Security Simplified

Follow Security Simplified
Share on
Copy link to clipboard

A short form (15-20 minute) weekly podcast hosted by SecurityStudio's Ryan Cloutier and Evan Francen. SIMPLE information security tips and tricks are discussed for experts and non-experts alike. Co-hosts Ryan Cloutier and Evan Francen share their real world experiences about what works and what doesn't in the world of cybersecurity.

The InfoSec Mission


    • Mar 21, 2022 LATEST EPISODE
    • infrequent NEW EPISODES
    • 19m AVG DURATION
    • 15 EPISODES


    Search for episodes from Security Simplified with a specific topic:

    Latest episodes from Security Simplified

    Episode 15 - Common Incident Response Questions (Incident Management Series)

    Play Episode Listen Later Mar 21, 2022 21:45


    Episode 15 is the 4th installment in the Security Simplified Incident Management Series. Over the course of dozens of years and 100s of incidents we've heard a lot of questions, and some are more common than others. When we're in the middle of an information security incident, just about every question is valid.Tune in to this episode to hear some of the most common questions incident response clients have asked us. We'll share our common responses too.At SecurityStudio, our mission is: "Simplify Information Security For ALL".#MissionBeforeMoney.

    Episode 14 - Common Incident Management Mistakes (Incident Management Series)

    Play Episode Listen Later Mar 10, 2022 30:08


    The 3rd installment in the Security Simplified Incident Management Series. In this episode, Ryan and Evan have a good discussion about the most common mistakes we've seen over the years with incident response/management. Maybe you're prone to one (or more) of these mistakes, or you've certainly heard about them. Regardless, these guys have already paid the "dumb tax". Learn how to avoid common mistakes and adopt the best plan for your organization!All this while staying true to our motto: "Simplify Information Security For ALL". It's our mission. #MissionBeforeMoney.

    Episode 13 - Busting Incident Management Myths (Incident Management Series)

    Play Episode Listen Later Mar 4, 2022 20:31


    This is #2 of 9 in the Security Simplified Incident Management Series. In this episode (#13), Evan and Ryan bust the top incident response planning myths. This is a MUST LISTEN episode where the guys break it down using simple logic. Despite the fact that information security incidents are certain to happen, most organizations do NOT do proper planning.

    Episode 12 - Building Support for Incident Management (Incident Management Series)

    Play Episode Listen Later Feb 24, 2022 20:31


    The Security Simplified Podcast is back, and we're introducing the Incident Management Series! For the next nine episodes, Evan and Ryan will simplify Incident Management for the Security Simplified Podcast audience.We start the series with this episode (Episode 12), tackling how to build support for an Incident Management Program. Despite the fact that information security incidents are certain to happen, most organizations do NOT do proper planning. Maybe we (information security professionals) haven't done a good job communicating the importance of an incident management program. Maybe we don't know the importance ourselves. Whatever the reason, we MUST do better!#MissionBeforeMoney

    Episode 11 - Guidelines, Standards, and Procedures

    Play Episode Listen Later Jan 20, 2022 21:16


    The 5th installment in the Information Security Governance Simplified Series, "Guidelines, Standards, and Procedures".In case you haven't noticed yet, Evan and Ryan have taken you from top to bottom with governance. It's not nearly as complicated as we tend to make it! In episode 10, the topic of information security policies was covered, and our policies need some tactical support. This is where guidelines, standards, and procedures are used. - What is a "guideline"? - What is a "standard"? - What is a "procedure"? - The purpose for each document type. - Approvals for each document type.Next week, we wrap up the series with "Maintaining Effective Governance". Hope you enjoy!

    Episode 10 - Information Security Policies

    Play Episode Listen Later Jan 13, 2022 19:45


    The next installment in the Information Security Governance Simplified Series. After covering the definition of information security governance (Ep. 7), the importance of aligning governance with the organization's mission (Ep. 8), and information security roles and responsibilities (Ep. 9), Ryan and Evan tackle information security policies in this episode (Ep. 10). - What are policies used for? - Who approves policies and policy changes? - Who maintains policies? - Which policies are considered "standard" policies? - Policy status tracking.Information security policies are critical to the success of an information security program, BUT only if they're done and used properly.

    Episode 9 - Roles and Responsibilities

    Play Episode Listen Later Jan 6, 2022 21:34


    Continuing the Information Security Governance Simplified series, Ryan and Evan discuss roles and responsibilities and their importance to effective information security governance.Without explicitly defined roles and responsibilities accountability suffers (or is completely non-existent).In this episode, the topics include:* The Board of Directors (if it exists). – FOUR THINGS* Executive management.* Who is “ultimately responsible” for information security?* Directors and managers.* Information security personnel.* All personnel.Formally defining roles and responsibilities is critical. Listen to this episode to learn simple tips and tricks that Ryan and Evan have learned over the years, saving you the headaches of repeating the same mistakes they did.

    Episode 8 - Governance Alignment

    Play Episode Listen Later Dec 30, 2021 18:05


    Evan and Ryan pick up the "Information Security Governance Simplified" series where they left off in Episode 7 - Define Information Security Governance. In this episode, they discuss: - The importance of aligning governance with the mission of the organization. - Defining the mission for the information program. - The importance of executive management buy-in, and how to get it. - Defining the information security charter document. - Determining initial communication protocols.Information security governance should NOT be painful, and when governance is in alignment with the organization's purpose, it's actually the opposite. Good, well thought-out governance, is harmonious and it is possible to get everyone on the same page.We hope you enjoy Episode 8 - Governance Alignment, and join us next week for Episode 9 - Roles and Responsibilities!

    Episode 7 - Define Information Security Governance

    Play Episode Listen Later Dec 23, 2021 15:45


    Ryan and Evan kick off a new series this week, "Information Security Governance Simplified".In the first installment in the series (Episode 7), the guys define information security governance and address some of VERY important fundamentals, such as: - What is information security governance? - Why does information security governance make people cringe? - Governance is not one size fits all. - A CISO (by title, or otherwise) has ONLY two jobs.Next week, Ryan and Evan will tackle Governance Alignment. Hope you enjoy!

    Episode 6 - Simple Packet Capture

    Play Episode Listen Later Dec 9, 2021 19:30


    The past few weeks, Evan and Ryan have been covering network basics. This week, the wrap up network basics (for now) by looking inside a network packet.For those who haven't capture packets before, DO NOT BE INTIMIDATED! It's much easier and simpler than it seems.In this episode, Evan and Ryan download Wireshark (https://wireshark.org), install it, capture some network traffic, and take a peak inside what they caught.Next week, we'll shift gears and begin a series covering information security governance. You won't want to miss it!

    Episode 5 - What's an IP Address?

    Play Episode Listen Later Dec 2, 2021 17:09


    Building off the past few episodes, covering network basics, Evan and Ryan give a simple explanation of what an IP address is, what it's used for, and why it's important to know these things.Next week (Episode #6), the guys will explain what a packet capture is, how to capture packets, and take a look inside.

    Episode 4 - Why Understanding Networks is Important

    Play Episode Listen Later Nov 18, 2021 18:56


    In this episode, Ryan and Evan discuss networking basics and why understanding them is important to effective information security. Ryan gives a quick breakdown of the OSI model and what happens at each layer.Understanding how things work, in this case how two computers speak to each other on a network, makes you safer. You can't protect the things you don't understand, at least not as well as you can when you DO understand.

    Episode 3 - nmap Results

    Play Episode Listen Later Nov 11, 2021 18:21


    In the previous episode (Episode #3 - Quick nmap Introduction), Ryan and Evan demonstrated why we use nmap, where to get nmap, and how to perform a basic nmap scan. In this episode, they do a quick explanation of the results.NSE - Network Scan EngineDNS - Domain Name SystemTCP - Transmission Control ProtocolIP - Internet ProtocolDon't be intimidated by all the new words and numbers. This is a different language, a language that computers speak on a TCP/IP network. In time, you can (and should) learn the language too!NOTE: Evan made an error in this episode, see if you can find it!

    Episode 2 - Quick nmap Introduction

    Play Episode Listen Later Nov 8, 2021 15:52


    A quick introduction to nmap. Topics covered in this episode include: - Why would we use nmap? - How to get nmap. - Installation - nmap and Zenmap - Basic scansIntense Scannmap -T4 -A -v scanme.nmap.org (or 192.168.0.0/24, etc.)Intense Scan, all TCP Portsnmap -p 1-65535 -T -A -v scan.nmap.org (or 192.168.0.0/24, etc.)Stealth SYN Scannmap -sS -O scanme.nmap.org (or 192.168.0.0/24, etc.)Enumeration on specific ports (only)nmap -sV -p 22,53,110,143,4564 scanme.nmap.org (or 192.168.0.0/24, etc.)Try these scans at home!

    Episode 1 - Effective Communication

    Play Episode Listen Later Oct 28, 2021 16:46


    This is the first episode of the Security Simplified Podcast! Ryan and Evan kick things off by discussing the importance of effective communication. Information security professionals must learn and apply good communication skills in order to effect real change in their organization and with those they interact with. Some good tips in this first episode, and we're looking forward to next week!

    Claim Security Simplified

    In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

    Claim Cancel