Ep. 154 - Security Awareness Series - Whispering Sweet Security Nothings with Ed Skoudis

In this episode, Ed Skoudis joins Chris Hadnagy and Ryan MacDougall.  Ed is a SANS Institute Fellow, Instructor, and Director of Cyber Ranges.  He is the founder of Counter Hack, an innovative cyber security company that works as trusted information security advisors to government, military, and commercial enterprises by providing in-depth security architecture, penetration testing, red teaming, incident response, and digital forensics expertise. Ed frequently presents industry keynotes based on the latest attack vectors he identifies during his team’s penetration testing projects, expert witness work on large-scale breaches, security research into late-breaking malware and exploits, and incident response engagements. 

Over his career, Ed has taught over 20,000 students in computer incident response and penetration testing.  Ed and his team are also the creators of the SANS Holiday Hack Challenge, a free gift to the community every December challenging tens of thousands of people to build their cyber security skills in a fun, quirky adventure to save the holiday season. September 20, 2021 

 

00:00 – Intro 

www.social-engineer.com   

Managed Voice Phishing     

Managed Email Phishing     

Adversarial Simulations     

Social-Engineer channel on SLACK     

CLUTCH     

www.innocentlivesfoundation.org  

03:26 – Ed Skoudis Intro 

05:26 – How did you get started, how did you get into this field? 

09:18 – What are you looking for when building your team? 

10:47 – How long will you observe a person to determine if they have the integrity or skill that you want? 

12:44 – What advice would you give for companies to find people with the skill and integrity they need more quickly than observing them for 2-4 years? 

22:00 – “Nothing new” in social engineering vs infosec, which is constantly changing 

23:45 – Why do you feel experience like participating in CTF’s are so valuable for people in this community? 

28:57 – What is your advice for people on how to find quality CTF’s? 

www.holidayhackchallenge.com 

www.ctftime.org 

www.wechall.net 

https://opentoallctf.github.io/ 

32:04 – How long does it take your team to construct these challenges? 

35:54 – If someone wants to sponsor this event, where can they go? 

www.holidayhackchallenge.com 

36:42 – Who are the colleagues or mentors that have been most influential to you, people you wouldn’t be where you are today if not for them? 

Ed’s Nana – Evelyn Hiddings 

Manager at Bellcore – Miriam Hernandez Cagle 

SANS instructor, founder of In Guardians – Mike Poor 

Security Expert – Johnny Long 

SANS founder – Alan Paller 

40:30 – What are some action steps corporations should start doing right now based on the advice you gave today to build a great team? 

Have a good corporate culture and leadership

Be thoughtful and meaningful, make it fun, and challenge them

Take input from your team and empower them 

43:09 – Do you have any advice for employees dealing with burnout, how to practice self-care, or other coping mechanisms? 

Monthly meeting with state of the business, business reflections 

Rituals – Get a bagel and call mom on Saturdays, morning walk, calling friends out of the blue 

Gratefulness – when stressed, pause and think about what you’re grateful for 

Get off social media for a few days 

50:27 – Book Recommendation 

The Code Book by Simon Singh 

51:53 – Outro 

www.innocentlivesfoundation.org  

 

www.social-engineer.com