Ransomware (with Allan Liska & Tim Gallo)

Apr 19, 2018

Advanced Persistent Security Podcast

Episode 43

Guests: Allan Liska and Tim Gallo

April 19, 2018

If you enjoy this podcast, be sure to give us a 5 Star Review and “Love Us” on iTunes; Like us on Google Play, Stitcher, Sound Cloud, Spreaker, and YouTube.
NOTE: The opinions expressed in this podcast are ours alone and do not reflect those of our employers

Ransomware (with Allan Liska & Tim Gallo)

Show Notes

Segment 1

In this episode, Joe is joined by Allan Liska and Tim Gallo, co-authors of O’Reilly’s Ransomware book. The show kicks off with origin stories. We talk about the passion of security professionals and the career versus hobby camps. We discuss mentoring in terms of selecting mentees and mentors. Allan and Tim provide insight on the process of writing a book. We talk about persistence.

Segment 2

Joe kicks it off with a question to Allan and Tim about their observations of ransomware. A discussion as to whether to pay the ransom or not ensues and considerations for each argument are given. Tim talks about the relationship between IT Operations and IT Security. He relates stories from his past to convey why many security professionals make assumptions as to why/how things are done. Joe talks about “Schrodinger’s Backup” and its relation to proper incident response plans. We talk about the malware SDLC.

The conversation shifts to our research on exploit kits and ransomware as well as trends for each. We discuss the argument of paying or not paying [the ransomware.] This segment is concluded with a talk about ransomware in cars.

phishing@advancedpersistentsecurity.net

Book Link:

Ransomware: Defending Against Digital Extortion

About Allan:

Ransomware (with Allan Liska & Tim Gallo) — Allan Liska

Allan Liska is a solutions architect at Recorded Future. He has more than 15 years’ experience in the world of information security and has worked as both a security practitioner and an ethical hacker. Allan has helped countless organizations improve their security posture using more effective intelligence. He is the author of The Practice of Network Security, Building an Intelligence-Led Security Program, and Securing NTP: A Quickstart Guide and the co-author of DNS Security: Defending the Domain Name System and Ransomware: Defending Against Digital Extortion.

Contacting Allan:

Twitter: @uuallan

About Tim:

I’ve been working in security for 20 years, everything from firewall management to security officer and consultant. I spent 8 years as a product manager for an intelligence vendor and recently coauthored an O’Reilly book on Ransomware, I was also a technical editor on books about DNS Security and Building Threat Intelligence Programs. I have strong opinions on the importance of building intelligence programs and how they can help your organization save money when done correctly, and can cost you a lot of money if done poorly. In the end, I’d like to try and share with others what I’ve seen go well and go wrong. I’m not a rockstar, nor am I some sort of guru. You won’t find shrines to me in the halls of Twitter, nor the fields of LinkedIn, but you will find me there, sipping on information and bourbon.

Contacting Tim:

Twitter: @TimJGallo

Thanks for stopping by and checking out our podcast. We would appreciate if you could subscribe (assuming you like what you hear; we think you will). This is meant to be informative and to provide value to anyone who listens – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.

Enter your email address:

Delivered by FeedBurner