November 9, 2022
by Hacker Valley Studio
November 9, 2022
by Hacker Valley Studio
Hacker Valley: On the Road is a curated collection of conversations that Chris and Ron have had during conferences and events around the globe. In this episode, NTT’s Dirk Hodgson, Director of Cybersecurity, and Adam Green, Senior Cybersecurity Executive, speak with the Hacker Valley team at CyberCon in Melbourne, Australia. Dirk and Adam cover the intersection of their roles at NTT, their experiences at conferences like RSA, their country’s cybersecurity industry, and their team’s cultivated trust with clients.
[00:00] Reuniting at CyberCon after years of COVID limiting security conferences
[06:30] Differentiating Australia’s cybersecurity industry from the rest of the world
[10:48] Watching current cyber trends with CMMC & the Essential 8 frameworks
[25:41] Creating interpersonal communication in a technology-driven industry
[34:58] Building trust by knowing your clients & your adversaries equally
Thank you to our sponsor Axonius for bringing this episode to life!
Life is complex. But it’s not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone
How are Australian cybersecurity practitioners different from the rest of the world?
According to Adam, the past 3 years have led to a massive shift in maturity for Australia’s cybersecurity industry. Previously, Australia relied on its physical isolation as a country as a means of security, but breaches have become more high profile and more impactful for Australian businesses in recent years. Now, Adam is pleased to see there be a greater understanding beyond the 101 of cybersecurity and more collaboration with security teams.
“Three years ago, we used to say Australia was 5 years behind the rest of the world [in cybersecurity]. We used to think, because of proximity to the rest of the world, we were pretty safe, but it's definitely become more of a professional approach to security now.” — Adam
How do your roles as Director and Executive work together at NTT?
For Dirk, cybersecurity is the ultimate team sport— and Adam is an impactful element to his cybersecurity team. While Adam often focuses on strategic planning through his background as a practitioner, Dirk enjoys how his business-driven perspective contrasts with Adam and with other members of the team. With a variety of experiences and perspectives in the room, NTT can cover issues from all sides, instead of falling victim to tunnel vision.
“Adam is the person on the team, who's great at that scenario planning piece. ‘Here are the things that are gonna go wrong.’ Whereas myself and a couple of the other people on the team, look at that go, ‘What's that going to cost the organization?’” —Dirk
Where are the strengths and weaknesses in communication in cybersecurity?
Just like Dirk’s thoughts about cybersecurity being a team sport, Adam believes that you have to cultivate a team member-like trust with your clients. The client in an initial conversation might seem defensive of your advice or critical of your actions. However, Adam explains that establishing credibility, especially in the business-focused cyber industry in Australia, goes a long way to creating the opportunity for more casual conversations down the line.
“What we find is, in Australia in particular, it's about not just the company, but you as an individual. Do you have my back? Can I trust you? If I don't like you, will you at least mitigate my risk for me? You have to establish credibility real fast.” —Adam
What advice would you give to someone interested in cultivating more trust between clients and their team?
Dirk loves a good James Bond villain, but the average hacker attacking the average business is nothing like the movies. Establishing trust with clients starts with not only understanding what they need, Dirk explains, but also knowing the most likely threats beyond the showstopping Blackhats of media fame. Being able to explain to and protect clients from the most common threats keeps their data safest and strengthens their trust in your team.
“I think it's about making sure that you know what the worst case scenario is, what the most dangerous course of action that the attacker or a potential attacker could follow, but also, being able to talk credibly about what's the most likely threat.” —Dirk
Keep up with our guest Dirk Hodgson on LinkedIn
Keep up with our guest Adam Green on LinkedIn
Purchase a HVS t-shirt at our shop
Continue the conversation by joining our Discord
SaaS misconfigurations may be responsible for up to 63% of security incidents. Do your SaaS applications have risky OAuth grants and misconfigurations? Let’s not find out. We will unravel the complexities of OAuth and how attackers are using OAuth to...
In this episode, host Ron Eddings speaks with Chris Hughes, President at Aquia, Cyber Innovation Fellow at CISA, and cybersecurity legend. Special guest, Chris Hughes, was initially inspired to build a personal brand through a desire to mend his weak...
In this episode, host Ron Eddings is joined by Sr. Director of Red Team Operations at Coalfire, Pete Deros, to discuss the hottest topic around; adversarial AI. Ron and Pete discuss how AI is used and how the adversary is using AI so everyone can sta...
In this episode, host Ron Eddings is joined by Metasploit creator, co-founder and CEO of runZero, HD Moore. HD changed the world with Metasploit and he’s doing it again with runZero. Attack Surface Management can’t happen unless you have visibility i...
In this episode, Ron Eddings is joined by Penetration Tester, Instructor, International Speaker, Best Selling Author, and Podcast Host, Phillip Wylie. Phillip shares how pen testing and the need to educate people helped motivate him to speak at confe...
In this episode, Host Ron Eddings interviews Robert Kerbeck, author of Ruse: Lying the American Dream from Hollywood to Wall Street. Robert shares how his professional acting skills helped his career in corporate spying and espionage. Impactful Mom...
In this episode, host Ron Eddings is joined by cybersecurity researcher and writer, Kim Crawley, to deep dive into one of her greatest passions; computing! From its origins to its newest capabilities in quantum and AI, Kim shares her love of computer...
In this episode, host Ron Eddings is joined by Co-Founder and CEO of ThreatLocker, Danny Jenkins, to talk about his "Hero’s Journey" from IT to launching ThreatLocker. From spam emails, bots, and ransomware to persuading people to take a new approach...
In this episode, host Chris is joined by Erika Eakins — a cybersecurity sales ninja, podcaster, and co-founder at Teach Kids Tech. Erika opens up about her challenges entering tech and cybersecurity as a woman and her mission to serve the underrepres...
It’s a classic technologist conundrum: Should I build or buy the solution I need to solve a problem? The “Build vs. Buy” conundrum is faced by technology teams worldwide. To help approach this riddle, Chris Cochran speaks to two industry veterans, Sl...