Processing experience into insight - retrospectives, lessons
Security
Synopsis In this episode of Resilient Cyber Chris Hughes chats with Cyber industry veterans and long-time leaders Wendy Nather and Casey Ellis about systemic cyber struggles, issues that still plague us over the years, and some of the economic incentives at play (or not) when it comes to cybersecurity. Casey
Personal
It’s been just over three weeks since I randomly “let the Internet know” that I was heading in for unexpected heart surgery...
Policy
In September 2023, the IT-ISAC Elections Industry SIG launched a first-of-its kind pilot program in which election technology providers gave security researchers access to modern voting technology under the principles of Coordinated Vulnerability Disclosure.
Security
Bug bounty programs are a valuable tool for security efforts but only if they are correctly applied. This is particularly true for airlines who have to secure both the IT business systems and OT aircraft systems that enable the business to operate safely.
Personal
Optimizing my home office space for a work-from-home/hybrid setup became a bit of a hobby during the pandemic, and since returning to the USA from Australia in 2021 I've essentially replicated the successful aspects of the Sydney setup, with a few modifications.
Policy
DEF CON 31 Policy - All Your Vulns Are Belong to Terms and Conditions - DEF CON panel featuring David Rogers, Katie Trimble-Noble, Harley Geiger, and myself. Recorded on September 15, 2023 at DEF CON 31 in Las Vegas, Nevada.
Building
Here are my moves for #hackersummercamp 2023...
Building
On the 1st of September 2012 during a flight from Melbourne to Sydney, a series of ideas I’d been working on for a year or more coalesced with a bunch of conversations I’d just had, the lightbulb went off, and Bugcrowd was born.
Security
During Hacker Summer Camp, I was asked "where do you, uh, live now and stuff" a lot. Forgive this slightly indulgent post, but I wanted to blog a little bit of our story, and some of the thinking that went into executing our trans-pacific COVID bug-in back in 2020.
Security
Casey Ellis, founder and CTO at Bugcrowd, said bug bounty hunters are ultimately entrepreneurs in their own right.
Security
After hearing "vulnerability" and "threat" used interchangeably for a >9,000th time I decided to do something about it, and the Bar Fight Risk Taxonomy was born.
Building
This is a follow up from https://cje.io/2021/03/28/my-office-setup which is worth reading first if you haven't yet... Everything in Part 1 is still in play - Part 2 talks through some optimizations and a couple of additions.