From Security Weekly Wiki
Revision as of 14:34, 4 November 2019 by Matt (talk | contribs)
Jump to navigationJump to search

Recorded November 4, 2019 at G-Unit Studios in Rhode Island!

Episode Audio


  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .

  • Announcements

    • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
    • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit to register for free and come join in the fun!
    • We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting and clicking the button to join the list! You can also submit your suggestions for guests by going to and submitting the form! We'll review them monthly and reach out if they are a good fit!
    • Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting, selecting the webcast/training drop down from the top menu bar and clicking registration.

    Interview: Henry Harrison, Garrison

    Henry Harrison
    is the Cloud Chief Information Security Officer of Garrison.

    Henry is a seasoned technology industry executive and serial entrepreneur who has spent the last ten years focused on cyber security both as an independent consultant and as Technical Director for Cyber Security at UK defense and security company BAE Systems. Henry’s previous ventures include a desktop videoconferencing startup, and he has been responsible for developing and selling advanced electronics solutions into governments, telecommunications companies and financial services organizations amongst other sectors.

    Segment Topic:
    What is Hardsec?

    Segment Description:
    A contrarian in the security industry, Henry Harrison of Garrison believes the only way forward is to implement security on the foundational level through Hardsec. An evangelizing approach that emerged out of research and development from the UK’s national security, hardsec relies on hardware security executed through the use of non-turing machines digital logic – chips that are too dumb to be hacked – to eliminate cyber threats. This moves away from the generic chip sets and advocates for a more unique and specialized chip set for devices where security is paramount. During this conversation, Henry can talk about this approach and what it would take for it to become widely adopted.

    Segment Resources:

    Leadership Articles

    • Balancing the Company’s Needs and Employee Satisfaction - Doing what is right for their company and doing what will make their employees happiest are not always mutually exclusive. Making the following shifts in mindset can help:
      • From individual happiness to collective purpose
      • From engagement to ownership
      • From promotability to visibility
    • Why Successful People Wear The Same Thing Every Day - Researchers have actually studied the effect that making too many decisions can have on our lives and what they show is that our capacity to consistently make well thought out decisions is finite. Many successful individuals understand that less time spent on making decisions meant more brainpower and time for everything else. Therefore, reduce one decision by choosing a monotonous wardrobe...
    • Technology That Will Actually Make You More Productive - Don’t be afraid of technology, embrace it. Just make sure you are picking the right tools to put on your phone or tablet...
    • What industry gets wrong about cyber insurance - Misconceptions about the role insurance plays in a cyber event's aftermath are common. Let's try to provide some clarity:
      • Cyber insurance is an investment
      • How to choose a cyber insurance policy
      • Insurance loopholes
      • Security considerations
      • Insurers' role in incident response
    • Four principles for security metrics - When you start developing security metrics for a problem area, don't plunge into trying to analyze 'risk'. Here are four founding principles if you want to develop trusted operational security metrics that are relevant for your organization:
    1. Start with process
    2. Understand the reality of the process
    3. Create one metric per process
    4. Be clear on the type of process failure
    • 3 lessons on the future of talent pipelines - Talent shortages haven't ceased being a discussion going into the next decade, yet swaths of the American population are either underrepresented in the workforce or struggle to develop the skills necessary to thrive in it. Here are the issues impacting employers' talent pipelines:
    1. The digital skills gap may be the biggest one
    2. Companies won't ignore the role of social issues in recruiting
    3. Employers can expect never-ending 'reskilling'