Join G Mark Hardy at THOTCON in Chicago for an insightful podcast episode on building a successful cybersecurity career. Featuring guest Ryan Gooler, they discuss the non-linear paths to success, the value of mentorship, financial planning, and the importance of continuous learning and adapting. Learn how to navigate career transitions, embrace risks, and find joy in teaching and learning from others in the cybersecurity community.

Transcripts: https://docs.google.com/document/d/1nsd61mkIWbmIL1qube0-cdqINsDujAVH

Chapters

• 00:00 Welcome to THOTCON: Meeting Amazing People
• 00:26 Introducing Ryan Gooler: A Journey into Cybersecurity
• 04:09 The Value of Mentorship in Cybersecurity
• 06:22 Career Management and Setting Goals
• 09:33 Financial Planning for Cybersecurity Professionals
• 16:40 Automating Finances and Smart Spending
• 21:25 Financial Sophistication and Mutual Funds
• 22:07 Automating Life Tasks
• 22:41 The Concept of a Finishing Stamp
• 24:17 Leadership and Delegation in the Navy
• 26:06 Building and Maintaining Culture
• 27:21 Surviving Toxic Environments
• 29:55 Taking Risks and Finding Joy
• 34:34 Advice for Cybersecurity Careers
• 39:01 The Importance of Teaching and Learning
• 40:29 Conclusion and Farewell

In this episode of CISO Tradecraft, host G Mark Hardy delves into the emerging concept of Model Context Protocol (MCP) and its significance in AI and enterprise security. Launched by Anthropic in November 2024, MCP is designed to standardize how AI systems interact with external data sources and applications. Hardy explores how MCP differs from traditional APIs, its implications for security, and the steps organizations need to take to prepare for its adoption. Key topics include the stateful nature of MCP, security risks such as prompt injection and tool poisoning, and the importance of developing a robust governance framework. By the end of the episode, listeners will have a comprehensive understanding of MCP and practical recommendations for safeguarding their AI-driven workflows.

Transcripts https://docs.google.com/document/d/1vyfFJgTbsH73CcQhtBBkOfDoTrJYqzl_

References

Model Context Protocol specification and security best practices, https://modelcontextprotocol.io ⁠

Security risks of MCP, https://pillar.security ⁠ ⁠

MCP security considerations, https://writer.com

Chapters

• 00:00 Introduction to Model Context Protocol (MCP)
• 00:27 Understanding MCP and Its Importance
• 01:41 How MCP Works and Its Security Implications
• 04:23 Comparing MCP to Traditional APIs
• 08:41 MCP Architecture and Security Benefits
• 12:07 Top Security Risks of MCP
• 18:00 Implementing Security Controls for MCP
• 25:00 Governance Framework for MCP
• 28:03 Future Trends and Strategic Recommendations
• 30:34 Conclusion and Next Steps

Web 3.0 Explained: Business Cases, Security, and Future Prospects | CISO Tradecraft In this episode of CISO Tradecraft, host G Mark Hardy welcomes special guest Aaron Markell to discuss the intricacies of Web 3.0. They explore the evolution from Web 1.0 and Web 2.0 to the decentralized structure of Web 3.0, describing its application in various industries like finance, healthcare, and supply chain. The conversation dives into blockchain technology, the role of tokens, smart contracts, and consensus mechanisms like proof of work and proof of stake. They also touch on potential future developments involving AI in Web 3.0, offering valuable insights for business leaders and cybersecurity professionals looking to understand and leverage this emerging technology.

Chapters

• 00:00 Introduction to Web 3.0
• 00:31 Meet the Expert: Aaron Markell
• 01:39 Aaron's Journey into Web 3.0
• 03:51 Understanding Web 1.0, 2.0, and 3.0
• 04:36 Decentralization and Blockchain Basics
• 05:51 The SETI Project and Distributed Workloads
• 08:09 Proof of Work and Blockchain Security
• 17:22 Smart Contracts Explained
• 20:10 Proof of Stake vs. Proof of Work
• 23:51 The Role of Tokens in Web 3.0
• 24:22 Understanding Microtransactions and Ownership
• 25:05 What is an NFT?
• 26:40 The Rise and Fall of NFTs
• 28:36 Web 3.0 and Its Impact on Industries
• 30:10 Blockchain in Finance and Commerce
• 30:55 Private Blockchains and Government Transparency
• 34:09 Blockchain in Legal and Healthcare Sectors
• 36:59 Supply Chain Transformation with Web 3.0
• 39:59 The Future of Web 3.0 and AI Integration
• 41:03 Final Thoughts and Security Tips