Brian Jack is chief information security officer and data protection officer at KnowBe4, a security awareness training software vendor based in Clearwater, Florida. The company made headlines in July when it thwarted an attempt by a North Korean nation-state actor to infiltrate its software engineering staff. The company did hire the attacker, who used the stolen identity of a US citizen and deepfake images to get through the vetting process, but detected suspicious activity on his account and contained the threat before the attacker gained access to any company data.

In this episode, Jack shares the details of the incident, how the company's SOC detected and responded to the threat, advice for other companies on how to mitigate this increasingly common path of attack in the age of remote work and how he defines a good state of SecOps.

Kevin E. Greene is public sector CTO at OpenText Cybersecurity. Prior to his current role, Kevin worked at the MITRE Corporation supporting DevSecOps initiatives for sponsors, ATT&CK research, and MITRE’s Common Weakness Enumeration program, and served as cyber research and development program manager at the US Department of Homeland Security. Kevin's research in Hybrid Analysis Mapping (HAM) helped shape and influence Gartner’s Application Security Posture Management Magic Quadrant.

He has been an outspoken public advocate of challenging the status quo in software engineering practices as well as government policies and procedures to improve cybersecurity. This episode features a wide-ranging conversation about what's broken about software security and how the concept of software resiliency can improve the industry's cyberdefense.

Christopher Crowley is an independent consultant and senior instructor at the SANS Institute, who has 20 years of experience managing and securing networks. He is considered a leading expert in building a security operations center, or SOC, and authored the SANS 2024 SOC Survey report in May, which focused on the top challenges facing security operations.

In this episode, Crowley's survey provides an entry point for a bigger-picture discussion about the last 20 years of SecOps, the pros and cons of cloud-based SOCs, the trough of disillusionment with AI and predictions for the future.

The number, magnitude and costs of cyberattacks have steadily escalated, year after year, for the last two decades as software has eaten the world. Fresh vendor products continue to proliferate to address increasingly sophisticated threats, but time-honored problems with human error, systems visibility and vulnerability remediation continue to plague security operations (SecOps) teams. When even the world's largest tech companies continue to be breached by attackers, what hope is there for everyone else that software-based security disasters won't continue to spiral? In this season of IT Ops Query, beginning on September 5, you'll hear from a range of experts about the mounting pressures of security operations, and how the tech industry can begin to relieve them.

Josh Koenig and David Strauss are co-founders at Pantheon, a platform for building and operating websites. Josh is the chief strategy officer, and David is the CTO. Open source software is a big part of the web, and Pantheon is a downstream user as well as a contributor to several open source projects. David is an early contributor to systemd, a component of Linux distributions, a member of the Drupal security team, and was a founding member of the first Fedora Server working group in 2011.

Josh and David share their views as downstream consumers of open source software as well as members of the community, touching on why enterprises don't contribute more to open source, the approach to open source policy and licensing changes by two different major vendors in Red Hat and HashiCorp, efforts to shore up the security of the web by moving to memory-safe languages, and more. Come for the industry insights, and stay for the many colorful analogies in this discussion, from tugboats to tofurkey.

Editor's Note: This episode was recorded before IBM agreed to acquire HashiCorp.

Justin Warren is founder and principal analyst at PivotNine, a technology consulting and analyst firm based in Melbourne, Australia. Until 2023, he was a board member at Electronic Frontiers Australia, a non-profit national organization representing Internet users. At KubeCon North America last year, he asked a press conference panel of enterprise IT leaders what they were doing to compensate open source maintainers "so they don't starve to death." A self-described "filthy socialist," Warren favors a tax or tax-like system for funding open source libraries that are widely used but not full-fledged products -- especially when the alternative is an offer from a malicious actor maintainers can't refuse. Together, Warren and Beth explore various approaches to shoring up the maintenance, security and sustainability of open source software and discuss the future outlook for the industry in this episode.

Emily Fox has held multiple roles at household-name organizations in her 13-year IT career and is currently senior principal software engineer at Red Hat. Previously, she worked as an engineer at Apple, and DevOps Security Lead at the National Security Agency. She also serves as chair of the CNCF's technical oversight committee and is involved in a variety of open source communities and activities.

From her unique vantage point, she addresses the delicate balance the CNCF must strike between enterprises, open source maintainers and open product companies; growing awareness about open source sustainability issues; and how all of that feeds into a general "crisis of conscience" going on in cybersecurity.

How is open source sustainability similar to the subprime mortgage crisis? And what can an episode of South Park teach us about open product business models?

Dan Lorenc has a uniquely multifaceted view of these and other questions – he worked at Google from 2012 to 2021, began contributing to open source projects in the Kubernetes community in 2016, and along the way, developed the tooling that would become the Sigstore project, which helps to verify the provenance of open source code packages. Sigstore is now governed by the OpenSSF, where Dan is a member of the Technical Advisory Council. He is also co-founder and CEO of Chainguard, a software supply chain security startup.

Find out what Dan's take is on everything from the "Tragedy of the Commons" idea itself to the government's role in open source maintenance, the CNCF's role in open products, "open source lite" licenses and what's worked for Chainguard's business so far in this episode.