Media / Speaking
A collection of media clippings, speaking videos, and interviews.
Here are a few of the media clippings from the past years. I have had the pleasure of being interviewed multiple times to media outlets around the world and discuss findings, general security and technology topics, express my opinions on ongoing matters, and speak at conferences.
First of all - the easiest: my current blog. Older posts under the former Finjan and Aladdin are a bit harder to find as both were acquired and renamed, while losing the original blogs.
For a summarized view of most of my publications through different media outlets over the years you can view this Google Archive Search.
If you'd like to inquire about a speaking opportunity, I'm usually booked 2-3 months in advance, but feel free to email me or use my contact form. Note that at a minimum travel and acommodations should be covered, along with a negotiable speaker honorarium.
| Date | Description | |
|---|---|---|
| 2022 | February | Opening panel speaker on Leveraging AI to Monitor Employees and Mitigate External Threats at Compliance Week |
| 2021 | August | Interview for NPR on the NSO spyware issues - NPR 2021 CyberWeek Conference Closing Keynote |
| 2020 | December | Guest on the Tech Trek Podcast - Part 1 and Part 2 |
| April | Webinar interview with Preetham Peter of Infoedge about using loss scenarios in security practices Interviewed by Liberation.fr on the measures taken by the Israeli government amidst the coronavirus crisis handling. Full PDF here |
|
| February | Wrote an article for Forbes on the Product vs Skill pendulum Featured on Forbes Effective tips for creating and sustaining strong cybersecurity teams Featured on Forbes in an article about securing smart home and IoT devices |
|
| January | Webinar on combining FAIR with NIST-CSF with the FAIR Institute Featured on the Security and Compliance Weekly and discussed Quantifiable Risk Metrics. Part 1, Part 2 |
|
| 2019 | September | Recognized by the FAIR Institute as the 2019 Business Innovator during FAIRCon. Featured on the FAIR Institute blog in prep for FAIRCON 2019 |
August | Featured as the first commercial success story on from NIST on combining NIST-CSF and FAIR |
| July | "Providers Must Go Beyond Frameworks for Strong Risk Management" on Health IT Security |
|
| May | Presented Unholy Concoction of Risk Management Practices - FAIR/CSF/MSSP at SIRACon 2019 |
|
| March | Featured on Forbes: Trust-Building For Security |
|
| February | Featured on Forbes: Why You Should Go Beyond The Typical Penetration Test |
|
| January | Featured on Forbes: Two Frameworks For Securiting A Decentralized Enterprise |
|
| 2017 | July | Keynoted CyberWeek in Tel Aviv, speaking about securing the Cloud [Video] |
| 2016 | July | Featured on Vice's Cyberwar in an episode focusing on China as a subject matter expert. |
| June | Keynote for BSidesClevalend ShowMeCon in St. Louis, Missoury - Social Media Risk Metrics Area41 in Zurich, Switzerland - Social Media Risk Metrics |
|
| April | InfoSecWorld at Orlando, FL - Actionable Threat Intelligence Featured on CSO Online - Two perspectives on social media for security leaders |
|
| March | RSA Conference - Social Media Risk Metrics. |
|
| February | Zoncon - Amazon's Security Conference. Keynote speaker. |
|
| 2015 | December | BSidesDC - Actionable Threat Intelligence |
| October | Hacked Opinion - The legalities of hacking on CSO Online PACE University Cybersecurity Symposium on Threat Intelligence |
|
| September | DerbyCon - Social Media Risk Metrics |
|
| August | Commentary on the Hacking Team breach - CSO Online BSidesLV Actionable Threat Intelligence |
|
| June | You Shot The Sheriff 9 Sau Paulo, Brazil - Actionable Threat Intelligence CSA Nordic Summit 2015 - Olso, Norway. Actionable Threat Intelligence CSO Online coverage on actionable threat intelligence CircleCityCon 2015 - Indianapolis, Indiana. Actionable Threat Intelligence video. |
|
| May | IT Hot Topics 2015 - Greensboro, North Carolina - Actionable Threat Intelligence |
|
| March | ISTS SPARSA at Rochester Institute of Technology (RIT) - Keynoting the event, and participating in the Red Team |
|
| January | A few notes on the proposed cybersecurity bill on CSO Online Commentary on the @CENTCOM twitter and YouTube account hacking on DarkReading, SecurityWeek as well as eWeek and SC Magazine Commentary on SC Magazine about the pro-ISIS hacking of local news stations |
|
| 2014 | December | Chosen as one of SC Magazine's top experts through the years Quoted on NBC's Today on the Sony hack Commentary on the Sony breach on TechNewsWorld |
| November | Commentary on the iWorm patch on CIO Magazine Commentary on the Regin malware on eSecurity Planet as well as SearchSecurity FeedbackFriday commentary on SecurityWeek Magazine |
|
| September | Derbycon - conducting Red Team Training with Chris Nickerson. Additionally speaking on Painting a Company Red and Blue |
|
| May | Featured on Narrative.ly's article as part of a series "The spies among us": Attack of the Superhackers |
|
| March | Panelist on Fox Business' "Money with Melissa Francis on NSA surveillance and President Obama's meeting with tech CEOs. Panelist on Fox Business' "Money with Melissa Francis" on power grid security. |
|
| February | Featured on Fox Business' "Money with Melissa Francis" on Chip-and-PIN (EMV) security. |
|
| 2013 | November | Featured on CNN Money's "How Corporate America fights hackers". |
| September | Seeing red in your future? and Red Team Training at Derbycon. "Cyber" security - all good, no need to worry? at SecurityZone. Interview with ComputerWorld. | |
| July | Red Team Testing Training at BlackHat USA 2013 |
|
| March | ZonCon at Amazon's HQ in Seattle: SexyDefense in the forest |
|
| January | NCSC Symposium SexyDefense, and Red Team Training Alt-S at The Hague, Netherlands |
|
| 2012 | December | SecurityZone 2012 in Cali, Colombia: SexyDefense |
| October | Hashdays: SexyDefense |
|
| September | DerbyCon Training, and speaking on SexyDefense (video) Brucon Red-Team Testing class with Chris Nickerson |
|
| July | BlackHat USA Briefings 2012 presented SexyDefense - Maximizing the home-field advantage BSidesLV presenting SexyDefense V3.co.uk: Black Hat: Businesses at risk from over-reliance on automated tools, researchers warn (pfd). SC Magazine: Black Hat: Security pros must evolve their defensive strategy. MIT Technology Review: Hey, Hackers: Defense Is Sexy, Too (PDF). NakedSecuity (Sophos' blog): Black Hat - SexyDefense, maximizing the home-field advantage. |
|
| May | YSTS (You Shot The Sheriff) conference, Sao Paolo, Brasil. Sexy Defense |
|
| April | Source Boston - presented a talk: "Sexy Defense" Also at Source Boston - Red Team Testing training. DarkReading article on the SexyDefense talk. (PDF) InfoWorld article covering Sexy Defense. (PDF) Midsize Insider SexyDefense coverage. Fierce CIO SexyDefense coverage. IRANIAN CYBER THREAT TO THE U.S. HOMELAND Quoted as a source for a congressional hearing. |
|
| March | HackCon, Oslo, Norway. Advanced Data exfiltration |
|
| January | Calcalist article on the recent hacking events in Israel [Print version] Channel 1 news article on the recent hacking events in Israel |
|
| 2011 | November |
Govcert.NL Symposium - Adavnced data exfiltration - the way Q would have done it Source Barcelona - presenting a talk on advanced data exfiltration |
| October |
HashDays - "Pushing in, and pulling out slowly without anyone paying attention", and management sessions speaker. |
|
| September |
Brucon presented a talk on advanced data exfiltration, APT and red-team testing (Video) |
|
| August |
BSides Las-Vegas presented 2 talks on VoIP botnets and Advanced Data Exfiltration DefCon 19 Participated in the DCG & Hackerspaces panel and talked about VoIP botnets and data exfiltration Dark Reading coverage of the Advanced Data Exfiltration talk (local cache) Galatz Radio interview on Cyber Security threats, and international diplomacy |
|
| June |
Security BSides Vienna / NinjaCon 11 23rd Annual FIRST Conference National greek news article on Athcon (Greek) Athcon 2011 security conference |
|
| May | People's Daily Online article. (English version of Chinese news) cached PenTest Magazine article on how to avoid meaningless pentests |
|
| April |
SOURCE Boston security conference Featured article on the Pentest Magazine |
|
| March |
DC9723 Introduction to the Penetration Testing Execution Standard |
|
| February |
ISDPodcast interview covering Security-Art's annual report, FAIR and the pentest standard (cached mp3) TheMarker coverage of our annual report (print edition) Featured on CyberwarfareZone |
|
| January |
Sophos' Naked Security blog guest post |
|
| 2010 | December |
BerlinSides hacker conference CSA-IL Conference - Intro to the technology showcase. |
| November |
DeepSec conference in Viena. International Conference on Cyber Terrorism hosted by the ICT at IDC Israel. |
|
| October |
CSFI Stuxnet report published with my contribution (also on the CSFI page) NATO's CCD-COE (Cooperative Cyber Defence Center Of Excellence) strategy setting workshop. Subject matter expert for creating NATO's cyber strategy for 2011. BlueHat v.10. |
|
| September |
Brucon 2010 and the video (please use a mirror!) SOURCE Barcelona and a brief interview |
|
| August |
EuroTrashSecurity podcast (Microtrash 10) mp3 FIRST 2010 Interview (mp3) |
|
| July |
DefCon 18 (updated with Video and the slide deck) InfoSec Daily podcast |
|
| June |
22nd FIRST Conference |
|
| May |
CSO Forum Magazine ISDPodcast interview (cached mp3) AthCon (Athens, Greece) ph-neutral |
|
| April |
El Pais (Spanish) local pdf copy Global Security Mag (French) BlackHat EU 2010 Presentation slides and whitepaper |
|
| March | Exotic Liability podcast | |
| 2009 | November | ExcaliburCon (WuXi, China) |
| September | HackerHalted conference (EC Council @Miami) |
|
| July | DefCon 17 (updated with video) |
|
| April | The IET (Video interview) Calcalist (Hebrew) |
|
| March | MiddleGround (e-Crime congress UK publication) |
|
| February | ChannelWeb What to buy for Business ITRManager (French) VNUNet BitCity (Italian) Fan.tv (Dutch) PubliNews (French) 01 Informatique (French) |
|
| January | What to buy for business ComputerWeekly The Web2.0 Attack Vector - white paper IET |
|
| 2008 | December | BCS Calcalist (Hebrew) |
| October | BlueHat Security Conference at Microsoft HQ in Redmond, WA The Register Calcalist (Hebrew) De Beveiligingsupdate (Dutch - podcast in english at 23:10 minutes) IT World WebWorld (Dutch) TheMarker (Hebrew) TechWorld (Dutch) ComputerWeekly InfoSecurity.nl (Dutch) |
|
| April | BlackHat talk | |
| May | San Francisco Chronicle (Different spokesperson named for the company) | |
| February | SC Magazine | |
| 2007 | December | SC Magazine |
| October | InformationWeek SearchSecurity |
|
| September | Fox News | |
| August | PodTech Mag Securs (French) DefCon 15 talk |
|
| 2004 | February | Storage Magazine |
| April | NetworkWorld | |
![[Print version]](/docs/calcalist-01-18-12.png){kind=link}
