POPULARITY
Uveka Rangappa speaks to Lucas Molefe the Cybersecurity Consultant at ESET Southern Africa about protecting kids in digital playground and navigating in-app purchases and scams.See omnystudio.com/listener for privacy information.
Under Pat Gelsinger, Intel fell behind rivals and was late to the game in AI and its foundry business. Is the outgoing CEO to blame? (00:14) Tim Beyers and Dylan Lewis discuss: - Intel CEO Pat Gelsinger stepping down, why “GPU” is the key focus of his time at the helm of the company. - The multi-year planning cycle that goes into chipmaking, and why we may wind up praising Gelsinger's investment in the foundry business several years from now. - How Fastly will have one fewer name to compete with in the content delivery network market, but why it might spell trouble for the business long-term. (20:30) What's your data worth? Ricky Mulvey talks with Dave Hatter, a Cybersecurity Consultant at Intrust IT, about the “surveillance capitalism model” and where your digital data winds up. Get a two week free trial of 1Password at www.1password.com/MOTLEYFOOL Companies discussed: INTC, NVDA, AMD, ASML, TSM, FSLY, AKAM, GOOG, GOOGL, META, OTCMKTS: EXPGY Host: Dylan Lewis Guests: Tim Beyers, Dave Hatter, Ricky Mulvey Producer: Ricky Mulvey Engineers: Rick Engdahl Learn more about your ad choices. Visit megaphone.fm/adchoices
Don't Miss Video Highlights of this Episode on YouTube! SEARCH: @lifeasa.. ------ Life as a Cybersecurity Consultant Join cybersecurity expert and top consultant May Brooks-Kempler as she shares her career journey from a young hacker in the 90s to becoming a sought-after expert and consultant within the field of cybersecurity. With a wealth of experience and certifications, she dropped by LIFE AS A.. to share much of what she has learned along the way. Get ready for insights covering:
Guest: Shivani Shetty, Cybersecurity Consultant, Cyber ArtsOn LinkedIn | https://www.linkedin.com/in/shettysshivani/________________________________Host: Saman FatimaOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/saman-fatima________________________________This Episode's SponsorsAre you interested in sponsoring an ITSPmagazine Channel?
Cybersecurity is a central part of every nation's infrastructure – especially when it comes to health care. The availability and free flow of health information is critical to providing care. Unfortunately, patient information isn't just valuable to caregivers, it's also becoming a primary target for criminals across the globe.In this special episode, Chip Kahn moderates a panel of cybersecurity experts, with significant experience in the health care sector, from around the world. The discussion, entitled 'Navigating Today's Cyber Threats for Tomorrow's Healthcare,' was organized by Future of Health, a group made up of thought leaders from hospital systems, academia, policymaking, payers and patient advocacy.Topics discussed include:Current state of cyber defenses today – vulnerabilities, variabilities across the worldGoals of cybercriminals targeting health care entities – money, data, or mayhem Paying ransom – views from different countriesPolitical implications – how to react when cyber breaches become geopolitical events Proper role of governments in cyber defense and attack mitigation – the role of mandates and the threat of penaltiesLasting advice – the one thing health care entities must do to protect themselves.The virtual panel:US: Meredith Griffanti, Senior Managing Director, Global Head of Cybersecurity & Data Privacy Communications, FTI ConsultingUK: Dr. Saif Abed, Director of Cybersecurity Advisory Services, The AbedGraham Group and Cybersecurity Consultant, World Health Organization Singapore: Kim Chuan, Group Chief Information Security Officer, SingHealthIsrael: Alon Rozen, CEO of Elements Group, and former Chief of Staff at the Israeli Ministry of Defense and Director General of the Israeli Homefront Defense MinistryMore: Established in 2018, Future of Health's diverse membership represents the foremost health organizations and thought leaders from hospital systems, academia, policymaking, payers, industry, and patient advocacy. Each year, FOH members address, through discussion and research process, pivotal issues facing health care across the world. From this process FOH develops insights and recommendations disseminating findings through published papers which serve as a blueprint for a common vision for the future of health.
Link to blog post This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Phil Beyer, former CISO, Etsy Thanks to today's episode sponsor, Dropzone.ai Dropzone.ai's AI Autonomous Analyst is transforming cybersecurity as we know it. By replicating the techniques of elite analysts and autonomously investigating every alert, our patented system force multiplies your SOC team by 10X without adding headcount. Experience the future of threat detection and response at dropzone.ai. Request a trial today! All links and the video of this episode can be found on CISO Series.com
In this episode of the Manage-A-Bull Podcast, host Patrick Lageraaen interviews Professor Dominic Sellitto about his background and his course, IT for Managers. Professor Sellitto discusses the importance of IT literacy for MBA students and how his course covers various topics such as digital product management, artificial intelligence, cybersecurity, and more. He emphasizes the value of hands-on experience with technology and the need for students to be open to exploring different areas of IT. Professor Sellitto also discusses the potential uses of AI, including simulations for difficult conversations and interview preparation. Overall, the course aims to provide students with a comprehensive understanding of IT and its role in modern business. While an MBA or MS in Business Analytics degree is not necessary for excelling in an IT role, Professor Sellitto believes that these degrees can accelerate career pathways and provide valuable networking opportunities. He encourages students to trust their gut and make decisions that align with their career goals. To learn more about Professor Sellitto or the MBA program, visit our website management.buffalo.edu Music by BrightestAvenue from Pixabay This episode was recorded in March 2024
Get help with your cybersecurity career here: https://techualconsulting.com/offeringsUnlock the secrets of smartphone security and elevate your tech career with insights from cybersecurity connoisseur Xavier D Johnson. This episode isn't just about bolstering your digital defenses—it's a thrilling escapade through the tech world, from the cutthroat realms of tech job interviews to the vital art of vulnerability research. Xavier, with his wealth of experience and his non-profit initiative buildskill.org, delivers an action-packed narrative that will leave you armed with the knowledge to navigate the industry's ever-evolving challenges.Strap in for a ride through our collective cultural memory lane as we reminisce about the days when skateboarding and fashion collided to shape our entrepreneurial spirits. Xavier and I traverse the landscape of cybersecurity, discussing the ethics of digital asset protection and the financial implications of this rapidly changing field. Get ready for a deep dive into the essence of capture-the-flag competitions and the nuances of cybersecurity from a hands-on perspective, all while emphasizing the power of community and networking that propels careers forward.Rounding off our journey, we probe the evolving interplay between AI and the job market, and how competitive pricing in tech consulting can make or break success. Xavier shines a spotlight on the mission of buildskill.org to advance cybersecurity education and career development, providing a beacon of hope for anyone looking to break into the tech scene. Whether you're a budding tech enthusiast or a veteran in the field, this episode guarantees to equip you with the strategies, stories, and support systems needed to thrive in the dynamic world of technology.Support the showIf you enjoyed the show don't forget to leave us a 5 star review, to help with the algorithm :) Email: henridavis@thetechtualtalk.com➡️ Need coaching help then go here (ask about our financing)⬇️https://techualconsulting.com/offerings➡️ Want to land your first IT Job? Then check out the IT course from Course careers use my link and code Techtual50 to get $50 off your course ⬇️https://account.coursecareers.com/ref/50932/➡️ Need help getting into Cybersecurity for a low price then check out Josh Madakor's Cybersecurity course at Leveld Careers and use my code TechTual10 to get 10%off your course. ⬇️https://www.leveldcareers.com/a/2147530874/RuqjrBGjIf you want a high paying role in the cloud then click here⬇️https://Levelupintech.com/techStop data brokers from exposing your information with Aura!Click the link below to try out Aura's FREE 14 day trial and see if your personal information has been compromised
Today the Dads chat with Cybersecurity Consultant Sarah Hume about her work as an Ethical Hacker! We discuss what things should we all be thinking about when on a device. And don't miss Albert as he tries to create his own internet and look for a portal to the Dark Web! Check it out! Tell a Friend!FOLLOW GUEST: Sarah HumeFOLLOW THE PODCAST:IG: https://www.instagram.com/seriouslydadpod/TW: https://twitter.com/SeriouslyDadPodWebsite: https://droptent.com/podcasts/seriously-dadFOLLOW YOUR HOSTS:Al Davis:https://www.instagram.com/albertdavis_4th/https://www.facebook.com/albert.davis.940641Jay Yoder:https://sites.google.com/view/jay-yoder-comedyhttps://www.instagram.com/jayyodercomedy/https://www.facebook.com/jonathanayoderComedian Neil Wood - Producer:Neil on YT: @IamNeilWoodhttps://www.instagram.com/iamneilwood/https://iamneilwood.com/A DropTent Media Network Podcast - https://droptent.com/
Michael Frew is the Owner and Operator of multiple 7-figure companies and a digital business acquisitions and operations expert. He's formerly a multi million-dollar producer and managed over 200 Consulting Engagements in his career as a Software Architect and Cybersecurity Consultant with corporations including IBM, Microsoft, Amazon, Salesforce, and Mandiant. He received his B.S. and MBA in Business and Economics while studying in China, Hong Kong & The Netherlands, as well as, several post-graduate information security certifications. Having been a successful software developer and consultant for two decades, he pivoted to collaborating with other developers on small side projects to help them gain traction and grow their bootstrapped businesses. This led to a deep-dive into the niche world of digital business M&A. What started with the acquisition of a small Amazon Affiliate site, led to managing a eight-figure portfolio of e-commerce, SaaS, content, and advertising businesses a decade later. In 2023, he was selected by WebStreet to acquire and manage their inaugural SaaS/Software investment fund. Michael's business acquisition insights have been featured in dozens of media outlets like FE International, Indie Hackers, and Empire Flippers. As an author, speaker, and consultant, he is on a mission to free engineers from the disillusionment of traditional employment and educate them on how digital acquisitions can be their next career evolution. *DISCLAIMER - We are not giving any financial advice. Please DYOR* (00:00 - 03:03) Opening Segment - Michael is introduced as the guest Hosts - Michael shares something interesting about himself (03:03 - 25:07) Framework for financing and acquiring online business - Why IT professionals should stop trying to start a business and buy a business instead. - What makes developers, engineers, and other technically experienced professionals excellent online business acquirers and operators. - Why investing ni online companies outperforms other asset classes. - The answers to the top four frequently asked questions about pursuing a career in online business acquisitions. (25:07 - 28:16) Fire Round - Michael shared if she would change his investment strategy - Michael also shares his favorite Finance, real estate book, or any related book - Also Michael shared about the website and tools that he can recommend - Michael's advice to beginner investors - Also shared how he gives back (28:16 - 30:46) Closing Segment -If you want to learn more about the discussion, you can watch the podcast on Wealth Matter's YouTube channel and you can reach out to Alpesh using this link. Check us out at: Facebook: @wealthmatrs IG: @wealthmatrs.ig Tiktok: @wealthmatrs
This week, we were very lucky to chat with our old friend Caston Thomas. Cybersecurity consultant, security visionary, radio host, and all around great human being. Caston dropped some knowledge on getting through the vendor fog and dropped the three things you need to do to be ahead of the game in securing your environment (not click bait, #3 will not shock you, hah). We ended talking about his time on WJR Internet Advisor show and what Foster Braun had meant to him. The movie Bob mentioned: Heart of Stone (2023)
Carlos Rodriguez is CEO & Fractional Chief Information Security Officer - vCISO - Sr. Cybersecurity ConsultantCEO & Fractional Chief Information Security Officer - vCISO - Sr. Cybersecurity Consultant at CA2 Security. He specializes in enabling cyber risk management transformation, balance and simplification. We discuss SMB cybersecurity needs, the direction of the vCISO discipline, and the mission of service. --- Send in a voice message: https://podcasters.spotify.com/pod/show/virtual-ciso-moment/message
Imagine walking into a new job and seeing the dollar signs, only to realize there's so much more to success than just a hefty paycheck. That's the journey Chloe Burton, an esteemed cybersecurity leader, walks us through in this enlightening episode. From her humble beginnings to leading a crucial security transformation project for a global financial client, Chloe offers a unique perspective on climbing the career ladder. But our conversation doesn't stop at the financial leap and technical acumen. We chat about the crucial role soft skills, such as communication and trust, play in the tech industry. We also talk about the value of platforms such as LinkedIn for networking and ongoing personal development. Not to mention, we also delve into the challenges of consulting, the importance of having robust security processes in place, and the transformative role of automation in security frameworks. And if you've ever wondered about the significance of platforms like Splunk in the cybersecurity field, Chloe's got you covered. From landing her first Splunk gig at Accenture to transitioning from analyst to consultant, she generously shares her rich experiences and in-depth insights. Tune in for an intimate look into the realities of making a significant financial leap, navigating the intricacies of the IT field, and more. You really don't want to miss out on Chloe's invaluable insights.Chloe's Linkedin: https://www.linkedin.com/in/chloeaburton/Support the showIf you enjoyed the show don't forget to leave us a 5 star review, to help with the algorithm :) Email: henridavis@thetechtualtalk.com➡️ Need coaching help then go here (ask about our financing)⬇️https://calendly.com/techtuaulconsulting➡️ Want to land your first IT Job? Then check out the IT course from Course careers use my link and code Techtual50 to get $50 off your course ⬇️https://account.coursecareers.com/ref/50932/➡️ Need help getting into Cybersecurity for a low price then check out Josh Madakor's Cybersecurity course at Leveld Careers and use my code TechTual10 to get 10%off your course. ⬇️https://www.leveldcareers.com/a/2147530874/RuqjrBGjLooking for a Cybersecurity bootcamp then check out Springboard.com Cybersecurity bootcamp. It's 6 months long,it has jammed packed projects and cybersecurity course fundamentals and has a money back guarantee if you land a role 6 months upon graduation. Use my link and code techtual to get $1000 off the boot camp price ⬇️https://www.springboard.com/landing/influencer/techtual
Gotham Sharma is a cybersecurity consultant, writer, educator, and stand-up comic. He's on a mission to help folks build successful careers in information security through his latest venture, AccessCyber.co. In his training, Gotham leverages humor to make security awareness and education relatable to audiences of various technical backgrounds. Inspired by satire publications like The Onion, Gotham recently […]
Gotham Sharma is a cybersecurity consultant, writer, educator, and stand-up comic. He's on a mission to help folks build successful careers in information security through his latest venture, AccessCyber.co. In his training, Gotham leverages humor to make security awareness and education relatable to audiences of various technical backgrounds. Inspired by satire publications like The Onion, Gotham recently launched an infosec magazine called Brute Farce Attack, one of the many projects on his growing list of side hustles. In this episode of No Password Required, Gotham joins Carlton Fields's Jack Clabby and KnowBe4's Kayley Melton to share how his life changed after a well-intentioned anti-mentor inspired him. Jack and Kayley discuss IARPA's plan to hack hackers' brains as the agency considers reimagining security with cyberpsychology-informed network defenses. You can connect with Gotham on Twitter here: @GothamJSharma You can learn more about AccessCyber here: https://accesscyber.co/ You can learn more about Brute Farce Attack here: https://www.brutefarceattack.com/
Cybersecurity consultant Michael McCartney on fears of AI will increase risk of cybersecurity
Topping interviews Larry Warren who is a Sr. Cybersecurity Consultant at Deloitte. Learn about Larry's fascinating story from joining the U.S Army and serving all over the globe, to serving in IT military contracting, and becoming a Sr. Cybersecurity Consultant at Deloitte. Topping Talks is Sponsored by Topping Technologies & ExpressVPN. Protect your online privacy https://www.xvuslink.com/?a_fid=toppi... also if your business needs IT assistance you can reach Topping Technologies at sales@toppingtechnologies.com Follow Topping on Twiitter-https://twitter.com/NicTopping
#SecurityConfidential #darkrhinosecurity New Month, New Season! Boyd is a self-taught cybersecurity consultant who helps entry-level IT professionals upskill and land six-figure jobs. He was formerly at American Airlines and is the Co-founder, of Baxter Clewis Cybersecurity. Boyd is the Author of “Corporate Security: Proven Ways to Reduce Cybersecurity Breaches” and a Highly-Respected International Expert and Speaker on Cybersecurity featured on Forbes, NBC, ABC, FOX, and CBS. 00:00 Introduction 01:50 Boyds Beginning 07:00 Avoid playing the victim 10:20 Being Motivated 15:00 Mythbusting: Jumping into Cyber with no experience 17:11 Cyber-hero Rule #25 18:05 Cyber-hero Rule #24 21:02 Cyber-hero Rule #26 21:30 Cyber-hero Rule #1 22:24 Cyber-hero Rule #2 23:33 Cyber-hero Rule #3 25:13 Cyber-hero Rule #4 26:31 Cyber-hero Rule #5 28:17 It's not just about completing the program 30:42 KPIs and Activation points 33:50 PCI and DSS 35:10 If you're complaint does that mean you have significant cybersecurity? 37:02 What should companies be doing to better safeguard the privacy of that information? 40:18 Thoughts on not using a credit card and using PayPal/Android/Apple Pay instead? 41:30 Boyds Book: Proven ways companies can reduce cybersecurity breaches 47:26 Upcoming News for Boyd To learn more about Boyd visit https://www.linkedin.com/in/boydclewis/ https://www.baxterclewis.com/ To learn more about Dark Rhino Security visit https://www.darkrhinosecurity.com SOCIAL MEDIA: Stay connected with us on our social media pages where we'll give you snippets, alerts for new podcasts, and even behind the scenes of our studio! Instagram: https://www.instagram.com/securityconfidential/ Facebook: https://m.facebook.com/Dark-Rhino-Security-Inc-105978998396396/ Twitter: https://twitter.com/darkrhinosec LinkedIn: https://www.linkedin.com/company/dark-rhino-security Youtube: https://www.youtube.com/channel/UCs6R-jX06_TDlFrnv-uyy0w/videos
http://convocourses.com All right. I'm testing a new platform called stream yard, and this is convocourse's podcast. I'm gonna do about, I don't know, 20, 30 minutes to test this out and also to inform you guys of a career move I recently made. I haven't really talked about this. But about three months ago I was working as a cybersecurity consultant and that's much different from an information system, security officer. So in the past, Three four months. I made a big Mo well, not really a big move. I I've, it's not a big move for me. I've done both jobs before, but all I want to do is compare the two kind of give you an idea of what the differences are between cyber security consultant. And what I'm going to be doing with information system security officer work, and what's the daily life of both of those things. How do they compare and give you an idea of which one you should choose before I start, you should know that I own a site called combo courses where I teach cyber security compliance and how to get in this field as a cyber security person. I've been doing this for 20 years, doing cyber security in all forms of security, as well as some it information technology stuff like being a system admin or network. Administrators, stuff like that. I've done a little bit of all that stuff. But my specialty is really in security compliance. And so that's what I teach people to do. And. People ask me on YouTube, on, on TikTok questions. And I'll just go ahead and answer them and by the way, if you have any questions during this feel free to ask them and I'll do my best to answer. them sometimes we have such a great community that they'll actually answer the questions on my behalf. There're things I don't know. So, somebody, some other subject matter expert will jump in and then answer those questions and. My favorite times on this, on convo courses, because that's what convo courses in my mind is all about is about the community and us coming together, figuring things out. Okay. So, I wanted to tell you recently I made a huge move. I was working at a major telecommunications company that does cybersecurity on the side. They have a branch that does cybersecurity and I did it because it was a great opportunity. One of my former coworkers. Gave me a they referred me and brought me into the company. It was a great company. They had great benefits. It was some of the best benefits I've had outside the military. It was decent pay and the only, probably bad thing was that there was a lot of travel and that eventually was the thing that got me out of there. And it was stressful too. And I was how having too many personal issues that happened at that at the time that I was working there, I worked for there for about two and a half, three years, and I was doing cyber security consulting for them. So, what we would do is we would. We bring our expertise to smaller companies. We go to, and it's a lot of companies and banks and hospitals and healthcare industries that you probably use to be honest with you. that? I Some of I was surprised were like, damn, I use this. We're doing security compliance for them. And the security compliance it wasn't just security compliance. It was basically, we would do a bunch of We would do a bunch of risk assessments and those risk assessments would be things like be we had 15… different risk assessments. So, 12, 12 to 15 different risk assessments, depending on what they chose. So we would do things like physical security assessments we would do. Of course, network security assessments. There was like three of those. We did cloud-based security assessments. We did… We did wireless security assessments. We take all of those and we would give them an overall view of what their security looks like. And then we would prioritize where their major risks were. And then we would talk to the sea level or director or upper-level management to say, hey, this is where you should focus your energy because this is where we see the most risk. And the purpose of that was to reduce their. Their security any kind of vulnerabilities they have, and they can focus all their time, money, and energy and resources to that highest level of risk in their organization. That's what I was doing. And it wasn't too bad. I actually liked it. I fit right in over there. The only I, we would do these reports, which were really easy for me, the. Challenging thing I found was sometimes the clients were a bit difficult to work with and it wasn't that they didn't know what they were doing or something like that. It was just very high strung because cybersecurity. It could be very stressful because you're dealing with you. If you have a vulnerability, a major vulnerability and you have to take that to the C CEO and say, Hey, we have. We have a bunch of legacy systems that are in this area here, there's a lot of stress because you don't want to be the person that to, to barer of bad news, and we'd find those things and we'd say, Hey. You have this stuff going on. And there was just a lot of stress with that. That's probably the hardest part of the whole thing. The travel wouldn't have been a big deal if I hadn't had so many personal issues happening with my family, kids and everything that just all happened at once. So, I had to unfortunately had to leave because I actually really loved the people and everything. What did my daily life look like? We were mostly going off east coast time for me, because that's where most of my clients were. They'd give us like two or three clients. And then you would work directly with them. So, most of your day was coordinating. The scans and the assessments that you'd have to do, if you had to go to their site, you'd have to coordinate that. And they expect you to go do that on your own. It was very self-directed where it's you have the client, like you'd run the meetings with them. You'd coordinate when you're going to go there. You'd coordinate how many hours or how much time it would take to get there and who you're gonna meet and all of that stuff you'd have to do. And then the scans, we had a, like a separate scan team. We'd work with the scan team. We'd work with the program. Managers we'd work with them and we'd put together this report to deliver. On a quarterly basis and sometimes annually, it depends on what kind of assessment it was. Because obviously you wouldn't do like a physical assessment every quarter. Because I didn't, that wouldn't really make any sense because it stuff doesn't change. But anyway, so that's what we would do. It is mostly meetings and coordination and doing scans and reviewing the scans and then writing reports that's your, that was your whole day as a cybersecurity consultant at this organization. I was with where. The main thing we did was deliver these reports and we would do really, most of it was risk assessment type stuff. And I was very familiar with that because in the department of defense, we do a lot of security assessments and stuff. So that's very different from where my main core specialties are, which is security compliance. We would dabble a little bit in security compliance like every now and then. We I would help them do like a PCI compliant PCI audit or something like that or we'd say, okay here's how you, your system would fit into eight NIST 800 or here's how your system would fit into CIS controls. You do a little bit of that, but that wasn't really what we're, that would, it was separate from what we were doing was mostly risk assessment type stuff. So seeing where their risks are and determining that. Now that brings us to the next thing, which is information system security officer. So information system security officer is more in compliance. It, the compliance space, security compliance and security compliance is making sure an organization is lined up with regulations, laws, industry standards. That doesn't have to be the federal government, which is mostly what I work with. It can be with hospitals have a certain standard that they're supposed to meet. One of which is called HIPAA, where they have to make sure that they're protecting their patient's healthcare information and their digital records for the healthcare and stuff like that. Another example of industry standards would be PCI compliance. That's protection of. Of credit cards. So whenever you are at a store and you're using your credit cards, they're supposed to have a separate network for those point of sale devices. So that doesn't touch, say the wifi that's in the that's for the staff or for guest to log in. So that has to be a separate protected network so that the credit card data has its has, is protected. So separate from your. Other networks. That's just one of the things you have to do. Another things you have to do for PCI compliance is have the adequate documentation for the security of the system. Like making sure that net, we have network diagrams and making sure you have asset and inventory of all the assets, things like that. Those are all the types of things that you would have to do for PCI. And that's, those are just two examples, but you've got CIS compliance. You've got. ISO 27,001 compliance. You got many different countries have their own security compliance and different industries like have their own compliance. So my, my specialty is in NIST 800. Security compliance NIST 800 is what the federal government has created and adopted as the main source of security controls. Sec security controls is a set of security features that protect the organization's. Primary assets. That means like your main server that has all the social security numbers on it. Your main server that has all the secret secret data on it, the main server that's holding all the maps of different parts of the world. Those, that's what you call an asset. So those are just some of the examples of, and those are some of the difference. Now, one of the things that, what the daily, what it looks like from on a day to day basis for an is. Just to compare this versus versus the consulting I was doing. So it's also a lot of meetings. Security is a lot of coordination. Cyber security is a lot of coordination with different organiz because you're having to meet. Different subject matter experts like you, you're not necessarily the person who's locking down the, those, that windows server. That's gonna be a server type person. That's gonna be a person like a system admin who specializes in Linux, red hat, network, administration and windows 2019. Active directory servers so you are gonna coordinate with them. So in ISSO, that's what they do. They're coordinating with these different, the firewall guy, the the privacy person. They're coordinating with all these different people to make sure that the organization has a certain level of. So it is a lot of meetings. It's a lot of meetings with a lot of different people, and that's probably the main difference between the meetings. Like an ISSO is gonna have a meeting with all kinds of people throughout the organization. One organization, whereas a consultant is gonna have a meeting with just a few people at different organizations like me. I had three or four clients at a, any given time and I would have to coordinate with the there's like a main point of contact. I would talk to big two or three main points of contact and every now and then I'd meet like a C level exec, but I was talking to three or four different organizations. Whereas an ISSO is talking maybe one organization and there might be other sub organizations, but they're all one you're talking about many people in that organization. So you're going really deep in, in all of the details and stuff and making sure that all the securities is is in place. Now it wasn't, it's not like an enforcement role. Typically you are more like a news reporter. What I mean by that is a lot of people think that you're the police and you're gonna come and busting down doors and say, Hey, this, we gotta secure this server. That's not really your job. Like you might point things out, but the person who has to be the enforcer is gonna be the management, because they're the ones, things come down from management. So they have to be the ones to enforce that stuff. Now if you happen to be the voice piece, the mouthpiece to tell them, Hey, the CEO just said. You're just a reporter. You're just reporting to them. Hey, this is what happened. We have to obey what is going on with this organization's policies. Here's what we have to do. So that's the main differences between a security consultant and information system, security officer. The reason why I quit my job as. A consultant and went over to, and now I'm going to back to information to security officers has more to do with. Not the work per se. It was, it is more like the travel, like the organization I was at was paid really good, had great. One of the best benefit packages I've ever had, but it was too much travel and I had too much stuff going on. And I had too many clients, it was getting a little stressful plus I had family stuff I had to deal with. So that's the reason why I transitioned over. And now I'm going to somewhere where it's a little bit more It's gonna be a better fit for me and my new family situation. So that's what's going on. Okay. I've got some questions here. Let me see for Mike. Thanks Mike, for your question. I really appreciate that. And Mike says he says quick question the ISSM role coming from being an ISSO. What is what's your suggestion? Quick question is S. A ism role coming from, are you gonna be doing an ISSM role from being an is O I'm assuming that's what you mean? So you were an ISSO and now you're about to be an ISS O sorry. You were an is O you're about to be an ISSM that's I'm trying to interpret your questionnaire. Any suggestions. Yeah. So the biggest difference between these two roles is that one is a manager information systems, creating manager. You're gonna have more of you're gonna have even more meetings. I'm just gonna tell you like the differences. So an ISSO is more like they, they both have a lot of meetings, but an ISSOs has to be more in the weeds because ISSO has to be able to say, give an example of an issue. A vulnerability comes down the vulnerability. Is let's make something up. A vulnerability is a zero day exploit on windows 2019 or something. And now the ISSO gets wind into this and that comes from the vulnerability team. Now they have to meet directly with the vulnerability team to figure out what's going on with this thing. And they might have to spend some time researching what the zero day exploit is. What's the criticality of it. Like how quickly do we need to fix this thing? They have to be in the weed. So they have to go probably go to the CVE. CVEs and then figure out what type of what this affects. And they have to probably look at a list of every, all the systems that this is going to touch. And how quickly can we fix this? So there. And if so is more in the weeds in that they have to know what is going on in a, on a technical level, they have to get more in the weeds and be more technical if you get what I mean. They might not have to touch the system. A lot of times, they're not the ones implementing the security controls, but they're coordinating with the people who have to implement those security controls. Compared to that, to an information system, security manager, their meetings are more with upper level people. So they're dealing with stuff that's more broad and stuff. That's touching the entire organization and making sure you have enough making sure the security team has all the resources in that they need all the time and resources that they need to do their work. So your. Gonna have the same amount of meetings or more, but they're gonna be with upper level management from. Fields like you're gonna be talking to the it manager, the information technology manager who, whom the network manager, the network engineering manager. You're gonna be talk, coordinate with them. And you guys are gonna be talking about like resources. How many resources do we have to do this work? Okay. We just had this zero date on windows, 2019. Do you guys have the resources and time to do this? How much time do you guys need to actually get this? So you're talking about like on a broader scale, how do we manage the resources that our team needs to get this job done? And can we get it done and effectively in a reasonable amount of time? And you're trying to, your main job is managing expectations to upper level management, the C level execs, the directors and all that stuff, managing their expectation. That is your main job, as well as taking care of the people who are. You work for the ISSOs like your job is working for the, ISSOs managing the expectations of upper level management. So you're still in cyber security, but it's more of a management. You're not in the weeds. You're not having you. You'll never, you're not ever touching any technology. Whereas in ISSO they might have to touch something at some point like, and so they might have to touch the EMA system where they're inputting information there, they might have to mess around with creating. They might have to create a security policy, might help create the security policy review, the security policy. They might look at audit logs. They might. Help enable audit logs. They might be the person who's doing threat detection and stuff. The managers, they're not doing that kind of stuff. They're working on resources for the information system, security officers. So it's a great move because it is is SMS are ma are legit managers. And so they're paid typically paid a lot more. They're paid more. And if you. If you're a first time manager, you'll get, you should get a pay bump. But if you have been doing a management for a while, you get a significant pay bump, like if you've been doing it for a year or two, then you'll be able to like, if forever you move or. Those are the guys who eventually become directors. That's the path directly to directors and see C level execs and things like that who gets paid a lot of money. So that's really good. That's a really good move. If that's the case, if that's what you're doing, then that's awesome, man. And Mike says got it. ISSOs ISSO I worked with EAs and C C Sam and tenable. Yep. Tenable NEIS and all that kind of stuff. That's right. Exactly. You got it. They're more hands on and touching stuff. Whereas managers, they're not, they're gonna ask about, Hey, you have access to eMASS. Okay, cool. Great. They might look in there since, okay. Let's make sure that the system security plan is there. All right. And any problems with the system security plan. Okay, good. There's no problems. Let's go or, Hey Does the new guy have access to EASs. Does the new guy have access to tenable? Okay, cool. Or let me help out. Make sure that we have, let me coordinate with the person who controls access to tenable to make sure the new guy has it. Okay. The new guy we just have some people leave. Let's make sure that person is not, no longer has access to eMASS or tenable stuff like that. That's the manager. They're not like putting things. Into EASs or running the scans necessarily. Sometimes I've been with some managers who did do that kind of stuff, but it was because they wanted to do it. And they were very sharp, very technical, and they wanted to do it and they, but they te they totally didn't have to. And they had other things to do by the way. All right. Let me shift gears. If you guys have any questions, go ahead and feel free to, to ask me any questions. I'm testing out this new platform. That's why it all looks a little bit different. So if you want, have any questions whatsoever, feel free to ask me in the meantime, let me show you that I have a book out called R MF is O where walks you through it's a bird's eye view of what NIST 800 is all. And it's very quick, and this is actually the audio version, which is only like one hour long. And then also I've got a deeper dive into the NIST 800 security controls, but I'm not hitting every single control. What I do is I hit the families and give you a practical understanding of what the families are and how you navigate those. And interpretation of the families of controls. And I focus from an ISSOs perspective. What parts of that family do you really need to know? That's the kind of stuff that I'm focusing on. And another thing you guys should know, if you didn't know already is I have a podcast here. It is right here. The podcast is, I'm doing the podcast right now. So this the type of stuff that you hear me talk about here is the kind of stuff that I actually is gonna be on the odd. But this, the difference is on a podcast, you could just be in your car, on your commute and listen to it, or when you're cleaning or something like that, you can actually just listen to it. Listen to our conversation as we're, as you're doing your thing. So, that's the good thing about doing a podcast? I actually really like podcasts. I'm listening to one right now, learning a new language. And I really like it. Okay. Let me see. There's another question here from Mike. He says, can I book you for a consultant for my ISSO role ISSO role you know what I'm actually in the middle of a couple of other consultations, you can email me feel free to email me and I'll see if I can find some. For you, I'm not saying no, but let me see what I can do. Here's my I'm gonna send you my contact. My contact is scrolling across the bottom. There is contact@convocourses.com. If you're interested in getting some kind of consulting and stuff like that, I'm I'm getting back into the work field. I'm not gonna be able to do as much consulting as I was doing before. Because my hours are gonna get tapped, but Hey, who knows? Like maybe we can do it before I actually start my job right now. I'm going through the background. The background investigation process. Okay. I got another questions from. Mr. Fernandez. He says, so I'm getting my bachelor's degree in, in cyber security in December, I'm currently working on physical in wor working in physical security for government contracting. So I'm dealing with classified documents and D O D things will. Will I be able to, okay, let me see the next rest of this question to get an entry level is ISS O I think you mean ISS O job in your opinion, yes or no. Okay. So L Ludwig let me give you an example and I hope that my example can give you an idea. First of all, short answer is yes. Okay. I know this because I actually start off in physical security myself. So I was a. Security forces member in the air force. And basically what I was really, I was a weapon expert. Like I don't even know if they have that, that it was called 3P0X1. That was my AFSC. It's a specialty code that they have had in the military at that time. I don't know if they I've been following it, but basically what I did was I was a weapon specialist and. I guarded planes. I guarded if the president came in to our base or whatever, I'd do that, I'd be on that detail. Not much personnel security, to be honest, it was mostly garden resources. And then I also did some law enforcement. So I knew a lot about the UCMJ use of force, all that kind of weapons, training, combat training, all that work with the army and the Marines and all branches and different countries. Security people, but it was mostly physical security and I trans we call it cross train. I cross trained from physical security to cyber security. There's a lot of crossover. I was surprised to, to learn that. Some I'll just tell you a few things that are gonna help you going from physical security over into cyber security into it in general. Number one you are, you're gonna have a very sound understanding of security overall because it's not really that much. When you get into cyber security, it's just a lot of more layers and there's, it's more complex because you got defense in depth. Physical security still applies in cyber security, which is crazy. But when you think about it's common sense, if anybody can touch a system, then they own it. You can own a system. You can take the hard drive out, put it in another device you can use password crackers you could use. Oh man, you, you could do forensics tools on it and then extract all the bits on it and figure out what people try to delete is that as a matter of fact, that's what forensics is all about. And speaking of forensics some of the laws that pertain to, to you, like when you're talking about chain of custody, when you're talking about Making sure that things that, that things aren't tampered with during the investigations, all those things apply. So some of the laws still apply. What else applies, man? Physical security checks, physical security assessments is it's. The concept is similar and actually is still used in cyber security. You has to still do physical security to make sure that the facility and the room that the information system resides in is protected so that all that stuff still applies. So it is gonna help you out. And then the main thing is that if you dealt with classified documentation before, and if you have a security clearance, all of that will also help you. To get an entry level job in cyber security. And if specifically, in information to security officer, but any kind of entry level position, because you have a security clearance, if you have one that helps. A lot of people confuse like security. They think that if you're in cyber security, you have to have a security clearance. No that's not the case. Two different things. The security, they should just call it a clearance. It's very confusing. A clearance just does a background check on you to make sure that you are trustworthy to make sure that you don't have any criminal background that might that might. Cause a conflict of interest where you're working like a bank doesn't want somebody who robbed the bank. You know what I mean? It's stuff like that. A hospital probably doesn't want somebody who had malpractice it's stuff. Like they don't, there's certain criminal things that not to say that you if you had some kind of. You had a case on you in the past that you couldn't work in cyber security? It's not what they're saying. It's basically, there's certain things that cause a conflict of interest. So I have to do a background check on you to make sure that there's nothing that might allow you to be exploited. Or something that deems you as untrustworthy to do that particular job. So if you have a clearance that really helps out a lot if you've handled classified information before that actually helps you quite a bit as well, because some people don't have any experience with that and they don't know how that world works, but you knowing that, how that world works, that helps you quite a bit. The main thing that you need to focus on now is technical. Because me going from physical security over to cyber security, that was the biggest challenge is learning all the terminology, learning information, technology, learning how computer works learning how Ram CPU and storage all works together. Learning how to protect those components of information system. Those are the main things, all the layers and the minutia of learning networks, how to networks work how you protect those networks, stuff like that. Porch protocols, and services. Those are the things that you need to be really focusing your mind on the security stuff will come very naturally to you. So the answer to your question is, yes, it will help you to get an entry level job when you get your, that bachelor's degree. Only thing I would recommend that you do while you're in school. And this is what I tell everybody is try to get experience. If you. Hands on technical experience, if you can. That means if you're whatever college you're going to, or if you happen to be in the military or wherever, whatever, wherever you're at, try to get hands on. If you see the, we call them work group managers, fixing a computer, ask if you can help them out. If you can, if they will allow you to help them to fix that computer, whether it's update and virus, definitions, updating the security patches, whatever it is like even the simplest thing possible, even if it's putting the router in and plugging it in or whatever, you'll be able to put that on your resume. And the experience is what they really wanna see a degree is great. Certifications are great, but the experience is what they really wanna see. Another thing is I would highly recommend that you, if you can, if you have the time, if you have the cycles to do it, some people do not is to get a certification while you're working on your degree. Degree takes a pretty long time. And sometimes the degree helps you to get the degree. If they, if you're college or wherever you're going to has a degree, a certification program, I will go ahead and take it. It's not a waste of your time, especially if you get the comp Tia, any of the comp Tia ones. If you get any kind of cloud certification, if you get any kind of networking certifications, those are all gonna help you out a bit, a lot on your resume. So I hope that answers your question. Okay. I've got another question here. It says Mr. Fernandez says and I'm a security plus certified I'm security plus certified, but I don't have the most experience with physical hardware. Okay. Yeah. Yeah, that's what I'm saying is go ahead and get as much. Experiences you can with any aspect of information technology. And at this point, since you're new, anything will help you out. Like whether it's help desk type stuff, whether you're Updating, like I said, virus, signatures, whether I, the reason why I keep bringing those up, because those are the simplest things that kind of come up constantly over time. Like you've probably done it before you just don't it's something we do often so often that we don't even think about it, but that is something you can literally put on your resume. You just need to know how to articul. Speaking of articulation, just to do a little transition here. I'm working on a book right now, a new book. That's gonna tell you how to actually break down a resume. How to, I have a course on this already. So if you're interested I'm not trying to cram anything down anybody's throat or anything, but I'm working on a book. That's a lot cheaper that. It'll be about 20 bucks or something like that. It'll have downloadable templates. It's essentially this right here. This course right here is something I've been using for a long time. And because of this, I haven't been without a job. I, this thing works like this process that I've been doing, basically, all I did was to say, okay, how am I getting all these jobs? I literally get like 10 offers a day between LinkedIn. Messages on LinkedIn emails calls I'm literally getting anywhere from, it's not as much as it used to be before COVID and now we have some kind of a downturn in the economy. So it's not as many as it used to be, but it's at least six messages a day. I get for different jobs and I'm just constantly getting undated with these opportunities. And so all I did was I condensed exactly how I'm able to do this into. Into a course. And I'm gonna make this into a book that tells you how to articulate your, any kind of. Security, cyber security experience into a workable template that is marketable to employers. So that is what I'm doing and it's coming, I'm working on it. I actually finished the first draft. I'm getting it edited right now. As we speak the first, book's gonna be a three, the four books series where I'm gonna break down. Not only how to market your resume and not only how to create the resume, not only a template so that you can use my mys as a sample and other people's resume as a sample. But I'm also what I'm gonna do is expand it out into other books that tells you how to get remote jobs. Because people ask me about that a lot and I'm gonna do one where it's talking about the different categories of cyber security, because that's something I've found. People, the questions that they ask, I can tell they don't really know that there's different aspects of cybersecurity. So that is what I'm doing. Mike says, I bought this course from you. You need to update it. Oh, okay. Yes, updates are on the way. I'm working on a whole bunch of stuff right now. So that's when I'm not on these calls that's what I'm. Okay. If there's no more questions, guys, I'm going to, I'm gonna call it quits for the day and I'll see you guys next time. See you on the next one. Thanks for thanks for jumping on this one. Thanks Mike. For all your questions. Appreciate it. Appreciate all the questions and and thanks, Mike. Thanks for the update, Mike. I will get on that. I appreciate you later.
在印度和香港長大的Rayaan Ansari先生:網絡安全顧問,美國計算機科學本科和英國信息安全碩士畢業生Mr Rayaan Ansari: Cybersecurity Consultant, studied Computer Science Undergrad in the US and Information Security Masters in the UK, grew up in India and HKInterviewer 採訪者: Riya Didwania
Today on The Jeff Crilley Show, Jeff sits down with Andrew Sternke, Private Investigator & Cybersecurity Consultant with Juris Investigations.
In this latest episode of Let's Talk About SecurIT Philip and Jerry Diedrichs, discuss an amazing journey, from Director of IT for a City to setting direction for Ingram Micro Cybersecurity. You will also hear some powerful insights into, insider threat technology, zero trust, leveraging product knowledge, and much more...
This episode discusses the Cybersecurity Maturity Model Certification (CMMC), which lays out the cybersecurity standards required of government contractors. Guest Dave Grey, Cybersecurity Consultant with Torres Trade Advisory, joins Olga Torres to discuss what the CMMC requires, who it covers, and what all businesses can do to keep their and their customers' data safe.
In our third Expert Insights update for 2022, Cybersecurity Consultant, David Gittens shares his thoughts on, among other things: key trends in the current threat landscape; the Conti ransomware and what Caribbean countries can learn from the Costa Rican experience; what does Ransomware-as-a-Service (RaaS) mean; and the top three things businesses should be doing in 2022 to improve their network/IT security. The episode, show notes and links to some of the things mentioned during the episode can be found at ICT Pulse Podcast Page (www.ict-pulse.com/category/podcast/) Do subscribe and leave us a review! Music credit: The Last Word (Oui Ma Chérie), by Andy Narrell Podcast editing support: Mayra Bonilla Lopez
In this episode of The Techtual Talk, Kennith Ellington joins the show. He gives us a detailed story of him working at Publix, getting his first internship with Publix, breaking into tech, and getting the bag for consulting with EY. He also discusses his new business, that will allow you to learn the fundamentals of Splunk engineering, for a great price.Join the patreon: https://patreon.com/techtualchatterCheck out the youtube channel: https://youtube.com/techtualchatterGrab my ebook: https://techtualconsulting.com/digitalproductsCheck out my resume services: https://techualconsulting.com/offeringsFollow me on the rest of my socials: https://techtualconsulting.start.page/Support the show
Episode Topic: The Working LifeMeghan Sullivan and Paul Blaschko, Notre Dame philosophy professors and co-authors of the newly released book The Good Life Method, invite you to continue the thoughtful, timely conversation about approaching the search for purpose in our work through the timeless lens of philosophy as self-care. We will share ways to shift our mindsets and think critically about the future as we dive headfirst into the promise of a new year.Featured Speakers: Ryan Cook, Alumnus, University of Notre Dame; Cybersecurity Consultant, EYPaul Blaschko, Assistant Teaching Professor in the Philosophy Department, University of Notre DameMeghan Sullivan, Wilsey Family Collegiate Professor of Philosophy, University of Notre DameRead this episode's recap over on the University of Notre Dame's open online learning community platform, ThinkND: go.nd.edu/a8f566.This podcast is a part of The Big Questions ThinkND Series titled “The Good Life Method”.
In today's day and age, celebrating festivities like Hari Raya must be done safely, online and offline. Ibrahim Sani speaks with Cybersecurity Consultant, Razwan Mokhtar on this, and more.
How to become a cybersecurity consultant with Gabe A of Struggle Security Struggle Security Youtube Channel: https://www.youtube.com/channel/UCLy6AfVspnVqcR_el6aKIcQ Gabe's LinkedIn: https://www.linkedin.com/in/gabrielagboruche/ Join the Patreon: https://patreon.com/techtualchatter Grab my ebook: https://techualconsulting.com/digitalproducts Use Riverside.FM to record your podcast: https://riverside.fm/?utm_campaign=campaign_1&utm_medium=affiliate&utm_source=rewardful&via=thetechtualtalk Check out the TechTual Talk Podcast: https://thetechtualtalk.com--- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/appSupport the show
Host: Jon *** I am an active duty Marine, and any opinion expressed on this show is my own and is not military regulation or policy. *** Talk About The Episode: Ron Woerner USAF, 1990 – 1995 Military: Geospatial Intelligence. Current: Cybersecurity Consultant, Cyber-AAA, LLC Associate Professor, Bellevue University Talk With The Guest: He has been in “IT” since I was in middle school. Here's a video of me talking about the first computer I used: https://youtu.be/7e7w0dRSP_g His favorite subject: Leadership and influence. Social Engineering / Human Hacking. What helped him get where he is today: Leadership skills. How to present and think on my feet. Advice for military members: Keep studying. Find your passion. Find and be a mentor. Closing: Ron Woerner, President Cyber-AAA ronw@cyber-aaa.com VetSec VetSec Website You can contact the show by sending an email to thebunkhousecast@outlook.com. Follow on Twitter with @BunkhouseCast Follow on Facebook with @BunkhouseCast I created this podcast using version 3.0.3 of Audacity(R) recording and editing software[1]. [1] Audacity® software is copyright © 1999-2021 Audacity Team. Web site: https://audacityteam.org/. It is free software distributed under the terms of the GNU General Public License. The name Audacity® is a registered trademark.
วันนี้จะขอสัมภาษณ์เพื่อนสนิทที่ญี่ปุ่น เป็นสาว Cybersecurity consultant/engineer สามารถดูคำศัพท์ได้ที่ https://sanshirojournal.com/hjp-s2-243/
Work plays a deeply important role in our lives. Finding good work — which, for many of us, means getting a meaningful job that we care deeply about — can seem like the crucial factor in determining whether your life goes well or poorly, and whether you end up happy and fulfilled or miserable and empty. But things aren't nearly so simple. Meghan Sullivan and Paul Blaschko, Notre Dame philosophy professors and co-authors of the newly released book The Good Life Method, invite you to continue the thoughtful, timely conversation about approaching the search for purpose in our work through the timeless lens of philosophy as self-care. We will share ways to shift our mindsets and think critically about the future as we dive headfirst into the promise of a new year.Featured Speakers: Ryan Cook, Alumnus, University of Notre Dame; Cybersecurity Consultant, EYPaul Blaschko, Assistant Teaching Professor in the Philosophy Department, University of Notre DameMeghan Sullivan, Wilsey Family Collegiate Professor of Philosophy, University of Notre DameRead this episode's recap over on the University of Notre Dame's open online learning community platform, ThinkND: go.nd.edu/a555d8.This podcast is a part of The Big Questions ThinkND Series titled “The Good Life Method”.
Episode Topic: God and The Good LifeMeghan Sullivan and Paul Blaschko, Notre Dame philosophy professors and co-authors of the newly released book The Good Life Method, invite you to join a thoughtful, timely conversation about God and the Good Life. How do we approach leaps of faith, struggles with suffering, contemplations of our purpose, reflections on death and the big questions we wonder about God? The lens of classical philosophy provides the roadmap.Featured Speakers: Ryan Cook, Alumnus, University of Notre Dame; Cybersecurity Consultant, EYPaul Blaschko, Assistant Teaching Professor in the Philosophy Department, University of Notre DameMeghan Sullivan, Wilsey Family Collegiate Professor of Philosophy, University of Notre DameRead this episode's recap over on the University of Notre Dame's open online learning community platform, ThinkND: go.nd.edu/0f5fb4.This podcast is a part of The Big Questions ThinkND Series titled “The Good Life Method”.
Episode Topic: The Good LifeListen to the discussion recorded on Friday, January 28, 2022 with Ryan Cook, EY, and special guests, Paul Blaschko, Assistant Teaching Professor in the Philosophy Department, University of Notre Dame and Meghan Sullivan, Wilsey Family Collegiate Professor of Philosophy, University of Notre Dame. Register to receive information about how to join future live events. Meghan Sullivan and Paul Blaschko, Notre Dame philosophy professors and co-authors of the newly released book The Good Life Method, invite you to join a thoughtful, timely conversation about approaching the new year through the timeless lens of philosophy as self-care.Featured Speakers: Ryan Cook, Alumnus, University of Notre Dame; Cybersecurity Consultant, EYPaul Blaschko, Assistant Teaching Professor in the Philosophy Department, University of Notre DameMeghan Sullivan, Wilsey Family Collegiate Professor of Philosophy, University of Notre DameRead this episode's recap over on the University of Notre Dame's open online learning community platform, ThinkND: go.nd.edu/4971b4.This podcast is a part of The Big Questions ThinkND Series titled “The Good Life Method”.
Dr. Eric Cole has a life story that sounds like it should be a movie. He starts out cutting his teeth on cybersecurity for the CIA, when he, get this, decides Cyber Offense is boring since there is always a way to break in. He goes on to become Sr VP and CTO of McAfee, Chief Scientist at Lockheed Martin and even consults on Cyber Security for Bill and Melinda Gates and family as well as many fortune 500 companies. Join us as we discuss his amazing career, when is the right time to make a move professionally, cyber hygiene, his experience in the CIA, and of course what it's like working with Bill and Melinda Gates. He has a new book out called Cyber Crisis, which is all about protecting your business from Real Threats in the Virtual World. I greatly enjoyed reading it, as well as hosting him on this episode of Supporting IT Support. Continue the conversation and join our online experts community of IT professionals at www.tabgeeks.com You can also find me on Twitter @MrJNowlin Subscribe to our other amazing tabGeeks podcast discussing and analyzing Google Workspace updates at workspacerecap.com and stay tuned for other amazing tech content from the tabGeeks Network coming soon! Learn more at tabgeeks.com Thank you to our sponsor for this episode Paladin Tech Solutions. Thank you for helping us keep these shows free and available to all! --- Send in a voice message: https://anchor.fm/tabgeeks/message
In June 2021, the GFCE and the World Bank came together to identify pathways to bridge the development community to the cybersecurity capacity building community and create mechanisms by which digital development could see the benefits of incorporating cyber security into their projects and initiatives to achieve more resilient outcomes. This report, Integrating Cyber Security into the Digital Development Agenda, highlights some of the key challenges and benefits of incorporating cybersecurity, digital resilience, and cyber capacity building into the broader development agenda. The report also features several best practices and bridging venues and activities that could facilitate tighter alignment and collaboration between the digital development and cybersecurity capacity building communities and among initiative donors and implementors.https://thegfce.org/wp-content/uploads/2021/11/Integrating-Cybersecurity-into-Digital-Development_compressed.pdf About the speaker: Melissa Hathaway is globally recognized as a thought leader in the fields of cybersecurity and digital risk management and has relationships with thehighest levels of governments and international institutions. She served in two U.S. presidential administrations, spearheading the Cyberspace Policy Review for President Barack Obama and leading the Comprehensive National Cybersecurity Initiative (CNCI) for President George W. Bush. As President of Hathaway Global Strategies, Melissa brings a unique combination of policy and technical expertise, as well as board room experience that allows her to help clients better understand the inter-section of government policy, developing technological and industry trends, and economic drivers that impact acquisition and business development strategies. Ms. Hathaway has a B.A. degree from The American University in Washington, D.C. She has completed graduate studies in international economics and technology transfer policy, and is a graduate of the US Armed Forces Staff College, with a special certificate in Information Operations. She publishes regularly on cybersecurity matters affecting companies and countries; these articles can be found here: https://www.belfercenter.org/person/melissa-hathaway Francesca Spidalieri is a Cybersecurity Consultant for Hathaway Global Strategies and an Adjunct Professor for Cyber Policy at the University of Maryland's School of Public Policy and at Salve Regina University. She is also the co-principal investigator for the Cyber Readiness Index 2.0 project at the Potomac Institute for Policy Studies, and the Senior Fellow for Cyber Leadership at the Pell Center for International Relations and Public Policy. In addition, Francesca serves as a cybersecurity subject-matter expert for the World Bank, the UN International Telecommunications Union, the Global Forum on Cyber Expertise, the EU CyberNet, and other research institutes in Europe and the U.S. Her academic research and publications have focused on cyber leadership development, cyber risk management, digital transformation, and national cyber preparedness and resilience. Francesca holds an M.A. in International Affairs and Security Studies from The Fletcher School at Tufts University, a B.A. in Political Science and International Relations from the University of Milan, and has completed additional cybersecurity coursework at the U.S. Naval War College's Center for Cyber Conflict Studies. She lectures regularly at cyber-related events in the U.S. and Europe and contributes to journal articles and other publications on cyber policy matters affecting countries and organizations worldwide.
In this episode I sit down with Lloyd Guyot, Mike Peterson and Steve Barnes to discuss the state of cybersecurity in 2021. Lloyd is a Client Solutions Advisor for Optiv, Mike is a Cybersecurity Consultant for Cadre and Steve is a Systems Engineer for Fortinet.Talking Points:How do we secure the new hybrid workforce?Is SASE where is needs to be going into 2022?Do you think there is ransomware fatigue?How is Social Engineering just security marketing hype?We cover a veritable cornucopia of security topics for your listening pleasure! Episode Sponsor:This episode is sponsored by Fortinet. Fortinet is a leader in the Gartner® Magic Quadrant™ for Network Firewalls and moving towards a Zero Trust Access future. Fortinet is based out of Sunnyvale, California.
Marjolaine Lombard, Cybersecurity Consultant, Atos and Allan McLennan, Head of Media and Entertainment, Atos in North America, discuss how changes to the media landscape over the past couple of years have exponentially increased the cyber threat level facing broadcasters. Each then offer actions stations can take to mitigate these security threats and enhance their security posture.
Marylyn Harris, RN, MSN, MBA is a Cybersecurity Consultant, Speaker, Writer and Social Entrepreneur. Harris is a decorated (former) U.S. Army Nurse and Gulf War Veteran. She was honorably discharged from the U.S. Army in 1992 and pursued a Master's degree in psychiatric mental health nursing. After working as a sales rep for pharmaceutical companies she dove into healthcare IT and has been immersed in the cybersecurity space for the last few years. In this episode, she talks about: how does it feel to work in a war and the consequences a deployment has how can we as a society improve attitude towards mental health and coping why are nurses perfect cybersecurity experts what are the basic cybersecurity practices everyone should know? More about the podcast: www.facesofdigitalhealth.com Leave a rating or a review: www.lovethepodcast.com/facesofdigitalhealth
Jenna Waters is a Cybersecurity Consultant at True Digital Security where she specializes in information security program development, industry compliance assessments, threat intelligence, and cloud security controls. She helps clients navigate the complexities of cybersecurity program development and conducts compliance assessments, gap analyses, and holistic security consulting. Jenna is an experienced professional who consults with companies across multiple industries in achieving security-related best practices and/or regulatory compliance objectives. Jenna works to bridge the divide between security control architecture and compliance requirements in Microsoft Azure and Amazon Web Services cloud environments. Jenna began her career in the United States Navy working under the U.S. Fleet Cyber Command at the Naval Intelligence Operations Center (NIOC) and with the National Security Agency (NSA). Afterward, she graduated from the University of Tulsa with a degree in Computer Information Systems. Jenna is passionate about sharing her knowledge of cybersecurity with business owners, public policy leaders, and healthcare, financial, and tech industry members. When she isn't busy helping her clients protect their customers' data, Jenna is a voracious reader, aspiring hobbyist, and dog mom of two. In this episode, we discuss: The growing importance of a business' cyber-security program The increased risk that small to medium sized businesses are at for cyberattacks The financial value of a cybersecurity program to any business Identifying gaps and vulnerabilities in a businesses' security How investing in cybersecurity can help a business tackle future IT projects in a more agile way I hope you will find this episode as exciting and informative as I have. Jenna was so generous to share her better business practices regarding what you need to understand when considering your business' cyber-security program. Jenna's lesson on the importance of a company's cyber-security program can teach us all how to have a better business. Please let me know your thoughts! Connect with Jenna Websites Mentioned: www.truedigitalsecurity.com Guest Contact Info: Email: jenna.waters@truedigitalsecurity.com LinkedIn: https://www.linkedin.com/in/je-waters/ Connect with Steve Eschbach Website: https://www.tworld.com/locations/naperville/ or https://eschbachassoc.com/ YouTube Channel: https://www.youtube.com/channel/UCWqgICqaSI8xE2GRYY1HWJA LinkedIn: https://www.linkedin.com/in/speschbach/ Instagram: https://www.instagram.com/steveeschbach/ Twitter: @ SteveEschbach Learn more about your ad choices. Visit megaphone.fm/adchoices
All links and images for this episode can be found on CISO Series What questions should we be asking of a consultant's referrals to see if they're really worth the money they're trying to overcharge us? This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Ira Winkler (@irawinkler), CISO, Skyline Technology Solutions. Thanks to our podcast sponsor, Varonis Varonis will help you get meaningful data security results faster than you thought possible. Protect sensitive data, detect sophisticated threats and streamline privacy and compliance. Visit varonis.com/risk for a demo of Varonis' leading data security platform. In this episode: Fujifilm refused to pay ransomware demand, restored from backup. Be like Fujifilm. What to do with people who ask for your password and sign-on – and those who comply Best techniques for interviewing cybersecurity consultant candidates The importance of securing inter-organization Slack and Teams channels
In our second Expert Insights update for 2021, Cybersecurity Consultant, David Gittens shares his thoughts on, among other things: key trends in the current threat landscape; whether individuals or organisations should pay ransom demands; whether cybersecurity insurance is a worthwhile investment; and three (3) questions organisations should ask when looking to hire a security expert. Show notes and links to some of the things mentioned during the episode can be found at www.ict-pulse.com/category/podcast/ Do subscribe and leave us a review! Music credit: Red Peas and Rice, Ray Holman Podcast editing support: Mayra Bonilla Lopez
Welcome to the Great Women in Compliance Podcast, co-hosted by Lisa Fine and Mary Shirley. In this episode, Lisa talks with Jenna Waters, Cybersecurity Consultant at True Digital Security. Jenna has had a unique journey into compliance, as she enlisted in the Navy, was in counterintelligence, and then focusing on STEM in college. Jenna talks about the responsibility of being in the intelligence field in national security, what it is like to lead a team as a young woman in the military and how she decided on her career path. She also discusses key things to keep in mind as an ethics and compliance officer as you look at data security, and the importance of appropriate, objective risk assessments. She also distinguishes between cybersecurity and cyber-reactivity, and what that can mean for you and your organization - and how not preparing for cyberattacks can lead to reputational damage and loss of confidence by customers. And for those of you who are "Harry Potter" fans, we get into a discussion about which house and character each one would want to be (or would want, in Lisa's case). We hope that you enjoyed this episode and welcome any feedback you may wish to send in to gwicpod@gmail.com. For those of you in the northern hemisphere, it is the season for beach reads and you may be traveling after a long break. For your time off, you can pick up a copy (or download) “Sending the Elevator Back Down: What We've Learned from Great Women in Compliance” (CCI Press, 2020).If you've already read the booked and liked it, will you help out other women to make the decision to leverage off the tips and advice given by rating the book and giving it a glowing review on Amazon? As always, we are so grateful for all of your support and if you have any feedback or suggestions for our 2021 line up or would just like to reach out and say hello, we always welcome hearing from our listeners. You can subscribe to the Great Women in Compliance podcast on any podcast player by searching for it and we welcome new subscribers to our podcast. Join the Great Women in Compliance community on LinkedIn here.
Brian James, a CFP at Allworth Financial and a regular on Simply Money, joins Amy to discuss Greater Cincinnati's hot real estate market, Robinhood's regulatory missteps, and the growing student debt problem for retirees. Amy interviews Dave Hatter, a Cybersecurity Consultant at Intrust IT, about how ransomware attacks are affecting the economy.
This week, Nick Thomas and Leyla Gulen are joined by Mr. Kevin Cedeno, Cybersecurity Consultant for VIKTech and President, Huntsville Chapter of ISACA. News Stories Of The Week Include: REVIL Ransomware, Print Spooler Nightmare, Startup Threat Intelligence, Cyber Literacy Act, and more! https://youtu.be/e3bXEEWI60Y
Companies big and small, old and new are trying to get a handle on the best way to secure their data. But the challenge is that there is so much that goes into cybersecurity, it can be overwhelming for a company to oversee it internally...These vast challenges are often shouldered by a couple people in the IT department who are left to defend an entire company against a host of bad actors. “Cyber security is one giant game of whack-a-mole. It is either, you're trying to take out the threats against your company as they're attacking your organization or entity, or you're trying to tackle one problem at a time as it comes up because you never assessed what those problems could be in the first place.”To help defend against these nefarious attacks, more companies are employing the services of third parties to aid them in their defense. Jenna Waters is a Cyber Security Consultant at True Digital Security, where she specializes in assisting clients with security development and threat intelligence. On this episode of IT Visionaries, Jenna explains how her service in the military led her to defending clients from cyber criminals. She also explains cybersecurity essentials every company should deploy, plus she speaks to the future of privacy regulation and the need for security professionals to align their personal goals with the business.Main TakeawaysOut of Alignment: When designing your security measures, you have to take into account what the goals of leadership are. If you are pushing strict security measures on your product and services and they are hampering leaderships' ability to sell the product, you are going to consistently be pushing against the current when it comes to implementing your policies, so you have to make sure you are aligning your values with the businesses.Secure by Default: When developing in-house software systems, make sure you are designing these systems with security in mind. When software or products are developed with security measures already in place, you can see as much as 80-90% of the security work will already be done. When systems are not designed to be secure, it creates a scenario where patchwork security systems need to be developed, making the product more vulnerable.Lonely, I'm So Lonely: One of the key issues with the alignment of IT and security teams is that they often operate in silos or within departments that don't know how to manage them or have the proper resources and budget to support the vast needs of a cybersecurity team.IT Visionaries is brought to you by the Salesforce Platform - the #1 cloud platform for digital transformation of every experience. Build connected experiences, empower every employee, and deliver continuous innovation - with the customer at the center of everything you do. Learn more at salesforce.com/platform
Jenna Waters, Cybersecurity Consultant, True Digital Security Jenna Waters is a Cybersecurity Consultant at True Digital Security where she specializes in information security program development, industry compliance assessments, threat intelligence, and cloud security controls. She helps clients navigate the complexities of cybersecurity program development and conducts compliance assessments, gap analyses, and holistic security consulting. Jenna is an experienced professional who consults with companies across multiple industries to achieve security-related best practices and/or regulatory compliance objectives related to PCI DSS, CSA, NIST CSF, ISO/IEC 27002, NERC CIP, GDPR, HIPAA and various privacy laws throughout the United States. Jenna works to bridge the divide between security control architecture and compliance requirements in on-premise and cloud environments. Jenna began her career in the United States Navy working under the U.S. Fleet Cyber Command at the Naval Intelligence Operations Center (NIOC) and with the National Security Agency (NSA). Afterward, she graduated from the University of Tulsa with a degree in Computer Information Systems. Jenna is passionate about sharing her knowledge of cybersecurity with business owners, public policy leaders, various industry members, and the general public. http://www.truedigitalsecurity.com/
https://www.linkedin.com/in/je-waters/ (Jenna Waters )is a Cybersecurity Consultant at https://truedigitalsecurity.com/blog (True Digital Security) where she specializes in information security program development, industry compliance assessments, threat intelligence, and cloud security controls. She is an experienced professional who consults with companies across multiple industries in achieving security-related best practices and/or regulatory compliance objectives related to risk management and compliance frameworks, and various privacy laws throughout the United States. Jenna began her career in the United States Navy working under the https://www.fcc.navy.mil/ (U.S. Fleet Cyber Command at the Naval Intelligence Operations Center (NIOC)) and with the National Security Agency (NSA). Afterward, she graduated from the https://business.utulsa.edu/accounting-cis/computer-information-systems/ (University of Tulsa )with a degree in Computer Information Systems. Jenna is passionate about sharing her knowledge of cybersecurity with business owners, public policy leaders, and healthcare, financial, and tech industry members. When she isn't busy helping her clients protect their customers' data, Jenna is a voracious reader, aspiring hobbyist, and dog mom of two. In this episode, we discuss starting cybersecurity with the U.S. Navy, tying spoken languages to coding languages, leading and managing people, building an information security program, getting leadership buy-in, using frameworks for resiliency, diversity and inclusion, and so much more. Where you can find Jenna: https://www.linkedin.com/in/je-waters/ (LinkedIn) https://twitter.com/truedigitalsec (Twitter) https://truedigitalsecurity.com/blog (Blog)
Amy and Steve discuss the speculative frenzy behind AMC Entertainment, and who could ultimately get hurt on this week's Best of Simply Money Podcast. They also talk about how to feel better about spending in retirement and take your questions about money and personal finance. Amy interviews Dave Hatter, a Cybersecurity Consultant at Intrust IT, about the hack at the world's largest meat processor and how ransomware attacks could impact our larger economy.
Getting your wallet ready for swimsuit season On this week’s Best of Simply Money, Amy and Steve discuss post-vaccine vacation trends and Memorial Day flight deals out of the Cincinnati/Northern Kentucky International Airport. They also talk about the more subtle retirement changes to plan for, and the terrible financial advice that kids are watching on Tik Tok. Amy interviews Dave Hatter, a Cybersecurity Consultant at Intrust IT, about hiding your online shopping patterns from massive tech giants.
When climbing to reach the summit for the business, a security management failure can happen at any moment, resulting in missed opportunities or lost revenue. The good news? Your logs have the solutions.We're not only talking about finding the solution to fix problems when it is too late. We're talking about focusing the resources on knowing the business and its risks before something terrible happens so you can better prepare, protect, and prevent the mishap in the first place. If you listen to the logs, the solution can be synonymous with prevention. In this conversation, we speak with Kayla Williams, VP, IT GRC at Devo, about the confession "Ms. H" shared with the Devo team. "Ms. H" described 3 main challenges faced:The wall of "Un-Scalability": what makes a company to that point where the wall is too tall to scale?Analytics: you can't magically know what you don't know, and you can't analyze what you can't seeWhat is the real impact on the team's performance in terms of MTTD and MTTR? Yes, this applies to compliance requirements as well.These points likely resonate with many preparing to listen to this episode. Still, the challenges—and opportunities—may not be as obvious.Security operations programs within any organization can only mature and progress as fast as its weakest point. And, for many, that weakest spot lives in their ability to collect, correlate, analyze, and act on enough relevant data from enough (let's be honest, "all") relevant sources.What's the reality? Many hit the "wall of un-scalability" far too soon for them to be successful as they try to reach the summit. They simply can't see what needs to be seen to prepare, protect, and prevent.Suppose we learn to listen to the cybersecurity practitioners that know what is really needed to get the job done. In that case, we can also learn to listen to the log's truth—as they do not lie.More Data. More Clarity. More Confidence.(This contains promotional content: learn more)With Power Comes Responsibility: Not All SIEM Platforms Are Created EquallyConversation with: Kayla Williams, VP, IT GRC at DevoConfession shared by: “Ms H”ResourcesLearn more about Devo and their offering: https://itspm.ag/itspdvwebWatch all of the Log's Honest Truth videos by visiting https://itspm.ag/devooa7kCatch the full 5-part video/podcast series by visiting https://itspmagazine.com/their-stories/their-identities-are-hidden-but-their-frustrations-are-not-infosec-confessions-logs-honest-truth-a-devo-storyAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
Isaac talks about keeping integrity of our systems and understanding how blockchain could be used to strengthen our cybersecurity posture.
In this edition of the Beyond the Perimeter Podcast, we explained how millions of chrome users might be affected by the Google Chrome security breach and we interviewed Ms. Reut Weitzman who is the COO and Cybersecurity Consultant at QMasters to learn about her experience and insights as a CISO at a startup.
An important term ought to be in every cybersecurity practitioner's lexicon: Adversary tradecraft. It's an indication of how skilled other countries are at cyber attacks. Some of them are very good. A comprehensive report from Crowdstrike details the skills of cyber mischief makers in a number of countries, and what defenders in the United States can do about them. Dmitri Alperovitch, chief technology officer at Crowdstrike, joined Federal Drive with Tom Temin in studio for more details.
Eyitemi Egbejule is a Cybersecurity Consultant/researcher, founding member of the NaijaSecForce security community, organizers of NaijaSecCon. Is also a founding member of the PythonNigeria developers community, member of the community's board and also member of the organizing committee of the recent PyCon in Nigeria. Eyitemi runs a Cybersecurity Research Labs, SicSec Labs and does active research on malware, Advanced Persistent Threats and Reverse engineering. He tweets about security and tech as @eEyitemi, Builds security tools using Python and does security code audits. He is currently an independent member of the Django Software Foundation. On the side, Eyitemi is actively involved in Girl Tech Educaiton by mentoring Girls in programming and Cybersecurity and He has coached at over 18 Django Girls Events in West Africa. He shared with us his story and experiences. "You don't have to be a Programmer or Designer to be in Tech, we need lots of people in tech, we need various kinds of people; accountants, event planners, evangelists, marketers…" "Learn to talk about what you have done and what you do, don't be too humble and not talk about what you have done, you can talk about what you do without being boastful." "Talking about your projects builds confidence" "Count your projects; name them one by one, it will surprise you what you done and what you are capable of doing…" I trust you have picked some actionable nuggets from today's episode, do execute and have fun. I am looking forward to hearing from you, send in your comments via email: thecreativeschronicles@gmail.com, remember to subscribe on iTunes: https://itunes.apple.com/us/podcast/thecreativeschronicles/id1304002365 and any other podcasting app you use, just search for thecreativeschronicles on your podcasting app and subscribe, thank You! Mentioned in today's episode: OWASP Guide Project - https://www.owasp.org/index.php/OWASP_Guide_Project OWASP Project Inventory - https://www.owasp.org/index.php/OWASP_Project_Inventory
Check out our Sponsor LevelUpInTech and start your cloud career todayClick here to get started: https://levelupintech.com/techHi there, welcome to The Techtual Talk! I'm your host Henri and today we have a very special guest joining us - Aria, also known as "AD" on Twitter where she shares invaluable insights about being a Cybersecurity Consultant in Governance, Risk and Compliance as well as job search strategies. Aria has a fascinating multifaceted background in GRC. She started her career as a fraud analyst at American Express before transitioning into compliance and risk after working on an impactful project involving investigation and legal action against fraud perpetrators. Determined to excel in GRC, Aria embarked on an intense self-learning journey - accessing a grant program for cybersecurity certifications, completing it, and landing a role as a GRC analyst. In our conversation today, Aria breaks down the critical components of an effective risk assessment process. She emphasizes the importance of control determination, risk level assessment, prioritizing risks, and developing comprehensive mitigation strategies. Aria also provides real-world examples illustrating significant business risks like cyber attacks, ransomware, phishing and employee vulnerabilities. We dive into the ongoing debate around certifications versus degrees for GRC job applications. Aria shares astute advice for individuals considering career changes, stressing the value of foundational knowledge and demonstrating transferable skills. She also opens up about the challenges of thriving in a GRC career - from meeting compliance needs without compromising operational efficiency to staying on top of GRC news in a fast-paced, high-pressure environment.Aria's remarkable career progression, nearly a $100k increase since her early days as a fraud analyst, underscores the demand for GRC professionals with strong technical backgrounds. Her parting words for our listeners - take a proactive approach to learning, commit to excellence, and put in the work independently to achieve great outcomes.Stay tuned for this illuminating and inspiring conversation with Aria! #GRC #cybersecurity #salary Follow Aria on twitter: https://x.com/AriaImaginedArias business information: https://linktr.ee/ariaimaginedPodcast produced by Henri DavisJoin my mailing list: https://mailchi.mp/techualconsulting.com/sign-up➡️ Need a new resume done or need coaching from me⬇️https://techualconsulting.com/offerings➡️ Want to land your first IT Job? Then check out the IT course from Course careers use my link and code Techtual50 to get $50 off your course ⬇️https://account.coursecareers.com/ref/50932/Click the link below to try out Aura's FREE 14 day trial and see if your personal information has been compromised