Author: Tony Bradley

There are a number of factors that make up effective cybersecurity, but there is one that stands out—visibility. It’s a simple fact that you can’t protect what you aren’t even aware you have. The very best vulnerability and patch management solutions, endpoint protection, and other security tools still can’t protect devices they don’t know about. That is why Qualys has made comprehensive visibility and an accurate asset inventory the foundation and cornerstone of protection. Qualys CEO Sumedh Thakar explains in a blog post, “You can’t secure what you do not know or can’t see. Further, you can’t protect what you…

TechSpective Podcast Episode 070 How do you know where the weak spots are in your cybersecurity defenses? One of the best ways is to engage a third-party–an external set of eyes and skills–to conduct a penetration test and try to find them. John Sawyer, Director of Services, Red Team at IOActive, joins me on this episode of the TechSpective Podcast to talk about what red, blue, and purple team engagements are and why they’re invaluable for companies to help improve cybersecurity. Just as it is sometimes challenging to edit your own writing because your brain reads what you meant to…

Data is essentially the “oil” or “gold” of the Internet Era. Data is crucial for both businesses and individuals—and has significant value for cybercriminals. Data needs to be protected, but that is often easier said than done. Encryption is one of the most effective and widely used methods for protecting data, but the security it provides is a function of the strength of the algorithm, and you need to have a balance between security and performance—a balance that will be even more difficult as quantum computing continues to evolve. Intel recognizes the challenges that come with encryption and is working…

TechSpective Podcast Episode 068 I’ve always been a huge fan of fighter jets and space exploration–so it was a huge privilege to have Jack Fischer join me for this podcast. Jack “2fish” Fischer (Colonel, U.S. Air Force, Retired) is a combat fighter pilot, test pilot, astronaut, and military space operations leader. Fischer is a distinguished graduate of the U.S. Air Force Academy and a Massachusetts Institute of Technology Draper Fellow. He flew two combat tours in the F-15E as part of Operation Southern Watch, Operation Enduring Freedom and Operation Southern Focus. As a distinguished graduate from the U.S. Air Force…

TechSpective Podcast Episode 068 Adam Philpott, Senior VP, EMEA for McAfee, is my guest for this episode of the TechSpective Podcast. With decades of experience in networking and cybersecurity, Adam brings tremendous insight to the table when it comes to zero trust and ZTNA (zero trust network access). Zero trust is pretty mainstream at this point–an evolution or extension of the concept of least privileged access, but taking things to another level for improved security against today’s advanced threats. As businesses around the world have embraced remote work and adopted a completely–or nearly completely–work-from-home workforce, the need for zero trust…

TechSpective Podcast Episode 067 Vulnerabilities are everywhere and they will not be going away. That means they need to be researched and discovered and addressed. But, what is the right way to go about that process? Katie Moussouris, founder and CEO of Luta Security, is my guest for this episode of the TechSpective Podcast and she is uniquely qualified to discuss this topic since she essentially pioneered it and has had significant influence and input on the standards and practices being followed today. What is the right or best way for someone who finds a vulnerability to let the software…

Vulnerabilities are a simple fact of life. The goal for vendors and organizations is not to strive to create perfect hardware or software that has no vulnerabilities—there is no such thing. What’s important is ensuring that relevant details and context are shared so there is awareness of any flaws and an opportunity to address or mitigate security concerns. A paper from IDC—“Silicon as Code, the Cybersecurity Vulnerability Paradox, and the Transparency Requirements for a 21st Century Processor Vendor”—takes a closer look at supply chain risk and the importance of transparency. Why does transparency matter? Organizations need to have visibility and…

TechSpective Podcast Episode 066 It has been a rough year and a half since COVID-19 hit at the beginning of 2020. Thankfully, we are rolling out vaccines at a blistering pace and it seems like there is light at the end of the tunnel and that things will begin to open back up. That includes offices, and business travel, and industry events. My friend Jack Daniel joins me on this episode of the TechSpective Podcast to talk about apprehension and anxiety about the “new normal” and the challenges with the ways some companies or managers seem to be handling the…

TechSpective Podcast Episode 065 Cybersecurity is constantly evolving. The threat landscape continues to expand and new technologies shift and extend the attack surface–both of which require new and innovative tools and practices to address. Ron Gula, co-founder and President of Gula Tech Adventures, joins me for this episode of the TechSpective Podcast to talk about the companies they are investing in and working with today, and the emerging trends he sees in cybersecurity in general. Gula stresses the need for an engineering focus and looking for solutions that can fundamentally change the game rather than just reacting to the latest…

TechSpective Podcast Episode 064 It wasn’t that long ago–at least in human years–that developing an application was a tedious process with a beginning and an end. A process where modifications or updates took months to craft and had to wait for the next scheduled release. I realize that concept may be as foreign to developers today as floppy disks, corded landline telephones, or a functioning Republican Party that cares what their constituents want or what is good for the country–but I promise you that it was real. Today, DevOps culture has taken over and everything is continuous. Development lifecycles have…