POPULARITY
Description:Your car is spying on you—and not just in the ways you'd expect. From contact info and driving behavior to biometric data and facial recognition, modern vehicles are collecting more data than ever. In this episode, we dive into how automakers and even governments are using this data, including a lawsuit against GM for allegedly selling driver data to insurance companies. Plus, we explore security vulnerabilities in key fobs, EV chargers, and even Tesla's software, where hackers have demonstrated alarming access to vehicle functions. Stay tuned to learn how to protect yourself from privacy risks and potential cyber threats in your own car.Support the Show:PatreonAcast+Other Podcasts:Beyond the Post YouTubeBeyond the Post PodcastShuffle Playlist918Digital WebsiteSources: AP - In China, your car could be talking the governmentQuartz - A Chinese official explained how the country's electric-car surveillance worksCar Scoops - More Venues Across China are Banning Tesla EVs over Security ConcernsWired - How Your New Car Tracks YouVPR - VehiclePrivacyReportTexas lawsuit - State of Texas v. GMCBS News - GM is selling driver data to insurers w/o consumers' knowledge. Reuters - Tesla workers shared sensitive images recorded by customer carsUNR - Can EVs be hackedDark Reading - Tesla Gear Gets Hacked Multiple Times in Pwn2Own ContestSupport this show http://supporter.acast.com/kilowatt. Support the show at https://plus.acast.com/s/kilowatt. Hosted on Acast. See acast.com/privacy for more information.
In the latest episode of #IMM, Christine and Madison speak with Nate Nelson, Contributing Writer at Dark Reading.
According to Dark Reading, an unmitigated revamp of healthcare cybersecurity is coming in 2025, and experts warn that the compliance burden for organizations will be steep. herrod DeGrippo, director of threat intelligence strategy at Microsoft, joins host Steve Morgan in this episode to discuss the new HIPAA rules, including the standards healthcare organizations will now be held to, and more. • For more on cybersecurity, visit us at https://cybersecurityventures.com
#SecurityConfidential #DarkRhiinoSecurity Ken is the former CEO, Executive Producer, and Television Host at Cyber Life. He is the Best-Selling Author of “Hack the Cybersecurity Interview: A complete interview preparation guide for jumpstarting your cybersecurity career”. He has been featured in Forbes, Reader's Digest, Tech Republic, Fox, NBC, Dark Reading, and many more places. 00:00 Snippet 00:59 Our Guest 04:22 People are using AI to write books? 11:47 Additional places to look for Cybersecurity jobs 12:32 How to properly reach out to companies for jobs 16:05 Ghost jobs 20:12 Don't create “wish lists” for jobs 25:30 Diversity in our industry 30:00 Fake coaching program scams 31:00 Are Certifications important 37:20 Diversity of Thought 40:20 Make your boss's life easier 45:50 Organizations to follow ------------------------------------------------------------------- Purchase the second edition of "Hack the Cybersecurity Interview" : https://www.amazon.com/Hack-Cybersecurity-Interview-Interviews-Entry-level/dp/1835461298 To learn more about Dark Rhiino Security visit https://www.darkrhiinosecurity.com ------------------------------------------------------------------- SOCIAL MEDIA: Stay connected with us on our social media pages where we'll give you snippets, alerts for new podcasts, and even behind the scenes of our studio! Instagram: @securityconfidential and @Darkrhiinosecurity Facebook: @Dark-Rhiino-Security-Inc Twitter: @darkrhiinosec LinkedIn: @dark-rhiino-security Youtube: @DarkRhiinoSecurity -------------------------------------------------------------------
Rick Howard, N2K CyberWire's Chief Analyst and Senior Fellow, turns over hosting duties to William MacMillan, the Chief Product Officer at Andesite, to discuss the Cybersecurity First Principle of automation: current state and what happens now with AI as it applies to SOC Operations. For a complete reading list and even more information, check out Rick's more detailed essay on the topic. Check out Rick's 3-part election mini-series: Part 1: Election Propaganda Part 1: How Does Election Propaganda Work? In this episode, Rick Howard, N2K CyberWire's Chief Analyst and Senior Fellow, discusses personal defensive measures that every citizen can take—regardless of political philosophy—to resist the influence of propaganda. This foundational episode is essential for understanding how to navigate the complex landscape of election messaging. Part 2: Election Propaganda: Part 2: Modern propaganda efforts. In preparation for the US 2024 Presidential Election, Rick Howard, N2K CyberWire's Chief Analyst and Senior Fellow, discusses recent international propaganda efforts in the form of nation state interference and influence operations as well as domestic campaigns designed to split the target country into opposing camps. Guests include Nina Jankowicz, Co-Founder and CEO of the The American Sunlight Project and Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber. Part 3: Election Propaganda: Part 3: Efforts to reduce the impact of future elections. Thinking past the US 2024 Presidential Election, In part three of the series, Rick Howard, N2K CyberWire's Chief Analyst and Senior Fellow, discusses reducing the impact of propaganda in the future elections with Perry Carpenter, Chief Human Risk Management Strategist at KnowBe4 and host of the 8th Layer Insights Podcast, Nina Jankowicz, Co-Founder and CEO of the The American Sunlight Project, and Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber. References: Bob Violino, 2022. 7 top challenges of security tool integration [Analysis]. CSO Online. Bruce Japsen, 2024. UnitedHealth Group Cyberattack Costs To Hit $2.3 Billion This Year [News]. Forbes. Clay Chun, 2019. JOHN BOYD AND THE “OODA” LOOP (GREAT STRATEGISTS) [Explainer]. War Room - U.S. Army War College. Michael Cobb, 2023. The history, evolution and current state of SIEM [Explainer]. TechTarget. Rick Howard, 2022. History of Infosec: a primer. [Podcast and essay]. The CyberWire - CSO Perspectives. Rick Howard, 2020. Security operations centers: a first principle idea. [Podcast and Essay]. The CyberWire. Rick Howard, 2020. SOAR – a first principle idea. [Podcast and Essay]. The CyberWire - CSO Perspectives. Rick Howard, 2021. XDR: from the Rick the Toolman Series. [Podcast and Essay]. The CyberWire - CSO Perspectives. Robert Lemos, 2024. SOAR Is Dead, Long Live SOAR [Analysis]. Dark Reading. Timbuk 3, 1986. The Future's So Bright, I Gotta Wear Shades [Song]. Genius. Timbuk3VEVO, 2009. Timbuk 3 - The Future's So Bright [Music Video]. YouTube. Learn more about your ad choices. Visit megaphone.fm/adchoices
Learn more about your ad choices. Visit megaphone.fm/adchoices
Learn more about your ad choices. Visit megaphone.fm/adchoices
Rick Howard, The CSO, Chief Analyst, and Senior Fellow at N2K Cyber, discusses the current state of MITRE ATT&CK with CyberWire Hash Table guests Frank Duff, Tidal Cyber's Chief Innovation Officer, Amy Robertson, MITRE Threat Intelligence Engineer and ATT&CK Engagement lead, and Rick Doten, Centene's VP of Information Security. References: Amy L. Robertson, 2024. ATT&CK 2024 Roadmap [Essay]. Medium. Blake E. Strom, Andy Applebaum, Doug P. Miller, Kathryn C. Nickels, Adam G. Pennington, Cody B. Thomas, 2018. MITRE ATT&CK: Design and Philosophy [Historical Paper]. MITRE. Eric Hutchins, Michael Cloppert, Rohan Amin, 2010. Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains [Historic Paper]. Lockheed Martin Corporation. Nick Selby, 2014. One Year Later: The APT1 Report [Essay]. Dark Reading. Rick Howard, 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Goodreads. Rick Howard, 2020. Intrusion kill chains: a first principle of cybersecurity. [Podcast]. The CyberWire. Rick Howard, 2022. Kill chain trifecta: Lockheed Martin, ATT&CK, and Diamond. [Podcast]. The CyberWire. Rick Howard, 2020. cyber threat intelligence (CTI) (noun) [Podcast]. Word Notes: The CyberWire. Kevin Mandia, 2014. State of the Hack: One Year after the APT1 Report [RSA Conference Presentation]. YouTube. SAHIL BLOOM, 2023. The Blind Men & the Elephant [Website]. The Curiosity Chronicle. Sergio Caltagirone, Andrew Pendergast, and Christopher Betz. 05 July 2011. The Diamond Model of Intrusion Analysis. Center for Cyber Threat Intelligence and Threat Research.[Historical Paper] Staff, n.d. Home Page [Website]. Tidal Cyber. Learn more about your ad choices. Visit megaphone.fm/adchoices
In this episode, Rob Aragao and Stan Wisseman look at the intriguing transition from Chief Information Security Officer (CISO) to Chief Technology Officer (CTO). Drawing from a recent sidebar conversation among CISOs and an insightful article from Dark Reading, they examine why this trend is becoming more prominent. With examples from organizations like Bank of America, Fifth Third Bank, and Equifax, Rob and Stan discuss the key attributes that make this career move logical and beneficial.The conversation highlights the importance of collaboration, strategic thinking, and the deep understanding of both technology and business impact that CISOs bring to the table. They delve into how the roles of CISO and CTO overlap, particularly in driving innovation, increasing revenue, and embedding security by design into business solutions.Rob and Stan also consider the broader influence a CTO has on an organization's technology strategy, the operational experience both roles share, and the potential motivations behind CISOs seeking to transition—whether to escape the increasing personal liability associated with security breaches or to pursue new professional growth opportunities.Additionally, the episode touches on the challenges CISOs might face in this transition, such as the need for expertise in product development and the software lifecycle. As discussed in this episode: https://www.darkreading.com/cybersecurity-careers/ciso-as-a-cto-when-and-why-it-makes-senseFollow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
Tom Bodrovics welcomes Tony Anscombe, ESET Chief Security Evangelist, to discuss cybersecurity in the mining sector. With over three decades in IT and cybersecurity, Anscombe stresses that security fundamentals remain crucial despite technological advancements. He highlights vulnerabilities from remote locations, outdated technology, third parties, and activists/nation states. Mining companies face significant risks, including potential for fatalities and financial losses. A comprehensive cybersecurity framework is necessary, along with advanced technologies like EDR systems. The financial cost of cyber attacks can reach $14 trillion by 2027, affecting industries, including mining. Companies must prioritize cybersecurity and involve third parties to adhere to security policies. Anscombe also touches on the ethical implications and potential international collaboration in AI development. Time Stamp References:0:00 - Introduction0:30 - Tony's Background2:03 - Industrial Security6:47 - Potential Risks10:37 - Attack Vectors12:32 - 3rd Party Liability14:30 - AI & Cyber Security17:30 - Practical Solutions19:50 - Capable People20:58 - Global Impacts & Costs24:16 - Reporting & Regulations27:02 - Technical Glitches?30:04 - AI Risks & Benefits33:57 - Restricting AI?36:19 - Wrap Up Talking Points From This Episode Mining companies face significant cybersecurity risks due to remote locations, outdated technology, third parties, and activists/nation states. A comprehensive cybersecurity framework and advanced technologies like EDR systems are necessary to mitigate mining sector risks. The financial cost of cyber attacks can exceed $14 trillion by 2027, emphasizing the importance of prioritizing cybersecurity for all industries. Guest Linkshttps://www.welivesecurity.com/en/https://twitter.com/TonyAtESET Tony Anscombe is Chief Security Evangelist for ESET. With over 20 years of security industry experience, Anscombe is an established author, blogger and speaker on the current threat landscape, security technologies and products, data protection, privacy and trust, and Internet safety. His speaking portfolio includes industry conferences RSA, Black Hat, VB, CTIA, MEF, Gartner Risk and Security Summit and the Child Internet Safety Summit (CIS). He is regularly quoted in cybersecurity, technology and business media, including BBC, Dark Reading, the Guardian, the New York Times and USA Today, with broadcast appearances on Bloomberg, BBC, CTV, KRON and CBS. Anscombe is a current board member of the NCSA and FOSI. Tony is based in the USA and represents ESET globally.
Originally premiered Mar 28, 2020ABOUT THIS EPISODE:The Blak Cyber podcast sits down to talk to Ken Underhill, Ken has been featured in Forbes, Reader's Digest, Medium, Tech Republic, Fox, NBC, Dark Reading, Voyage Houston Magazine, MSN Money, and many more places. In Ken's own words "I sometimes do cybersecurity product and service reviews (cybersecurity influencer marketing). Reach out to me if you need that service. All my reviews will be honest feedback, good or bad." I have personally known Ken for couple years now, and his impact onCybersecurity community can not be measured, he goes above and beyond expectations.Please subscribe and share to support this podcast.Ken's LinkedIN:https://www.linkedin.com/in/kenunderhill/
Forecast = Areal Cyber Flood Warning In this episode of Storm⚡️Watch we delve into a variety of cybersecurity topics that are essential for professionals in the field. The episode kicks off with a roundtable discussion, setting the stage for a deep dive into recent critical vulnerabilities in VMware's ESXi, as reported by SecurityWeek. We explore the history of VMware vulnerabilities, including the infamous log4j, and speculate on the company's future trajectory. The spotlight then shifts to Microsoft and the implications of Russia's breach of their systems, as well as the impact of the SEC's disclosure policies on Microsoft's transparency. This discussion is informed by reports from The Record and the SEC's official documentation. Our tool segment introduces listeners to aiocrioc, a project available on GitHub, and the work of James Brine, which can be found on his personal website. This tool represents the cutting edge of cybersecurity technology and is a must-know for industry professionals. We also touch on the resurgence of USB hacks by nation-states, a trend highlighted by Dark Reading, and discuss the implications of such low-tech yet effective attack vectors. In our self-promotion segment, we discuss Censys' insights on ConnectWise exposure and GreyNoise's own research on hunting for Fortinet's CVE-2024-21762. These resources are invaluable for cybersecurity practitioners looking to enhance their defensive strategies. The episode wraps up with a roundup of recent and active campaigns, as seen on GreyNoise's visualization trends, and a discussion on the Known Exploited Vulnerabilities (KEV) catalog from CISA, including the new KEV submission form available on the Federal Register. Episode Slides >> Storm Watch Homepage >> Learn more about GreyNoise >>
In this episode, we navigate through a series of critical cybersecurity issues. First, we discuss Dark Reading's report on LastPass's alert about a counterfeit app in the Apple App Store, highlighting the risks of digital impersonation and fraud. Next, we delve into Bleeping Computer's coverage of the U.S. State Department's substantial reward for information on the Hive ransomware group, a significant step in combating cyber extortion. Finally, we explore a report from The Hacker News about the Chinese state-sponsored hacking group Volt Typhoon's stealthy presence in U.S. critical infrastructure, underscoring the evolving landscape of global cyber threats. Join us as we analyze these developments, shedding light on the ongoing battle against cybercrime and the importance of vigilance in our interconnected digital world. LastPass Warns on Password App Discovered in Apple App Store - Dark Reading Article US offers $10 million for tips on Hive ransomware leadership - Bleeping Computer Article Chinese Hackers Operate Undetected in U.S. Critical Infrastructure for Half a Decade - The Hacker News Article Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/
We kick off with a report from BleepingComputer about Ov3r_Stealer malware, a devious program disseminated through Facebook job ads, illustrating the ever-present dangers lurking on social media. Then, we pivot to a strategic cyber assault attributed to Chinese hackers exploiting a FortiGate vulnerability to breach Dutch military defenses, as detailed by The Hacker News. Wrapping up, we delve into the Linux world, confronting a dire remote code execution flaw in the shim bootloader that threatens every distribution supporting Secure Boot, a saga reported by Dark Reading and the NVD. Tune in to decrypt the complexities of cybersecurity in our digital age. Ov3r_Stealer Malware Alert: Read more at BleepingComputer Dutch Military Cyber Breach: Read more at The Hacker News Linux Bootloader Vulnerability Exposed: NVD CVE-2023-40547 & Dark Reading Article
Dive into the latest in cybersecurity with The Daily Decrypt: The Risks of Google Search for Software: Uncover the dangers of malicious ads on Google leading to compromised software downloads. Original article at Krebs on Security. NRC's Network and Software Security Push: Learn about the Network Resilience Coalition's recommendations for enhancing network and software security. Full details on Dark Reading. Microsoft's Test Account Security Blunder: Explore how a hacked Microsoft test account with admin privileges led to a significant security breach. Complete story at Ars Technica. Join us as we delve into these critical topics, providing you with essential insights and updates in the realm of cybersecurity. #CyberSecurityAwareness #TechNews
Introduction Erika Andresen, CBCP, JD, MPA, is a recovering lawyer after nearly two decades of experience in both the corporate finance world and the military. Erika became a subject matter expert on national security and disaster preparedness and response while advising different commands on their authorities and during high-risk situations in Afghanistan and domestic disasters stateside. She also has extensive experience writing injects and acting as an observer/trainer/coach for large-scale military exercises. Her work with actual disasters led her to attain a Master of Public Affairs. Erika left active duty in 2020 and has since started EaaS Consulting, LLC, with the goal of keeping businesses in business. To that end, she authored How to Not Kill Your Business: Grow Your Business in Any Environment, Navigate Volatility, and Successfully Recover When Things Go Wrong, a conversational introduction to business continuity enjoyed by CBCP practitioners and business owners alike. She has been quoted in articles for Forbes, Dark Reading, and MoneyGeek on the issues of business continuity and disaster preparedness as well as appearing as a frequent guest on podcasts internationally. Key Positions -Founder, EaaS Consulting, LLC -Chief, National Security Law, 7th Infantry Division, US Army - Chief, International Law, 353rd Civil Affairs Command -Counsel to the Commanding General, TAACOM South, Kandagar, Afghanistan and Natick Soldier Systems Center, US Army - EOC Legal Advisor, Fort Leonard Wood, MO, US Army -Professor of Emergency Management, University of Texas at El Paso, MPA Program Contact Information info@eaasc.com https://www.linkedin.com/in/erika-andresen
Dark Side of the Library Podcast Episode #160: Dark Non Fiction Books Coming Out November 2023 (Disclosure: Some of the links in this post are affiliate links. This means if you click on the link and purchase the item, we will receive an affiliate commission at no extra cost to you) Accidental: Rebuilding a Life After Taking One, by David W. Peters (November 7) https://amzn.to/46ynxOe Afterlives of Endor: Witchcraft, Theatricality, and Uncertainty from the "Malleus Maleficarum" to Shakespeare, by Laura Levine (Nov 15) https://amzn.to/3QI3hVn Anatomical Oddities: The Otherworldly Realms Hidden within Our Bodies, by Alice Roberts (Author), Holly Dunsworth (November 7) https://amzn.to/3QdrzGl The Art of Ectoplasm: Encounters with Winnipeg's Ghost Photographs, by Serena Keshavjee (November 1) https://amzn.to/3tlSlUc Bat Island: A Rare Journey into the Hidden World of Tropical Bats, by Dr. Rachel A. Page (Author), Dr. Dina K. N. Dechmann (Author), Dr. M. Teague O'Mara (November 21) https://amzn.to/45oxmgR Conjuring the Calabash: Empowering Women with Hoodoo Spells & Magick, by Mawiyah Kai El-Jamah Bomani (Nov 8) https://amzn.to/47etKzk Curepedia: The A–Z of The Cure, by Simon Price (November 7) https://amzn.to/44YPC0X David Bowie: Mixing Memory and Desire, by Kevin Cummins (November 14) https://amzn.to/3FgrP18 The Devil Inside: The Dark Legacy of the Exorcist, by Carlos Acevedo (Nov 14) https://amzn.to/3FLCUaN Diseased Cinema: Plagues, Pandemics and Zombies in American Movies, by Robert Alpert (Nov 30) https://amzn.to/3sn9cFO Diablo: Horadric Vault - The Complete Collection, by Matt Burns (Author), Robert Brooks (Author), Matthew J. Kirby (Author), Blizzard Entertainment (November 7) https://amzn.to/45MJjx3 Disney Villains Happily Never After: A Villainous Book of Love and Friendship for a Very Special Someone, by Disney (November 7) https://amzn.to/449qeEu The Exorcist Effect: Horror, Religion, and Demonic Belief, by Joseph P. Laycock and Eric Harrelson (Nov 7) https://amzn.to/46NlcQ1 Fallen Angel: The Life of Edgar Allan Poe, by Robert Morgan (November 15) https://amzn.to/46vIg5c The Feeling of Letting Die: Necroeconomics and Victorian Fiction, by Jennifer MacLure (Nov 2) https://amzn.to/3sn8Kr6 The Full Moon Yearbook, by Julie Peters (Nov 28) https://amzn.to/49lgjiF How to Think About Catastrophe: Toward a Theory of Enlightened Doomsaying (Studies in Violence, Mimesis & Culture), by Jean-Pierre Dupuy (November 1) https://amzn.to/3tndKw4 Starkweather: The Untold Story of the Killing Spree That Changed America, by Harry N. MacLean (Nov 28) https://amzn.to/3tUeRnb UFO: The Inside Story of the US Government's Search for Alien Life Here―and Out There, by Garrett M. Graff (Nov 14) https://amzn.to/49i3LbX Dark Side of the Library Amazon Live Channel: https://www.amazon.com/live/darksideofthelibrary/ Dark Side of the Library Podcast: https://www.darksideofthelibrary.com/ Dark Side of the Library on Facebook: https://www.facebook.com/darksideofthelibrary Dark Side of the Library on Instagram: https://www.instagram.com/darksideofthelibrary
I'm trying something new this week: These show notes were generated by putting a transcript into ChatGPT. Feedback is appreciated! —Randy We recently heard Jeff Marraccini on the "This Week in Enterprise Technology (TWiET)" podcast. Jeff, the Chief Information Security Officer (CISO) at Altair, joined us this week to share insights into his background and the challenges Altair faces in cybersecurity as a globally acquisitive company. The conversation explores Jeff's transition from a Vice President of IT to a CISO, underscoring the importance of continuous learning and formal courses from ISC2 and ISACA to adapt to the evolving cybersecurity landscape. Emphasis is placed on the complex vendor landscape in cybersecurity and the need to implement zero trust as a methodology rather than just a product. Jeff delves into Altair's approach to global operations, collaborating with teams across China, India, Europe, and the United States. Regulatory challenges, such as restrictions on hardware in China, are discussed. The podcast concludes with a discussion on the evolving cybersecurity landscape, highlighting Jeff's optimism about advancements like memory-safe languages and Microsoft's adoption of Rust. Despite existing challenges, Jeff sees promising developments and disruptive solutions in the cybersecurity space. A noteworthy segment of the discussion involves the importance of identity in cybersecurity. Jeff and Bob emphasize that identity management should be at the crux of security efforts, recognizing its role as a foundational element for effective cybersecurity measures. The conversation highlights the shift in focus from traditional security measures, like firewalls, to a more comprehensive approach centered around identity management. Furthermore, Bob and Jeff touch upon the evolution of cybersecurity news coverage. They discuss the noticeable decrease in mainstream media coverage of security breaches, speculating on whether this shift is influenced by the insurance industry advising companies to keep incidents quiet or if it reflects a change in news priorities. Jeff acknowledges the continued prevalence of security issues covered by specialized outlets like the Cyberwire podcast, CSO Online, and Dark Reading. Towards the end, the conversation pivots to the impact of Gen AI (Generative Artificial Intelligence) and digital transformation on the industry. Jeff shares insights into Altair's recent acquisition of RapidMiner, emphasizing the empowerment of individuals to leverage AI techniques for various applications, including data science and cybersecurity. The discussion underscores the potential for Gen AI to enhance efficiency and collaboration across different fields. The podcast concludes with Bob raising a concern about the younger generation's reluctance to pursue careers in IT, especially in areas like cybersecurity and data science. Jeff offers guidance, encouraging individuals to explore these fields through online courses and hands-on projects, emphasizing their applicability across diverse industries. The conversation touches on the need for a shift in mindset and the potential for technology-driven roles to drive innovation and problem-solving. Overall, the discussion provides a comprehensive overview of cybersecurity challenges, industry trends, and the transformative impact of emerging technologies.
Dark Side of the Library Podcast Episode #156: Dark Kids Books Coming Out October 2023 (Disclosure: Some of the links in this post are affiliate links. This means if you click on the link and purchase the item, we will receive an affiliate commission at no extra cost to you) An Atlas of Afterlives: Discover Underworlds, Otherworlds and Heavenly Realms (Lost Atlases), by Emily Hawkins (Author), Manasawee Rojanaphan (October 31) https://amzn.to/3rG37nJ Chiller Thriller! (7) (Junior Monster Scouts), by Joe McGee (Author), Ethan Long ( October 3) https://amzn.to/46iVrqk The Fall of the House of Tatterly, by Shanna Miles (October 10) https://amzn.to/3ZvKeQG Friends, by Mies van Hout (October 3) https://amzn.to/3rpXjyD A Fright to Remember: Monster High School Spirits #1, by Adrianna Cuevas (Oct 31) https://amzn.to/3LKQrTm Fungi Grow, by Maria Gianferrari (Author), Diana Sudyka (October 17) https://amzn.to/3DXWbow The Monster Above the Bed, by Kailei Pew (Oct 24) https://amzn.to/3qVh6pu The Nighthouse Keeper (Blight Harbor), by Lora Senf (October 17) https://amzn.to/3sgQOhK The Night Hunt, by Alexandra Christo (Oct 10) https://amzn.to/484PU8k Nightspark (Sequel) by Michael Mann (Oct 10) https://amzn.to/3EUMU16 Peter and the Wolf: Wolves Come in Many Disguises, by Gavin Friday (Oct 24) https://amzn.to/3PSqNxp Plague-Busters!: Medicine's Battles with History's Deadliest Diseases, by Lindsey Fitzharris (Author), Adrian Teal (October 10) https://amzn.to/3PIs9uv The Puppets of Spelhorst, by Kate DiCamillo (Author), Julie Morstad (October 10) https://amzn.to/3Qtzno9 There's Something Out There The Graphic Novel (5) (You're Invited to a Creepover: The Graphic Novel), by PJ Knight (Oct 10) https://amzn.to/48QQCXl Scarewaves, by Trevor Henderson (October 3) https://amzn.to/44Jkd1e Scream for the Camera (Graveyard Girls), by Lisi Harrison and Daniel Kraus (Oct 3) https://amzn.to/3F0mlav Tokyo Night Parade, by J.P. Takahashi (Author), Minako Tomigahara (October 10) https://amzn.to/3LOulPJ The Witch's Wings and Other Terrifying Tales (Are You Afraid of the Dark? Graphic Novel #1), by Tehlor Kay Mejia https://amzn.to/3n2AeQt Dark Side of the Library Amazon Live Channel: https://www.amazon.com/live/darksideofthelibrary/ Dark Side of the Library Podcast: https://www.darksideofthelibrary.com/ Dark Side of the Library on Facebook: https://www.facebook.com/darksideofthelibrary Dark Side of the Library on Instagram: https://www.instagram.com/darksideofthelibrary
This week on Ask A CISSP, we have an interview with Kayne McGladrey, Field CISO at Hyperproof. In this very entertaining episode, we'll learn Kayne's amazing cybersecurity "origin story" and discuss the need for more diversity of culture and thought within cybersecurity. We'll also go into upcoming Federal and State policy and how he and his team have developed the tools necessary to keep up with the future of Governance, Risk, and Compliance. Don't miss out! Please LISTEN
In the latest episode of #IMM, Christine speaks with Becky Bracken, Editor at Dark Reading.
Over the past 17 years, Kelly Jackson Higgins, editor-in-chief at Dark Reading, has watched the cybersecurity industry explode. She brings a unique perspective to the podcast in discussion with Brian and John as they pick apart the challenges faced in industrial environments to the vulnerabilities in healthcare organizations. Just as the world of technology journalism has changed, so has Dark Reading and the way they approach the industry, the major players, and evolving conversations in the space. Kelly's unique position allows her to triage the firehose of information for us, focusing on ransomware and "the whole AI thing," and more. Throughout the conversation, we will explore the importance of visibility and monitoring of connected devices, the persistent issue of devices being connected to the public internet when they shouldn't be, and the need for collaboration between IT and OT teams. We will also delve into recent cyber threats, such as ransomware attacks and the concerning trend of ransomware as a service, shedding light on the advancement of technology and its impact on cybersecurity.Join us as we explore these critical topics with our expert guest, Kelly Jackson Higgins, and uncover the challenges, advancements, and solutions in the realm of IoT security. Let's get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast
Dark Side of the Library Podcast Episode #134: Dark Adult Fiction Books Released in July 2023 (Disclosure: Some of the links in this post are affiliate links. This means if you click on the link and purchase the item, we will receive an affiliate commission at no extra cost to you) Alchemy of a Blackbird, by Claire McMillan (July 11) https://amzn.to/3CAEg6r The Beast You Are: Stories, by Paul Tremblay (July 11) https://amzn.to/3JjwD8r The Bones of the Story, by Carol Goodman (Jul 11) https://amzn.to/4441WMU Boys in the Valley, by Philip Fracassi (July 11) https://amzn.to/46djx6i Camp Damascus, by Chuck Tingle (Jul 18) https://amzn.to/3qUVKIa The Carnivale of Curiosities, by Amiee Gibbs (July 11) https://amzn.to/3p3qO8k The Centre, by Ayesha Manazir Siddiqi (July 11) https://amzn.to/3mpUrPB Circle of Death, by James Patterson (Jul 3) https://amzn.to/3NDEe4a Cutting Teeth, by Chandler Baker (July 18) https://amzn.to/3Lh1hiX A Good House for Children, by Kate Collins (July 4) https://amzn.to/43kKFPz The Only Purple House in Town, by Anne Aguirre (July 11) https://amzn.to/3MCkEW6 The Possibilities, by Yael Goldstein-Love (Jul 25) https://amzn.to/3XiDrZI The Rain, by Joseph A. Turcott (Jul 18) https://amzn.to/46dREel Silver Nitrate, by Silvia Moreno-Garcia (Jul 18) https://amzn.to/3pp7kLo Sucker, by Daniel Hornsby (Jul 11) https://amzn.to/40PzPhU The St. Ambrose School for Girls, by Jessica Ward (Jul 11) https://amzn.to/3PjW9hy Weaver and the WItch Queen, by Genevieve Gornichec (Jul 25) https://amzn.to/3KUA0UD Wildwood Magic, by Willa Reece (Jul 25) https://amzn.to/3Xj6UT6 Winter Sea:Dark Water Daughter, by H.M. Long (Jul 18) https://amzn.to/3NB8Z9Z The Wonder State: A Novel, by Sara Flannery Murphy (July 18) https://amzn.to/46Oi3zH The Woods are Waiting, by Katherine Greene (Jul 11) https://amzn.to/3XhFJbj Dark Side of the Library Amazon Live Channel: https://www.amazon.com/live/darksideofthelibrary/ Dark Side of the Library Podcast: https://www.darksideofthelibrary.com/
Our guest in this episode is Erika Andresen, a business continuity professional, army veteran, lawyer, and professor of emergency management. After a career working in actual disasters with life and death consequences, Erika saw that business owners needed similar services to survive but did not know where to start. Erika started EaaS Consulting, LLC, with the goal of keeping businesses in business. She authored "How to Not Kill Your Business: Grow Your Business in Any Environment, Navigate Volatility, and Successfully Recover When Things Go Wrong," a conversational introduction to business continuity. She has been quoted in Forbes, Dark Reading, Smartsheet, and MoneyGeek.In our conversation Erika and I explore the importance of business continuity planning. The three key points we covered are:how businesses can thrive amidst disruptions, why investing in business continuity is essential and should be considered an asset, and Erika's innovative approach to enable businesses to stay resilient.Arliss Dudley-Cash, who was our guest on Episode 452 introduced us to Erika.Listen to the podcast to find out more.
In today's episode of The Author's Corner, Robin sits down with Erika Andresen, CBCP, JD, MPA, a veteran, lawyer, small business owner, and of course, the author of, How to Not Kill Your Business: Grow Your Business in Any Environment, Navigate Volatility and Successfully Recover When Things Go Wrong. Robin and Erika discuss the reasons why she made the switch, both in her career - from corporate law to active duty with the military - and also in her writing style - from complex legalese to approachable terminology that better connects with people. Get a peek into her motivations to write her book, including her dream of helping mom-and-pop shops who are not willing or able to spend money on business continuity consulting, and why her book is the solution.Key Takeaways from This Episode:How Erika made the transition from academic to mass market writing.Erica's primary motivation for writing her book.The importance of understanding the target audience and speaking to them in their terms.How the process of writing her book has helped her more fully appreciate the value she brings to others.And much more...Resources Mentioned in this Episode:EaaS Consulting LLCErika's LinkedInAbout Erika Andresen:Erika Andresen, CBCP, JD, MPA, is a recovering lawyer after nearly two decades in both the corporate finance world and the military. Erika became a subject matter expert on national security and disaster preparedness/response while advising different commands and also during high-risk situations in Afghanistan. Her work with actual disasters led her to attain a Master of Public Affairs.Erika left active duty in 2020 and has since started EaaS Consulting, LLC, with the goal of keeping businesses in business. To that end, she authored How to Not Kill Your Business: Grow Your Business in Any Environment, Navigate Volatility, and Successfully Recover When Things Go Wrong, a conversational introduction to business continuity enjoyed by CBCP practitioners and business owners alike. Erika is also a professor of emergency management for the MPA program at the University of Texas at El Paso. She has been quoted in articles for Forbes, Dark Reading, SmartSheet, and MoneyGeek on the issues of business continuity and disaster preparedness.Love the show? Subscribe, rate, review, and share!Here's How » Join The Author's Corner Community today:Website: Robin ColucciLinkedIn: R Colucci, LLCFacebook: Robin ColucciTwitter: @Robin_ColucciRobin Colucci's Book: How to Write a Book That Sells You: Increase Your Credibility, Income, and Impact
In today's episode of The Author's Corner, Robin sits down with Erika Andresen, CBCP, JD, MPA, a veteran, lawyer, small business owner, and of course, the author of, How to Not Kill Your Business: Grow Your Business in Any Environment, Navigate Volatility and Successfully Recover When Things Go Wrong. Robin and Erika discuss the reasons why she made the switch, both in her career - from corporate law to active duty with the military - and also in her writing style - from complex legalese to approachable terminology that better connects with people. Get a peek into her motivations to write her book, including her dream of helping mom-and-pop shops who are not willing or able to spend money on business continuity consulting, and why her book is the solution.Key Takeaways from This Episode:How Erika made the transition from academic to mass market writing.Erica's primary motivation for writing her book.The importance of understanding the target audience and speaking to them in their terms.How the process of writing her book has helped her more fully appreciate the value she brings to others.And much more...Resources Mentioned in this Episode:EaaS Consulting LLCErika's LinkedInAbout Erika Andresen:Erika Andresen, CBCP, JD, MPA, is a recovering lawyer after nearly two decades in both the corporate finance world and the military. Erika became a subject matter expert on national security and disaster preparedness/response while advising different commands and also during high-risk situations in Afghanistan. Her work with actual disasters led her to attain a Master of Public Affairs.Erika left active duty in 2020 and has since started EaaS Consulting, LLC, with the goal of keeping businesses in business. To that end, she authored How to Not Kill Your Business: Grow Your Business in Any Environment, Navigate Volatility, and Successfully Recover When Things Go Wrong, a conversational introduction to business continuity enjoyed by CBCP practitioners and business owners alike. Erika is also a professor of emergency management for the MPA program at the University of Texas at El Paso. She has been quoted in articles for Forbes, Dark Reading, SmartSheet, and MoneyGeek on the issues of business continuity and disaster preparedness.Love the show? Subscribe, rate, review, and share!Here's How » Join The Author's Corner Community today:Website: Robin ColucciLinkedIn: R Colucci, LLCFacebook: Robin ColucciTwitter: @Robin_ColucciRobin Colucci's Book: How to Write a Book That Sells You: Increase Your Credibility, Income, and Impact
Last week in security news: Dealing with Ransomware in the Cloud, Pen Testing AWS, How to prioritize IAM Access Analyzer findings, and more!Links: Last Week in AWS job board AWS had two (minor) Cross-Tenant Vulnerabilities within AWS App Runner. Some company called Invictus has practical experience dealing with ransomware in the cloud Chris Farris has a post on Pen Testing AWS. Dark Reading posits that Security Is a Revenue Booster, Not a Cost Center. An Attacker's Perspective on AWS Account IDs How to prioritize IAM Access Analyzer findings Scale your authorization needs for Secrets Manager using ABAC with IAM Identity Center Netchecks is a way of programmatically verifying your security controls. I love CloudTrail Lake, and this repository of query samples makes it easier for me to use it. IAMbic offers "GitOps for IAM."
*EXPLICIT CONTENT WARNING* NSFW*We've got some more bonus content for you! If you've ever wanted to listen to us awkwardly read weird video game fanfiction then you are in luck! Because that is what we did for our retired patreon back in the day, which is now free for your ears as a part of our bonus episode releases! However If you dont want to hear naughty words come out of our mouths, then we'd probably suggest skipping this one.Episode was orignally released in May 2020.
So...some things happened last week. George K and George A weigh in on the whirlwind with their usual delicacy and diplomacy.Mentioned in the show: Dark Reading article on measuring employee input of sensitive data into ChatGPT George K experimented with a new app using OpenAI's API (say that three times fast), ChatPDF, which allows users to use regular text commands to query the contents of PDFs. A Loom video demonstrating how one user employed ChatPDF to search an MSA. Industry shifts from adtech to climate tech, is this where the next jobs will be?Subscribe wherever you get your podcasts!
The Bacon Podcast with Brian Basilico | CURE Your Sales & Marketing with Ideas That Make It SIZZLE!
Erika Andresen, CBCP, JD, MPA, is a recovering lawyer after nearly two decades of experience in both the corporate finance world and the military. Erika became a subject matter expert on national security and disaster preparedness and response while advising different commands on their authorities and during high-risk situations in Afghanistan. Her work with actual disasters led her to attain a Master of Public Affairs. Erika left active duty in 2020 and has since started EaaS Consulting, LLC, with the goal of keeping businesses in business. To that end, she authored How to Not Kill Your Business: Grow Your Business in Any Environment, Navigate Volatility, and Successfully Recover When Things Go Wrong, a conversational introduction to business continuity enjoyed by CBCP practitioners and business owners alike. Erika is also a professor of emergency management for the MPA program at the University of Texas at El Paso. She has been quoted in articles for Forbes, Dark Reading, and MoneyGeek on the issues of business continuity and disaster preparedness. After a career of working in actual disasters and high-risk situations where things changed every day and the consequences were actual life and death, Erika saw that business owners needed similar services to survive but did not know where to start. If you are a business that wants to stay alive and grow with security, Erika's mission is to get you there! Learn More About Chip - Click Here
In this episode, Jack Naglieri speaks to Kelly Jackson Higgins, Editor-in-Chief at Dark Reading. During the episode, they share their thoughts about how cyber threats have changed over the years. Topics discussed: Kelly offers fascinating insights into how cybersecurity journalism has evolved to keep pace with the ever-changing industry. She offers an example of why choosing to patch systems is not always an easy decision for security teams. Jack and Kelly talk about how perceptions around which organizations are likely targets have changed over the years. Kelly shares some of the crazier threat actor trends she has observed during her career covering cybersecurity. She offers three pieces of valuable advice for security teams.
This week on Privacy Please, we hit on a hot topic surrounding ChatGPT, an AI-based chatbot that has given bad actors with zero coding knowledge easy access to develop malware. Article credit goes to Dark Reading and the author - Jai Vijayan
2B Bolder Podcast : Career Insights for the Next Generation of Women in Business & Tech
In episode #73 of the 2B Bolder Podcast, Micki Boland shares her passion for global cybersecurity. Micki is a fierce warrior and evangelist with Check Point Software Technologies' Office of the CTO. She has over 20 years of experience in IT, cybersecurity, and emerging technology innovation. Micki holds an ISC2 CISSP, a Master of Science in Technology Commercialization from the University of Texas at Austin, MBA with a Global Security Concentration from East Carolina University. Micki also writes cybersecurity articles for Cybertalk.org and has written for Dark Reading, Silicon Angle, and Decipher, along with frequently speaking with the broadcast media and radio shows regarding cybersecurity for and in emerging technology, the global threat landscape, tips and resources for consumers and enterprise organizations, Dark Web, Cyber Warfare, AI (ML) in cybersecurity, cloud security and DevSecOps. Tune in to hear why there has never been a better time for women to enter and excel in cyber security.Connect with Micki Boland on LinkedInLearn about Check Point TechnologiesFree Cyber Security Training Antifragile By Nassim Nicholas Taleb (book referenced in the show)The 2B Bolder Podcast provides first-hand access to some amazing women. Guests will include women from leading enterprise companies to startups, women execs, coders, account execs, engineers, doctors, and innovators.Listen to 2B Bolder for more career insights from women in tech and business.Support the show
The Cybersecurity and Infrastructure Security Agency (CISA) recently (Oct 31, 2022) released fact sheets urging all organizations to implement phishing-resistant multi-factor authentication (MFA). In this episode, George Gerchow, Chief Security Officer and Senior Vice President of IT, Sumo Logic, and I have an in-depth discussion on this very important security subject matter. The scope of coverage ranges from providing an overview of MFA and its benefits to discussing the challenges and hurdles of implementing phishing-resistant MFA, recommended implementation approaches, and the future of MFA.Time Stamps01:53 -- Please share with listeners some highlights of your professional journey.02:51 -- Please provide listeners with an overview of what multifactor authentication is.03:52 -- A recently published article on Dark Reading reports that a massive phishing campaign targeting GitHub users convinced at least one developer at Dropbox to enter in their credentials and the two-factor authentication code, leading to the theft of at least 130 software code repositories. Essentially, the perpetrators exploited the multi-factor authentication fatigue. George, your reactions.06:51 -- You said that many organizations don't even have multifactor authentication. That begs the question, why is that the case? Is there a technology aspect to it, a technological complexity of having multifactor authentication integrated into existing legacy systems? Is there a cost aspect to it, is it very expensive? What does your experience tell you?08:30 -- From personal experience, I haven't felt the fatigue. Even if I had to review several times or take that extra step to authenticate, I would because I am paranoid about ensuring that access is very secure. So I have brought about a change in my own mindset. I'm just curious to know if organizations are striving to bring about a change in the multifactor authentication mindset. What are your thoughts?12:23 -- As humans, it is our natural tendency to assume, Oh, it's not going to happen to me. And if it does, we'll deal with it then. And I know that organizations also often have that mindset, some organizations know they will get bailed out. George, what are your thoughts?22:21 -- Would you like to expand on how organizations go about implementing phishing-resistant MFA? What solutions are available out there?25:09 -- George, I read about this FIDO authentication, the FIDO Alliance, where they have developed this protocol to enable phishing-resistant authentication. Can you expand on that? 26:50 -- During our planning meeting, you made a couple of very poignant statements, one of which is, "leaders should create a culture where employees feel they can slow down for the sake of security." Help tie this to our discussion on multifactor authentication.30:44 -- Going back to this multi-factor authentication fatigue, is there really a fatigue? Or is it being hyped up? What's the real story?35:33 -- George, I'd like to give you the opportunity to share some final words, some key messages for the listeners.Memorable George Gerchow Quotes/Statements"Absolute laziness is really what it comes down to in the beginning; I don't want to disrupt my organization by having them go through this extra step.""Development organizations that are heavy with startups, the developers do not want to take that extra step. Sometimes executives are also unwilling to follow through with that extra authentication step -- Do I really have to do this? I know it's a policy, but can't I get around this? And the answer should be flat-out No, under any...
Cybersixgill Presents an encore episode of George McPherson's Blak Cyber podcast. Subscribe: Apple | Spotify | Google | RSSIn the latest Blak Cyber podcast, George McPherson speaks with Ken Underhill, CEO and Executive Producer of Cyber Life. A recognized and award-winning cybersecurity expert, Ken has been featured in Forbes, Reader's Digest, Medium, Tech Republic, Fox, NBC, Dark Reading, Voyage Houston Magazine, MSN Money, and more. George has known Ken for a few years now and can attest to the positive impact Ken has had on the cybersecurity community.In this episode, Ken discusses his cybersecurity journey, finding purpose and focusing on the positives. Learn about best practices to prepare for cybersecurity certifications and the importance of empowering people with the skill sets they need to close the skills gap.Originally premiered Mar 28, 2020ABOUT THIS EPISODE: The Blak Cyber podcast sits down to talk to Ken Underhill, Ken has been featured in Forbes, Reader's Digest, Medium, Tech Republic, Fox, NBC, Dark Reading, Voyage Houston Magazine, MSN Money, and many more places. In Ken's own words "I sometimes do cybersecurity product and service reviews (cybersecurity influencer marketing). Reach out to me if you need that service. All my reviews will be honest feedback, good or bad." I have personally known Ken for a couple of years, and his impact on the Cybersecurity community can not be measured, he goes above and beyond expectations.
An infectious Robin flying around, a critical OpenSSL vulnerability, access control, AI-based object detection, and more. Square/Block sells access to your inbox, but does the law care? Raspberry Robin worm infecting several endpoints Critical flaw present in OpenSSL 3.0 and above Apple's awkward affair with China is ending Google's giant 3D video chat booth, Project Starline, is being tested at companies Rob Druktenis, Program Manager at Axis Communications, chats about access control technology with streamlined and edge-based solutions Hosts: Louis Maresca, Brian Chee, and Curt Franklin Guest: Rob Druktenis Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: nureva.com/twit canary.tools/twit - use code: TWIT onlogic.com/TWIT
An infectious Robin flying around, a critical OpenSSL vulnerability, access control, AI-based object detection, and more. Square/Block sells access to your inbox, but does the law care? Raspberry Robin worm infecting several endpoints Critical flaw present in OpenSSL 3.0 and above Apple's awkward affair with China is ending Google's giant 3D video chat booth, Project Starline, is being tested at companies Rob Druktenis, Program Manager at Axis Communications, chats about access control technology with streamlined and edge-based solutions Hosts: Louis Maresca, Brian Chee, and Curt Franklin Guest: Rob Druktenis Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: nureva.com/twit canary.tools/twit - use code: TWIT onlogic.com/TWIT
An infectious Robin flying around, a critical OpenSSL vulnerability, access control, AI-based object detection, and more. Square/Block sells access to your inbox, but does the law care? Raspberry Robin worm infecting several endpoints Critical flaw present in OpenSSL 3.0 and above Apple's awkward affair with China is ending Google's giant 3D video chat booth, Project Starline, is being tested at companies Rob Druktenis, Program Manager at Axis Communications, chats about access control technology with streamlined and edge-based solutions Hosts: Louis Maresca, Brian Chee, and Curt Franklin Guest: Rob Druktenis Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: nureva.com/twit canary.tools/twit - use code: TWIT onlogic.com/TWIT
An infectious Robin flying around, a critical OpenSSL vulnerability, access control, AI-based object detection, and more. Square/Block sells access to your inbox, but does the law care? Raspberry Robin worm infecting several endpoints Critical flaw present in OpenSSL 3.0 and above Apple's awkward affair with China is ending Google's giant 3D video chat booth, Project Starline, is being tested at companies Rob Druktenis, Program Manager at Axis Communications, chats about access control technology with streamlined and edge-based solutions Hosts: Louis Maresca, Brian Chee, and Curt Franklin Guest: Rob Druktenis Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: nureva.com/twit canary.tools/twit - use code: TWIT onlogic.com/TWIT
#SecurityConfidential #darkrhinosecurity Ken is the CEO, Executive Producer, and Television Host at Cyber Life. He is the Best-Selling Author of “Hack the Cybersecurity Interview: A complete interview preparation guide for jumpstarting your cybersecurity career”. He has been featured in Forbes, Reader's Digest, Tech Republic, Fox, NBC, Dark Reading, and many more places. 00:00 Introduction 01:07 Kens start 04:45 Making a difference: Bangladesh Story 07:11 Making a difference: Miguel's Story 14:08 Growing up and overcoming challenges 20:10 Avoid playing the victim 23:00 Keeping people interested in Cyber 24:32 Defense in Depth Taco 28:33 Teaching about Cyber 31:30 Tips for a job in Cybersecurity 39:05 Hack the Cybersecurity Interview Book 42:27 Block Party 45:02 Starting jobs in Cybersecurity 51:50 Resources for Companies to feel safer 57:20 News for Ken Kens Book: https://www.amazon.com/gp/product/B09V2S1T35/ref=dbs_a_def_rwt_hsch_vapi_tkin_p1_i0 The CISO Evolution: https://www.wiley.com/en-us/The+CISO+Evolution%3A+Business+Knowledge+for+Cybersecurity+Executives-p-9781119782483 To learn more about Ken visit https://www.linkedin.com/in/kenunderhill/ To learn more about Dark Rhino Security visit https://www.darkrhinosecurity.com SOCIAL MEDIA: Stay connected with us on our social media pages where we'll give you snippets, alerts for new podcasts, and even behind the scenes of our studio! Instagram: https://www.instagram.com/securityconfidential/ Facebook: https://m.facebook.com/Dark-Rhino-Security-Inc-105978998396396/ Twitter: https://twitter.com/darkrhinosec LinkedIn: https://www.linkedin.com/company/dark-rhino-security Youtube: https://www.youtube.com/channel/UCs6R-jX06_TDlFrnv-uyy0w/videos
Black Hat 2022 was held in Las Vegas last week, at the same time as theCUBE's supercloud event. Unlike AWS re:Inforce, where words are carefully chosen to put a positive spin on security, Black Hat exposes all the warts of cybersecurity and openly discusses its hard truths. It's a conference attended by technical experts who proudly share some of the vulnerabilities they've discovered and of course by numerous vendors marketing their products and services. In this Breaking Analysis we summarize what we learned from discussions with several people who attended Black Hat and our analysis from reviewing dozens of keynotes, articles, videos, session talks, Dark Reading interviews and data from a recent Black Hat attendees survey conducted by Black Hat and Informa. We'll also share data from ETR in a recent post discussing how Zscaler became the last line of defense for a manufacturing firm.We'll end with a discussion of what it all means for the challenges around securing the Supercloud.
Black Hat 2022 was held in Las Vegas last week, at the same time as theCUBE's supercloud event. Unlike AWS re:Inforce, where words are carefully chosen to put a positive spin on security, Black Hat exposes all the warts of cybersecurity and openly discusses its hard truths. It's a conference attended by technical experts who proudly share some of the vulnerabilities they've discovered and of course by numerous vendors marketing their products and services. In this Breaking Analysis we summarize what we learned from discussions with several people who attended Black Hat and our analysis from reviewing dozens of keynotes, articles, videos, session talks, Dark Reading interviews and data from a recent Black Hat attendees survey conducted by Black Hat and Informa. We'll also share data from ETR in a recent post discussing how Zscaler became the last line of defense for a manufacturing firm.We'll end with a discussion of what it all means for the challenges around securing the supercloud.
Ken Underhill's CyberLife.Tv is the ONLY Cybersecurity television show out there. This impressive television personality has been featured in Forbes, Reader's Digest, Medium, Tech Republic, Fox, NBC, Dark Reading, Voyage Houston Magazine, MSN Money, and many more places.Ken shares the history behind his television debut, the secret to successful branding, the circle of focus, and plenty of tips and tricks along the way!Ken's background ranges from pediatric nursing to the IT side of the house.. He has a master of science in Cybersecurity and Information Assurance. He holds board seats and advisory roles for several organizations. His TV show streams on over 100 platforms and averages over $2 million viewers per month.__________________________GuestKen UnderhillCEO, Executive Producer, Television Show Host at Cyber LifeOn LinkedIn | https://www.linkedin.com/in/kenunderhill/On YouTube | https://www.youtube.com/c/CyberLifeTVHostsJax ScottOn ITSPmagazine
Ken Underhill's CyberLife.Tv is the ONLY Cybersecurity television show out there. This impressive television personality has been featured in Forbes, Reader's Digest, Medium, Tech Republic, Fox, NBC, Dark Reading, Voyage Houston Magazine, MSN Money, and many more places.Ken shares the history behind his television debut, the secret to successful branding, the circle of focus, and plenty of tips and tricks along the way!Ken's background ranges from pediatric nursing to the IT side of the house.. He has a master of science in Cybersecurity and Information Assurance. He holds board seats and advisory roles for several organizations. His TV show streams on over 100 platforms and averages over $2 million viewers per month.__________________________GuestKen UnderhillCEO, Executive Producer, Television Show Host at Cyber LifeOn LinkedIn | https://www.linkedin.com/in/kenunderhill/On YouTube | https://www.youtube.com/c/CyberLifeTVHostsJax ScottOn ITSPmagazine
Chris Wysopal is Co-Founder and Chief Technology Officer at Veracode, which pioneered the concept of using automated static binary analysis to discover vulnerabilities in software. In the 1990's, Chris was one of the original vulnerability researchers at The L0pht, a hacker think tank, where he was one of the first to publicize the risks of insecure software. Chris started his career as software engineer that first built commercial software and then migrated to the specialty of testing software for vulnerabilities. He has led highly productive and innovative software development teams and has performed product strategy and product management roles. Chris is a much sought-after expert on cybersecurity. He has been interviewed for most major technology and business publications, including New York Times, The Washington Post, WSJ, Forbes, Fortune, AP, Reuters, Newsweek, Dark Reading, MIT Tech Review, Wired, and many networks, including BBC, CNN, ABC, CBS, CNBC, PBS, Bloomberg, Fox News, and NPR. He has keynoted cybersecurity and technical conferences on 4 continents.Link: Chris Wysopal LinkedInLink: Cult of the Dead Cow by Joseph Menn
Dark Reading magazine recently published a series of articles on DNS, shining a light on one of the most overlooked areas of cybersecurity despite the role of DNS at the foundation of modern communications. We've invited Krupa Srivatsan, a Director in the Infoblox security products team, to share her favorite highlights from this 17 page, in depth review by Dark Reading into the potential security benefits to be found in DNS and other core network services. Tune in to the live broadcast on LinkedIn and Facebook every first and third Tuesday of the month at 11:00 am (PST). Subscribe to the ThreatTalk podcast on Apple Podcasts, Spotify, SoundCloud, or Stitcher.
Countries that rely on Ukraine and Russia for key food goods could be left in the cold. A report by investment bank Citigroup suggests that achieving gender parity in business could boost GDP by as much as 2 trillion dollars. Reddit short squeeze favourite Ryan Cohen emerges as a new major shareholder for Bed, Bath & Beyond (BBB). www.sharesies.com For more share market news, subscribe to Lunch Money, Sharesies' bite-sized email update: https://www.sharesies.nz/lunch-money If you'd like to get in touch, for any reason at all, email recap@sharesies.co.nz or record a voice message: https://anchor.fm/sharesies2/message. Investing involves risk. You aren't guaranteed to make money, and you might lose the money you start with. We don't provide personalised advice or recommendations. Any information we provide is general only and current at the time. For specific advice, speak to a licensed financial advice provider
Daniel Barber is the Co-founder and CEO of DataGrail. DataGrail helps people gain control of their privacy and identity. They've developed a privacy platform that modern brands rely on to build customer trust and transparency. Daniel is a Contributing Writer for the Forbes Technology Council. His insights have been distributed in security and privacy publications such as IAPP, CPO Magazine, Consumer Affairs, CIO Dive, and Dark Reading. Additionally, he is the CEO of GTM Orchestration and is on the Advisory Board for SignOnSite, Outreach.io, and Chorus.io. In this episode… According to a recent survey by DataGrail, 83% of Americans want control over their information. How can businesses deliver that transparency? It's not easy. Most businesses only provide information that's in two or three systems that they own, like Zoom, Slack, or Salesforce. But the truth is, there are hundreds of systems processing consumer information. How can they locate where each consumers' information is stored? In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels sit down with Daniel Barber, Co-founder and CEO of DataGrail, to discuss how DataGrail's software can build transparency by giving consumers control of their data. Daniel talks about the importance of knowing where data is stored, how to build trust through transparency, and the evolving landscape of privacy laws.
This week, Corey Nachreiner, Chief Security Officer at WatchGuard, joins The Holtz Story to discuss data's role in ransomware. Corey is an authority on network security and an internationally quoted commentator. He is a regular contributor to leading publications including CNET, Dark Reading, eWeek, Help Net Security, Information Week, and Infosecurity, and delivers WatchGuard's "Daily Security Byte" video on Facebook.This episode opens with a discussion of ransomware and how it has evolved over time. Corey calls the early years of ransomware the shotgun period, where everyone was targeted and ransoms were small. Now, cybercriminals are taking more time to select their targets and are seeking bigger paydays. The conversation then shifts to budgets and strategic approaches of SMBs. Corey points out that we can achieve a lot in cybersecurity by implementing best practices with traditional tools, as well as the need to focus not only on blocking attacks but on the detection and remediation of threats. Tracy brings the conversation back to a broader security framework and Zero Trust. Corey points out Zero Trust is an evolution of the least privilege principle which has been around for a long time. It starts with identity, making sure we can validate the person is who they say they are, and then only letting the user do what they are permitted to do. This podcast ends with a discussion about why SMBs need MSSPs, and how MSPs are adapting to this need. Corey shares how we went from VARs to MSPs to MSSPs, and how blurred the role of the MSP has become in cybersecurity. This also includes a brief discussion on how M&A is shaping some of this change. We hope you enjoy the show. If you do, please share it with colleagues and remember to subscribe using your favorite podcast platform (I.e., iTunes, Stitcher, Spotify, Google Play, etc.).
Spoken word featured : Afraid of the Dark Reading from goodtherapy.org- Shadow work: Transforming emotional suffering into freedom --- Support this podcast: https://anchor.fm/empressbocanegra/support