The world of a CISO is full of interesting characters — from activists and academics to mad scientists and incorrigible anarchists. What they all have in common is an expertise in security. Full disclosure: I love this world, and these are my people. But the real treasure in this line of work is that amid this sea of smart brains, you'll find some of today's most brilliantly curious minds.
And that's just what Avast Hacker Archives — AHA — is all about. In this new podcast, I interview some amazing security practitioners and ask them to speak about their security journey, their original ideas, and what still sparks their curiosity.
These renowned security experts have something else in common: They all started out as hackers. We all did, just by asking "what if?" And it's actually in those early hacking days that some of our most interesting, monumental, or hilarious discoveries tend to occur. In each episode, I ask my guests about their favorite "Aha!" moments, and they share their stories, their standpoints, and, sometimes, their secrets.
Fellow security folk will be familiar with every one of my guests, and I know they'll find the information useful and the anecdotes quite amusing. But non-security aficionados should give a listen, too, in order to learn the names, the ideas, and the moments that shaped our digital world, the accomplishments that got us where we are today.
We've done seven episodes so far. Here's the trailer.
Episode 01: Getting started with hardware hacking, featuring Joe FitzPatrick
We kick it off with hacker extraordinaire Joe FitzPatrick, Hardware Security Trainer and Researcher at SecuringHardware.com. Joe talks about his earliest "Aha!" moments, as well as the usefulness of hacking and why "armchair hacking" is the most important step in a successful hack.
Episode 02: How to implement a bug bounty program, featuring Katie Moussouris
Katie is founder and CEO of Luta Security, and she tells us about the world of bug bounties and describes how it's getting more difficult to defend networks with so many pieces and vendors involved. She also shines a light on the gender and racial inequalities within the cybersecurity industry.
Episode 03: Embracing the hacking mentality, featuring Chris Roberts
I chat with security expert Chris Roberts, head hillbilly in the cutting-edge cyber brain trust Hillbilly Hit Squad. He tells me all about the beginnings of his hacking journey as well as his game-changing designs for the future.
Episode 04: The do's and don'ts of data breaches, featuring Troy Hunt
Learn everything you always wanted to know about data breaches and more when I interview HaveIBeenPwned? creator Troy Hunt. As the father of an 11-year-old, Troy is sensitive to the dangers that await kids online, and he opens up about life as a parent, his reliance on his fiancee to "project manage" him, and his favorite password joke.
Episode 05: Protecting digital freedom with ethical hacking, featuring Eva Galperin
Cybersecurity expert Eva Galperin talks about the dangers of stalkerware and the way security researchers can use their skills for the greater good. She also voices her controversial opinion on the new "ghost protocol" and divulges what she considers to be one of the weakest links of the Internet.
Episode 06: The need to democratize security, featuring Wendy Nather
Wendy is Head of the Advisory CISO team at Cisco, and she tells us why the same security mistakes are being made over and over again when new technology comes out, and what we can do about it. She also shares terrific security advice, including ways that CISOs can bump up security without spending a dime.
Episode 07: The art of cryptography, featuring Philip Zimmermann
I asked Phil about privacy in the age of Facebook, and he was more than ready to share his stance on social media. He also tells me how his pursuit of cryptography fell perfectly in line with his passion for activism and social justice, and he explains how encryption can be used to protect social liberties.
Once you're caught up, catch every episode moving forward by subscribing to our YouTube page or anywhere you listen to podcasts. I'm very excited about this series, and I hope you'll join me as I delve into the greatest security minds of our time to find their most eye-opening hacking stories and the meaningful lessons they impart along the way.
About the Author
Jaya Baloo is Avast's Chief Information Security Officer. Previously, Ms. Baloo held the position of CISO at KPN, the largest telecommunications carrier in the Netherlands, where she established and led its security team whose best practices in strategy and policy are today recognized as world-leading. Prior to this, Ms. Baloo also held the position of Practice Lead Lawful Interception at Verizon, and worked at France Telecom as a Technical Security Specialist. Ms. Baloo has been working in the field of information security, with a focus on secure network architecture, for over 20 years and sits on the advisory boards of the NL's National Cyber Security Centre, PQCrypto, and Flagship Strategic. Ms. Baloo is formally recognized within the list of top 100 CISOs globally and ranks among the top 100 security influencers worldwide. In 2019, she was also selected as one of the 50 most inspiring women in the Netherlands by Inspiring Fifty, a nonprofit aiming to raise diversity in technology by making female role models in technology more visible.