In this episode, Malcolm Harkins speaks with Eric McNulty.  Eric is co-author of the book, You’re It: Crisis, Change, and How to Lead When it Matters Most  and author of Three Critical Shifts in Thinking for the Evolving Leader  and Your Critical First 10 Days as a Leader .  Eric has written more than 200 bylined articles on leadership, decision-making, and negotiation in top journals.  He holds an appointment as associate director of the National Preparedness Leadership Initiative (NPLI), a joint program of the Harvard T.H. Chan School of Public Health and Harvard’s Kennedy School of Government . Eric teaches in numerous executive education and graduate level courses at Harvard as well as at M.I.T and the University of California, San Diego. In 2018, he was named a Trust Across America Top Thought Leader in Trust.

Malcolm and Eric discuss crisis management and leadership based on a wide range of issues that Eric has been involved with over the years from Hurricane Sandy, the Deep Water Horizon oil spill, and even the Boston Bombing.  Eric shares pragmatic tips and perspectives that will help us all do a better job at leading - sense making, meaning making, and creating islands of certainty amid the chaos.  

Guest: Eric McNulty  (2) Eric McNulty | LinkedIn
Host: Malcolm Harkins https://www.linkedin.com/in/malcolmharkins/

In this episode, Malcolm Harkins speaks with Norm Fjeldheim, former CIO for Qualcomm and more recently he was the CIO for Illumina.   Malcolm & Norm talk about a wide range of items including recalling their first time meeting on an advisory board back years ago.  We discuss what it was like working for market competitors (Intel and Qualcomm) and how we worked together on cyber security - sharing information to help protect each other as well as help protect other organizations.  Information sharing in the cyber security space has improved a lot over the years but still poses challenges for some who are constrained by either their own worry about sharing information or  other organizational restrictions.  We both believe our organizations were better off by taking the risk to partner together on cyber security.  We discuss how Norm approached information security as a CIO and how the CISO was integral to the organizations he has led.  We talk about accountability and the lack of it at times including in many well publicized breaches such as SolarWinds, Sony, and Equifax,  We discuss that in some cases there is clear negligence on the part of the CIO, CISO, or other exec's in an organization.    We discuss our perspectives on public policy items including the need for some sort of cyber security integrity regulation that instills more direct accountability on public companies.  We explore how sometimes the compliance and audit perspectives on risk don't always align well to a rationale perspective on risk.  Norm shares his perspective on needing a constant culture of change to re-evaluate your security technology - upgrading and moving to new tech routinely to stay on top of risk issues.  

Guest: Norm Fjeldheim Norm Fjeldheim | LinkedIn
Host: Malcolm Harkins https://www.linkedin.com/in/malcolmharkins/

All content © 2021 Security Speaks.

In this episode, Malcolm Harkins speaks with Rick Payne , an Info Sec engineer with RMS.  Rick has spent the past 15 or so years 15 years learning and doing.  Starting as an intern to a DevOps technician, to  Security Analyst, to  Architect, to CSO, and is now a  cloud focused Staff Information Security Engineer.   His foundation is standards-based and rooted in DevOps automation and Systems Security Engineering (SSE).   Giving back and improving the community is a passion for Rick.  Rick shares his perspective on DevSecOps and we discuss the friction that gets in the way at times of really aligning security in to the development and operational efforts in an operation.  Rick shares his perspective on SMB as well and the incremental security approaches taken by many vs. the transformational things that we need to be doing.   Rick shares from his experiences a wide variety of lessons learned and the approach he is taking to lead transformational change to improve security.  

Guest:  Rick Payne (1) Rick Payne CISSP, RHCE | LinkedIn
Host: Malcolm Harkins https://www.linkedin.com/in/malcolmharkins/

in this episode, Malcolm Harkins speaks with Kelley Misata  the founder of Sightline Security.   The Cybersecurity company for Non-Profits.     Here about Kelley's journey from being  a business executive till one day when she was cyber stalked and became cyber aware as well as an advocate for change.  Learn how she pursued her PhD in Computer Science at Purdue and was mentored by Spaf,  one of the legends in our field.  "Get the PhD first then go save then world" said Spaf during her dissertation prep.   Kelley is one of the most passionate and dedicated people I have ever met in cyber security.  Hear how she has gained personal strength through the struggle and why non-profit cyber security is so important not only to her but why it should be important to all of us. 

Guest:  Kelley Misata  Kelley Misata, Ph.D. | LinkedIn
Host: Malcolm Harkins https://www.linkedin.com/in/malcolmharkins/

In this episode, Malcolm Harkins speaks with Keyaan Williams from Class LLC.      Keyaan discusses his reflections back on 2020 as well as more broadly what he sees as the missing component - people.  We discuss burnout and how that discussion came up in a series of roundtables that were conducted in 2020 with over 100 executives discussing corporate extinction events.  Those issues/events that could cause your organization to go out of business.  We also touch on Solarwinds and hear from Keyaan that many CISOs don't have a level of true visibility to critical business systems and business processes.  And how many of us lack a fully documented enterprise IT architecture.  So we have a level of event driven awareness and a highly reactive approach to asset management.  So has the CIO failed to do their role to manage IT across the organization ? Keyaan shares his perspective to this question.    He also shares who was his childhood hero and why. 

Guest:  Keyaan Williams  Keyaan Williams | LinkedIn
Host: Malcolm Harkins https://www.linkedin.com/in/malcolmharkins/

In this episode, Malcolm Harkins speaks with Dan Blum,  Managing Partner at Security Architects Partners.      Dan discusses how he got his start in economics and then found his way into the technology space.  In this podcast Dan talks about his recently published book Rational Cybersecurity for Business and how he sought to figure out how you do 5% of the work right and get 95% of the benefit (or more practically the 80/20 rule).  In the quest to answer that question, Dan determined that there are  6 rational priorities that if done correctly will lead to a more effective/efficient security approach in addition to achieving better business alignment.   We touch on the economics of the industry as well as the recent Solarwinds event that has rattled a large portion organizations across the country and share perspectives on the implications this has and could have for organizations.   

Guest:  Dan Blum https://www.linkedin.com/in/dan-blum-author-architect/
Host: Malcolm Harkins https://www.linkedin.com/in/malcolmharkins/

In this episode, Malcolm Harkins speaks with Ron Ross,  a fellow with the National Institute of  Standards and Technology  (NIST).      In this podcast you will hear from a real hero in our struggle to make improvements in not only cyber security but in privacy.  Ron has had decades of dedication in public service to our Nation, always striving to do something bigger than has been done before.  In this podcast we discuss what  inspired Ron as a kid when Kennedy was President and how that still drives his focus today at NIST.  We discuss how complexity is overwhelming many and the double complexity problem (complexity of IT systems coupled with the security complexity we have created).   We discuss the above the water line and below the water line issues.  We discuss the consequences of cyber/physical systems and the extended enterprise as well as the need for damage limiting architecture concepts for true cyber resiliency that Ron will be focused on in 2021 and beyond. 

Guest:  Ron Ross https://www.linkedin.com/in/ronrossecure/
Host: Malcolm Harkins https://www.linkedin.com/in/malcolmharkins/

In this episode, Malcolm Harkins speaks with Diana Kelley,  co-founder of SecurityCurve.    Diana is well known in the industry and has done it all.  She has been a practitioner, a consultant, a researcher, an analyst, and she has been on the security vendor side of things.  She is also an author.  Practical Cybersecurity Architecture is her newest book published in November 2020 with her co-author Ed Moyle.  In this podcast we discuss how Diana got her first exposure to technology back when she was a young girl and her father was at MIT Lincoln Labs and how that instilled a sense of curiosity in her that still drives the purpose and passion she demonstrates today.  In this podcast you will hear about her story and the common thread of "why".   We discuss the 360 degree view she has had over the years and share perspectives on the industry, the vendors, ethics, and diversity in security.  We discussed what she has liked most and least about the industry including the reason she co-authored her newly released book.  We look ahead with some predictions for 2021 including covid 19 implications for the future of IT and Security.

Guest:  Diana Kelley  Diana Kelley | LinkedIn
Host: Malcolm Harkins https://www.linkedin.com/in/malcolmharkins/