In this episode of the podcast (#204) we’re joined by Josh Corman of CISA, the Cybersecurity and Infrastructure Security Agency, to talk about how that agency is working to secure the healthcare sector, in particular vaccine supply chains that have come under attack by nations like Russia, China and North Korea.


Incidents like the Solar Winds hack have focused our attention on the threat posed by nation states like Russia and China, as they look to steal sensitive government and private sector secrets. But in the vital healthcare sector, nation state actors are just one among many threats to the safety and security of networks, data, employees and patients.

Joshua Corman is the Chief Strategist for Healthcare and COVID on the CISA COVID Task Force.
Joshua Corman is the Chief Strategist for Healthcare and COVID on the CISA COVID Task Force.

In recent years, China has made a habit of targeting large health insurers and healthcare providers as it seeks to build what some have described as a “data lake” of U.S. residents that it can mine for intelligence. Criminal ransomware groups have released their malicious wares on the networks of hospitals, crippling their ability to deliver vital services to patients and – more recently – nation state actors like North Korea, China and Russia have gone phishing – with a “ph” – for information on cutting edge vaccine research related to COVID 19.

How is the U.S. government responding to this array of threats? In this episode of the podcast, we’re bringing you an exclusive interview with Josh Corman, the Chief Strategist for Healthcare and COVID for the COVID Task Force at CISA, Cybersecurity and Infrastructure Security Agency.

Cryptocurrency Exchanges, Students Targets of North Korea Hackers

In this interview, Josh and I talk about the scramble within CISA to secure a global vaccine supply chain in the midst of a global pandemic. Among other things, Josh talks about the work CISA has done in the last year to identify and shore up the cyber security of vital vaccine supply chain partners – from small biotech firms that produce discrete but vital components needed to produce vaccines to dry ice manufacturers whose product is needed to transport and store vaccines.

Episode 194: What Happened To All The Election Hacks?

To start off I asked Josh to talk about CISA’s unique role in securing vaccines and how the Federal Government’s newest agency works with other stake holders from the FBI to the FDA to address widespread cyber threats.



As always,  you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and check us out on SoundCloudStitcherRadio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted. 

In this episode of the Security Ledger Podcast (#202) we do a deep dive on President Biden’s cyber agenda with three experts on federal cyber policy and the challenges facing the new administration.


Well, it almost didn’t happen, but on January 20, Joseph Robinette Biden Jr. was sworn in as the 46th President of the United States. More than any president since Franklin Roosevelt, Biden inherited a country in the throws of a crisis. By the time of his inauguration, the COVID virus had killed upwards of 400,000 U.S. residents and tanked the  national economy. As the incidents of January 6 indicated, right wing militant groups are stirring and threatening to topple democratic institutions.

Enter Solar Storm

And, as if that wasn’t enough, the weeks between the November Election and Biden’s January inauguration brought to light evidence of what is perhaps the biggest cyber intrusion by a foreign adversary into US government networks, the so called Solar Storm hack, which has been widely attributed to the government of Russia. 

Even before Solar Storm, Biden made clear as a candidate that a cyber security reset was needed and that cyber would be a top priority of his administration. The wide ranging hack of the US Treasury, Departments, of State, Justice, Defense and Homeland Security – among others – just added fuel to the roaring dumpster fire of Federal IT security. 

But what will that reset look like? To understand a bit better what might be in store in the months ahead we devoted this episode of the podcast to interviewing three experts on federal IT security and cyber defense. 

Rebuilding Blocks

But first, before you can do a reset you need to understand what went wrong the first time around. In the case of federal cyber security, that’s not a short list.

Spotlight Podcast: Taking a Risk-Based Approach to Election Security

In our fist segment, we’re joined by two experts on cyber policy about the US governments struggles to get cyber security right, culminating with the problems seen during the Trump administration.

Lauren Zabierek is the Executive Director of Cyber Project at Belfer Center For Science and International Affairs at Harvard’s Kennedy School of Government. She’s joined by Paul Kolbe, the Director of the Intelligence Project at Belfer Center. The two joined me in the Security Ledger studios to talk about how the Biden Administration might rebuild the US government’s cyber function and who might populate key positions in the new administration. 

Spotlight Podcast: QOMPLX CISO Andy Jaquith on COVID, Ransomware and Resilience

To start off, I asked them what the biggest challenges are out of the gate for the new administration. 

The Byte Stops Here: What Cyber Leadership Looks Like

As Harry Truman famously said: the “Buck stops” at the President’s desk. That wasn’t a phrase that was heard much during the Trump years. But with a new President sworn in, what does real leadership look like on federal cyber security?

Mark Weatherford is the Chief Strategy Officer at the National Cyber Security Center.

To find out, we invited Mark Weatherford into the studio to talk. Mark is the Chief Strategy Officer at the national cyber security center. a former CISO for the State of California and Deputy Under Secretary for Cyber Security at the DHS. In this conversation, Mark and I talk about the importance of presidential leadership on cyber security and what – if anything – the Trump administration got right on cyber policy in its four years in power. 


As always,  you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and check us out on SoundCloudStitcherRadio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted. 

In this episode of the podcast (#200), sponsored by Digicert: John Jackson, founder of the group Sakura Samurai talks to us about his quest to make hacking groups cool again. Also: we talk with Avesta Hojjati of the firm Digicert about the challenge of managing a growing population of digital certificates and how  automation may be an answer.


Life for independent security researchers has changed a lot in the last 30 years. The modern information security industry grew out of pioneering work by groups like Boston-based L0pht Heavy Industries and the Cult of the Dead Cow, which began in Lubbock, Texas.

After operating for years in the shadows of the software industry and in legal limbo, by the turn of the millennium hackers were coming out of the shadows. And by the end of the first decade of the 21st century, they were free to pursue full fledged careers as bug hunters, with some earning hundreds of thousands of dollars a year through bug bounty programs that have proliferated in the last decade.

Despite that, a stigma still hangs over “hacking” in the mind of the public, law enforcement and policy makers. And, despite the growth of bug bounty programs, red teaming and other “hacking for hire” activities, plenty of blurry lines still separate legal security research from illegal hacking. 

Hacks Both Daring…and Legal

Still, the need for innovative and ethical security work in the public interest has never been greater. The Solar Winds hack exposed the ways in which even sophisticated firms like Microsoft and Google are vulnerable to compromised software supply chain attacks. Consider also the tsunami of “smart” Internet connected devices like cameras, television sets and appliances are working their way into homes and workplaces by the millions. 

Podcast Episode 112: what it takes to be a top bug hunter

John Jackson is the co -founder of Sakura Samurai, an independent security research group. 

What does a 21st century hacking crew look like? Our first guest this week is trying to find out. John Jackson (@johnjhacking) is an independent security researcher and the co-founder of a new hacking group, Sakura Samurai, which includes a diverse array of security pros ranging from a 15 year old Australian teen to Aubrey Cottle, aka @kirtaner, the founder of the group Anonymous. Their goal: to energize the world of ethical hacking with daring and attention getting discoveries that stay on the right side of the double yellow line.

Update: DHS Looking Into Cyber Risk from TCL Smart TVs

In this interview, John and I talk about his recent research including vulnerabilities he helped discover in smart television sets by the Chinese firm TCL, the open source security module Private IP and the United Nations. 

Can PKI Automation Head Off Chaos?

One of the lesser reported sub plots in the recent Solar Winds hack is the use of stolen or compromised digital certificates to facilitate compromises of victim networks and accounts. Stolen certificates played a part in the recent hack of Mimecast, as well as in an attack on employees of a prominent think tank, according to reporting by Reuters and others. 

Avesta Hojjati is the head of Research & Development at Digicert.

How is it that compromised digital certificates are falling into the hands of nation state actors? One reason may be that companies are managing more digital certificates than ever, but using old systems and processes to do so. The result: it is becoming easier and easier for expired or compromised certificates to fly under the radar. 

Our final guest this week, Avesta Hojjati, the  Head of R&D at DigiCert, Inc. thinks we’ve only seen the beginning of this problem. As more and more connected “things” begin to populate our homes and workplaces, certificate management is going to become a critical task – one that few consumers are prepared to handle.

Episode 175: Campaign Security lags. Also: securing Digital Identities in the age of the DeepFake

What’s the solution? Hojjati thinks more and better use of automation is a good place to start. In this conversation, Avesta and I talk about how digital transformation and the growth of the Internet of Things are raising the stakes for proper certificate management and why companies need to be thinking hard about how to scale their current certificate management processes to meet the challenges of the next decade. 


(*) Disclosure: This podcast was sponsored by Digicert. For more information on how Security Ledger works with its sponsors and sponsored content on Security Ledger, check out our About Security Ledger page on sponsorships and sponsor relations.

As always,  you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and check us out on SoundCloudStitcherRadio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted. 

In this episode of the podcast (#199), sponsored by LastPass, we’re joined by Barry McMahon, a Senior Global Product Marketing Manager at LogMeIn, to talk about data from that company that weighs the security impact of poor password policies and what a “passwordless” future might look like. In our first segment, we speak with Sareth Ben of Securonix about how massive layoffs that have resulted from the COVID pandemic put organizations at far greater risk of data theft.


The COVID Pandemic has done more than scramble our daily routines, school schedules and family vacations. It has also scrambled the security programs of organizations large and small, first by shifting work from corporate offices to thousands or tens of thousands of home offices, and then by transforming the workforce itself through layoffs and furloughs.

In this episode of the podcast, we did deep COVID’s lesser discussed legacy of enterprise insecurity.

Layoffs and Lost Data

We’ve read a lot about the cyber risks of Zoom (see our interview with Patrick Wardle) or remote offices. But one of the less-mentioned cyber risks engendered by COVID are the mass layoffs that have hit companies in sectors like retail, travel and hospitality, where business models have been upended by the pandemic. The Department of Labor said on Friday that employers eliminated 140,000 jobs in December alone. Since February 2020, employment in leisure and hospitality is down by some 3.9 million jobs, the Department estimates. If data compiled by our next guest is to be believed, many of those departing workers took company data and intellectual property out the door with them. 

Shareth Ben is the executive director of field engineering at Securonix. That company has assembled a report on insider threats that found that most employees take some data with them. Some of that is inadvertent – but much of it is not.

While data loss detection has long been a “thing” in the technology industry, Ben notes that evolving technologies like machine learning and AI are making it easier to spot patterns of behavior that correlate with data theft- for example: spotting employees who are preparing to leave a company and take sensitive information with them. In this discussion, Shareth and I talk about the Securonix study on data theft, how common the problem is and how COVID and the layoffs stemming from the pandemic have exacerbated the insider data theft problem. 

It’s Not The Passwords…But How We Use Them

Nobody likes passwords but getting rid of them is harder than it seems. Even in 2021, User names and passwords are part and parcel of establishing access to online services – cloud based or otherwise. But all those passwords pose major challenges for enterprise security. Data from LastPass suggest that the average organization IT department spends up to 5 person hours a week just to assist with password problems of users – almost a full day of work. 

Barry McMahon a senior global product marketing manager at LastPass and LogMeIn. McMahon says that, despite talk of a “password less” future, traditional passwords aren’t going anywhere anytime soon. But that doesn’t mean that the current password regime of re-used passwords and sticky notes can’t be improved drastically – including by leveraging some of the advanced security features of smart phones and other consumer electronics. Passwords aren’t the problem, so much as how we’re using them, he said. 

To start off, I ask Barry about some of the research LastPass has conducted on the password problem in enterprises. Barry McMahon a senior global product marketing manager at LastPass and LogMeIn.


(*) Disclosure: This podcast was sponsored by LastPass, a LogMeIn brand. For more information on how Security Ledger works with its sponsors and sponsored content on Security Ledger, check out our About Security Ledger page on sponsorships and sponsor relations.

As always,  you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and check us out on SoundCloudStitcherRadio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted.

Let’s face it, 2020 was a terrible year. The Coronavirus has killed almost two million people globally and caused trillions of dollars in economic disruption. Wildfires, floods and hurricanes have ravaged the United States, central America, Australia and parts of Asia.

But trying times have a way of peeling back the curtains and seeing our world with new eyes. COVID messed up our lives, and focused our attention on what really matters.

Maybe that’s why this very bad year has led to some really good conversations and insights here on The Security Ledger on topics ranging from election security, to security supply chains and the security risks of machine learning.

The Security Risks of Machine Learning

To start off, I pulled a March interview from Episode 180 that i did with security luminary Gary McGraw, the noted entrepreneur, author and now co-founder of the Berryville Institute of Machine Learning.

To wrap up 2020, I went back through 35 episodes that aired this year and selected four interviews that stuck out and, in my mind, captured the 2020 zeitgeist, as we delved into issues as diverse as the security implications of machine learning to the cyber threats to election systems and connected vehicles. We’re excerpting those conversations now in a special end of year edition of the podcast. We hope you enjoy it.

Taking Hardware Off Label to Save Lives

As winter turned to spring this year, the COVID virus morphed from something happening “over there” to a force that was upending life here at home. As ICUs in places like New York City rapidly filled, the U.S. faced shortage of respirators for critically ill patients. As they often do: the hacking community rose to the challenge. In our second segment, I pulled an interview from Episode 182 with Trammell Hudson of Lower Layer Labs. In this conversation, Trammell talks to us about Project Airbreak, his work to jailbreak a CPAP machines and how an NSA hacking tool helped make this inexpensive equipment usable as a makeshift respirator.

Report: Hacking Risk for Connected Vehicles Shows Significant Decline

COVID Spotlights Zoom’s Security Woes

One of the big cyber security themes of 2020 was of the security implications of changes forced by the COVID virus. Chief among them: the rapid shift to remote work and the embrace of technologies, such as Zoom that enabled remote work and remote meetings. For our third segment, I returned to Episode 183 and my interview with security researcher Patrick Wardle, a Principle Security Researcher at the firm JAMF. In April, he made headlines for disclosing a zero day vulnerability in the Zoom client – one that could have been used by an attacker to escalate their privileges on a compromised machines. That earned him a conversation with Zoom’s CEO that took place – to Wardle’s dismay – via Zoom.

Securing Connected Vehicles

Finally, while COVID and the ripple effects of the pandemic dominated the news in 2020, it isn’t as it was the only news. In the shadows of the pandemic, other critical issues continued to bubble. One of them is the increasing tensions about the power held by large companies and technology firms. In our final segment, I’m returning to my conversation with Assaf Harel of Karamba Security in Episode 193. Harel is one of the world’s top experts in the security of connected vehicles. In this conversation, Assaf and I talk about the state of vehicle cyber security: what the biggest cyber risks are to connected cars. We also go deep on the right to repair -and how industries like automobiles can balance consumer rights with security and privacy concerns.


As always,  you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and check us out on SoundCloudStitcherRadio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted. 

In this episode of the podcast (#197), sponsored by LastPass, former U.S. CISO General Greg Touhill joins us to talk about news of a vast hack of U.S. government networks, purportedly by actors affiliated with Russia. In our second segment, with online crime and fraud surging, Katie Petrillo of LastPass joins us to talk about how holiday shoppers can protect themselves – and their data – from cyber criminals.


Every day this week has brought new revelations about the hack of U.S. Government networks by sophisticated cyber adversaries believed to be working for the Government of Russia. And each revelation, it seems, is worse than the one before – about a purported compromise of US government networks by Russian government hackers. As of Thursday, the U.S. Cyber Security and Infrastructure Security Agency CISA was dispensing with niceties, warning that it had determined that the Russian hackers “poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations”

The incident recalls another from the not-distant past: the devastating compromise of the Government’s Office of Personnel Management in 2014- an attack attributed to adversaries from China that exposed the government’s personnel records – some of its most sensitive data – to a foreign power. 

Do Cities deserve Federal Disaster Aid after Cyber Attacks?

Now this attack, which is so big it is hard to know what to call it. Unlike the 2014 incident it isn’t limited to a single federal agency. In fact, it isn’t even limited to the federal government: state, local and tribal governments have likely been affected, in addition to hundreds or thousands of private firms including Microsoft, which acknowledged Thursday that it had found instances of the software compromised by the Russians, the SolarWinds Orion product, in its environment. 

Former Brigadier General Greg Touhill is the President of Federal Group at the firm AppGate.

How did we get it so wrong? According to our guest this week, the failures were everywhere. Calls for change following OPM fell on deaf ears in Congress. But the government also failed to properly assess new risks – such as software supply chain attacks – as it deployed new applications and computing models. 

U.S. sanctions Russian companies, individuals over cyber attacks

Greg Touhill, is the President of the Federal Group of secure infrastructure company AppGate. he currently serves as a faculty member of Carnegie Mellon University’s Heinz College. In a prior life, Greg was a Brigadier General Greg Touhill and  the first Federal Chief Information Security Officer of the United States government. 

U.S. Customs Data Breach Is Latest 3rd-Party Risk, Privacy Disaster

In this conversation, General Touhill and I talk about the hack of the US government that has come to light, which he calls a “five alarm fire.” We also discuss the failures of policy and practice that led up to it and what the government can do to set itself on a new path. The federal government has suffered “paralysis through analysis” as it wrestled with the need to change its approach to security from outdated notions of a “hardened perimeter” and keeping adversaries out. “We’ve got to change our approach,” Touhill said.

The malls may be mostly empty this holiday season, but the Amazon trucks come and go with a shocking regularity. In pandemic plagued America, e-commerce has quickly supplanted brick and mortar stores as the go-to for consumers wary of catching a potentially fatal virus. 

(*) Disclosure: This podcast was sponsored by LastPass, a LogMeIn brand. For more information on how Security Ledger works with its sponsors and sponsored content on Security Ledger, check out our About Security Ledger page on sponsorships and sponsor relations.

As always,  you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and check us out on SoundCloudStitcherRadio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted. 

Holiday shopping has started in earnest following Thanksgiving. Statistics show that with the pandemic, more shopping will be done online this year than ever before. We provided some tips last week, but I had an opportunity since then to participate in an interview and a podcast on the subject and want to pass them along to provide additional tips for the holiday shopping season. 

The first is a Bloomberg article that can be accessed here. 

The second was a podcast with Legal Talk Today titled “Safe Shopping on Black Friday” which can be accessed here.

Happy holidays and safe shopping!

Data Center and Code

This podcast is the latest in a series of interviews we’re doing on “left-shifted security” that explores how information security is transforming to embrace agile development methodologies and DEVOPS. If you like this, check out some of the other podcasts in this series!


Information security is “shifting left”: moving closer to the development process and becoming part and parcel of agile “DEVOPS” organizations. But while building security into development may be a familiar idea, what does it mean to build compliance into development? 

Galen Emery is the Lead Compliance & Security Architect at Chef Software. 

To find out, we invited Galen Emery the Lead Compliance & Security Architect at Chef Software, in to the Security Ledger studios to talk about the job of blending both security and compliance into agile development processes. We also talk about Chef’s increasing investments in security testing and compliance and how the “shift left” is impacting other security investments including access control, auditing and more. 

Spotlight Podcast: RSA CTO Zulfikar Ramzan on confronting Digital Transformation’s Dark Side

To start out, I asked Galen to tell us a bit about Chef and how the company’s technology has evolved from configuration management to security testing and compliance as well as areas like endpoint protection. 


As always,  you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and check us out on SoundCloudStitcherRadio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted. 

Binary Check Ad Blocker Security News

In this episode of the podcast (#190), sponsored by LastPass, Larry Cashdollar of Akamai joins us to talk about how finding his first CVE vulnerability, more than 20 years ago, nearly got him fired. Also: Katie Petrillo of LastPass joins us to talk about how some of the security adjustments we’ve made for COVID might not go away any time soon.


When the so-called Zerologon vulnerability in Microsoft Netlogon surfaced in late September word went out far and wide to patch the 10 out of 10 critical software hole. That job was made considerably easier by a number: 2020-1472, the unique Id assigned to the hole under the Common Vulnerabilities and Exposures – or CVE- system. 

Larry Cashdollar is a Senior Security Response Engineer at Akamai

Created by MITRE more than 20 years ago, CVE acts as a kind of registry for software holes, providing a unique identifier, a criticality rating as well as other critical information about all manner of software vulnerabilities. Today, it is a pillar of the information security world. But it wasn’t always that way.

20 Years and 300 CVEs Later…

With another Cybersecurity Awareness month upon us, we decided to roll back the clock and talk about what life was like before the creation of the CVE system. To guide us, we reached out to Larry Cashdollar, a Senior Security Response Engineer at Akamai into the studio to talk. Larry is a veteran bug hunter with more than 300 CVEs to his name. In celebration of cybersecurity awareness month, Larry talked to me about the first CVE he received way back in 1998 for a hole in a Silicon Graphics Onyx/2 – and how discovering it almost got him fired. He also talks about what life was like before the creation of the CVE system and some of the adventures he’s had on the road to recording some of the 300 CVEs. 

10 Ways to make Your Remote Work Easy and Secure

The New New Normal

Six months into a pandemic that most of us thought might last six weeks, its time to stop asking when things will return to normal and time to start asking what the new normal will look like when the COVID virus is finally beaten. 

The Essential Role of IAM in Remote Work

LogMeIn, which makes remote access and security tools for remote workers. But is the shift to remote work temporary or permanent? What aspects of our Pandemic normal are likely to survive the eventual retreat of the COVID 19 virus? 

In our second segment, we sat down with Katie Petrillo of LastPass and LogMeIn to answer some of those questions and talk about how the shift to remote work is also changing the security- and privacy equation for companies.


(*) Disclosure: This podcast was sponsored by LastPass, a LogMeIn brand. For more information on how Security Ledger works with its sponsors and sponsored content on Security Ledger, check out our About Security Ledger page on sponsorships and sponsor relations.

As always,  you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and check us out on SoundCloudStitcherRadio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted. 

Binary Check Ad Blocker Security News

Thirty eight years after it was founded, RSA Security is embarking on what may be its most challenging journey yet: cybersecurity startup. In this Spotlight Podcast, sponsored by RSA, we’re joined by Chief Digital Officer Dr. Zulfikar Ramzan about the company’s path forward as an independent company.


The company which was acquired by storage giant EMC back in 2006 and then became a part of Dell when that company acquired EMC in 2015 re-emerges as an independent company this week, more than six months after it was acquired by a group of investors led by Symphony Technology Group. 

Zulfikar Ramzan RSA
Zulfikar Ramzan is the Chief Technology Officer at RSA.

What does independence looks like? What will RSA do with its newfound freedoms? And how does the challenging business environment created the ongoing COVID pandemic figure into the company’s plans? 

To find out, we invited Dr. Zulfikar Ramzan, RSA’s CTO into the Security Ledger studio. In this conversation, Zulli talks about how RSA’s path forward is informed by the company’s pioneering past, starting all the way in 1977,  when three MIT researchers Ron Rivest Adi Shamir and Len Adleman published research on a novel public key cryptosystem that took their name. 

Three Decades On: RSA Labs Sets Course for Future

The Past Informing the Future

As Ramzan sees it: the daring and persistence of the founders – whose work helped create the modern Internet, but who initially had to contend with the limitations of contemporary hardware and software, not to mention Cold War era restrictions on the sale of cryptography technology outside the US. That perseverance will serve as an inspiration to RSA as it looks to re-establish its leadership in vastly altered technology and security landscape.

Spotlight Podcast: Managing the Digital Risk in your Digital Transformation

To start off I asked Zulli to talk about RSA’s earliest days and what messages he and other company executives take from the company’s origins almost 4 decades ago.


(*) Disclosure: This podcast and blog post were sponsored by RSA Security for more information on how Security Ledger works with its sponsors and sponsored content on Security Ledger, check out our About Security Ledger page on sponsorships and sponsor relations.

As always,  you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and check us out on SoundCloudStitcherRadio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted.