies on the security of industrial systems on behalf of IOActive and has shared his research with ICS-CERT and other global CERT teams. Eireann presents, "Industrial Owner's Manual: Case studies in publicly accessible ICS," on Monday the 17th of June at 14:25.

2013.2 Interview with Jake Kouns, CEO of the Open Security Foundation (00:00 +0100)

Jake joins our hosts Martin McKeay and Chris John Riley to discuss his amusingly titled presentation, "The Mayans were right! A new age of data breaches," and shares some background on his non-profit organization , the Open Security Foundation. Jake is the co-founder, CEO and CFO of the Open Security Foundation (OSF), a non-profit organization that oversees the operations of the Open Source Vulnerability Database (OSVDB.org) and Cloutage.org DataLossDB. Jake has presented at many well-known security conferences and can now add FIRST to his list. Join the interview in progress! Jake presents on Thursday, 20 June @ 14:25.

2013.1 FIRST 2013 Kick-off - Adli Wahid, Program Chair (00:00 +0100)

It's May and that means we're kicking off the 25th Annual FIRST Conference podcast series! Martin McKeay from the Network Security Podcast and Chris John Riley from the Eurotrash Security Podcast join us again as our podcast hosts. Episode 2013.1 features Adli Wahid, 2013 FIRST Program Chair. Adli discusses a bit about the speaker selection process and how he and the program committee designed the agenda to focus on the "Sharing to Win" theme. Adli is currently working in the Asia Systems Office at the Bank of Tokyo-Mitsubishi UFJ Ltd. He is responsible for regional cyber security activities and is a member of the MUFG-CERT. Adli was previously the Head of Malaysia CERT (MyCERT).

2012.7 Live with the Dragon Research Group from FIRSTCON Malta (00:00 +0100)

The latest on the DRG Challenge from the 24th Annual FIRST Conference, Malta!

2012.6 Live w/ Steve Adegbite FIRST Conference Liaison (00:00 +0100)

Steve takes a few minutes to stop and chat with Martin & Chris during the 24th Annual FIRST Conference in St. Julian's, Malta...

2012.5 The DRG Security Challenge at FIRST Conference, Malta (00:00 +0100)

If you're attending FIRSTCON Malta, don't miss this podcast! Featuring Scott Vowels, a volunteer member with the Dragon Research Group (DRG) – get an understanding of what the DRG is about and their upcoming projects – including the Security Challenge. Gain insight on how to sign-up for the Security Challenge in Malta, the structure of the challenges and where to find the DRG crew at the conference for questions.

2012.4 Patrick Cain, Resident Research Fellow at APWG (00:00 +0100)

Episode 4 features Patrick Cain, resident research fellow with the Anti-Phishing Working Group (APWG) and the President of The Cooper-Cain Group, Inc. in Boston, MA – a US-based computer and internet security consultancy. He's been associated with information security development and operations for over 25 years and drives the APWG's data collection and sharing initiatives. Martin and Chris talk to Patrick about his work with the APWG and his upcoming FIRST presentation, "Sharing Crime Data Across International Frontiers." Patrick presents on Tuesday, 19th June at 17:05 in the Policy & Management track.

2012.3 Wes Young, Principal Security Engineer at REN-ISAC (00:00 +0100)

Join the interview in progress... Wes is a security engineer, threat analyst and (primary) code-monkey with the Research and Education Networking Information Sharing and Analysis Center (REN-ISAC). He is the primary architect of the REN-ISAC Security Event System – a standard based information system that moves security intelligence messages throughout its diverse academic community. Wes presents on Friday at 14:25 under the Deep Technical Dives track – "Sharing data's hard, here's how we did it."

2012.2 Lance Spitzner, Training Director, SANS Securing the Human Program (00:00 +0100)

Martin and Chris chat with Lance Spitzner, FIRST 2012 Keynote and Training Director for SANS Securing the Human Program at the SANS Institute. Lance is an internationally recognized leader in the field of cyber threat research and security training awareness. He has helped develop and implement numerous multi-cultural security awareness programs around the world. He's passionate about security awareness and the importance of understanding the human element. Don't miss Lance's keynote on Friday the 22nd at 09:45 in the Grandmaster Suite.

2012.1 Dr. Jose Nazario, 2012 Program Chair (00:00 +0100)

Here we go! Kicking off the 24th Annual FIRST Conference podcast series, Martin McKeay and Chris John Riley talk to Dr. Jose Nazario, Senior Researcher at Arbor Networks and the 2012 Conference Program Chair. Learn how Jose got involved, his experience within the FIRST community and how this year's program agenda came together. Gain insight on this year's keynote presentations, plenaries, highlight sessions, and the overall uniqueness that defines FIRST as a premier global organization.

2011.11: Patrick Gray, Principal Security Strategist, Cisco Systems (00:00 +0100)

Patrick Gray is the Principal Security Strategist at Cisco Systems as well as a 20+ year veteran of the US Federal Bureau of Investigations. Patrick speaks to Martin post-presentation, "Data Security Challenges in the all too Public and not so Private Sectors" and extends on topics such as social media usage, the importance of education to the user community and how Patrick went from police officer-to-FBI agent-to-Security Strategist at Cisco. Patrick presented on Tuesday, June 14, 2011.

2011.10: Robert Schischka, FIRST Steering Committee & Manager at CERT.at (00:00 +0100)

Martin chats with member of the FIRST Steering Committee and integral part of the 2011 conference planning team, Robert Schischka. Robert is head of CERT.at and has been an active member of FIRST for several years. Robert and Martin touch on several topics including the 2011 conference city selection, the process of establishing new FIRST teams and the importance of data sharing within the community.

2011.9: Brian Krebs of KrebsOnSecurity.Com (00:00 +0100)

Brian Krebs, freelance tech reporter, editor of KrebsOnSecurity.com and straight from the stage, takes time out in Vienna to speak to both Martin McKeay and Chris John Riley about his rogue-pharma-spam-focused presentation at FIRST 2011, "Funny Pharma: Inside the Web's Leading Rogue Pharmacies." Brian presented at FIRST 2011 Vienna on Tuesday, June 14, 2011.

2011.8: Jeffrey Carpenter, Technical Manager at CERT Coordination Center (00:00 +0100)

Jeffrey Carpenter, Technical Manager at CERT/CC, integral member and supporter of FIRST talks to Chris John Riley about the evolution of CSIRTs as well as the importance of networking among the international CSIRT communities. Jeff also talks briefly about the Annual National CSIRT meeting that is held post-FIRST conference.

2011.7: Melissa Hathaway, President of Hathaway Global Strategies (00:00 +0100)

Straight from the stage to the FIRST2011 press room, Martin McKeay and Melissa Hathaway expand on her keynote presentation and discuss global security challenges of 2011. What can government do; what can the private sector do? How do we faciliate better communication/interoperability? "[FIRST], the community is the master translator between the private sector where the technology is going, the civilian infrastructure of how to conduct homeland security or critical infrastructure protection...and can also act as security advisor to the ministries of defense." Melissa presented on Monday, 13th June at the 23rd Annual FIRST Conference, Vienna.

2011.6: Frank Breedijk & Ian Southam of Schuberg Philis (00:00 +0100)

Frank Breedijk and Ian Southam talk to Chris John Riley about their upcoming presentation, "The road to hell is paved with best practices." Do you achieve compliance through security or security through compliance? Frank and Ian are both mission critical engineers with Schuberg Philis. See their presentation on Friday, 17 June 2011 at 1330 in the Rock Track.

2011.5: Ken van Wyk, FIRST Vice Chair & President of KRvW (00:00 +0100)

Chris chats with Ken about his presentation, "Developing and testing secure iPhone apps" scheduled for Wednesday the 15th of June. In addition to presenting during conference week, Ken will be launching his new OWASP iGoat project at the conference along with a live demo! Ken is CERT certified computer security incident handler and an internationally recognized security expert. Ken is also on the FIRST Steering Committee and holds the title of FIRST Vice Chair.

2011.4: Iftach 'Ian' Amit, VP, Business Development at Security-Art (00:00 +0100)

Iftach 'Ian' Amit returns to FIRST2011 and talks to Chris John Riley about his presentation while also touching on the importance of making connections at conferences such as FIRST and his uphill struggle with pulling together a non-government CERT team in Israel. Amit first presented at the FIRST Conference in 2010. He has over a decade of experience in the information security industry and has presented at leading industry conferences such as BlackHat, DefCon, Infosec, Hacker-Halted, BruCon and SOURCE. Join him on Monday, 13th of June in the Scissors Track at 16:00.

2011.3: Mikko Hypponen, Chief Research Officer, F-Secure (00:00 +0100)

Wed, 01 Jun 2011 : : Chris John Riley talks to Friday Keynote, Mikko Hypponen about his upcoming presentation, "State of the Net" - 25 years and what have we got? This is a great chat covering such topics as the Brain virus to Stuxnet. Mikko is the Chief Research Officer at F-Secure (Finland) and has been with the company since 1991. Mikko has assisted law enforcement in the US, Europe and Asia on cybercrime cases. Mikko was most recently labeled an infosec rock star - according to information leaked by Wikileaks. Check out his talk at FIRST2011 on Friday, 17 June at 09:45.

2011.2: Kurt Sauer, Conference Liaison, FIRST.Org (00:00 +0100)

Kurt Sauer, Head of Information Security - Asia/Pacific at PayPal and FIRST Conference Liaison & Steering Committee Member, has a candid conversation with Chris John Riley about the upcoming 2011 conference, the conference site selection process and Kurt's personal experience during the April Japan earthquake and tsunami disaster.

2010.6: Steven Adair of The Shadowserver Foundation (00:00 +0100)

Martin sits down with Steven Adair at the conference to discuss a bit about The Shadowserver Foundation and his presentation, "Targeted Intrusions & Cyber Espionage-Wake up!" Steven is a security researcher at the Shadowserver Foundation and a principal architect at eTouch Federal Systems. Steven spoke at the 22nd Annual FIRST conference on Monday, June 14 @1330.

2010.5: Randy Trzeciak of CERT/CC (00:00 +0100)

Randy Trzeciak is a senior member of the technical staff at CERT/CC. He leads the insider threat team, focusing on insider threat research, threat analysis and modeling. Randy has over 19 years of experience in the field of information security and is an adjunct professor at Carnegie Mellon's Heinz College, School of Information Systems and Management. Randy presents at Annual FIRST Conference on Monday, June 16th @14:30.

2010.4: Jason Larsen of Idaho National Laboratory (00:00 +0100)

Jason Larsen is a cyber security researcher at the Idaho National Laboratory. He specializes in the technical details of testing and exploiting industrial control systems. He has a wide range of publications on control systems including SCADA, AMI, Wireless Sensor Networks, and good old-fashioned software exploitation. He is a sought after speaker in both the United States and Internationally. Jason will be presenting Wednesday, June 16 @10:00AM.

2010.3: 2010 Program Chair, Andrew Cushman of Microsoft (00:00 +0100)

Martin talks with FIRST Program Chair, Andrew Cushman, Director of Security Response and Outreach at Microsoft's Trustworthy Computing. Andrew is a driving force behind the company's security researcher outreach strategy and execution efforts, formulating the Responsible Disclosure Initiative and initiating the BlueHat security conference franchise. Andrew will be in Miami all week and moderating the panel, "Implications of the Cloud" on Thursday, June 17 @11:00.

2010.2: DUS Reitinger, U.S. Department of Homeland Security (00:00 +0100)

In this episode, Martin McKeay talks to Philip R. Reitinger, Deputy Under Secretary for the National Protection Programs Directorate (NPPD) and Director of the National Cybersecurity Center (NCSC). DUS Reitinger provides strategic direction to the Department's cybersecurity efforts while ensuring preparedness and response capabilities across all US federal computer systems. DUS Reitinger kicks off the 2010 FIRST Conference with his Keynote, Monday, June 14th @0900.

2010.1: Ramses Martinez, VeriSign (00:00 +0100)

Ramses Martinez is Director of Information Security for VeriSign and leads a team that is responsible for all aspects of information security of global DNS, PKI and SSL infrastructure operated by VeriSign. Ramses talks about his presentation "Incident Response to Social Engineering Attacks." He is scheduled to present on Monday, June 14 from 1330-1430.

2009.11: Sherri Davidoff and Jonathan Ham, Proprietary Data Leaks (00:00 +0100)

In this at-the-conference interview, Sherri and Jonathan recap their presentation, add insight and talk about their new SANS course being offered. Sherri Davidoff is a longtime information security consultant specializing in forensics, penetration testing and incident response. Jonathan Ham is an independent consultant who specializes in large-scale enterprise security issues.

2009.10: Kurt Sauer, Spinlock Technologies (00:00 +0100)

As a principal consultant for Spinlock Technologies LLC, Kurt Sauer works with researchers from Kyushu University and the National University of Singapore to analyze security vulnerabilities of critical infrastructure components, currently focusing on power and communications systems in Asia. Kurt joins the FIRST Steering Committee as a newly elected member.

2009.7b: At the Conference: Dr. Suguru Yamaguchi - JAPANESE (00:00 +0100)

At the conference interview with the conference's opening keynote, Dr. Suguru Yamaguchi. Japanese-speaking version.

2009.7a: At the Conference: Dr. Suguru Yamaguchi - ENGLISH (00:00 +0100)

At the conference interview with the conference's opening keynote, Dr. Suguru Yamaguchi. English-speaking version.

2009.8: Peter Allor, FIRST SC and Conference Liaison (00:00 +0100)

At the conference interview with Peter Allor. As member of the FIRST Steering Committee, Pete's primary role is Conference Liaison. As Conference Liaison, Pete manages all aspects of the conference from assisting the program chair with the program to working with the event staff.

2009.9: Toby Weir-Jones, BT (00:00 +0100)

Toby is VP of Product Development, Managed Security Solutions Group (MSSG) at BT. Toby is BT MSSG's longest-serving employee and was one of the founding members of Counterpane (aquired by BT in late 2006) in the summer of 1999. Toby's involvement in the cyber security field began in 1995 with his initial work in cryptography and security policy, and he has been involved in a number of technical and strategic roles since then. Toby is a named inventor for five patents, and holds a BA cum laude in engineering ethics from Cornell University in Ithaca, New York.

2009.6: Slawomir Ligier, VeriSign (00:00 +0100)

Slawomir "Slawek" Ligier is Vice President of Identity and Authentication Serviecs Engineering at VeriSign. Slawek oversees an effort to develop multiple layers of internet security, including Public Key Infrastructure (PKI) Certificates, Second Factor Authentication, and Fraud Detection Service. Slawek is presenting "On-Line Fraud Prevention and Detection-Multiple Layers of Security" on Monday, June 29th at 16:00.

2009.5: Jeff Crume, IBM Tivoli Compliance Solutions (00:00 +0100)

Jeff Crume is an Executive IT Security Architect for IBM Tivoli Compliance Solutions with over 25 years experience in the IT industry. He is also the author of "Inside Internet Security: What Hackers Don't Want You To Know" and will be presenting "What Hackers Don't Want You To Know" at the 2009 conference.

2009.4: Conference Coordinator, Traci Wei Talks Briefly About CPEs (00:00 +0100)

Quick interview with one of FIRST's Conference Coordinators about Continuing Professional Education credits (CPEs).

2009.3: Gib Sorebo, SAIC (00:00 +0100)

Episode 3 features Gib Sorebo of SAIC. Gib Sorebo is Chief Security Engineer and Assistant Vice President for Technology for SAIC where he assists government and private sector organizations in complying with legal and regulatory requirements related to information security and privacy. Gib leads the SAIC-IRT and is also presenting at this year's conference.

2009.2: Jeffrey Carpenter, CERT/CC, Best Practices Sponsor (00:00 +0100)

Jeff Carpenter is technical manager at CERT Coordination Center and one of the people responsible for organizing the FIRST Best Practices Contest.

2009.1: Mick Creane, 2009 Program Chair (00:00 +0100)

The first FIRST podcast is an interview with Mick Creane who is the 2009 FIRST Conference Program Chair. Mick's job has been to organize the conference overall and find interesting people to come speak at the event. He gives us a litttle background into why this year's topic is "Aftermath: crafts and lessons of incident recovery". Many of us think of 'incident response' as a computer security issue, but as Mick points out in the podcast, it's at least as much about the physical recovery after an incident as it is the virtual recovery. He also talks about some of the folks who'll be speaking and why it's so important that an event like this continues to be international, not just US or north american.