Welcome to “Lessons from the School of Security Hard Knocks,” a compelling podcast where global leaders share their most challenging lessons from the security domain. Join host Joe Saunders, founder and CEO of RunSafe Security, as he engages with esteemed guest speakers who unveil insights gained from navigating the toughest security scenarios. Subscribe now and get new episodes delivered to your inbox as soon as they go live!

Teresa Shea: “Trust”

Today’s guest is Teresa Shea, President of Oplnet LLC.

In today’s episode, Teresa shares how she got involved in signals intelligence, the role universities should play to develop future security leaders in cyber offensive and defensive domains, the differences and similarities between government-sponsored R&D and venture capital, the role threat intelligence plays in cyber operations for defensive purposes, how enterprises can gain insight on offensive methods to inform their security posture, her thoughts on the National Cybersecurity Strategy document, whether she is optimistic or pessimistic about the future of cybersecurity, how someone should prepare for a career in cyber operations, and as always, her toughest lesson learned.

Listen Now

Bob Ackerman: “Technology is Necessary But Insufficient”

Today’s guest is Bob Ackerman, Founder & Managing Director of AllegisCyber Capital.

In today’s episode, Bob discusses AllegisCyber Capital and his role there, how he got his start, the three things they look for in founders, the market of VC Capital in cybersecurity and the future for IPOs, his thoughts on the the national cybersecurity strategy, the liability shift in critical infrastructure from asset owners to product manufacturers, his thoughts on the future of the United States’ cyber resilience, and as always, his toughest lesson learned.

Robert R. Ackerman Jr. founded AllegisCyber Capital—the world’s first dedicated cyber venture firm—to be “for cyber entrepreneurs by cyber entrepreneurs.”Bobis also the Co-founder of cybersecurity and data science foundry DataTribe, Co-founder of CyberGRX, and Chairman of the annual Global Cyber Innovation Summit—the “Davos of Cybersecurity”—for leading Global 2000 CISOs, cyber innovators, and policy leaders. With a 20+ history in early-stage cybersecurity investing, Bobis titled as one of “Cyber’s Money Men” by major business publications for his experience and leadership in cybersecurity VC investing, named one of “Technology’s Top 100 Investors” by Forbes and featured on Forbes Midas List, and recognized as one of two leading cyber investors in the world by Cyber Defense magazine.

Listen Now

Patrick O’Brien: “It All Comes Down to Communication”

Today’s guest is Patrick O’Brien, Senior Safety and Cybersecurity Engineer at exida.

In today’s episode, Patrick discusses exida and his role there, the safety and cybersecurity issues facing industrial systems, the similarities and differences between threat models facing organizations, working on ISA/IEC 62443 and other standards, what role the software development plays in developing standards, his industry’s use of SBOM, the most significant cybersecurity threat asset owners face today, whether he is optimistic or pessimistic about the future of cybersecurity, a surprise Penn State football question, and as always, his toughest lesson learned.

Listen Now

Ralph Langner: “The Importance of Innovation”

Today’s guest is Ralph Langner, founder/CEO of Langner, Inc.

In today’s episode, Ralph discusses Langner, Inc., his role in what happened at stuxnet, our progress over the years in terms of OT security, motivations to attack OT networks, shifting cyber liability, whether he is optimistic or pessimistic about the cyber protections for cyber physical systems, and as always, his toughest lesson learned.

Listen Now

Chris Blask: “SBOMs, Supply Chain, and Open Source Software, Oh My!”

Today’s guest is Chris Blask, VP of Strategy at Cybeats.

In this episode, Chris discusses Cybeats and his role there, his work with SBOMs, why SBOMs are a corporate asset, the importance of understanding open source software, his work as the chair of ICS-ISAC, the greatest cybersecurity threats currently facing society and why we’re not ready to face them, his thoughts on the current national cyber strategy, how he got his start in security, and as always, his toughest lesson learned.

Listen Now

Bryan Ware: “Cybersecurity is a Soccer Game, Not a Football Game”

Today’s first return guest is Bryan Ware, CEO of LookingGlass Cyber.

Today we welcome back our first returning guest, Bryan Ware! In this episode, Bryan discusses his move to CEO of LookingGlass Cyber, founding Next5, competition with China, and then Joe and Bryan dive into some Next5 Matrix Monitor highlights including: the recent Chinese spy balloon, Huawei’s patent strategy, his hopes for the next National Cyber Director and the Biden administration, and as always, an all-new toughest lesson learned!

Listen Now

Richard Stiennon: “On Cyber Warfare”

Today’s guest is Richard Stiennon, Chief Research Analyst at IT-Harvest.

In a nod to Clausewitz and Gaddis, this episode is called On Cyber Warfare. In this episode, Richard discusses founding IT-Harvest and his current role there, the transition to data-driven research, the biggest industry shifts and trends, the threat and the current state of cyber warfare, his feelings towards cyber defense, and as always, his toughest lesson learned.

Listen Now

Dr. Laurie Williams: “Solving Real Problems”

Today’s guest is Dr. Laurie Williams, Distinguished University Professor of Computer Science at North Carolina State University.

In this episode, Laurie discusses some of the programs she works in as a distinguished university professor in Computer Science at North Carolina State University, her current research projects, developers’ role in fixing vulnerabilities, the future of DevOps, the efficacy of scanning tools for detecting vulnerabilities, supply chain issues, benefits of SBOM, today’s biggest security threat, how her past experience informs her current work, and as always, her toughest lesson learned.

Listen Now

Thomas Pace: “Once You Commit”

Today’s guest is Thomas Pace, founder/CEO of NetRise.

In this episode, Thomas discusses NetRise and his role as founder/CEO, how the approach to OT security has changed, their ideal customer profile, what surprises him about current trends, SBOM, managing software supply chain risk, how he entered the field, the trials of being a founder/CEO, and as always, his toughest lesson learned.

Listen Now

José Costa: “From Security Auditor to Security Manager”

Today’s guest is José Costa, CISO at Critical Software.

In this episode, José discusses Critical Software and his role as CISO, his key priorities in the development process, bridging the gap between functional safety and cybersecurity, the driving forces and security implications of the digital transformation, risks associated with APIs, software supply chain security, his optimism about the future, and as always, his toughest lesson learned.

Listen Now

Brad LaPorte: “Free to Choose, But Accept Consequences”

Today’s guest is Brad LaPorte, Partner at High Tide Advisors.

In this episode, Brad discusses High Tide Advisors and his role there, hot trends in the cybersecurity world, his biggest takeaways from working at Gartner, his previous work and military experience, attack surface reduction, the war in Ukraine, his thoughts on the future of the industry, and as always, his toughest lesson learned.

Listen Now

John Cusimano: “Knowing When to Let Go”

Today’s guest is John Cusimano, Managing Director of Cyberstrategic Risk at Deloitte.

In this episode, John discusses Deloitte and his role there, the advantages of being part of a larger firm, the most common themes across industry and use cases, CyberPHA and how can organizations apply it, how he got his start in cybersecurity, his work as a Process Safety Product Manager at Siemens, the ISA/IEC 62443-3-2 standard, what security threats keep him up at night, and as always, his toughest lesson learned.

Listen Now