Podcasts about comsec

  • 22PODCASTS
  • 25EPISODES
  • 50mAVG DURATION
  • ?INFREQUENT EPISODES
  • Mar 26, 2025LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about comsec

Latest podcast episodes about comsec

T.Rex Talk
Military SIGINT, Mass Surveillance, and Field Watches - with Paul Brown

T.Rex Talk

Play Episode Listen Later Mar 26, 2025 57:45


Paul Brown of the Wasson Watch company used to be a signals intelligence specialist with the NSA. He joins us to talk about large scale SIGINT, OPSEC, COMSEC, and the future of an AI-powered trustless internet. He also makes automatic field watches which you can preorder from Wassonwatch.com

Dr. Cavil's 'INSIDE THE HBCU SPORTS LAB'
Ep 535, Dr. Cavil's Inside the HBCU Sports Lab w/ Doc, Mike, Charles, AD Drew, and Wilton Jackson II

Dr. Cavil's 'INSIDE THE HBCU SPORTS LAB'

Play Episode Listen Later Aug 21, 2024 73:37


#DrKenyattaCavil #SportsLab #HBCUsports"Inside the HBCU Sports Lab" episode 535 with Dr. Kenyatta Cavil, Mike Washington & Charles Bishop radio show. Today's show will be a good one as Dr. Cavil is joined by Mike, Charles, Wilton Jackson II, and AD Drew (BCSN SportsWrap) to discuss the latest HBCU news and sports.TOPICS:HBCU coach calls top five ranking ‘rat poison'The HBCU football season brings preseason rankings and predictions. Coach Teddy Keaton disapproves of high rankings, focuses on team effort.Atlanta Falcons owner, Arthur M. Blank's, foundation donates $6.5 million to improve HBCU training facilities at four institutions, enhancing athletic programs. HBCUGameday.comMEAC/SWAC Challenge season opener from HBCUSports.comSEC squad to bring in HBCU as replacement game from HBCUGameday.comDelaware State misses flight for Hawaii game from HBCUGameday.comNASCAR to hold short-track race at North Carolina HBCU football stadium from HBCUSports.com@InsidetheHBCUSportsLab on Facebook Live and Spreaker.‬Contributions welcome at CashApp $JafusCavil

The Prepared Mindset Podcast
Episode 220 - Squad Based Communications

The Prepared Mindset Podcast

Play Episode Listen Later Jan 31, 2024 106:49


When most of us think of comm's, we think of all those scenes from movies like Navy SEALs and The Rock with dudes magically having their radio's pre configured, running throat mic's and push-to-talk devices. Behind the scenes though, is a whole world of tech wizardly and understanding that has to be well understood to culminate in that level of effectiveness and capability. To dive into some of the finer points to this. I'm joined by returning guest, Lyndsey Do of LKD communications and Orion Training Group, as well as Austin Joe Miller, who is one of the instructors for Mojave Repeater. This was a dynamic conversation, and the three of us got into a whole mess of different topics. We talking about the importance of fundamental skills and understanding, we talked about radio selection and equipment standardization, as well as inter-operability of your equipment and the impact it can have on your performance. So much good information is packed into this discussion. If you're needing to take serious steps in your COMSEC planning, or are even a newcomer and trying to figure out what you don't know, this is a great episode to check out. Give it a listen!Visit our sponsors!Patreon - www.patreon.com/prepared_mindset_podCustom Night Vision - www.customnightvision.comHRT Tactical Gear - www.hrttacticalgear.comOne Hundred Concepts - www.onehundredconcepts.comBen Franklin Range - www.benfranklinrange.comLarp Labs - www.larplabs.com discount code "preparedmindset" for 10% off!

She Renovates
226 - Self-Managed Super Funds... The Good, The Bad And The Ugly with Lina de Marco

She Renovates

Play Episode Listen Later Sep 27, 2023 32:32


Dive into a financial game-changer! Join us in this episode of She Renovates as we unravel the secret power of self-managed super funds (SMSFs) with Lina De Marco. SMSFs, the ultimate wealth-building tool, offer complete control over your retirement investments. Picture this: tax rates as low as 15%, zero capital gains tax on property sales, and the ability to invest in diverse assets like property, bonds, and precious metals. The possibilities are endless! Discover how SMSFs can supercharge your financial future. Ready to seize control and amplify your wealth? Tune in now! “A self managed super fund is essentially a superannuation fund which is established and managed by the members themselves. So with a self managed superfund you can invest in property, you can invest in bonds, you can invest in precious metals, you can buy gold bullion, you can have term deposits, you can have managed funds, you can get a share trading platform via Comsec or any of the banks. The opportunities increase. The other reason is that a superfund can actually borrow money. So you are actually increasing the power of your super in terms of investing by being able to use the power of borrowing and leveraging." -Lina de Marco EPISODE HIGHLIGHTS: 00:00 Introduction 03:31 What is a Self-Managed Super Fund (SMSF)? 06:15 Investment Flexibility 06:37 Trading in Super Funds 07:07 Property Development in SMSF 09:07 Government Changing Rules 11:39 Investment Advice 12:50 Finding Unbiased Financial Planners 14:52 Passive Investments vs. Active Management 15:36 Renovation Restrictions in Super 18:01 Common Pitfalls and Mistakes 20:01 Advantages for Couples with SMSFs 21:07 Buying Business Premises with SMSF 21:42 Costs and Benefits of Self-Managed Super Funds 23:05 Labeling Renovations in SMSF 24:36 Age Barrier for SMSFs 26:22 Tips for Rolling Over Super Funds 28:59 Setting Up and Running a Self-Managed Super Fund 30:04 Investing in Property through SMSFs 31:15 Contact Information for Lina de Marco Resources Ademus Business Solutions https://ademus.com.au/ The School Of Renovating https://www.theschoolofrenovating.com She Renovates Podcast https://www.theschoolofrenovating.com/podcasts-page/ Connect with The School of Renovating ASK BERNADETTE https://www.theschoolofrenovating.com/podcasts-page Subscribe to She Renovates Apple Podcast https://apple.co/3faoWlT Subscribe to Youtube: https://www.youtube.com/c/TheSchoolOfRenovating Follow on Twitter https://twitter.com/renovatingsc Follow on Instagram https://www.instagram.com/the_school_of_renovating

Prepper Talk Radio
PTR Ep 304 SHTF Communications FRS GMRS Ham Radio CB Radio

Prepper Talk Radio

Play Episode Listen Later Sep 14, 2023 44:44


Follow us where you get your podcasts!Support the show, join our socialshttps://bio.link/preppertalkradioSurvival Frog, PrepperTalk get's you 10% offhttps://www.survivalfrog.com/?sscid=71k7_z74z6Patriot Switchhttps://patriotswitch.com/preppertalkITM Tradinghttps://learn.itmtrading.com/preppertalkradioOur Amazon Store:https://www.amazon.com/shop/preppertalkradioGet your Goldbackshttps://alpinegold.com/ref/PrepperTalkJase Medical. Get your antibiotic supplies. https://www.jasemedical.com/?rfsn=6574356.8994bd Use code "preppertalk" to get $10 off. Freedom Blends Supplementshttps://freedomblends.myshopify.com/?ref=preppertalkUse code "preppertalk" to get 10% off! Fortress Clothing https://rb.gy/uart4r Use code PrepperTalk for 20% off. Devos Outdoor https://www.devosoutdoor.com/discount/PTR3.0 Get 10% OFF! My Portawell - Portable water pump. https://myportawell.com/?ref=dtkxycr3ixtq7 My Patriot Supply - Food Storage https://mypatriotsupply.com/?rfsn=6497104.402ba7c Mira Safety https://www.mirasafety.com/?avad=320865_b287386a9 Natures Fusions https://www.naturesfusions.com/?ref=PrepperTalk Check out our website https://preppertalkradio.com/ Like Our Facebook page. https://www.facebook.com/preppertalkradio Other channels by the hosts. Paris https://www.youtube.com/financialselfreliance Shane https://www.youtube.com/user/Thepreparedguy ***** https://bio.link/preppertalkradio Are you looking to be better prepared for life? Combining 3 lifetimes of experienced, tried, and true prepping and self-reliance with diverse backgrounds educationally, vocationally and regionally. Aligned on the principles of God, family and country to help build a stronger, more prepared community and Nation. We believe every person and family has an obligation to be or become self-reliant and to help build stronger, more prepared communities for all of life's unexpected emergencies, BIG or small. It doesn't matter if you call yourself a prepper, a survivalist, a citizen or patriot; we are all in this together. Our mission is to survive, thrive and carry on traditions of liberty and self reliance through our faith and fellowship. #PTR #SHTF #preppers #survival #prepping #prepping2022 #survivalprepping #preppertalkradio

Radio Contra
238. TETRA Backdoors and USAF Motorola System Compromised

Radio Contra

Play Episode Listen Later Aug 2, 2023 42:00


Episode 238. I break down the stories breaking regarding a compromise of USAF Base Security radio systems by an engineer and the discovery of a backdoor into TETRA commonly used outside the US. This reinforces the reality that COMSEC begins with you and your practices. Creating your own COMSEC methods is a hell of a lot better than relying on someone else's. JM Dynamic Home Page Get the Merch: Brushbeater Store The Guerilla's Guide to the Baofeng Radio is a #1 Bestseller!  Knightsbridge Research discount code: SCOUT Nehemiah Strong discount code: SCOUT1 Radio Contra Sponsors: Civil Defense Manual Tactical Wisdom Blacksmith Publishing Radio Contra Patron Program Brushbeater Training Calendar Brushbeater Forum Palmetto State Armory Primary Arms

Growth Truth Adventure Love Podcast
Chapter 7. First Marriage and Work

Growth Truth Adventure Love Podcast

Play Episode Listen Later Jul 24, 2023 78:16


The start and the falling apart of my first marriage. Helping to start COMSEC, Commonwealth Bank, private equity, Leveraged finance, CVC, the great dealing room, Brambles, Bond and repo trading. Sitting next to Rachel. Training for the Hero's Journey. Buying and selling real estate. Kerr Neilson. Wall Street, Liars Poker. The death of Scully. ABB and the Wallenberg family. Skiing Engelberg.

radiofreeredoubt
Episode 23-12 COMSEC and Enemy in the Wire

radiofreeredoubt

Play Episode Listen Later May 22, 2023 62:36


ConvoCourses
Convocourses Podcast: Cybersecurity Workforce Framework

ConvoCourses

Play Episode Listen Later Sep 19, 2022 30:22


  Hey guys, this is Bruce, and welcome to combo courses, podcast. I'm doing an experiment where I'm doing daily is here. We'll see how this goes. I don't know if I'll keep this or maybe I'll do this twice a week or something like that because it hasn't been that bad. I got so many things. I can talk about so many questions to answer, but right now I wanted to focus my time on the categories of cybersecurity. So a lot of times. Industry people think that cyber security is all about. And I think it's all about just hacking or something like that, something to that effect. And those are the things that are popular, just Hacking or pin testing or programming another one's for digital forensics. People think that's all that there is, but in cyber security, not just I've been doing this for a very long time. I've done everything from the technical side where I'm actually configuring systems and installing systems and that kind of thing. But I've also done the, more of the management type side. And I want to tell you that there's. So many different. Parts to cyber security. And when you see somebody talking about hacking or whatever it's very glamorous, but that's a tiny fraction of the whole spectrum of cyber security. It goes very deep. So if you're actually trying to get into this career path, cuz it pays very well and it does then I, what I wanna do is introduce you to some other categories of cyber security that you may. Know about. And so one of there's an organization out there and it's from nonprofits and the government and a couple of private sector. They got together and they broke down the different categories of cyber security that need to be addressed. And it's not just. Cyber security by itself. Some of it is you can have a system administrator who does cyber security, that also accounts for this one. And I'm gonna explain that in a second. If you stick with me, you'll understand this and you'll understand, especially if you, this is particularly for you. If you are trying to get into cyber security, if you're interested enough to want to be a part of cyber security in this field. And if you've been thinking about getting into it, I'm gonna show you the whole spectrum of cyber security. Let me show you. A framework called it's called the workforce framework for cyber security. And if you didn't know about this is something the federal us federal government has been using for years now to figure out what categories to put people in and what kind of training that they need to do in order to be in these different categories. And from a bird's eye view. Let me. Switch my screen over here on TikTok. Feel free to ask me any kind of questions. I'll be doing this for about 30 minutes if you're interested in this, but let me show you what I've got going on here. And I'm just so you know, I'm broadcasting on a podcast, but I'm also doing so I, I will explain what we're looking at here, but you can watch this on YouTube and Facebook eventually will put this on Facebook. But here we have all the categories. Now there's seven different categories at the time of this recording. There's analyze. There's collect and operate. There's investigate. There is operate and maintain, overseeing, govern, protect, and defend and securely provision. And what I wanna do is give you an example of each one of these seven categories, cuz each one of these breaks out into specialty areas. So for example, analyze breaks out into. What you call exploit analysis, language analysis, target analysis, and you'll see that some of these don't look like cyber security topics, but they, in fact they are now, if you happen to be dual bilingual, if you happen to know another language Very fluently. You might actually be able to very quickly go into something called language analysis, which we'll briefly touch on in a second. But what I wanna keep this kind of high level right now, just to show you the different specialty areas. Now there's about, I don't know, 30 or 40 different specialty areas. Each one of these categories of cyber security breaks out into these special specialty areas now in collect and operate, you'll see things like cyber, operational planning, you don't think that would have a lot of hands-on stuff and it actually doesn't. So let's keep going here. And when I say hands-on, I mean like somebody who's actually configuring a server or setting up a network and stuff like that, cyber security is not all just about that. It's a very broad area. It's a very broad umbrella. So investigation is what you might expect is digital forensics, cyber investigations. Threat hunting, things like that. And we'll cover that in a second operate and maintain. This is what people normally think about when they think about system administrators, data, administrators, network services, that's their network engineers, things like that. These guys are in. Cyber security in that they have to do a lot of cyber security-type activities. They're not typically seen as cybersecurity people, but they have to do a lot of things in cybersecurity. As you might expect when they're installing patches or things like that. Overseeing govern. So this is what I do. I can speak extensively on this, but this is a lot of management type stuff. Cyber security management. This is your C level execs and it even includes legal and program managers. This is something I would very much like to talk to you about because program management requires a certain level of emotional intelligence that a lot of it people do not. Okay. And I, it's a very important a very critical piece of any kind of system engineering, any kind of major cyber security projects, anything the organization is doing that where they're spending a lot of time, money, and energy, and a lot of resources. They need a program manager. I'll get off my soapbox on that one, but it also pays very. And that's something I talk about a lot on my site program management is a big one. Okay. Anyway, let's keep going. Let's keep it high level protect and defend. So protect and defend. Is dealing with a cyber defense analysis, just to name a few incident response. That's a huge one, vulnerability assessment and management. Huge, but that's for protect and defend. So you see, this is not all just firewalls. This is not all hacking have I haven't even mentioned hacking yet. That's how big this field. And there's some things that are not even included on here. Like cryptography, you don't see cryptography on here, but cryptography is considered part of part of cyber security. And I would argue that the cypherpunks, the guys who created The concept for Bitcoin and all that kind of stuff were also very good cybersecurity people anyway. So securely provision. Now this one has to do with risk management, software development, system architecture, that sort of thing. So you can see, what I wanna do is just show you. The high level here. There's many different categories of cyber security and it's not all just hacking. It's not all just programming. Yes. Those are part of what we do. But in the major scheme of things, like when you look at the big picture for all of this it's a very big feel. And I wanna just explain to you why if you think about it, it really makes sense when you go to your bank and you are trying to send a wire transfer from one. Using ACH to another bank, right? Or you wanna wire something overseas or whatever the case may be. The bank has a certain they have certain protocols and procedures and certain policies that they have to do in order to secure your information to make sure that the $1,000 you sent from one bank to another, or from, to your, whoever. Wherever you're sending it. They have to make sure that information is protected. The rules and protocols and procedures and the legal system. All of the things that come together that is known as secure security compliance. Now the financial industry has a different set of laws, as you would imagine than say the healthcare. The healthcare industry is protecting your healthcare information, your digital, if it's that information is digitized, they have to protect that information, right? So they have a whole different set of laws that are completely different because it has a different has a different, it has, it requires a bus different business solution than say a bank. If you think about it like this, the government, the federal government, who's protecting your social security number. They're protecting your, I don't know. They're holding, making sure that things like the DMV, if you're talking about the state they have to protect your personal on for information as well. and making sure that's, of course there's all kinds of leaks and all kinds of hacks and all that kind of stuff going on, but they have a whole different set of procedures and rule sets and laws that apply to the federal and state government. And that's also called security compliance. Security compliance is in every industry. It's in every state, it's in every jurisdiction, it's in every county and it's in every country. Each country has their own set of laws that pertain to. And all of us, all of them have different solutions that they need for their particular situation. So one would imagine as you can probably imagine, there's a lot of security that has to be done for that. And it's not all hacking. Like you can see how hacking is a tiny drip and a gigantic ocean that is cyber. Cybersecurity is a very huge field and that's why you have seven different categories. Now, what I wanna do is kinda give you a practical understanding of these seven categories. Now let's start from the top here. I'm gonna give you a specific example of where you might have seen this on TV or in a movie, or relate it to something you can understand here on a practical way. So let's start with analyze the first category we see on the top here is analyze. Has these specialty areas right here. Now, if you break these down and if you wanna go to the site, by the way, if you happen to be watching me on YouTube I have a link to where you can actually follow along. The actual site. Is there in the link now analyze, let me give you a practical understanding what analyze is now. When I was in the military, we had, when I was in a combat zone and we have we had languish analyst. Whenever we and the reason why we had these language analysts was because we can't understand, say if say a another country is attempting to hack our systems, like they'll put some code on our systems and that code has to be in Ukrainian or in Russian or whatever other language you need a language. To actually figure out what is being said in that in that code. And that's why a lot of times they figure out, oh yeah this hat came from Russia. This hat came from Ukraine. This hat came from whatever country, because you have an language analyst who has they're multidiscipline in language languages, where they can figure out and decipher and figure out like what's going on. They'll have like different tools. That'll help them to decipher what's going on with that, with whatever hack is going on. So this is actually a part of the analyze category. Let me give you another example, threat analysis. Now this is a big one. So a cyber threat analysis is something where what you're doing is. You're trying to detect and figure out where a company might get hacked from an organization might get hacked from, and it sounds impossible. Sounds crazy. How can you figure out where threats are coming from? There's some ways to do it. So if you think about like this right now, somebody might be trying to hack, I don't know, I'm just pick something off the top of my head. They might be trying to hack Walmart or something. Wal, what Walmart can do is they can have somebody scour the internet. Do search conduct searches or create a tool that goes out and. Does a web crawl of the internet to figure out okay, who is mentioning Walmart who is talking about it on social media? Who's talking where are the communications that are in the public domain to figure out who is talking about us so we can figure out where those threats are coming from. Because a lot of times when these, before the attack even occurs, these criminal hackers are talking amongst each other on the dark web. About how they're gonna attack or they even already had the attack. They already pulled the information from there and they're selling Walmart's emails. Now this is just an example. I just, so you know, I don't have a client with Walmart or anything like that. I don't have not interacted with Walmart's cyber security. I was using them as an example and I'm unaware of any current tax or anything like that. Just, this is just an example, but that is what threat warning analysts do. And this is something I did at my last job, as a matter of fact, that was one of our jobs was to do threat analysis on companies to figure out what's going on. And this also pertains to doing cyber looking at terrorist threats for whole countries, by the way. So that's analyze an analyze goes into analyzing information, analyzing targets, analyzing threats that might be coming to a cyber security through, to an organization. There is, there can be some hacking involved. There can be times where you have to know a little code, but language analysts don't typically know code, and then all source analysis. This goes straight into just intelligence. This is normally what you'll see in like intelligence organizations where they're gathering actual, actionable intelligence from other. From multiple sources, putting that information together to figure out, okay, we have a terrorist threat here. We have a terrorist threat there. We know that we have advanced persistent threats here and there. We have some, we have reason to believe we have human intelligence people on the ground where they've gathered this or that information to figure. Who's gonna attack what, and a good example of this one would be that if you've ever watched a mission, impossible the ghost ghost recon, that one, they have, they talk about this type of job all the throughout that one. The as a matter of fact, they have one of the characters is an analyst, and this is the, what they're talking about. This is somebody who. Who pulls information from different sources, different intelligence sources puts it together and figures out. Okay. We know that there's a credible, there's a probable attack. That's gonna happen over here, over there, based off of all the Intel that they've gathered in the field. Okay. So we beat that one to death. Let's keep going here. So that is analyzed and that's in cybersecurity. Then we've. Collect and operate. Let's look at this one. So here's the specialty areas with collect and operate. Now, what are we talking about here? This is also dealing with a lot of intelligence, this, a lot of govern department of defense and some of the other three level organizations will have something like this cyber operations, where they're also looking at real time threats. They're looking at foreign intelligence entities. So this one's very much related. To what we were talking about here analyze a lot of times we'll see these in security operation centers, a security operation center, especially the ones for that work for different governments. They're very large, they have a large. Office where you have all these giant screens going on, you see these in movies, like when they were walking in and it's like, what's the threat and there's a, there's supposed to be a bomb here and they're trying to figure out like, what's going on.  so a lot of times they're talking about a cyber. Intel planner. These are the guys who put everything together. And if I could just read through some of this details here, it says, develops detailed intelligence plans to satisfy cyber operations requirements. So these are the guys that are managing all the information that's coming in and how we're gonna, what we're gonna do once we gather that information. So that is collect and operates, dealing with a lot of Intel type stuff. And You see it in movies and stuff like that. That's, it's not like the movies to be honest with. It's pretty boring. But okay. Investigation. Now, this one, if you ever seen the show CSI, this is. It, the digital forensics, not necessarily the scientists scientific forensics where they're trying to figure out when a person was murdered, based off of the insects that are consuming the corpse or whatever, sorry to be so crude, but that's forensics, digital forensics is a little bit different. This is the people who will take a computer. A lot of times they'll work with law enforcement and stuff because they're dealing with very heavy issues. I don't wanna get flagged for talking about some of the stuff that they find. But if you're talking about digital forensics, you're only talking about a few crimes major crimes that are gonna have to necessitate a digital forensics guy, major crime murders, and assaults that were caught on fi on, on digital media. And somebody try to hide some. Illegal contraband on their computer and try to do some illegal transactions using cryptocurrency or something like that, and they have to trace back. Where the cryptocurrency wallet it's went to, or they have to figure out see if somebody was using some illegal pictures or images on their computer, but they try to erase it. But with digital forensics, you can actually extract that from the ones and zeros on the hard drive. That is what we're talking about when we're talking about investigations. So they work a lot with the law, with law enforcement, they work a lot with with The with law they might have to do things like what you call it. Chain of custody, where they have to make sure that the hard drive that they're investigating can get to trial and not be tampered with and things like that. So that's investigations then you have maintain and operate. So what is this one maintain and operate is this one's pretty self explanatory. Once, once you see some of the job titles and stuff in here network services, that's like the people who install, configure, test operate, maintain the network, the firewalls. The switches, the hubs, they, they say hubs here, but not many people use hubs that much anymore. So that's funny, but system administrators, these are people who install, troubleshoot, maintain the servers and the configuration files and make sure that the config, the confidentiality, the integrity and the availability of the system is protected. So yeah, that's that is maintain and operate. Then you've got overseeing governor. I could talk. My entire site is about this one specifically about cyber security management. Cause this is what I do. And this is when I, when we were talking about this in the beginning, we were talking about what exactly what I'm doing, which is. This right here, information system, security manager, actually, I'm a my specialty is information system security operate officer, but management's something I do as well. So it's security. Doing cyber security for the whole organization, making sure that the cyber security of the organization is sound making sure the documentation is good, making sure that you've got all the system security controls are in place, things like that. And you have to work a lot with the C level execs, high level security people within the organization. Doing a lot of coordination talking with the program managers, talking with the subject matter experts on the firewalls, on the networks, on all that kind of stuff, to make sure that we, as a team in the organization are doing what we're supposed to do, whether that's doing PCI compliance or HIPAA compliance or whatever industry standard we need to meet, that's what cyber security managers are doing. And. COMSEC manager. These guys manage the cryptography, the crypto keys within an organization. So that is one, that's just one of the specialty areas that we're talking about for overseeing govern. This also goes into C level execs, your CIOs, your CIS OS with chief system security officers, or your chief information security officers, your C level execs, you're legal people. You don't know often see legal people. Lumped into cyber security, but here it is right before your eyes. I'm telling you, the point I'm trying to make is that cyber security is not just programming. It's not just hacking stuff. It's also, it includes legal advocacy. Because the organization has to protect its reputation. If somebody's defaming the organization, right? Their reputation is at stake. Who do they go to? You go to your legal team. Your legal team is, has to determine, okay, did these people defam? The, our organization are these, do we need to do a cease and desist order on this website? That's trying to. Do what's called typo squatting. That's where you let's say google.com, but some somebody creates a site called Google, whether E and the L are transposed so that people, whenever they miss type Google, it goes to their site. And then they take you to a, some malware or something. Some other site. So are, do we have a legal case? For the protection of our reputation or not, so legal is also where you would talk about, okay, we need to develop a privacy notification. We need to develop a a, something so that some, a non-disclosure agreement for all of our users who come in that's legal department. They, so they're very much involved with things like. Privacy notifications that pop up on a website whenever you've gone to a website that privacy notification pops up, that's serious because the organization doesn't wanna be liable to, they don't wanna get sued because they released your information without you knowing about it without you, knowing what you were clicking on. So they have to go to the legal department for that kind of stuff. Cyber security includes that kind of. So let's keep going here. I wanna show you a few more things and I'll keep it a little bit briefer on the next ones, what we do. So that's overseeing, govern. Let's go to the next one, which is protect and defend. This is one of my favorite ones, cuz this one, excuse me. This one includes cyber defense analysis. In a past life. This is what I did. And this is, this one is really fun. I really love doing this one. This is people looking at logs. It looks like the matrix. Like they'll sit there and they're watching a screen full of logs go by and they're trying to figure out what is, if there's any kind of attacks going on in, on their, in their environment. If there's some, if. Malware happening in the environment. Like it, it actual infiltrated the environment, or if there's somebody doing something they're not supposed to do, you could pick that stuff up in the logs. If you know what to look for. And they're looking for certain patterns of behavior inside the logs, that's reflected in what's going on. Cyber defense analysis is where you would do that. It's picking up the IDs, intrusion detection, intrusion prevention, the firewall logs, the network, traffic logs, all that stuff. And it's making a determination. And these days you can do it a little bit with artificial intelligence to help you out, to help out the actual cyber defense analysts. So that. What we're talking about with that's one of the things that we're talking about with protect and defend another huge one is incident response. That's a big one. And then vulnerability. These are like whole. Industries, by the way. This I'm briefly mentioning the names, but this is an entire industry in and of itself. This one incident responses is own thing. And so it's vulnerability management. Okay. Let's go to securely provision. And this is the last one last, but not least this one's getting into risk management. This is something I do a lot. This is my whole job right here. Risk management. This is making sure that the organization is within a acceptable level of risk because every system that's out there, every single system, no matter what system it is, has some certain level of risk that they have to operate with. And so risk management is just simply making sure that the risk is not too great for them to operate and not the risk. If a system has too much risk. It's too much exposure to their critical systems, then they can get, they're gonna get hacked at some point, they're gonna have a breach at some point, if your risk is too high. So you need risk management as a specialty area, software development, whenever you develop software, you gotta make sure that software is developed securely so that you don't have any major breaches. A lot of the breaches that happen especially with zero. It's because of software issues, that software that wasn't secure and that's all in securely division securely provisioned rather. So there's other things in here and the whole point I'm trying to make before I close this thing out and I'm almost done here is that cyber security is a huge, it's a huge field. It includes everything from manage. Program managers are very integral part to cybersecurity. It's a whole different discipline. They do not have to have hands on stuff. They do need to, at some point, understand the organization's process on how software is developed, but not necessarily no Java or no C plus, or how to actually code or how to use the coding libraries and all that kind of stuff. They don't need to. They need to know the organization's process. They need to know things like agile. They need to know things like what's the other one, scrum. And and things like that, processes that allow an organization to get to securely build the system securely build the software, develop the software, things like that. They need to know. So it, this includes C level executives. This includes like we said, manage. It includes risk risk management, managing the risk effectively for an organization. It includes an, a lot of analysis. It includes all of these aspects. So whenever you think, whenever somebody says cyber security, just know it's a huge field, and it's not just one thing. It's many different things. Okay. That's it for this one, guys. Thank you for watching me. I really appreciate it. I'm trying to do these lives. Daily. I'm I've got one on YouTube coming tomorrow. I'll try to put this on TikTok as well. I try to put on as many platforms as I can tomorrow. I do these at least once a week on Saturdays, one o'clock mountain standard time on YouTube. I've got a podcast it's called pod combo courses dot pod, bean.com. And if you go to combo courses.com, there's tons of downloadables tons of free stuff. It's free to actually sign up there and I'm always giving out stuff like this where I don't expect you to pay me anything. I'm just giving you out information so we can get. More people where they can take care of their family. To me, that's the name of the game you taking, being able to take care of yourself and being unable to take care of your family. That's the name of the game? That's why I teach people how to get into this field, how to make more money in this field and how to have security in this field. Financial security. A career security so that they could take care of themselves and their family. All right, guys, that's it for this one. Thank you so much for watching. I really appreciate everybody. Who watched and I'm sorry, I couldn't get to your questions this time. Maybe next time. We'll attack those questions. Peace.

ConvoCourses
Convocourses Podcast: Long Vacation

ConvoCourses

Play Episode Listen Later Sep 9, 2022


  Hey guys, this is Bruce and welcome to another convo course of this podcast. And today I want to talk to you guys about what's been going on in the last few months. I've been able to actually travel while I was between jobs and because I have a high-paying cyber security job, I had one anyway. I was able to quit. My job. I had some family issues like I had to take care of. And my, job was, it was a very high level high stress job. So I was a consultant for all these different organizations and it was just, it was really stressful. And I had all these severe family issues that I needed to take care of. And the, actually the corporation that I worked for was really, kind. And my boss was, took me aside and said, Hey man, if whatever you need we'll, let you. Had to let check a sabbatical and all that kind of stuff, which was very kind, very sweet very good company actually. But the, problem was I had so much travel and I was, I'm a remote worker there, but it was just too much travel. So I couldn't make that match what I was doing with my home life. So I, went ahead and just, I had to leave, but in between I knew I was gonna get another job. Actually, my.  Side hustles have been doing so good. I thought maybe that I could just live off of that for some time, but the medical stuff was too high  to the medical here in the us is really bad if you didn't know. Anyway, so neither here nor there. I couldn't afford to actually live off of my. My businesses and my all my income streams and stuff. So I'm processing, as in processing stuff, I've did a whole bunch of interviews and everything. I learned quite a bit more about the current state of getting jobs in cyber security. But I was able to get one pretty fast and it was, I was able to get something I really wanted. So a hundred percent remote position making the kind of money I wanna make. And for, and just to give you guys some social proof.  what I've been doing. These, if you go to TikTok, a lot of the stuff I posted on TikTok was there's a lot of these videos that I did directly from my travels. Here's let me show you one. Here's one right here where I'm on. I'm in Manila beach, I think so. Yeah. That's Manila beach right there. That's the embassy behind me in Manila. So yeah just did a whole bunch of videos. I was gonna. I was gonna go to all these other sites. I was gonna go to Bali and go to Singapore and, places like that. But I, I just didn't, we had some issues with the flights. So I was just, I just ended up staying in the Philippines the whole time, but I just wanted to let you guys know, like what's possible because I was I'm working this high level job was able to save some money and able to go. Actually take a break for three months. I've been off of work for three months and I could afford it because I just had, I had money and savings. I had all these other resources that I created. And so that's why I, was able to do it, but now I'm going back to work and everything. And I'm not sad about it, but I, would've been a lot happier if my business would've been able to support me and sustain my family for that whole time. But unfortunately  unfortunately not . So yeah, thanks everybody for watching me doing this live once again on, on the podcast. And I wanted to talk to you guys about a few things, show you my, new podcast and where that stuff is at. I'm gonna show you the new book that I have. That's coming out to show you to do exactly what I've been doing. It's gonna break all that stuff down and give you a preview of what that's all.  and and then I'll just answer some questions. We'll just, we'll keep it loose on this one. Let me show you another picture. This is me. I, was on a rooftop hotels, like a resort. It was really nice. And I'm just telling, talking about showing like me actually doing it and. I've been able to do it by marketing myself. So that's what this video's all about. The video just shows me on the rooftop, jumping in a pool having a good life I wanna show other people how to do it. Exactly what I did. It really works, but let me show you gonna be a book about marketing yourself in cyber security, how to create a resume in cyber security in particular, but it, you can also use it for it or whatever field you're in. Really like the techniques will work in any field, but I want to focus on cyber security cuz that's where that's what I've been doing for the last 20 years. So cyber security and it jobs resume marketing. I'm gonna put this on Amazon. I'm gonna put this on my own personal website and I'll, there'll be two different versions and I'll have an audio version of this book. And what I'm gonna talk about is essentially how to get a path, how create a path in cyber security, cuz there's many cyber security is a huge field. So whenever somebody says, oh, I'm want to get in cybersecurity. It's okay what, exactly do you wanna do in cyber security? Cuz there's forensics. There's incident responders, there's cyber security analysts, there's security compliance people. There's information to security officers. There's engineers, architects, there's CIO, CSOs. There's all different kinds of roles and different kinds of fields within. Within cyber security, crypto cryptography is also a part of considered a part of cyber security as well. So it's just a huge field and it depends on what you're doing. Yeah, here's the book it's gonna talk about, like the format you should use. I'm basically showing everything I've been doing and it's really been world. You wanna be spoon fed that stuff and ask me questions directly. Then that's the course expected results. All I do is talk about what, I'm experiencing. Like I get calls all the time. I can name my price. If I want to go. If I'm willing to travel, I can name my price. I, tell you how to create a profile, how to put yourself out on all these sites and then how to get all the continuous calls. And not only that, but how to.  Get the actual format that you need. That's gonna sell yourself. That's gonna be able to be digestible by all these organizations and employers who want you. They're looking for people right now. Cyber security is a huge field and we really don't have enough people doing it. Unfortunately, it's getting so crazy that they're even taking in a lot more entry level people than before. There's lots of opportunities if you've been watching my, my, if you watched my last podcast, I talked about how those out there. And here, they are right here so far. If you want this directly from the site, go, if you happen to be watching me on YouTube, you can click on the link description below, and then it'll go to this site right here, but it's combo courses dot podcast, pod bean.com. And, you'll find it there. All right. Let me see, what else do I need to talk about? What else do I need to talk about? Oh yeah. So that book that I'm writing a cyber security book. That's gonna tell you exactly what I've been doing to market myself and get a lot of different opportunities to get into cyber security and information technology in general. So I'm constantly getting emails, messages, text calls all day long. Maybe I'll probably get an average of.  with everything probably six or seven on average a day. Sometimes it's way more. It's actually quite annoying. And now that I actually chose a job, I have to turn all that stuff off. It's just so many opportunities. It's a good problem to have to constantly be sorting through all of these different jobs and stuff. And out of those tons of jobs out of a hundred jobs they're, probably about 30 of them or not 13 of them that I'm. Or yeah, this is a good one. I'm gonna do an interview with this, with these guys so that's what I'm gonna show you guys how to do, but the second book, it's gonna be a two book series. The second book is gonna be based off of this. What you see here on the screen. If you happen to be listening to me, this is the nice framework. So this is an organization called the national initiative for cyber security, careers and studies. These guys have been around for quite some time and what they did. Brilliant. They broke down all the main categories of cyber security in the cyber security workforce. And these categories include there's seven of them and analyze, collect and operate, investigate, operate, and maintain, oversee, and govern, protect, and defend. And then securely provision. And let me just show you like what this is all about. Like you might be like what, does this have to do with your book? Let me just explain to you, so what I'm gonna do is I'm gonna break this down and make it so that it's understandable to, to everybody, like I'm gonna relate this directly to your, you getting a job, because like I said, cyber security is a huge field. What these guys did was they broke it all down. If you go to this site, it's like a huge database.  and they have specialty areas in each category, right? So what I'll do I take you to my category? So my category is called oversee and govern. And so this is where a lot of managers, cyber security management, executive cyber cyber leaders are at legal advice, policy procedures, things like that, education, all that kind of stuff, because. It's not usually hands on type stuff. It's more of you're overseeing what's going on. You're making sure everything is being going in the right direction. So my specialty is really this one right here, which is security information system, security managers, and then they have different work roles that, that breaks this breaks in further down into work roles. And so it has abilities knowledge, skills, tasks. And, other things that you need to know, if you're trying to get into this actual work role and it, furthermore, what you can do is, and what I'll do in my book is I break this down into even relate it to directly, to like LinkedIn and indeed and all that stuff. So you can see direct correlation between the categories. That they've broken down here. And actually the categories that are in all cyber security that's cuz that's what they did. They just took seven categories and said, okay, this is how cyber security breaks up. And then they broke that down further into specialized skills. And then they broke those into work roles.  so I'm gonna take this stuff and relate it directly to how you can take stuff from indeed stuff from LinkedIn and find your niche that you can actually get into in cyber security. And then once you find your niche, once okay, I wanna be in information security officer. I want to be an information security. I wanna be a COMSEC manager. Then what I'll do is I'll show you how to find. What exact degree you need, if you need one, cause some, don't even need a degree, bro. Some don't even need a degree. Some like just need specific skills, but it'll tell you exactly what skills you need. Exactly what keywords to use on your resume. Exactly. What everything time you can check out this site is, that. Let me see if I can give you guys the link here. If you go to actually, if you go to Google and just type in cyber security workforce, nice. In N I C E, that right there will guide you to this site that I'm showing that I'm, that you see here. It's pretty robust. There's a lot of things going on with this site, cuz these guys are very, active and the department of defense. As well as DHS and all these different agencies use these guys as a reference to know exactly what skills and tasks that are needed to do cyber security. Federal government relies on this, what you see here very heavily. So that's why I decide to make a book about it, to boil it down its stuff, practical knowledge that you can use for your career. Two book series gonna tell you how to market and then how to get the proper career path of what, you want in this field. All right. Let's get into some questions. This was not gonna be too long of a podcast. I'm going to go to, I've got a lot of questions popping up in TikTok. Shockingly enough. I did not expect this, but I've got about 2000 followers there so far and. A bunch very, active a lot of questions here, but let me see if I can answer a couple before I leave. Lemme see here, if you're interested in following me on TikTok, just go to combo courses, go to TikTok and then search combo courses. Okay. So it says, somebody asked me I'm in the healthcare field and I'm. Trying to go with the security plus and the H C I S P which is like a healthcare cyber security certification from ISD two squared to stay relevant. Any tips? Yeah. So this is great. Like this, is an awesome, and I'm gonna make another video about this specifically on TikTok, but I wanted to speak to this on with the podcast. For this as you're going to security, plus, as you're going to H C I S P I would actually do some labs in your house. One of the best things, one of the most, one of the best ways to go deeper. And into this subject is actually have a lab in your house lab. That means get a separate computer, or you can actually do it on your computer that you use, get your laptop, your whatever workstation you use in your house. And you can use something called VMware and you can put different operating systems on that computer. Or you can just buy a whole nother computer, build it from scratch, and then put the security features on that. That's a little bit more expensive with VMware. It allows you to I, don't think it's more in about 200 bucks VMware itself the software sounds, and that sounds pretty expensive, but you're investing in yourself. So just think of it like that. You're investing in yourself, VMware. It works, but for now, I'm just gonna go to the site just to show you how you can create a lab, on your computer. So VMware is a virtual manager and it will, it's an application that sits on.  system on your computer, and then you can upload like Linux on it. You can have different versions of windows. You can have Mac all on the same computer, and then you can network 'em together. And it's really cool. It's a really great way to learn how to do whole space firewalls. You can actually, I think you can even put like different firewalls on it. You can put a NAS on it, a firewall. You can have whole little tiny network. If you wanna do this for free. If you like, especially if you're in a networking, there's another thing you can do called GNS three. This is something I used to use to, to practice for CCNA G I used to have a CCNA. I used to be huge into network.  it's been a while. So  G N S three. So GNS three is actually is free. The only thing that's gonna cost you is your time to figure it out because it's, like a open, last time I checked it, it was an open source simulator. That simulates network environments. Really, cool. It's actually free. Oh, is it not free anymore software that empowers it free download. It's not free. It looks like it's not free. It. Why is this site all fancy now? Oh man.  they do this. They put it out for free for a while. Wire shark used to be free too. I think I wanna say NEIS it was even free at one time. Yeah. Look, how many people use this? Anyway, so you download GNS three and it's a virtualized network and you can literally set up a little it's so cool. Like it's this is one of another, one I like to do like a demonstration of it's really, cool. It allows you to configure log in and configure routers and switches and. Messing around with routing protocols and all kinds of stuff is really cool. So yeah, I would, that would be my advice to you is if you're going for a security plus a H C I S P and you're trying to get into this field, especially if you don't have experience, create a lab, put it on your laptop, start messing around with it. So you can then start to understand the inner workings of it. All right. Next question. Dru says, Bruce, in your opinion, what is the most, what is a acceptable salary range for a new is SM or is O so it really depends. That's a great question. By the way, it really depends on where you're at in the United States. And here's why I say that because if we type in ISO pay scale ISO pay scale, watch. It's gonna it's they have a price range, but it really depends. What you'll notice is it depends on what area you're in and it also depends on what, clearance you have, what's the organization. What you're seeing here is, typical of somebody with experience one 30 and these are in Colorado, California, and cer and I think this is Connecticut. What I wanna see is the actual pay scale. Here it is. So the national average is over a hundred thousand dollars, $56 an hour. That's the national average. Now what this doesn't factor in, I don't think is how many years of experience the person has or if they have other additional certifications or things like that. National average, that's pretty good for a national average. If you think about it, cuz that takes into account. All the way, the high, the highest level of pay down to the lowest levels of pay. Let me see, if I can find some more. Okay. The national average in Colorado, where I'm at the average is about one twenty three, a hundred twenty 3000. And that's about right. That's about right. And independent on how much more experience you have. It'll be more. And I could tell you that if you're in the Virginia area, this is low, like 100. Is low, but I, would say it's around this. This is about right. For somebody starting off from scratch, you might come in lower. If you've, if you have zero experience with it and you're coming in off like maybe you had some experience in the military or something like that. I, could tell you my first job outside the military as an ISSO I had a bachelor's degree, but I didn't have the required certifications. They required a CI S P at the time. And I didn't have one. So what they did was they just brought me in and said, look, you have X amount of time to get a, cert this certification. Can you do it? I said, yes. So they hired me at 60, 60,000, 62,000, something like that, but which was very low. And, but keep in mind that this was how many years. Damn. It's been a long time. 10, 15 years ago. It was like 15 years ago. So 10 years ago that's quite a bit of wild that's dang, 2004, 2006. Damn. That was a long time ago. 14 years ago. Wow, man. Time flies, anyway. Yeah, that was like 14 years ago. It's obviously the price has gone up so 70 between, okay. Let me give you a range. If you are a new, is. A new information system, security manager or information security officer will say, officer first, cuz manager is different. Manager's a whole different range. Let's say an information system, security officer. The range is between, I wanna say depends on where you are in the United States, but I wanna say it's gonna be between about 70 and a hundred. That's about right. For a new person. Now keep in mind. They know your value, especially once you start getting those certifications. So what you wanna do is no matter what they're paying you, when you get in, get a certification, a security plus a, CI S P a CI S a C risk get some sort of I would highly recommend a professional level security, cert like a CASP, a CI S P a C risk, a CIS, a one of those. Not easy search by the way. And they do cost you, but once you get that, yeah you'll, be over. You'll be able to switch to another position, new job, somewhere as an ISSO that, or they'll pay you to stay and you'll be able to make over 115, at least 115 or, more. So that should answer that question. Now you also ask a question about CI SM, which is a different position. CI SMS are usually the supervisors of a CI. C I S O a is SS O man I'm slipping. So an is SM is usually a manager of an is S O so let me show you what I'm talking about here. Managers are usually gonna make a little bit more cuz they're managers, but let's see if I'm not lying to you. See if I can find the average of a okay. It's not coming up here. I don't know why. Oh, is he trying to search just in Colorado? What is up with that? Okay, let me go back one to see if I could find the average okay. Keeps wanting to search in Colorado USA or what I'm doing is I'm on zip recruiters and I'm looking at their, they've got a, like a little breakdown. of this. So actually let's let's get outta this. Let's go, back to Google and find another management position. I, guess it's lumping it right in with ISS O okay. And actually the saying is lower for some reason that's inconsistent. Oh, okay. The No, This is saying it's a little bit lower. That's weird. Which I don't think is correct because a ISSM is a manager, typically, especially in the federal government they, have two different positions. Like one is ISS, M will usually be over ISS OS and they'll usually be the person who signs for the, is S O and manages the ISO's work. So they usually make more, it's usually like a management type. so that is that's incorrect. I would say is probably in more in the range of one 20 to one 40 and on up. So for an ISSM man glass door is even saying it's lower. That's not been my experience. Oh, okay. No glass door saying the average. For an ISSM is one 20. Yep. So there you go. That, was my guess would be more like one 20. It is up the scale goes up like 10,000, something like that, just cuz you can see here that they're saying that the, average low on the low end is about 67 to 80. And all the way up to $290,000 is insanity. But yeah, so that's about right. 1, 1 20 is what I was saying. ISSM is gonna make, okay. Let me see if there's any other questions here. I got some folks watching the stream here, watching the podcast, listening to the podcast. VMware GNS three are, golden for learning. Yeah. Apple work. Yeah, for sure. Okay, let me see if there's other questions. I have so many questions popping up on TikTok. It's very, active for questions. Somebody called me a scam. It's free stuff. I give away, man. I don't know what people are thinking to be honest with you. Which is the best path for an at home job jobs only. Okay. So somebody asked me, I've had this question before, what are the best jobs? For at home jobs, remote work, what are the best, I guess it jobs, information, system, security, officer jobs. Information security, cyber security type jobs, or it jobs for work from home these days after COVID I would've had a different a different thing to say about this, but these days mostly. Let me put it to you this way. I can tell you what jobs are, not compatible with remote work. Let me start from there because nowadays you can do so many jobs, remotely and, more organizations and employers are now more open to remote work, which is I've been doing this before. COVID so it was a lot harder to get remote work before this. Anyway Jobs that are not conducive to remote work would be classified positions. In my opinion, in my experience if, you're in a classified environment, if you're trying to get work at a especially if it's secret and above it's, harder to have a hundred percent remote. Normally what they'll do at, the most they'll have a a flex position.  flex hours are flex. I can't remember what they call it, but basically it's like a hybrid That's what they call it. So they'll say, okay, two days out of a week, you can be at home. And then the other three days out the week work of the work week, you have to be at the site or two days are vice versa, like two days on the site and then three days off site. So they'll do stuff like that. But see, the thing is you have to.  There, you have to be on site a lot of times to do the site, the security stuff the, classified stuff. But that being said there's, actually some people like a friend of mine, really good friend of mine. He was telling me about how there's this innovative new technology where you can actually do even classified work from home jobs. So even that is gonna be work from home more and more and I'm talking about all the way up to Ts and he, once he explained to me how that's done I was, my mind was blown. I was like, holy crap. That makes sense. But anyway, most of those jobs right now are normally you can't do those remotely. Another one that's deceptive are jobs where you have to travel a lot. The problem with those is they'll say, oh, it's a hundred percent remote, but. You're traveling so much that doesn't even matter, like some of the consulting and some of the professional services jobs, they require you to go on site. If, they, if it's over, I'll put it to you like this. If the travel is over, if it's over 50%, then you're gonna be traveling a lot because you gotta factor in. Probably add another 20% for the travel days. Yeah. So if it's over, if it's 50 if it's even close to 50%, that is CR that is a lot of travel. Like you, I, cuz I did a job like that and I was constantly on the road and the only time.  I think mine was 60 to 75% travel. I was never home. I was never home. would come home for the weekend and then I was off again, like I'd have a three day weekend and I'd be traveling for the rest of the week. So it was brutal, man. It was work from home, but I just, I was traveling all the time. So if it's any of those jobs and normally the other one I would say, okay, so we talked about classified jobs. Normally those are on site or some kind of a hybrid.  Those are changing, but most of the jobs are you're gonna have to go on site. The other one would be consulting where you're traveling a lot, cuz you have to go to all these different places. And then the other one would be if they really want you to have FaceTime with the customer. And that usually requires being on site, those off the top of my head, the ones that out of all the ones I've been offered that I've worked at personally, that's been my experience. But if you guys can name any other places where it's pretty much, you have to be on site field text. That's another one that one's not gonna be well it's it says it is gonna, it can be remote, but you're traveling so much that it might as well not be remote cuz you're never home. Yeah. Hope that answers your questions. Most jobs off the top of my head. Cyber, a lot of cybersecurity jobs can be done remotely. Remote administration, you can do system administrator jobs, a lot of those remotely. You can do networking a lot of those networking jobs, remotely configuring firewalls, monitoring traffic. A lot of those you can do remotely. Just name something. Most of 'em you can do remotely. It really depends on the organization. So just keep that in mind. Okay. Let me keep going.  okay. Somebody said it is back on the topic here. Somebody said it is difficult to to impossible to get a fully remote. There is zero chance that I would work and take the added risk of doing classified work remotely. Yeah. So the technology that was in place was it was like a virtual machine, nothing stored on your computer, basically. It's you're seeing, it's like you're seeing images. Like your whole desktop and everything is just images that you're seeing. But the, risk for me is that if you're in your house, you've got things like you've got other what if your daughter is on the phone over here? And they have their phone they're on speaker phone and you happen to be doing a you're on a secure line on. System and you're doing classified work and then they can hear what you're saying, so there's a possibility of a security incident because it got leaked to somebody. I don't know. There's just I'd be nervous about it myself to be honest with you Dru says after C or it travel jobs still plentiful. Yes. I know the go.  in the government for the government. It has slowed down quite a bit. Yet there's still a lot of travel jobs, but you're right. There's a lot of customers and clients. And the last job I worked at without giving too much away last job I worked at I I was a, consultant. I was a cyber security consultant and we would, our biggest part of, one of the biggest part of our jobs is that we would have, we'd have all these assessments and we would. To a site. We, we would go to the site and we'd do physical assessments and we'd do wireless assessments. You have to be on the site for those. So we would go there and sit down with the facility manager and ask them, que interview them and then walk around the facility and all this kind of stuff. And then you'd do a report like you say, okay you're good here. Good. Here you have a checklist, all that kind of stuff. But a lot of clients were like, nah, you can't come to our site or you can come to this site, but you can't come to this site. So you have a point because of COVID travel has been. Restricted, but there is, it's starting to open up quite a bit lately. Like right before I left, they were opening things up. Like it, it was opening up like crazy because Mo most places in the us are opening up with the exception of there's a few places. Like we had some overseas places that were still pretty, pretty locked down, pretty tight. Exactly skiffs are skiffs for a reason.  yeah. Okay. Let me see if I can answer if there's any other questions here. Tons of questions and interactions on TikTok. I'm really surprised about TikTok. Somebody asked me, okay, this is a good question. Couple questions that are related. Somebody asked me if they can do cyber security at age 30 and another person asked me if they could do it at age 45. And I would say. As a matter of fact, cybersecurity lends itself to a more mature minded person. Because you have to do a lot of interaction. As a matter of fact, like this career field is pretty old.  I don't say so myself, but the last place I worked at I wasn't the youngest guy, but I I'm pushing 50 man. Like I, I, wasn't the youngest guy there and.  so I was not the youngest or the oldest guy there. So it, this career path needs more mature people because you're dealing with pretty heavy, issues. And you're having to talk to, you have to have the maturity, the emotional intelligence to talk to high level, cyber security CISOs and C level execs and stuff. And then you gotta be able to switch gears and then talk to a technical.  and because of that, it lends itself to a more mature type of person who can handle, stress and not freak out. And who've been around the block enough to know, okay. Yep. Don't worry. Like we got this and not panic. So you need somebody with a cool hand. And a lot of times even me, I've been doing this for 20 years, but August school, like the last place I worked at, there were, so there were people there who were masters at this and I'm like, I man, these guys were running circles around me. I thought I was pretty good at presentations and stuff, man they were killers. They just like something bad would happen. Something horrible in cyber security. So many bad things could happen that we're in the business of preventing bad things from happening to your assets. Something would happen and the client would lose their damn minds and they'd be a younger. Who can't handle any kind of pressure and they freak out and they they'd freak out and then have another person, like my mentor, who was at that job, that person would just be calm and just calm them down. Just talk 'em off the ledge, negotiate with them. And then next thing you know, they're no longer holding hostages like they were. So good at speaking to cus clients and customers, and that level of maturity is, really necessary. Yeah, 45, like as long as you can get the concepts down, as a matter of fact if you don't wanna do another two years of if you don't want to sit down and do two years of learning all this new it, you could actually do something like a program. Project manager is actually a really great position for an older person. Project manager is. Compliance the stuff I'm doing something like that. Something where you're not super like in the weeds, technically, because there's a lot going on with like firewalls are constantly evolving and changing. And like a web technology is constantly evolving, changing, and man, to keep up with the server technology it's constantly going constantly moving constantly and you're having to constantly hit the books and stuff. So that could be. As you get older, you have all this other stuff going on in your life. Whereas youngsters they're just now coming in and taking on new responsibilities. So the work is everything for them. They don't have maybe they have one kid or something, but they don't have necessarily grandkids or five kids or whatever, so they have, they can devote more of their time to this learning this new technology and stuff. But if you, I would highly recommend especially if you're older,  you already have done two or three different career paths and you're doing this so you can retire and, live a simpler life. Man I would recommend project management get P and, also it really needs more mature people like people who can handle pressure and not freak out people who are calm as a cucumber, this calm, this, and they can just work in any environment because they've, seen some. So they got that, that thousand yard stairs. We used to call it in the military. They've seen some shit so older people like, yeah, I, it is, you could definitely do this as an older person. All right. I think that's it guys. Thanks for watching. I've been talking for about 30 minutes. I'm gonna try to do more like one offs like this, instead of just doing 'em once a week more Podcast. And if you're interested in hearing a lot more, cuz I actually post more stuff on on audio go to combo courses.podbean.com or checking the link description below and you'll have more access to all the stuff that I put out. In some old podcasts I've been posting. All right guys, that's it for this one. Thank you so much. De truth. Thank you. S V T. Thanks for all the questions on TikTok.  

FIGHTWING PODCAST
COMSEC IS OPSEC! Security Special! The Natasha Devine Show 09.07.2022

FIGHTWING PODCAST

Play Episode Listen Later Sep 8, 2022 52:26


In this episode Natasha discusses online security for activists from both a technological and a strategical perspective. #comsec #session #telegram --- Send in a voice message: https://anchor.fm/fightwing/message Support this podcast: https://anchor.fm/fightwing/support

The Tech Blog Writer Podcast
2046: The Advantages of Hybrid Cloud, SaaS Apps and Security

The Tech Blog Writer Podcast

Play Episode Listen Later Jul 22, 2022 49:29


Many businesses are currently juggling two different worlds. We have the modern cloud infrastructure and Kubernetes. But on the flip side, there is 10-20-year-old legacy tech such as Oracle Solaris, old IBM and HP servers, etc. Elsewhere, business leaders are also challenged with managing security, the Cloud, and hybrid working. Anil Kumar from Citrix and Sharon Besser from GuardiCore join Neil Hughes in discussing the advantages that hybrid cloud and SAS apps can offer businesses. About Sharon Sharon Besser is an accomplished data and network security expert with a successful track record combining deep technical hands-on excellence with a market vision to incubate new solutions and develop next-generation technologies. Sharon was the CTO and co-founder of Publicom (acquired by Comsec), co-founder of Contondo (acquired by Bigtincan), co-founder of EyeOTee Inc., VP Technologies at Net Optics, (acquired by IXIA), VP of Products Strategy at Imperva, Director of security solutions at Check Point, Director of security products at Websense, through the acquisition of Port Authority Technologies. Sharon holds a BSc degree in Computer Science, Mathematics, and Geography from Bar Ilan University. About Anil As a Technical Marketing Manager at Citrix, Anil Kumar is responsible for Building and owning an Ecosystem of Networking, Security, and Cloud technology partners. He is also a subject matter expert on the Citrix cloud, networking and security products, and services. Anil is also responsible for developing and managing a test infrastructure in-house/on-prem and on Cloud for proof of concepts and for partner product verifications.

Real CyberSecurity
Episode 40 - Hacked Traffic Signs, Mesh CyberSec, Ukraine War COMSEC

Real CyberSecurity

Play Episode Listen Later Mar 31, 2022 42:37


Hacked traffic enunciator boards, the reports of the top passwords from a hack, how poor communications security is in the news for the Ukraine war,  security education, and internet of things chat. And a tutorial on Mesh Cybersecurity.

Tech Fusion By Citrix Ready
23: The Business Advantages of Hybrid Cloud and SAS Apps

Tech Fusion By Citrix Ready

Play Episode Listen Later Jun 24, 2021 48:44


Many businesses are currently juggling two different worlds. We have the modern cloud infrastructure and Kubernetes. But on the flip side, there is 10-20-year-old legacy tech such as Oracle Solaris, old IBM and HP servers, etc. Elsewhere, business leaders are also challenged with managing security, the Cloud, and hybrid working. Anil Kumar from Citrix and Sharon Besser from GuardiCore join Neil Hughes in discussing the advantages that hybrid cloud and SAS apps can offer businesses. About Sharon Sharon Besser is an accomplished data and network security expert with a successful track record combining deep technical hands-on excellence with a market vision to incubate new solutions and develop next-generation technologies. Sharon was the CTO and co-founder of Publicom (acquired by Comsec), co-founder of Contondo (acquired by Bigtincan), co-founder of EyeOTee Inc., VP Technologies at Net Optics, (acquired by IXIA), VP of Products Strategy at Imperva, Director of security solutions at Check Point, Director of security products at Websense, through the acquisition of Port Authority Technologies. Sharon holds a BSc degree in Computer Science, Mathematics, and Geography from Bar Ilan University. About Anil As a Technical Marketing Manager at Citrix, Anil Kumar is responsible for Building and owning an Ecosystem of Networking, Security, and Cloud technology partners. He is also a subject matter expert on the Citrix cloud, networking and security products, and services. Anil is also responsible for developing and managing a test infrastructure in-house/on-prem and on Cloud for proof of concepts and for partner product verifications.      

DoD Secure
NISPOM training, education and certification

DoD Secure

Play Episode Listen Later Jan 2, 2021 34:10


We are pleased to present the newest podcast. In this issue, we address security certification and security training because; New Year's Resolutions. ISP® AND ISOC Master Exam Prep is now available here and at most online book stores.Also, we've provided real world security discussions and frequently asked questions. These occasions have proven to be good opportunities to clarify understanding of security policies and the reasons we do what we do. We would love to hear your stories as well. We hope you continue to learn and benefit from our newsletter and products. If you are, please refer us to a friend or forward this newsletter with our appreciation. Stop by our advertisers websites as well. You just might find what you are looking for. Have you taken the next step to being competitive in the government contracts arena? If not, this article will provide information and tips based on a proven method of studying for and passing the exam. Why earn a certification?There are several reasons to achieve certification. One of which allows cleared defense contractor owners and employees to take advantage of opportunities offered in the recent Presidential Executive Order: National Security Professional Development. The Executive order states: "In order to enhance the national security of the United States...it is the policy of the United States to promote the education, training, and experience of current and future professionals in national security positions (security professionals)..."The National Strategy identified in the Executive Order provides a plan to give security professionals access to education, training to increase their professional experience in efforts to increase their skill level and ability to protect our nation's secrets.The ISP Certification is sponsored by NCMS (Society for Industrial Security) a professional organization specializing in protecting classified information. The ISP holder demonstrates a high level of knowledge in this area. The certification is based on the National Industrial Security Professional Operating Manual (NISPOM) but also covers electives such as: COMSEC, OPSEC, and other topics.Industrial Security Oversight Certification (ISOC) is sponsored by the Department of Defense and information can be accessed at https://www.cdse.edu/certification/Guidance for protection classified information that can be applied for training and certification: How to Get U.S. Government Contracts and Classified Work | Red Bike Publishing Security Defense Lawyer If you have had an event that could put your security clearance in jeopardy. contact Ron immediatelyMission Driven Research, Inc Mission Driven Research, Inc is a growing company providing technical services to the US government.Red Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Bennett Institute Online security clearance webinars and coaching. Providing security training and resources.Support the show (https://www.redbikepublishing.com/insidersguide/)

Thoughts That Rock
Ep. 67: CMSgt Kaleth Wright | Never Forget Where You Came From

Thoughts That Rock

Play Episode Listen Later Aug 10, 2020 42:27


In this episode, we talk with Chief Master Sergeant of the Air Force, KALETH WRIGHT, who is the highest enlisted officer in the US Air Force.THOUGHT #1Never Forget Where You Came From...and Always Be True to YourselfTHOUGHT #2No One Can Fill You with Anything, if You're Already Full of Yourself. - Adaptation of Max Lucado quoteCONNECT:Website: af.milFacebook: @CMSAFOfficialInstagram: @CMSAFWrightLinkedin:  Kaleth O. WrightTwitter: @CMSAF18YouTube:  U.S. Air Force AcademyBRAND & RESOURCE MENTIONS:Danger Zone (Kenny Loggins) - YouTube.com"What We Do in the Shadows" (TV show) - Hulu.comPage Two Publishing - pagetwo.comGame of Thrones (TV show) - HBO.com"Huey" (Bell UH-1 Iroquois Utility Helicopter) - wikipedia.comChief Amy Riley (Ramstein AFB) - LinkedinMax Lucado - MaxLucado.comJoe Winbush - LinkedinJoint Base Andrews - JBA.af.milThe Pentagon - Brittanica.comPTSD (Post-Traumatic Stress Disorder) - MayoClinic.orgBrene Brown - BreneBrown.comMalcolm Gladwell - GladwellBooks.comSec. Colin Powell - History.state.govTop Gun (1986 movie) - imdb.comUSAF Chief of Staff Gen. Goldfien  - af.milCol. Rebeccas Sonkiss (Andrews AFB) - Flippingbook.comCMSgt USAF Joanne Bass - af.milHard Rock International – HardRock.comThoughts That Rock – ThoughtsThatRock.comCertified Rock Star - CertifiedRockStar.comCulture That Rocks: How to Revolutionize Your Company’s Culture (Jim Knight) – CultureThatRocks.comBlack Sheep: Unleash the Extraordinary, Awe-Inspiring, Undiscovered You (Brant Menswar) - FindYourBlackSheep.comRock ‘n Roll With It: Overcoming the Challenge of Change (Brant Menswar) – RocknRollWithIt.comCannonball Kids’ cancer – CannonballKidscancer.orgKeppler Speakers - KepplerSpeakers.comBig Kettle Drum - BigKettleDrum.comSpectacle Photography (Show/Website Photos) – SpectaclePhoto.comJeffrey Todd “JT” Keel (Show Music) - JT KeelCMSgt KALETH WRIGHT'S BIO:Chief Master Sergeant of the Air Force Kaleth O. Wright represents the highest enlisted level of leadership, and as such, provides direction for the enlisted force and represents their interests, as appropriate, to the American public and to those in all levels of government. He serves as the personal adviser to the Chief of Staff and the Secretary of the Air Force on all issues regarding the welfare, readiness, morale, and proper utilization and progress of more than 410,000 enlisted members. Chief Wright is the 18th chief master sergeant appointed to the highest noncommissioned officer position. Chief Wright enlisted in the Air Force in March of 1989 and his background includes various duties in the dental career field. He served as a Professional Military Education instructor and has held various senior enlisted positions while serving at squadron, group, wing, Task-Force and Numbered Air Force levels. He has deployed in support of Operations DESERT SHIELD/STORM and ENDURING FREEDOM and completed overseas tours in the Republic of Korea, Japan, Germany, and Alaska. Prior to assuming his current position, he served as the Command Chief Master Sergeant, U.S. Air Forces in Europe and U.S. Air Forces Africa, with headquarters at Ramstein Air Base, Germany. EDUCATION 1993 Airman Leadership School, Pope Air Force Base, N.C. 2000 Associates in Applied Science Degree, Dental Assisting, Community College of the Air Force 2000 Noncommissioned Officer Academy, Kadena AB, Japan 2002 Bachelor of Science, Business Management, University of Maryland 2003 Associates in Applied Science Degree, Instructor of Technology/Military Science, CCAF 2005 Senior Noncommissioned Officer Academy, Maxwell AFB-Gunter Annex, Ala. 2007 Air Force Medical Service Intermediate Executive Skills Course, Sheppard AFB 2009 Masters in Business Administration, University of Phoenix 2010 Master Certificate in Project Management, Villanova University, Villanova, Pa. 2010 Chief Leadership Course, Maxwell AFB-Gunter Annex, Ala. 2010 Professional Managers Certification, CCAF 2012 Gettysburg Leadership Experience, Gettysburg, Pa. 2012 Senior Enlisted Joint PME Course, National Defense University, by correspondence 2013 Project Management Professional Certification, Project Management Institute, Philadelphia, Pa. 2013 Enterprise Leadership Seminar, Darden School of Business, University of Virginia 2014 Keystone Command Senior Enlisted Leader Course, National Defense University, Fort McNair, D.C. 2014 AFSO21 Executive Leaders Course, University of Tennessee 2014 Air War College, Air University, Maxwell AFB, Ala., by correspondence 2015 Leadership Development Program, Center for Creative Leadership, Colorado Springs, Colo. 2016 Graduate Certificate in Executive Leadership, Cornell University, Ithaca, N.Y. 2018 Sherpa Executive Coaching Course, Sherpa Leadership Institute, Howard University, Washington, D.C. 2019 National Preparedness Leadership Initiative, Harvard T.H. Chan of Public Health and the Harvard Kennedy School of Government Center for Pubic Leadership, Cambridge, MA ASSIGNMENTS 1. September 1989 – June 1994, Dental Assistant Specialist, 23rd Medical Group, Pope AFB, N.C. 2. July 1994 – July 1995, Dental Assistant Journeyman, 51st Dental Squadron, Osan AB, Korea 3. August 1995 – August 2001, NCOIC, Preventive Dentistry/Records and Reception/Oral and Maxillofacial Surgery/Dental Readiness, 18th Dental Squadron, Kadena AB, Japan 4. August 2001 – August 2004, Flight Chief, Training/Evaluation, Kisling NCOA, Kapaun AS, Germany 5. September 2004 – February 2007, Flight Chief, Dental Flight, 43rd ADOS, Pope AFB, N.C. 6. February 2007 – February 2009, Superintendent, 51st Dental Squadron, Osan AB, Republic of Korea 7. February 2009- July 2010, Superintendent, 3rd Dental Squadron, Elmendorf AFB, Alaska 8. July 2010 – May 2011, Superintendent, 18th Dental Squadron, Kadena AB, Japan 9. May 2011 – May 2012, Superintendent, 18th Mission Support Group, Kadena AB, Japan 10. May 2012 – February 2014, Command Chief Master Sergeant, 22nd Air Refueling Wing, McConnell AFB, Kan. 11. February 2014 – December 2014, Command Chief Master Sergeant, 9th Air and Space Expeditionary Task Force-Afghanistan, Kabul, Afghanistan 12. January 2015 – June 2016, Command Chief Master Sergeant, 3rd Air Force and 17th Expeditionary Air Force, Ramstein AB, Germany 13. June 2016 – January 2017, Command Chief Master Sergeant, U.S. Air Forces in Europe, U.S. Air Forces Africa, Ramstein AB, Germany 14. February 2017 – Present, Chief Master Sergeant of the Air Force, Pentagon, Washington, D.C. MMAJOR AWARDS AND DECORATIONS Legion of Merit Bronze Star Medal Meritorious Service Medal with four oak leaf clusters Air Force Commendation Medal with oak leaf cluster Air Force Achievement Medal with oak leaf cluster Air Force Recognition Ribbon with oak leaf cluster OTHER ACHIEVEMENTS 1997 18th Dental Squadron NCO of the Year 1998 18th Dental Squadron NCO of the Year 2000 18th Dental Squadron NCO of the Year 2000 PACAF Outstanding Dental NCO of the Year 2000 USAF Outstanding Dental NCO of the Year 2000 John L. Levitow and Academic Achievement Awards, Kadena NCOA 2005 43rd Airlift Wing and Pope AFB SNCO of the Year 2005 AMC Outstanding Dental SNCO of the Year EFFECTIVE DATE OF PROMOTION Chief Master Sergeant of the Air Force February 2017

DoD Secure
What to expect with a brand new security clearance

DoD Secure

Play Episode Listen Later Jul 1, 2020 24:49


This blog continues the series describing what happens after the government grants you a security clearance. After receiving a job with a company or agency performing classified work, you’ll receive your onboarding training, which may have included the SF 312 Non-Disclosure Agreement, Initial Security Awareness, Derivative Classifier and other required training events and briefings. Even though the Facility Security Officer (FSO) brought you into the system, awarded your security clearance, and performed the required high-level training, there is still much more work to do to ensure you understand how to perform on classified contracts.The high-level training and onboarding is enough to get you “authorized” and prepared for the work. The rest of the preparation will come from other sources to include peers, supervisors and program managers. This training is usually provided on the job as you actually begin performing on the classified contract.This is how it might play out. The Government Contracting Agency (GCA) or program office flows down the classified work in the contract to the Cleared Defense Contractor (CDC). Part of the classified contract is the Contract Security Classification Specification or DD Form 254. According to the information on the DAMI website, the purpose of the DD Form 254 is to “…convey security requirements, classification guidance and provide handling procedures for classified material received and/or generated on a classified contract…” This DD Form 254 provides direct information to complete your training so that you can perform well. Keep in mind that if you will be working on multiple contracts, you should understand the contents for each contract.The DD Form 254 will explain the classification level that you will be working with. It is important to understand that this level will be at the same level or lower than your security clearance level. Therefore, you would need a Top Secret clearance to work on classified contracts at the Top Secret level or lower. The form may also state any additional classification concerns such as foreign government information, communications security (COMSEC) requirements, and more.The form also determines where you will perform the classified work. If the CDC facility has a possessing Facility Clearance (FCL), then you might perform work at that location. If the CDC facility has a non-possessing FCL, you will usually performed classified work at another location. For example, a cleared employee may not necessarily perform the classified portion of the work at their location based on guidance in the DD Form 254. As a result, any cleared employees have an office at their headquarters or company property, but perform classified work off-site at a government, research, or other cleared contractor location.While the FSO will provide the required NISPOM security training reflecting National Industrial Professional Operating Manual (NISPOM), your supervisor may give you more work specific training as you perform on the classified contract. Your supervisor will teach you how to write documents, assemble subsystems, collect raw data from sensors, or other specific work required by your contract. They will also teach you how to correctly mark, assemble, store and protect the classified work products.Websites Mentioned:www.bennettinstitute.comhttps://www.redbikepublishing.com/fsocertification/https://www.amazon.com/-/e/B002BM2LY8Support the show (https://www.redbikepublishing.com/insidersguide/)

PRIMAL RADIO
88: #88 Mike Blackgrave's Transformation

PRIMAL RADIO

Play Episode Listen Later Nov 19, 2019 39:56


Mike Blackgrave appears on the Primal Radio podcast for a third time to discuss his recent mental, physical and spiritual transformation. Michael Blackgrave, founder of SEAMOK, began his first steps in martial arts learning WWII combatives at a young age from his father, a 101st Army Airborne Infantry Veteran. Later Guro Blackgrave also enlisted in the Army and served honorably with the 59th Ordinance Brigade and the 74th USAFAD during the height of the cold war in the capacity of COMSEC security. Additionally Guro Blackgrave gained twenty years experience bounty hunting, bodyguarding, and providing club and special event security. He has taught seminars to civilians, law enforcement and private security personnel throughout the United States and used every opportunity to gain more working knowledge of the arts as he traveled. Mike is a strong advocate of practical and tactical firearm usage, and has taught seminars to civilians, law enforcement, and private security personnel throughout the United States. He is also responsible for building the P.C.C.T. (Police Control Capture Tactics) course for the Waycross, Georgia Police Dept. Mike is a published author on the subject of self-preservation using edged and impact weaponry, and is a member in high standing with the WCMAA (World Combat Martial Artists Association) and also a life member of the NRA. SEAMOK (Simple Effective Aggressive Methods of Kombate) is a combative art system encompassing any weapon, from boots to blades to bullets, toe to toe, downrange, or on the ground. SEAMOK was born from the sweat, blood, and scars of Founder Bwana Mike Blackgrave. Its foundations have roots in a myriad of systems including Goju-Ryu, Wing Chung, Qi Gong Kung Fu, Western Boxing, and a host of Philipino Martial Arts (FMA) such as Silat, Escrima, Kali Illustrisimo. After becoming proficiently adept in all these systems, Guru Blackgrave combined the best aspects of each system, and forged his own art, which applies to body mechanics and combative skills that apply with any confrontation and virtually any weapon. Amo Guro Michael Blackgrave is available for teaching seminars on the concepts and applications of SEAMOK as it applies to empty hand, weapon, and firearms in violent confrontations. Links: https://texasrotr.wordpress.com/mike-blackgrave/ http://seamok-kombate.blogspot.com/ https://www.youtube.com/results?search_query=Mike+Bwana+Blackgrave https://www.facebook.com/groups/397483824271429/

FIGHTWING PODCAST
Episode 36: ComSec is OpSec

FIGHTWING PODCAST

Play Episode Listen Later Nov 12, 2019 21:41


In this episode Natasha discusses Epstein's Curse from Beyond the Grave, QAnon's Return, LiveStreaming on YouTube --- Support this podcast: https://anchor.fm/fightwing/support

Synthetic Snake Oil: Online Security Tips
DP27 The Great Hacker War

Synthetic Snake Oil: Online Security Tips

Play Episode Listen Later Oct 28, 2019 3:19


Since the development of the Internet, there has always been hackers. While a lot of us see them as nothing short of thieves who want to steal our personal information, hackers are a lot more than that. To give you an idea of a different side of hackers, one event from the 90s comes to mind: The Great Hacker War. While it has a rather dramatic name to it, it was nothing but two groups of hacker communities sending prank calls, breaking into security systems, jamming phone lines, and breaking into computers. In fact, members of the two warring factions at the time state this was all a hoax, over-dramatized by the government and that this was nothing more than a competition as opposed to a war. Looking at this war further, it only lasted a few days at best and only four big events were worth noting from it. The first event started when someone posted a message on an invite-only bulletin board. The message was talking about what was known as the “Fifth Amendment” and that those who were invited were some of the world’s successful hackers. This board was formed by two of the leaders of one of the factions: Chris Goggans and Loyd Blankenship. The faction was a newly reformed group called the Legion of Doom or LOD for short. What caused conflict was when a member from the Masters of Deception (MOD), John Lee, closed the board by sending cryptic messages on the board to the users. Furthermore Lee was accused of distributing this information openly when it clearly meant to be reserved for specific people. Shortly after the accusation, members of LOD started to receive prank phone calls to home numbers that MOD had picked up. Once Goggans put out a call to get MOD members personal information, peacemakers intervened and asked to set up a conference call and make peace with the situation. Unfortunately, peace couldn’t be maintained then as MOD members started to hear LOD members using racial slurs to describe some members of MOD. Because of that, the talk turned into threats and further prank calls. There was another last-minute peace talk later that same night between Goggans and Mark Abene of MOD. That too didn’t go well with Abene not wanting to meet Goggans demands for MOD members personal information. This sparked more anger from Goggans who shouted more racial slurs before hanging up. That call sparked the war amongst other events as MOD members quickly uncovered that Goggans was plotting to build a security company: ComSec. The idea was for Goggan and his small group to build this security company, send messages to companies urging them to buy their services, while also helping police capture and imprison various hackers. At the end of the day, both groups admitted that this war was petty. In general it was a scheme Goggans concocted to build a company. A company that he felt ashamed of implicating many of his hacker friends in. These events gained a lot of traction mainly due to overzealous law enforcement as well as the media painting the entire scene in a grim way to boost readership.

Empowering Innovators
FinTech & CyberSecurity Special #2

Empowering Innovators

Play Episode Listen Later Jan 18, 2019 20:50


What are the biggest cybersecurity threats to watch out for in 2019? This episode of the FinTech & CyberSecurity podcast special, deep dives into issues around cybersecurity - what can governments and companies do to protect themselves from cyber attacks? We discuss the 2017 Equifax incident as an example and also explore why assessing the risks of third-party suppliers has become such a hot topic in recent times. Elizabeth Kleinveld, the Partner Success Manager at Startupbootcamp’s currently running FinTech & CyberSecurity program in Amsterdam moderates the discussion - with guest speakers: Victor Gamra, Founder and CEO at FortifyData, Martin De Vries, Innovation Officer within Information Security Department at Rabobank and Tal Tahar, Senior CyberSecurity consultant at Comsec.

SOFREP Radio
Ep. 392 - Cybersecurity & privacy

SOFREP Radio

Play Episode Listen Later Oct 3, 2018 103:45


Our guest this episode is Justin Carroll, a former MARSOC operator with an impressive background in privacy and security operations with USSOCOM. In the modern age, cybersecurity and evaporating privacy are of huge concern for virtually everyone, and Justin gives us some expert analysis on what all people should be aware of, and what's coming down the pike. We talk about smartphones, social media, and even the future consequences of modern technology in the hands of a tyrannical government. Justin has written a great deal about these subjects, and his latest co-authored book titled "ComSec" is a must read. Justin also hosted on The Complete Privacy and Security Podcast, but tells us he's currently more focused on his latest venture, the Across the Peak Podcast. Beyond these pressing topics, you'll also get a look into Justin's time with MARSOC, and it's rare we get a guest on from the newest branch of special operations. We also respond to an email regarding China sent to sofrep.radio@sofrep.com, give our analysis on President Trump's recent comments of "falling in love" with North Korean dictator Kim Jong Un, and why we found them to be very disturbing. We also talk about the latest Medal of Honor Recipient Ron Shurer being in the fight for his life battling lung cancer.  Friends and family have set up a GoFundMe to help pay these costs for the Green Beret war hero, and we encourage you to give back. With that, we have just added a Facebook page for the podcast at facebook.com/sofrepradio. Be on the lookout for a new website devoted to the show as well as a new app. GoFundMe for Ron @ https://www.gofundme.com/help-ron-keep-up-the-fight Learn more about your ad-choices at https://news.iheart.com/podcast-advertisers

Prepping Academy
Garvin was interviewd on All Hazards Communications Preparedness!

Prepping Academy

Play Episode Listen Later Sep 12, 2018 57:14


Garvin was interviewd on the All Hazards Communications Preparedness podcast!Show Notes:Everyone with two eyes to see and two ears to hear knows how little (none?) privacy we have these days. Forrest Garvin, founder of Carolina Preppers Network and the newly formed PrepperNet organization is a computer security expert and former intelligence analyst. He’ll discuss various topics regarding Internet communications security (ComSec) including VOIP as well as various encryption techniques.If you not a true paranoid, you probably can’t do much if our behemoth federal government targets you as an individual. However, for 99 percent of the rest of the population, Forrest Garvin has some practical tips and techniques to share. Most of the practical stuff we’ll be talking about can be put to use every day and made into a daily routine, upping your survival chances and lowering your risk of being ripped of or spied upon by your enemy(s?).You might be thinking, during a SHTF scenario, there won’t be any Internet or even a dependable supply of electricity. That’s when you’ll dig deep into your homemade Faraday cage and pull out your fully charged handheld two-way radio to check into your local prepper group’s prearranged radio network using the SHTF radio 10-codes you were given. But what about real communications security via two-way radio? That’s one of the topics we’ll cover with Forrest Garvin during the Sept. 4 “All Hazards Communications Preparedness” podcast live at 9 pm Eastern every Tuesday on the Prepper Broadcasting Network.http://preppingacademy.com/Host: “David A. Vine”http://prepperbroadcasting.com/all-hazards-communications-preparedness/Support the show (https://www.patreon.com/preppingacademy)

god internet survival vine prepping preparedness hazards preppers voip faraday garvin shtf comsec prepper broadcasting network interviewd forrest garvin preppernet
Prepper Podcast Radio Network (℠)
Nick Meacher and Communincations on Surviving Dystopia

Prepper Podcast Radio Network (℠)

Play Episode Listen Later Sep 11, 2018 120:00


Today on an extended show we will talk to Nick Meacher about communications on Surviving Dystopia He's been working with author Angery American, to produce a 3x5 booklet/cards with the comms plan information on. Users will be able to fill in their own codes or words to use with a dry erase marker or wax pencil to be reused. Available soon Creator of a large communications mind map - available in 24x36 or 36x48 this has everything on it for prepper hams to include;  how to develop a communications plan Nick will be speaking about this at the Self Reliance Experience in Denver 22nd & 23rd September), band plan, frequencies for personal radio services to include GMRS, FRS, MURS, CB and ham.  There is also information on communications security (COMSEC), information security (INFOSEC), operational security (OPSEC) signals intelligence (SIGINT) etc. to include other agencies frequencies that could provide SIGINT and information in a disaster.  It also includes information on the various satellite systems. I also write for Survival Dispatch Insider, with over 70 pages each month dedicated to a specific topic. http://www.survivaldispatch.com/  Working on another project called Safety Quick Cards. Cards the size of playing cards with information on numerous topics to include communications, get home bags, survival priorities, food, general prepping, area/community intelligence, medical and more.  We hope to have these available prior to the Self Reliance Experience. Visit us at Prepper Podcast and Angry Eagle Productions  for more on our hosts and shows.

Finance & Fury Podcast
Making money from shares; ratios, prices and what to look for

Finance & Fury Podcast

Play Episode Listen Later Apr 8, 2018 18:41


Welcome to Finance & Fury! Is it better to actually make money or take money? Today we'll be discussing whether it's better to actually cooperate with companies or compete with them, and the best ways to actually make money of your own. And specifically we will be discussing shares and what to look for when you want to buy shares as well. Because when looking for the best companies to own and how to pick them, it's all about picking the best company to cooperate with. And we'll run through the different methods of people use, whether it's protest, plunder or profit. We'll discuss a lot of the metrics around which shares to buy and which should actually work better for what your goals are in the long term. So, to take us into it, Mr. Fury... Enough is enough. I have had with my personal finances being all over the damn place. Everybody's strap in - it's time for Finance & Fury. Firstly, what is a share? Share, stock, it's really all the same thing depending on which country you're in and what you call it. It's simply an ownership in a publicly listed company. And companies are a separate legal entity set up to operate (normally) businesses. Most companies that have listed on the ASX, which means that they've had a private company and they've reached a point where they can actually put that publicly available for everyone else to buy because they've got to a point where they're big enough to justify it. Because, to list on the ASX, it costs quite a bit of money. And most of the company is currently on there were small businesses that started off, grew over the years, and then got to the size that they could list and have external investors rather than just a few individuals who privately owned the business. And that's where most of these companies have come from, where they've been startups that have just grown really, really, well and provided a service that people really want. There are the exceptions to that, such as the previously state-owned ones like Telstra and the banks that got listed when they no longer were owned by the government. But, when you buy a share, what are you getting for it? Well you're simply owning the business. If you buy a share in a company, say Telstra, Commonwealth Bank, and any of them, you're technically buying a part ownership in that business. Because rather than being privately owned, it can now be publicly owned by anyone. And what you get for buying a share? Well, being an owner in a company, you're entitled to some profits. If the company makes profits then they can pay those out to you in the form of a dividend. So, you get some income from the share. You also get voting rights. If the board aren't doing a good job or there's something going on behind the scenes that the shareholders don't like, they can vote the board members out and they can actually have a quite a substantial influence over these companies. Then, the thing that you hope to get most of all from a share, is actually sharing in the company’s success, where as they grow and increase their profits, you'll profit off that as well being the owner of the share. Before going further, we need to clear something up. The board of directors - they're the ones in control, really, of a lot of the decisions of the company - around who the management team is and a lot of the decisions they make. They have one job - it's making shareholders happy. If you own a share, the board of directors in the company by extension really only has one job beyond just providing what service they do, and that's to make shareholders happy. So, they're meant to provide the best service to the public to get the most amount of profit and do the best job that they can for the business, on the shareholders behalf. And that's through making the company do well. And they've got a lot of important decisions to make around what's the best use of the profits. Because if a company earns an income, pays its tax, then it has profit left over - and it can either reinvest that into the company, or pay you a dividend. And that's important for the board of directors to actually get right. Because if they don't shareholders aren't happy and when there's the choice of either investing internally in a project or paying investors a dividend, it really has to come down to what's going to get the best return. Where, if you as the board of directors, see a project to invest in, that could make maybe 10% in a year, or 12%...Or you could pay that out as dividend, which shareholders might value higher than that, it's better to pay them the money. And we've seen many, many, cases of poor, poor, management getting this decision very wrong. Where they think that it's a great new opportunity to go into - new and exciting fields outside of what the company actually specializes in - and the use of those profits into a poor investment decision actually really hurts the share price and hurts the shareholders. So, shareholders don't get happy and then that's when they sell the shares. If people are selling shares as the shareholders, that actually has a pretty bad effect overall. And that's where looking at what a share really is and how to profit off it is the best way to cooperate because you've got two options really - competing or the cooperate. And you see people trying to compete with these companies at the individual level a lot and that's where they're trying to plunder them almost, with like cyber hacks, unfortunately old-time sieges don't work on companies these days - you can't set a moat up around a castle, wait for them to starve it out, and then take all their stuff. There's laws, regulations, so plundering it's not really a good option to make wealth off companies anymore. So cooperating with them is really the best option, where if you purchase those shares you’re buying the shares to get a profit from the company, and, it's being an owner. And if you don't like a company, what should you do? Should you protest and want to change it? or should you get so stinking rich that you can own at least 51% of the company? Because if you really want to drive change, rather than shouting at others to do it, just make so much money you can earn 51% of the company… then guess what… you're in control of those board of directors and you can make some pretty big changes in a business. Which companies do you want to compete with then? None. You really don't want to compete with companies at that level, you prefer to cooperate really, because if you're cooperating then you're sharing in its successes. And the ones that do well grow in value and pay you an income that increases over time. How do you select those? You can choose to be the stock picker, where you can look at what may affect the share price. And there's really four key factors that might affect share prices, and really its inherent in nature, because the shares’ price is based around supply and demand. If the share itself has a very, very, high demand, the price will go up. It's all around how many people are buying it that affects the share price. Plus, the supply of the shares on the market. If there's a lot of available shares to purchase on the market and people don't really want to purchase them, the price will go down and you see that when you see share price collapses. That's people dumping the shares - selling them. So, the price goes down quite a bit. But what you want to look for is, first of all, the inherent value of dividend, which is inherent in nature, so it's actually trying to forecast what the future dividends are gonna look like. And that includes the franking credits attached to them, the yields of the dividend, and stability and growth of the company as well, where if it's been able to grow the dividend consistently every single year, year on year, that's a good sign, that's a good inherent value of a dividend where it's likely to increase growing every single year. And especially with franklin credits and a decent payout ratio, that's very valuable to investors. The next one is the inherent value of the future earnings of the business. So how well can the company grow itself to increase their earnings. Not so much just to payout to dividends but to also reinvest and grow the company, because if you've got a business where it's highly competitive, which a lot of companies are, they need to keep growing and doing something different which requires them to grow their earnings first. There are external factors, such as market forces, economic factors, politics, even just recently is expropriation of property in South Africa, is a very big risk. If you're in a business owning farms then that is something to look out for, where it's got to be in a safe legal environment that is doing fairly well for the share to be fairly safe and secure. Because people who own shares can freak out very easily. It's not safe and secure and they're worried and there's a lot of instability or uncertainty, then that can cause the market to spook, and that's not really a company you want to cooperate with. Because again when you're cooperating with companies you share in this success but you share in the loss as well. And one big thing to look for is the management. It holds all those three factors together, where if the management's doing their job properly, they're able to increase the inherent value of the dividends over time and they are able to increase the value of future earnings. And hopefully mitigate any external factors. There's things called ‘ratios’ with shares. They're only based around the balance sheet.  And if anyone's ever looked at a share, or even just gone to the ASX website, you'll see a little summary of things called PE’s, EPS, DPS - just acronyms for days. The PE is the price to earnings ratio, and it's the value of a share in its price to the earnings that underlay it. It's really just a good measurement of profitability of the business, where the price of the share to the earnings is given as a multiple. Say for instance, Commonwealth Bank, PE of 12. It means that the price is 12 times greater than its earnings per share. So, what's the profit of each share, and what's the price. And it gives you a multiple of that, and the lower that is, technically the greater, what's called a value share is. If you can buy a share with the PE of 4, then technically there's only four profit years there before you make up the full value of the share back. Compare that to Amazon – PE of 330. But that's where it gets murky again, where it's simply a balance sheet measurement. And when you look at the balance sheet, it only gets updated four times a year. The price gets updated every day. And the price gets updated when people sell it. If there's future expectation that the earnings will drop heavily, then the price will drop well in advance of the actual news coming out, and the balance sheet being updated. And that's where there's anomalies going on in the market and we'll go through those all in a minute, because the EPS is the next one that really affects the PE, where if the earnings per share or EPS is the per-share profit that's being earned by the company. If you buy one share you're entitled to part of that earnings per share in the dividend per share. So how much profit is paid to you? And that again gets fairly squirrely when trying to look at what's the best ratio to go for, with how much does the company reinvest, and how much do they pay to you? Because, with mining companies - very [high] capital expenditure companies that have to spend a lot to make money, technically they don't pay much out in dividends compared to what they reinvest. But when you compare that to cash cows like Telstra (well up until recently Telstra was, not so much anymore), but they prefer to pay profits, because they're in stable businesses that they don't really need to invest more in, so the management there decides well there's no point in us trying to reinvest a lot of this income because it's not going to actually help investors as much as just paying them dividend. The last one is a yield. It's the dividends of that dividend per share as a percentage of the price. So, a lot of these metrics are just the price by something else. What the earnings are, what the dividend is…and they can be good or bad. They're very easy methods of just taking a snapshot look at a company and thinking “oh well that's either overvalued, so, Amazon at a PE of 330, technically is a massive growth company where it's not earning so much of a profit, and that's out of management decision just so they don't have to pay tax. But if you're not really earning much of a profit then the share price has gone up a lot in that case of anticipation of future profits. And PE of 330 is fairly massive. And the good and the bad of it is just ratio traps, where previously we went through that the earnings are updated roughly every quarter, but investors inherent value - what they put on to these metrics - goes up and down every single day. And, if the share price was constant up until every quarter when the ratios really get updated, then everything will be fine but unfortunately the price changes as the ratios or the underlying metrics of them, stay the same. Here's an example. You look at a share it's got a yield a 16% on dividend, which means that if you put a dollar into that you should be getting 16 cents back. That's a pretty good dividend yield. But now imagine that the company has actually just dropped 75% in price. And that's off future expectation of them not making much money next year. Guess what, the update in earnings comes out and that dividend yield of 16% has now just gone back to 3%. Because the 75% drop in price happened before the earnings got updated. Another example, company with a PE of 4 might look really, really, good. But again, it could just be off a massive price drop off of future expectation. So, there are traps with ratios where they can look very attractive, but outliers generally exist in financial markets for a reason. And it's not a form of arbitrage or some profit for nothing that everyday investors can take advantage of because there's a lot of sophisticated professional investors out there that if they saw a PE company of 4, they probably would know that it's a good buy, but if they're not buying it at 4, it's probably a good indication it's going to sink further. Or, when the earnings get updated, it's going to go back to a PE of 20-something. It's very hard to be a stock-picker. You have got to do it a lot, and those ratios again, they're just the most simple example. But when looking at what shares or what investments to cooperate with, it's all about figuring out what you're after. So, what your goals are, and what your target return, and what your timeframes are, will really determine what the best shares for you to purchase will be. Because if you're approaching retirement and you want some safety and stability then what's called a large cap share might work really well, where they’re big stable companies and they generally don't have massive drops in price. Small cap though, the smaller startup companies, they might have massive future potential growth compared to your large caps because they're stable now and don't have much ability to increase than market share. But some small cap startup they might be able to generate massive, massive, massive growth. Unfortunately, though there's a high chance that they won't and go in the opposite direction. So, it's all about figuring out what you're after first when you're investing as to what shares to purchase, and it's very easy to try and get a target return. And that's the easiest option. Where you can purchase shares through indirect investments like managed funds, exchange-traded funds, listed investment companies, and just get a portfolio together of diversified investments across a number of different companies because if you're the stock picker and you see a PE of 4, you see a dividend yield of 16, you put all your money on that company, and it gets rerated and then it all of a sudden drops another 40%, well that's unfortunately a big loss to incur off trying to cooperate with the company that should be doing well. And that's where spreading the risk out across a lot of different companies really helps, but again it has to be the right environment, right target of what you're going for. And you can own them in a number of different ways. You can get them indirectly - so buying through platforms, managed funds, exchange-traded funds, LICs, or, you can go through share brokering accounts like COMSEC or NAB trade. There's all different methods of doing this. But the most important thing is there's just no crystal ball. No one can guarantee you that this is the next best share, next best company. People can have a good idea about generally the thematic trends of the market, if say, health care is becoming a big, big, focus of aged/retiree individuals then that could be a big growth industry. Or even legalized pot - there's CAN, a company on the ASX, that have got some medicinal trials. They have grown massively off the back of that news, and that's because the future inherent expectation of dividends and growth, off an industry like that. It’s pretty big when you compare it to what's happened in Colorado and places in America. And with no crystal ball though, comes the risks of not getting it right …and it's about just asking yourself what are you buying for? So, if you're buying for income, look for companies that are your more cash cows - have high dividend payout ratios compared to their reinvestment ratios. And look for companies potentially that are growth if you're in an early position, you don't need an income because technically income off shares gets taxed. If you can buy a share that is fairly stable, doesn't pay much income but is expected to grow quite a bit, that's a good way to increase your net wealth position without paying a lot of tax until you sell the share. And looking for what good companies have, it's all about just the management and decisions they've made over time, where you can look at the financial statements and just look year-on-year - are they increasing their revenue? Yes, tick. Are they increasing how much they pay out of that? Yes, tick. Are they still getting good return on investment? Because, what they used their profits for is to pay you or invest. And if internally, they're not getting a good return on investment for their money, then that's a bit of a sign the management might not be doing their job correctly. So as a brief summary, I think it's much better to cooperate with companies than try to compete with them. You just buy them and profit off them. And again, if you don't like the company, then out of spite, buy so much of it that you can just change it. And it can be very hard to do it well though. Especially if you haven't tried to buy shares or never purchased shares before, and you've actually never experienced your first loss. It's a very humbling experience. However next week, we’re going to talk about how to avoid that because I’ve gone through it, a lot of other people have gone through it, of having investments go down in value. So, we'll go through how to avoid this and protect yourself in the process while being able to gain good cooperation with growing companies, but not be caught with your pants down at the same time. I hope you enjoyed the episode and if anyone has any questions, like always feel free to go to financeandfury.com.au - hit us up on the contact page. Have a great week everyone, and I'll see you next time.