#239 - Actionable Gamification and Lasting Success (with Yu Kai Chou)
In this episode of CISO Tradecraft, host G Mark Hardy speaks with gamification pioneer Yu-Kai Chou about his new book, '10,000 Hours of Play: Unlock Your Real Life Legendary Success.' Explore key concepts such as aligning your passions, skills, and goals through six essential steps: choosing your game, knowing your attributes, selecting your role, enhancing your skills, building alliances, and achieving your quest. Discover how gamification can lead to personal and professional success. Tune in for an insightful conversation that could change the way you approach your career and life.
Yu-Kai Chou - https://www.linkedin.com/in/yukaichou/
Actionable Gamification Book - https://a.co/d/isv7K0W
10,000 Hours of Play Book - https://a.co/d/3L88jTs
Transcripts: https://docs.google.com/document/d/1gPxWVeS8QYNsgGpXt3EDQy5zGcCYH7hL
Chapters
00:00 Introduction: The Power of Play
00:34 Meet Yu-Kai Chou: Gamification Pioneer
04:16 Understanding the Octalysis Framework
07:34 10,000 Hours of Play: A New Perspective
09:24 Choosing Your Game: Discovering Your Life's Mission
16:49 Knowing Your Attributes: Identifying Your Strengths
22:14 Selecting Your Role: Layers of Your Role Sphere
23:12 Aspiration and Identity: Defining Who You Want to Be
24:46 Occupation and Specialization: Aligning Your Roles
26:48 The Importance of Direction and Continuous Growth
28:05 The Concept of Ikigai and Skill Enhancement
30:38 Creating a Skill Triangle and Role Models
31:39 Gamification in Cybersecurity and Beyond
32:50 The Role of Determination and Passion
37:50 Building Alliances for Success
41:27 Recap and Final Thoughts
--------
44:55
--------
44:55
#238 - The Impact of the Israel Iran Conflict (with Nathan Case)
In this episode of CISO Tradecraft, host G Mark Hardy discusses the ongoing Israel-Iran conflict and its potential cyber implications with cybersecurity expert Nathan Case. They delve into lessons learned from the Russia-Ukraine conflict, discuss the effectiveness of cyber warfare, and evaluate Iran's cyber capabilities. The conversation also covers the ethical implications of cyber attacks, dual-use targets, and the danger of supply chain vulnerabilities. Practical advice is provided on improving cybersecurity measures, including the importance of MFA, network segmentation, and evaluating internal threats. Join us for an in-depth look at how current geopolitical tensions can impact global cybersecurity.
Nathan Case - https://www.linkedin.com/in/nathancase/
Chapters
00:00 Introduction to the Israel-Iran Conflict
00:52 Meet the Expert: Nate Case
01:51 Cyber Warfare Insights from Russia-Ukraine Conflict
03:36 The Impact of Cyber on Critical Infrastructure
08:00 Ethics and Rules of Cyber Warfare
15:01 Iran's Cyber Capabilities and Strategies
16:56 Historical Context and Modern Cyber Threats
23:28 Foreign Cyber Threats: The Iranian Example
24:06 Israel's Cyber Capabilities
25:39 The Role of Cyber Command
26:23 Challenges in Cyber Defense
27:11 The Complexity of Cyber Warfare
32:21 Ransomware and Attribution Issues
36:13 Defensive Cyber Operations
39:39 Final Thoughts and Recommendations
--------
45:23
--------
45:23
#237 - Build a World Class SOC (with Carson Zimmerman)
Join G Mark Hardy and Carson Zimmerman, the author of '11 Strategies of a World-Class Cybersecurity Operations Center,' in this insightful episode of CISO Tradecraft. Carson shares his career journey, the evolution from the 10 to 11 strategies, and delves into the future needs of Security Operations Centers (SOCs). They discuss critical topics such as the importance of continuous improvement, AI's impact on SOCs, and the value of embracing neurodiversity in cybersecurity teams. Whether you're a seasoned cybersecurity leader or an aspiring professional, get actionable advice on how to enhance and revolutionize your SOC operations.
11 Strategies of a World Class Cybersecurity Operations Center https://www.mitre.org/sites/default/files/2022-04/11-strategies-of-a-world-class-cybersecurity-operations-center.pdf
14 Questions are all you need - https://www.first.org/resources/papers/conf2024/1445-14-Questions-Carson-Zimmerman.pdf
Transcripts - https://docs.google.com/document/d/1WVJi9WkxOG7yedQYWSooiqRFjBERd9kV
Chapters
00:00 Introduction and Guest Welcome
00:53 Background and Book Discussion
03:33 SOC Challenges and Stagnation
06:10 Managing SOC Alerts and Burnout
09:26 SOC Evolution and Neurodiversity
23:50 Career Progression in Cybersecurity
30:28 Impact of AI on SOC Operations
40:07 Final Thoughts and Conclusion
--------
41:41
--------
41:41
#236 - Build a World Class GRC Program (with Matt Hillary)
In this episode of CISO Tradecraft, host G Mark Hardy sits down with Matt Hillary, the Chief Information Security Officer of Drata, to discuss governance, risk, and compliance (GRC) and trust management. They explore key topics such as the evolution of GRC, trust management, compliance automation, and the advent of AI in compliance processes. Matt shares insights on building a world-class GRC program, the challenges and opportunities in modern-day compliance, and the mental health aspects of being a cybersecurity leader. This episode is a must-watch for any cybersecurity professional looking to enhance their GRC strategies and compliance operations.
Big Thanks to our Sponsor Drata. You can learn more about them at https://drata.com/
Connect with Matt Hillary at https://www.linkedin.com/in/matthewhillary/
Transcripts - https://docs.google.com/document/d/1VzRQSEvgUwenDERlNn2bwlIpnz4QPQ15/
Chapters
01:39 Meet Matt Hillary: CISO of Drata
06:06 The Evolution of GRC and Trust Management
14:48 Continuous Compliance and Automation
19:26 Compliance as Code: The Future of GRC
22:18 The Importance of Getting It Right the First Time
23:15 Customer Compliance Challenges
24:21 Vendor Risk Management and Trust Building
26:26 Leveraging AI for Compliance and Risk Management
31:43 Evaluating Credibility of Third-Party Evidence
41:09 Common Mistakes in GRC Programs
43:56 Final Thoughts and Industry Call to Action
--------
46:30
--------
46:30
#235 - Grey is the New Black (with Ryan Gooler)
Join G Mark Hardy at THOTCON in Chicago for an insightful podcast episode on building a successful cybersecurity career. Featuring guest Ryan Gooler, they discuss the non-linear paths to success, the value of mentorship, financial planning, and the importance of continuous learning and adapting. Learn how to navigate career transitions, embrace risks, and find joy in teaching and learning from others in the cybersecurity community.
Transcripts: https://docs.google.com/document/d/1nsd61mkIWbmIL1qube0-cdqINsDujAVH
Chapters
00:00 Welcome to THOTCON: Meeting Amazing People
00:26 Introducing Ryan Gooler: A Journey into Cybersecurity
04:09 The Value of Mentorship in Cybersecurity
06:22 Career Management and Setting Goals
09:33 Financial Planning for Cybersecurity Professionals
16:40 Automating Finances and Smart Spending
21:25 Financial Sophistication and Mutual Funds
22:07 Automating Life Tasks
22:41 The Concept of a Finishing Stamp
24:17 Leadership and Delegation in the Navy
26:06 Building and Maintaining Culture
27:21 Surviving Toxic Environments
29:55 Taking Risks and Finding Joy
34:34 Advice for Cybersecurity Careers
39:01 The Importance of Teaching and Learning
40:29 Conclusion and Farewell
México