Business and Technology in Tennessee with Josh Davis

In this episode of Cyber Ops Unmasked, InfoSystem's Keith Hales sits down with Mackenzie Brown from Blackpoint Cyber to discuss cyber security posture management and how business can best prepare themselves for the storm. How can you get your organization running the way it should? Where do you currently stand with cyber resilience? What do you need to do to get where you need to be? Learn more about the tools and strategies InfoSystems uses to provide realistic, holistic, and historically informed roadmaps for business leaders to know what to do and what steps to take to protect their businesses. Listen to the most recent episode of Cyber Ops Unmasked now. VISIT THE INFOSYSTEMS WEBSITE: https://infosystemsinc.com/ CHECK OUT INFOSYSTEMS CYBER: https://infosystemscyber.com INFOSYSTEMS ON LINKEDIN: https://www.linkedin.com/company/infosystems-inc-/ INFOSYSTEMS ON FACEBOOK: https://www.facebook.com/InfoSystems

In this episode of Cyber Ops Unmasked, Keith Hales and Chris Bevil dive into the world of cyber resilience, asking questions that all business owners should be asking in order to move their business forward.  How can you get your organization running the way it should? Where do you currently stand with cyber resilience? What do you need to do to get where you need to be?  Learn more about the tools and strategies InfoSystems uses to provide realistic, holistic, and historically informed roadmaps for business leaders to know what to do and what steps to take to protect their businesses. 

In this episode of Cyber Ops Unmasked, Keith Hales, CEO of InfoSystems, and Chris Bevil, CISO at InfoSystems, dive into the intricate relationship between cybersecurity and compliance. They explore common misconceptions surrounding these two aspects of security and highlight why each should be treated as a separate entity. Additionally, Chris Bevil provides valuable insights on how organizations can navigate the complexities of compliance and what to look for to determine their compliance obligations. Listen to the most recent episode of Cyber Ops Unmasked now. VISIT THE INFOSYSTEMS WEBSITE: https://infosystemsinc.com/   CHECK OUT INFOSYSTEMS CYBER: https://infosystemscyber.com    INFOSYSTEMS ON LINKEDIN: https://www.linkedin.com/company/infosystems-inc-   INFOSYSTEMS ON FACEBOOK: https://www.facebook.com/InfoSystems

Is your data backed up and safe from the bad guys? In this episode of Cyber Ops Unmasked, Keith Hales and Robert Goodwin from InfoSystems explore best practices when it comes to the complexities of data backup and recovery. It's not enough to store your data somewhere and pull it out when you need it anymore. You must implement effective measures and systems to safeguard your digital assets. Listen to this episode to learn more about what immutable copies of your data are, how you can keep your data safe from the bad guys, and why it is absolutely necessary to test your backups. VISIT THE INFOSYSTEMS WEBSITE: https://infosystemsinc.com/ INFOSYSTEMS ON LINKEDIN: https://www.linkedin.com/company/infosystems-inc- INFOSYSTEMS ON FACEBOOK: https://www.facebook.com/InfoSystems

As cyber threats continue to evolve, it becomes essential for companies to establish effective standards to protect their data and ensure the security of their operations. Recently, we relaunched our podcast, Cyber Ops Unmasked, where we cover all things cybersecurity. Cybersecurity initiatives are often misunderstood, mismanaged, or purposely hidden in companies to avoid scrutiny. In this podcast, we'll have an open discussion so that cybersecurity operations are understood, managed effectively, and open to questioning and scrutiny. To learn more about InfoSystems Cyber, visit https://infosystemscyber.com/.

Here’s a fact: the data you store and transmit across your organization’s networks is a highly valuable asset that needs to be protected. The size of your business is irrelevant; the industry you work in is also irrelevant. What matters to cybercriminals is if they can compromise your data and how much you will pay for its safe return.

Are you a cyberattack enabler due to apathy or lack of understanding of what is happening within the Internet universe? In this episode, Fred and Garrett discuss why the “it cannot happen to me” approach to cybersecurity is fostering the growth of cybercrime and other threats delivered to your organization, courtesy of your Internet habits. 

In this episode, Fred and Rob discuss cybersecurity from a new angle. Let’s take off our geek hats and discuss the business side of cyber-attacks. From why it's an essential part of an organization's risk management program to the costs these attacks can have on finances, revenue, and reputation.

In this episode, Fred and Garrett discuss the last CIS Control, Penetration Tests and Red Team Exercises. This control focuses on testing the security measures already in place within your organization. Penetration Tests and Red Team Exercises are most impactful when a company has taken action against the first 19 CIS Controls (following the CIS Top 20 Cybersecurity Controls).

In this episode, Fred and Garrett discuss the third Organizational CIS Control, Incident Response and Management. This control focuses on creating an incident response plan to protect your organization's information and reputation. Incident Response and Management is most impactful when a company has taken action against the first 18 CIS Controls (following the CIS Top 20 Cybersecurity Controls).

In this episode, Fred and Garrett discuss the second Organizational CIS Control, Application Software Security. This control is used to manage the security life cycle of your software. This control is used to prevent, detect, and correct security weaknesses. Application Software Security is most impactful when a company has taken action against the first 16 CIS Controls (following the CIS Top 20 Cybersecurity Controls).

In this episode, Fred and Rob discuss the first Organizational CIS Control, Implement a Security Awareness and Training Program. This control is used to develop and execute a plan for a security awareness and training program. This control is useful for those at all levels of an organization. Implementing a Security Awareness and Training Program is most impactful when a company has taken action against the first 16 CIS Controls (following the CIS Top 20 Cybersecurity Controls).

In this episode, Fred and Rob discuss the tenth Foundational CIS Control, Account Monitoring and Control. This control is used to actively manage and control user accounts-such as that of employees or contractors-from creation to deletion. Account Monitoring and Control is most impactful when a company has taken action against the first 15 CIS Controls (following the CIS Top 20 Cybersecurity Controls).

In this episode, Fred and Tim discuss the ninth Foundational CIS Control, Wireless Access Control. This control is used to track, control, prevent, and correct the way you use your wireless local area networks, access points, and wireless client systems. Wireless Access Control is most impactful when a company has taken action against the first 14 CIS Controls (following the CIS Top 20 Cybersecurity Controls).

In this episode, Fred and Rob discuss the eighth Foundational CIS Control, Controlled Access Based on the Need to Know. This control is used to track, control, prevent, and correct secure access to sensitive systems and data. Controlled Access Based on the Need to Know is most impactful when a company has taken action against the first 13 CIS Controls (following the CIS Top 20 Cybersecurity Controls).

In this episode, Fred and Tim discuss how you can protect your data. Data protection is the seventh Foundational CIS Control and is used to prevent your data from being exploited, lessen the effects if it is exploited, and ensure your sensitive information is kept intact. Data Protection is most impactful when a company has taken action against the first twelve CIS Controls (following the CIS Top 20 Cybersecurity Controls).

In this episode, Fred and Tim discuss how you can detect, prevent, and correct the way your information is shared between networks. This is the sixth Foundational CIS Control and is used to secure your network perimeter. Boundary Defense is most impactful when a company has taken action against the first eleven CIS Controls (following the CIS Top 20 Cybersecurity Controls).

In this episode, Fred and Rob discuss how you can secure network devices. This is the fourth Foundational CIS Control and is used to secure the configuration for network devices such as Firewalls, Routers, and Switches. Secure configuration for network devices is most impactful when a company has taken action against the first ten CIS Controls (following the CIS Top 20 Cybersecurity Controls).

In this episode, Fred and Rob discuss Data Recovery Capability, the processes and tools used to back up your data. This is the fourth Foundational CIS Control and focuses on backing up and recovering your data as quickly as possible. Data Recovery Capability is most impactful when a company has taken action against the first nine CIS Controls (following the CIS Top 20 Cybersecurity Controls).

In this episode, Fred and Garrett discuss how you can manage ports, protocols, and services on devices connected to your company's network. This control focuses on minimizing your vulnerability to cyber-attackers. This is the third Foundational CIS Control and is used to minimize your vulnerability to attackers. The Limitation and Control of Network Ports, Protocols, and Services control is most impactful when a company has taken action against the first six Basic CIS Controls and first two Foundational CIS Controls (following the CIS Top 20 Cybersecurity Controls).

In this episode, Fred and Garrett discuss how you can adopt defenses to deflect Malicious Software (AKA Malware). This is the second Foundational CIS Control and is crucial for your personal and business security. The Malware Defenses control is most impactful when a company has taken action against the first six Basic CIS Controls and the first Foundational CIS Control (following the CIS Top 20 Cybersecurity Controls).

In this episode, Fred and Garrett discuss the recent Mozilla Firefox Vulnerability Patches that were issued. These vulnerabilities have been found to allow cyber criminals to install programs, manipulate data, and create new accounts with full user rights under your account(s). Anyone currently using Mozilla Firefox versions prior to 77.0 should take immediate action.

In this episode, Fred and Rob discuss how you can protect your email and web browsers. This is the first Foundational CIS Control and is used to minimize your vulnerability to attackers. The Email and Web Browser Protections control is most impactful when a company has taken action against the first six Basic CIS Controls (following the CIS Top 20 Cybersecurity Controls).

In this episode, Fred and Rob discuss how to collect, manage, and analyze audit logs that help a corporation detect, understand, and recover from a cyber-attack. The maintenance, monitoring, and analysis of audit logs is most impactful when a company first has taken an inventory of Hardware Assets and Software Assets, practices Continuous Vulnerability Management, has Controlled Use of Administrative Privileges, and has Secured Configuration of Hardware/Software (following the CIS Top 20 Cybersecurity Controls).

In this episode, Fred and Rob discuss part two of becoming a Cybersecurity professional. Previously, Fred and Rob discussed being on the "offense" in the Cybersecurity industry. Now they'll discuss being on the "defense" and what that side of Cybersecurity looks like. Because the Cybersecurity field is ever changing, there is a great need for these experts and their unique skill set. The industry is booming and new opportunities are arising every day.

In this episode, Fred and Rob discuss how to establish, implement, and manage security arrangements of hardware and software on devices. This helps prevent cyber attackers from getting control of vulnerable settings and services. The secure configuration for hardware and software is most impactful when a company first has taken an inventory of Hardware Assets and Software Assets, practices Continuous Vulnerability Management, and has Controlled Use of Administrative Privileges (following the CIS Top 20 Cybersecurity Controls).

In this episode, Fred and Rob discuss professional roles in the Cybersecurity industry and why you should consider it. Not only are Cybersecurity experts the most sought after professionals in the technology industry, but because the Cybersecurity field is ever changing, there is a great need for these experts and their unique skill set. The industry is booming with no end in sight. And new opportunities are arising every day.

In this episode, Fred and Rob discuss controlling the use of administrative privileges, the process of managing privileges on computers, networks, and applications. The controlled use of administrative privileges is most impactful when a company first has taken an inventory of Hardware Assets and Software Assets, and practices Continuous Vulnerability Management (following the CIS Top 20 Cybersecurity Controls).

Setting up a remote workforce is frustrating when there are no policies or plans in place to help. In addition, without the proper security measures, a remote workforce is vulnerable to cyber-attack. In this episode, Fred and Josh discuss how to respond to the demand of a remote workforce with proactive policies, plans, and security controls. This episode is not meant to be a quick fix or legal advice, but tried and true advice from InfoSystems' lead Cybersecurity expert, Fred Cobb. First, all business leaders should take a look at the administrative controls that are in place to cover remote workers and their technology.

In this episode, Fred and Chad discuss continuous vulnerability management, the practice of regularly scanning and cleaning devices and the applications being used on those devices. Vulnerability Management is most impactful when a company first has an inventory of Hardware Assets and Software Assets (following the CIS Top 20 Cybersecurity Controls).

In this episode, Fred and Chad discuss Software Assets, or in other words, the software your company uses. Learn why your company needs to keep an inventory of software assets, how to get control of software assets, and tools that can help you do both of the above.

In this episode, Fred and Chad discuss Hardware Assets, or in other words, the technology devices your company owns. Learn why your company needs to keep an inventory of hardware assets, how to get control of hardware assets, and tools that can help you do both of the above.

In this episode, Fred and Chad discuss how an organization can create a Culture of Security, a holistic mindset of being more secure. A culture of security isn't just another initiative an organization should consider. With the growing rate and cost of cyber-attacks, it's pertinent for organizations and employees to understand what it takes to be secure and prepared.

In this episode, Fred and Chad discuss a topic that has been all over the news. It has created fear and has made quarantines and evacuations necessary in certain parts of the world. This discussion is all about the Coronavirus and the scams being spread amidst a time of global uncertainty.

In this episode, Fred and Chad discuss Firewalls, the perimeter that stands between the outside (online) world and your company's internal networks. Firewalls add a higher level of security to your company.

In this episode, Fred and Chad discuss End-of-Life (EOL), when your systems, devices, or firmware are no longer supported by their developers. You'll learn how to prepare for the End-of-Life dates for your technology and how to decide whether you need to upgrade, retire, or completely replace these tools.

In this episode, Chad and Fred discuss patching, the act of updating your system and applications to fix vulnerabilities. Hardware and software manufacturers are consistently scanning their systems and applications for vulnerabilities. When vulnerabilities are found, patches - or rather, updates - are released by these manufacturers to fix those vulnerabilities. Patching not only rids systems of vulnerabilities; patching blocks the ability for cyber criminals to exploit them.

In this episode, Fred and Josh discuss simulated cyber-attacks, which is when companies act out real world situations and test their ability to respond. There are 16 scenarios with countless variables that a cybersecurity services company can use to help businesses test their plans and discover where they may fall short. Cyber-attacks are happening every day and becoming more sophisticated. Experts agree that these types of simulations are one of the best ways to prepare for them.

In this episode, Fred Cobb explains Whitelisting and Blacklisting, the process used to control what applications and websites employees can connect to. Companies that don't place limitations on employee access have a greater risk of experiencing a breach and are more likely to have a widespread outbreak. Some business leaders may feel placing limitations on employees will dampen morale. Fred explains why these limitations are important and can minimize the impact of cyber-attacks.

In this episode, Fred and Josh discuss the important things you need to consider for your employees who work remotely. It's estimated that over 4 Million Americans are working remotely. Many of these individuals are connecting to wi-fi on home networks or public networks in coffee shops or hotel lobbies, often to do confidential work. Without the right security policies and procedures, your employees are vulnerable to cyber attacks; which makes your business vulnerable to cyber attacks. For this reason (and many more) it is crucial for employers to create policies and procedures to protect employees and their devices. Listen to the full episode for information that can better secure your remote employees, their devices, and your business.

In this episode, we dive deeper into what you can do to protect yourself against ransomware. There are many basic things that can be done to protect your company. Often these basic tasks are free or inexpensive (outside of the time needed to do them). Not everything in relation to Cybersecurity comes with a big price tag.

Ransomware is a common type of malware that is deployed during a cyber-attack, allowing cyber-criminals to take over and encrypt your files and devices on your network. In this episode, Fred Cobb explains the 3 types of ransomware, why cyber-criminals use this type of malware, and what they hope to steal when they gain access to your files or network. He also discusses several industries that are commonly targeted by ransomware attacks. Many small business owners believe they are not a target for hackers because they aren't a major company, but the truth is they are often the main target because they are seen as an easy target. It's unlikely that small businesses have implemented a cybersecurity training program for their employees or have invested in sophisticated cybersecurity tools.

In this episode, Fred Cobb, CISO at InfoSystems, and guest Josh Davis, VP of Marketing at InfoSystems, look into the anatomy of a Phishing attack. This is by no means a biology discussion. Topics covered in this episode include a look at what a phish attack is, why phish attacks are successful, and steps you can take to protect yourself. This is a great segway for those wanting to dig deeper into the basics of Cybersecurity and ransomware.

In 2019, we launched InfoSystems Protect, a cybersecurity service designed to transform companies from vulnerable to secure and confident. This new cybersecurity division is led by Fred Cobb, our Chief Information Security Officer and Vice President of Services. Fred is one of the most respected cybersecurity leaders in our region, which is why we're extremely excited that he will be leading our new InfoSystems podcast series - Cybersecurity Weekly. With this podcast, you can expect a new weekly episode (about 15 minutes listening time) published each Monday with crucial news and information that will help you better understand how serious cybersecurity threats are and how to protect your companies.

In his position as Vice President of Community Development at EPB, Hodgen Mainda focuses on how power connects communities every day. This episode of Business & Technology in Tennessee helps shed light on how access to reliable sources of energy, fast Internet, and other fundamental business needs can impact the overarching landscape of economic development in a community. Listen to the full episode to find out how EPB and partner organizations are joining together to make Chattanooga a great place to live and work.

Molly Blankenship is no stranger to change. As the Vice President of Talent Initiatives at the Chattanooga Area Chamber of Commerce, Blankenship embraces systemic change and disruption of legacy processes. From her perspective, for communities to thrive, prosper, and progress, programs must be built to address issues holistically. Her marker of success? Building programs and processes that are so effective, she “works herself out of a job.” In this episode of Business & Technology in Tennessee, Blankenship discusses fun topics, like her status as a Chattanewbie, as well as deeper and more complex subjects related to business growth, the tech scene in Chattanooga, our entrepreneurial ecosystem, and more.

In this episode of Business & Technology of Tennessee, Alexis Willis, the Chattanooga Chamber’s Director of Small Business and Entrepreneurship, shares her thoughts about what makes Chattanooga such a great place for small businesses to grow. She explores the Chattanooga connector mentality and its impact on bringing good ideas to life, as well as the evolving mission of the Chamber’s INCubator, which currently houses more than 50 young businesses. Listen to the full episode to find out how Willis and others in our community are working to build an entrepreneurial infrastructure that can support business growth holistically.

With the focus on innovation and technology in Chattanooga over the last decade and the proliferation of shipping and logistics startups, it shouldn't come as a surprise to see a company burst onto the scene the way Freightwaves has. If you haven't heard of them, this podcast episode featuring Daniel Pickett, Chief Data Scientist at Freightwaves, should serve as a great introduction. In this episode you'll hear discussion about data intelligence, financial markets, the shipping and logistics industry, and the challenges of scaling a technology company in a mid-sized Southern city. 30 minute listen.

The CHATECH March 2019 Connect event featured a dynamic panel discussion on the next generation of connectivity technologies and what that means for our connected future. The rise of connected (IoT) devices require networks to transfer data in real-time (or as near as real-time as possible, and 5G will allow just that. When will we see 5G deployed? What is Wifi6 anyways? All of these questions and more will be answered! Panelists: Alan Collins (Panelist) - Director of Global Technology Planning at AT&T Ken Smith (Panelist) - Chief Technology Officer at FreightWaves Bradley Chambers (Panelist) - Director of IT at Brainerd Baptist School Kristi Montgomery (Moderator) - VP of Innovation at Kenco

“Drones.” “Unmanned aerial systems.” “Unmanned aerial vehicle.” With drones becoming so prevalent — and with their technical capabilities ranging from the types of devices a hobbyist would fly all the way to the sophisticated, powerful devices today’s podcast guests use to collect data — staying on top of advancements in this ever-evolving industry is no small task. In this episode of Business & Technology in Tennessee, Bill Rogers and Andy Carroll of Skytec, LLC, talk through everything from data processing and mapping to the future of unmanned systems. Listen to the full episode to learn more about how this Chattanooga business is able to shorten project timelines while also delivering data with unmatched accuracy.

The CHATECH December Connect event featured a dynamic panel discussion on Blockchain technology - what it is, why it matters, and how it impacts or will impact business in the future. This panel discussion was definitely one of the most practical conversations we've heard on Blockchain to date. These respected experts talked about some real Blockchain use cases, things that are currently happening in the market with Blockchain, challenges to adoption, and what the potential benefits are. Most importantly, they do an amazing job of explaining the basics of how the technology works. Kristi Montgomery (Moderator) - VP of Innovation and R&D, Kenco Logistics Daniel Pickett (Panelist) - Chief Data Scientist, FreightWaves Tyler Jenks (Panelist) - SVP of Solutions Architecture, Very Paul Perry (Panelist) - Risk and Controls Practice Leader, Warren Averett CPAs