In this episode, Joe Carson interviews Joe Grand, a renowned hardware hacker and educator. They discuss Joe Grand's journey into hacking, the importance of community and collaboration in the field, and the evolution of technology and security challenges over the years. Joe shares his early experiences with computers, his transition from engineering to hardware hacking, and the pivotal role of the Loft in shaping his career. The conversation also touches on the founding of @Stake (ATstake, Inc.) and the challenges of balancing passion with corporate expectations in the cybersecurity industry.

In this conversation, Joe Grand discusses his journey in the hacking community, including his experiences designing badges for Defcon, the importance of artistic engineering, and the impact of live hacking events. He shares insights on parenting in the digital age, the significance of legacy software security, and the challenges of vendor communication. Joe also highlights his current projects, the learning process through failure, and resources for aspiring hackers, culminating in a discussion about his involvement in a film related to cryptocurrency.

• Community and collaboration are vital in the hacking world.
• Hacking is a continuous learning process; you never know everything.
• Early experiences with computers often start with games and curiosity.
• The Loft provided a transformative experience for Joe Grand.
• Transitioning from engineering to hacking can be a natural progression.
• AtStake was a significant step in Joe's career, merging hacking with business.
• Finding purpose in teaching others about hardware hacking is fulfilling.
• The importance of viewing security from an adversarial perspective.
• Hacking and engineering can complement each other in unique ways. Joe Grand returned to design the Defcon badge after years away.
• He emphasizes the blend of art and engineering in hacking.
• Live events showcase the real-time problem-solving process in hacking.
• Parenting involves guiding children through the digital landscape.
• Not all hacks need to be groundbreaking to be significant.
• Legacy software security remains a critical issue.
• Effective communication between vendors and hackers is essential.
• Current projects focus on refining fault injection techniques.
• Learning through failure is a vital part of the hacking process.
• Documentation is crucial for replicating and building on work.

• 00:00 Introduction to the Podcast and Guest
• 01:43 The Journey of a Hardware Hacker
• 05:16 The Importance of Community in Hacking
• 09:50 Early Experiences and Hacker Origins
• 14:41 Transitioning from Engineering to Hardware Hacking
• 18:16 The Loft: A Transformational Experience
• 23:51 From Passion to Career: The AtStake Journey
• 30:56 Finding Purpose in Teaching and Hacking
• 33:21 Reviving the Defcon Badge Design
• 34:47 Exploring Artistic Engineering in Hacking
• 35:44 The Impact of Live Hacking Events
• 37:33 Parenting in the Digital Age
• 39:28 Lessons from Hacking Time
• 42:48 The Importance of Legacy Software Security
• 46:37 Vendor Communication and Security
• 48:58 Current Projects and Future Directions
• 51:51 Learning Through Failure
• 54:54 Resources for Aspiring Hackers
• 58:56 The Intersection of Hacking and Film

https://grandideastudio.com/

https://www.youtube.com/watch?v=o5IySpAkThg

https://www.imdb.com/title/tt27307826/

In this episode of the Security by Default podcast, host Joseph Carson speaks with cybersecurity expert Terence Jackson about the evolving landscape of cybersecurity, the challenges faced by CISOs, and the importance of data security and governance. They discuss the impact of AI on security practices, the role of the CISO as a risk manager, and the need for organizations to prioritize foundational security measures in a rapidly changing technological environment.

In this conversation, Terence Jackson and Joseph discuss the evolving landscape of cybersecurity, emphasizing the importance of asset management, the role of AI in business intelligence, and the need for a balance between security and user experience. They explore the future of CISOs in a world increasingly governed by digital intelligence and the necessity of continuous learning and community engagement in the cybersecurity field.

Key Takeaways

• The cybersecurity landscape is constantly evolving, with new challenges emerging.
• AI is transforming both the attack and defense sides of cybersecurity.
• Data security remains a critical concern for organizations.
• CISOs are increasingly seen as risk managers rather than just security officers.
• Governance and compliance are essential for effective data management.
• Organizations must prioritize identity and access management.
• The role of the CISO has become more strategic and board-level.
• Understanding data exposure risks is crucial for compliance.
• Foundational security practices are necessary for effective defense.
• Continuous learning and adaptation are vital in the fast-paced tech world. AI will play a crucial role in enhancing business intelligence.
• Effective asset management is foundational for organizational security.
• Zero trust must be balanced with zero friction for user experience.
• Creating a positive security culture is essential for engagement.
• CISOs will increasingly focus on data governance and business risks.
• The proliferation of AI agents presents new security challenges.
• Security should be integrated seamlessly into user workflows.
• Continuous learning is vital in the rapidly changing cybersecurity landscape.
• Community engagement fosters knowledge sharing and support.
• Focusing on the basics is key to effective cybersecurity.

Chapters

• 00:00 Introduction to Cybersecurity Journeys
• 02:17 Challenges in Cybersecurity Today
• 06:43 The Evolving Role of the CISO
• 11:06 Governance, Compliance, and Data Security
• 14:56 Prioritizing Security in a Fast-Paced World
• 19:39 The Role of AI in Business Intelligence
• 20:02 Importance of Asset Management
• 21:52 Zero Trust and Zero Friction Security
• 23:38 Creating a Positive Security Culture
• 24:27 The Future of CISOs and Digital Intelligence
• 29:32 Continuous Learning and Community Engagement

Additional Resources:

Connect with Terence: https://www.linkedin.com/in/terencejackson/

https://www.terencedjackson.com/