AttackIQ Podcasts

AttackIQ’s new video podcast brings together security researchers, defenders, and intelligence practitioners for a regular discussion about how to build a strong “threat-informed defense” strategy. Each week we will discuss emerging strategic concepts, threats and emulation plans, and how to optimize your cybersecurity investments. Sometimes, we will talk about events in the news.

Latest Episode

Ransomware, Security Readiness, and Resilience

Jonathan Reiber, Senior Director for Cybersecurity Strategy and Policy, AttackIQ

Guest: Ted Harrington

In this episode, Jonathan speaks with Ted Harrington, best selling author of the book Hackable: How to Do Application Security Right, about the way attackers think, readiness and resilience, and how to live a purposeful career in leadership and public service.

About Hackable: How to Do Application Security Right

If you don’t fix your security vulnerabilities, attackers will exploit them. It’s simply a matter of who finds them first. If you fail to prove that your software is secure, your sales are at risk too.

Whether you’re a technology executive, developer, or security professional, you are responsible for securing your application. However, you may be uncertain about what works, what doesn’t, how hackers exploit applications, or how much to spend. Or maybe you think you do know, but don’t realize what you’re doing wrong.

To defend against attackers, you must think like them. As a leader of ethical hackers, Ted Harrington helps the world’s foremost companies secure their technology. Hackable teaches you exactly how. You’ll learn how to eradicate security vulnerabilities, establish a threat model, and build security into the development process. You’ll build better, more secure products. You’ll gain a competitive edge, earn trust, and win sales.


What to Know, How to Prevent: menuPass

Jonathan Reiber, Senior Director for Cybersecurity Strategy and Policy, AttackIQ

Guest: Jose Barajas

In this episode, Jose Barajas and Jonathan Reiber discuss MITRE Engenuity’s Center for Threat-Informed Defense and AttackIQ’s emulation plan for menuPass. This plan will enable defenders to replicate tactics and techniques used by menuPass, a cyber threat actor that has been active since 2006 and whose goals are aligned with the People’s Republic of China’s Five Year plan. Members of the group have, according to MITRE ATT&CK, worked in association with the Chinese Ministry of State Security’s (MSS).

What has been their impact? menuPass is responsible for global intellectual property theft in at least 12 countries. The group has targeted companies within the healthcare, defense, aerospace, and government sectors, with emphasis since 2014 on Japanese victims. As MITRE ATT&CK describes the group’s behavior, “menuPass leveraged its unauthorized access to these managed service providers’ networks to pivot into subscriber networks and steal information from organizations in banking and finance, telecommunications, healthcare, manufacturing, consulting, biotechnology, automotive, and energy.”

In this podcast, you will see and hear about how AttackIQ incorporates MITRE Engenuity’s Center for Threat-Informed Defense’s emulation plan into the Security Optimization Platform to automate the tactics, techniques and procedures used by menuPass. This allows AttackIQ customers to run the emulation plan against their existing and planned security controls to validate their effectiveness and improve their performance against the group. The Security Optimization Platform then provides detailed gap analysis and remediation reports.


Pete Luban of Dimensional Fund Advisors on MITRE ATT&CK and Security Optimization

Jonathan Reiber, Senior Director for Cybersecurity Strategy and Policy, AttackIQ

Guest: Pete Luban

Chief information security officers and security leaders all over the globe struggle with complexity. Complex socio-political risk; complex risk management organizations; and complex technologies. Today on Think Bad, Do Good, we talk with one of the world’s leading cybersecurity operators not just about how you can decrease complexity and strengthen your security program, but how you can become a more effective leader for your organization.

Pete Luban knows the issues well. He is the head of the cybersecurity program for Dimensional Fund Advisors (DFA), an investment management service that operates with over $550 billion in assets under management. Headquartered in Austin, Texas, the 38-year-old company has over 1,700 employees and, in the words of Peter Luban, is “run by a group of computational geniuses.” As a global distributed firm with significant financial assets, it faces similarly significant cyberthreats to its assets and personnel.

For managing these risks, Pete calls the MITRE ATT&CK framework the “mother brain” for security effectiveness. Why? Since he started using ATT&CK, he has seen a fundamental increase in effectiveness in protecting his company, but also in how he communicates to his board. ATT&CK and AttackIQ give him a single tool to see threats and threat behaviors. “That is a giant value add use case that follows the life cycle of information or misinformation from beginning to end and gives me a tool by which to validate, no pun intended, that what we do is worth what the company spends on it, right? That’s a simple use case that is insanely valuable.”

Listen to today’s episode to learn more about what keeps Pete up at night, what Pete would like to see more broadly adopted in his community to increase communication and effectiveness, and how COVID has transformed cybersecurity for companies everywhere.


Kumar Chandramoulie of AmerisourceBergen on Cybersecurity Risk and Effectiveness

Jonathan Reiber, Senior Director for Cybersecurity Strategy and Policy, AttackIQ

Guest: Kumar Chandramoulie

Kumar Chandramoulie is no stranger to challenge. As Vice President, Cyberdefense, Data, and Threat Management at AmerisourceBergen, Chandramoulie is responsible for planning his firm’s approach to cybersecurity risk management across its global operations. This is a vital mission: AmerisourceBergen provides pharmaceutical products, value-driving services, and business solutions that improve access to care. Global manufacturers depend on AmerisourceBergen for services that drive commercial success for their products. Tens of thousands of healthcare providers, veterinary practices, and livestock producers trust AmerisourceBergen as their partner in the pharmaceutical supply chain. Data underpins the entire process, and Kumar is responsible for securing the firm’s networks across multiple borders, businesses, and platforms. 

He uses MITRE ATT&CK and AttackIQ to achieve operational effectiveness and help his team do the best job they can. In this episode, Jonathan and Kumar discuss his approach to cybersecurity and how MITRE ATT&CK and AttackIQ help him secure AmerisourceBergen’s data. They talk about Kumar’s process of building a cybersecurity system, why MITRE ATT&CK is so useful for AmerisourceBergen’s security effectiveness, and how performance data helps AmerisourceBergen leadership understand their cybersecurity.

For more about how AmerisourceBergen uses MITRE ATT&CK and AttackIQ, you can dive into this case study here.


Julia Voo and the National Cyber Power Index

Jonathan Reiber, Senior Director for Cybersecurity Strategy and Policy, AttackIQ

Guest: Julia Voo

Julia Voo once auditioned for a part in Harry Potter because she wanted to go to Hogwarts. But it was much cooler to be a British foreign service officer in Beijing after Brexit covering China’s approach to cybersecurity policy and artificial intelligence from a trade perspective. Now, she’s crushing it on China and cyber policy at Harvard’s Belfer Center, where she serves as a Fellow, and has just led a global team in a comprehensive review of global cyber powers.

In this episode, Jonathan talks with Julia about how an innocuous one-off conversation kicked off the National Cyber Power Index (NCPI), the nature of cyber power in international relations, and the future of U.S.-China relations. Jonathan’s son also makes a brief cameo.

So who are the top ten most “cyber powerful” countries?  And why is the Netherlands number 6? The National Cyber Power Index provides an overall measurement of a country’s aptitude as a cyber power – far more than just offensive and defensive capabilities. It gives a new look at international cyberpower, who wields it the most, and how it can best be leveraged in foreign affairs. Learn more and tune in for more.


Defending Digital Democracy

Mis/Disinformation and the 2020 Presidential Election

Jonathan Reiber, Senior Director for Cybersecurity Strategy and Policy, AttackIQ

Guests: Maria Barsallo Lynch, Siobhan Gorman, and Robby Mook of Harvard’s Belfer Center for Science and International Affairs.

Join cybersecurity and public affairs experts Robby Mook, Siobhan Gorman, and Maria Barsallo Lynch of Harvard’s Defending Digital Democracy project as they discuss the coming presidential election and how state and local government officials and American citizens can take steps to assure its integrity. Over the last four years these individuals have played significant leadership roles in the United States in helping the states learn about and prepare for cyberspace operations and disinformation operations alike, and last week the Harvard team released The Election Influence Operations Playbook, Part 1, to help election officials manage the threat of disinformation operations to the election.

Defending Digital Democracy was founded in the aftermath of the 2016 election by a group of bipartisan policy, technology, and political leaders to help defend the country’s democratic processes in cyberspace. Since then the Harvard team has produced over half a dozen playbooks and landmark research projects and engaged state, local, and federal government organizations as they address cybersecurity risks to the U.S. democratic process. Please see below for more information about the team and its research – and give the podcast a listen!


FIN6 MITRE Emulation Plan

Jonathan Reiber, Senior Director for Cybersecurity Strategy and Policy, AttackIQ

Guest: Jose Barajas, Technical Director, AttackIQ

Join Jose Barajas and Jonathan Reiber for Episode 4 of “Think Bad, Do Good” as they explore the FIN6 emulation plan and the work at the Center for Threat-Informed Defense that led to its development. What is the broad utility of this emulation plan, and how can cybersecurity teams best take advantage of all that it has to offer? How can emulation plans help organizations improve their cybersecurity by taking on a threat-informed defense approach more broadly? Tune in to learn more from our experts.


Best Practices in Threat-Informed Defense

Jonathan Reiber, Senior Director for Cybersecurity Strategy and Policy, AttackIQ

Guest: Ben Opel, Director of Customer Success, AttackIQ

Join Jonathan Reiber and Ben Opel for a discussion of threat-informed defense lessons learned from their time serving in the Department of Defense. Reiber and Opel reflect on lessons from their two separate but related career trajectories in the Defense Department, Reiber writing the DoD’s cyber defense strategies and working in the Office of the Secretary of Defense from the creation of U.S. Cyber Command, Opel joining the U.S. Marine Corps and serving as a cyberspace operator, and defending key terrain and running purple team operations, after graduating from the United States Naval Academy. Both reflect on the current state of operations today from the perspectives of their past experiences.


How to Achieve Cybersecurity Effectiveness

Jonathan Reiber, Senior Director for Cybersecurity Strategy and Policy, AttackIQ

Guests: Adam Isles, Principal, Chertoff Group; Kurt Alaybeyoglu, Senior Associate, Chertoff Group

Less fear, uncertainty, and doubt. How can you optimize your cybersecurity investments to achieve maximum effectiveness? Listen to two of the world’s leading practitioners of cybersecurity and hear about their experiences managing major incidents from the top of DHS and operating in the U.S. Air Force’s cyber warfare wing.


APT29 and Threat Informed Defense*

Jonathan Reiber, Senior Director for Cybersecurity Strategy and Policy, AttackIQ

Guest: Jose Barajas, Technical Director, AttackIQ

APT29, threat informed defense, and how to take on a “purple” team approach. With Jose Barajas, Technical Director at AttackIQ, Ben Opel, AttackIQ Academy Purple Team Instructor, and Jonathan Reiber, Senior Director for Cybersecurity Strategy and Policy at AttackIQ.

*Note: this is an imperfect pilot episode for the series, and we’ll sort out our audio and video recording methods for the next episode.