Podcasts about isc2

This week, we are joined by Tara Wisniewski, EVP for Advocacy, Global Markets and Member Engagement at ISC2 discussing their work on "Navigating Global Transitions: Cybersecurity's Role Amid Political Change?" Ben and Dave both tackle the questionable and potentially illegal use of Signal by high level Trump officials after a text message got sent to the wrong person. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: The Trump Administration Accidentally Texted Me Its War Plans Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our Caveat Briefing, a weekly newsletter available exclusively to N2K Pro members on N2K CyberWire's website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's Caveat Briefing covers the story of European lawmakers urging the Commission to accelerate efforts on a "Chips Act 2.0" to boost AI chip investments and address technological gaps. In a letter signed by 54 lawmakers, they criticized the slow progress of the original 2023 Chips Act and warned that Europe must strengthen its semiconductor industry to remain competitive amid growing geopolitical tensions. Curious about the details? Head over to the Caveat Briefing for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to caveat@thecyberwire.com. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

Send Bidemi a Text Message!In this episode, host Bidemi Ologunde spoke with May Brooks-Kempler, a cybersecurity educator, entrepreneur, and consultant. In this episode, May shares her insights into what cybersecurity is and isn't, how to build a successful cybersecurity career, the mindset and skills necessary to thrive within cybersecurity, what led her to build an online cybersecurity community of over 27,000 members, and lots more. May is an Amazon bestselling author, a TEDx speaker, and mentor to hundreds.Support the show

The DOGE team faces growing backlash. The Five Eyes release guidance on protecting edge devices. A critical macOS kernel vulnerability allows privilege escalation, memory corruption, and kernel code execution. Google and Mozilla release security updates for Chrome and Firefox. Multiple Veeam backup products are vulnerable to man-in-the-middle attacks. Zyxel suggests you replace those outdated routers. A former Google engineer faces multiple charges for alleged corporate espionage. CISA issues nine new advisories for ICS vulnerabilities. A house Republican introduces a cybersecurity workforce scholarship bill. On our CertByte segment, a look at ISC2's CISSP exam. Google updates its stance on AI weapons.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CertByte Segment Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare. This week, Chris is joined by Steven Burnley to break down a question targeting ISC2®'s CISSP - Certified Information Systems Security Professional) exam. Today's question comes from N2K's ISC2® CISSP - Certified Information Systems Security Professional Practice Test. Have a question that you'd like to see covered? Email us at certbyte@n2k.com. If you're studying for a certification exam, check out N2K's full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers. Selected Reading Federal Workers Sue to Disconnect DOGE Server (WIRED) Treasury says DOGE review has ‘read-only' access to federal payments system (The Record) ‘Things Are Going to Get Intense:' How a Musk Ally Plans to Push AI on the Government (404 Media) Cybersecurity, government experts are aghast at security failures in DOGE takeover (CyberScoop) Five Eyes Launch Guidance to Improve Edge Device Security (Infosecurity Magazine) Apple's MacOS Kernel Vulnerability Let Attackers Escalate Privileges - PoC Released (Cyber Security News)  Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities (SecurityWeek) Critical Veeam Vulnerability (CVE-2025-23114) Exposes Backup Servers to Remote Code Execution (SOCRadar) Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers (TechCrunch) US cranks up espionage charges against ex-Googler accused of trade secrets heist (The Register) CISA Releases Nine Advisories Detailing vulnerabilities and Exploits Surrounding ICS (Cyber Security News) CISA hires former DHS CIO into top cyber position (Federal News Network) Proposal for federal cyber scholarship, with service requirement, returns in House (The Record) Google drops pledge not to use AI for weapons or surveillance (Washington Post) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The latest cyber moves from the Trump White House. Pompompurin faces resentencing. An attack on a government IT contractor impacts Medicaid, child support, and food assistance programs. Helldown ransomware targets unpatched Zyxel firewalls. Murdoc is a new Mirai botnet variant. Cloudflare maps the DDoS landscape. North Korea's Lazarus group uses fake job interviews to deploy malware. Hackers are abusing Google ads to spread AmosStealer malware. Pwn2Own Automotive awards over $382,000 on its first day. In our CertByte segment, Chris Hare and Steven Burnley take on a question from N2K's Agile Certified Practitioner (PMI-ACP)® Practice Test. NYC Restaurant week tries to keep bots off the menu.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CertByte Segment Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K, we share practice questions from N2K's suite of industry-leading certification resources, and a study tip to help you achieve the professional certifications you need to fast-track your career growth in IT, cyber security, or project management. In each segment, Chris is joined by an N2K Content Developer to help illustrate the learning. This week, Chris is joined by Steven Burnley to break down a question targeting the CC - Certified in Cyber Security certification by ISC2®. Today's question comes from N2K's Agile Certified Practitioner (PMI-ACP)® Practice Test. Have a question that you'd like to see covered? Email us at certbyte@n2k.com. If you're studying for a certification exam, check out N2K's full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. To get the full news to knowledge experience, learn more about our N2K Pro subscription at https://thecyberwire.com/pro.  Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers. Additional sources:  https://www.pmi.org/certifications/agile-acp  https://www.pmi.org/-/media/pmi/documents/public/pdf/certifications/agile-certified-exam-outline.pdf  Selected Reading Trump Fires DHS Board Probing Salt Typhoon Hacks (Dark Reading) TSA chief behind cyber directives for aviation, pipelines and rail ousted by Trump team (The Record) Trump pardons Silk Road dark web market creator Ross Ulbricht (BBC) BreachForums Admin Conor Fitzpatrick (Pompompurin) to Be Resentenced (Hackread) Government IT contractor Conduent says 'third-party compromise' caused outages (The Record) Helldown Ransomware Exploiting Zyxel Devices Using Zero-Day Vulnerability (Cyber Security News) New Mirai botnet variant Murdoc Botnet targets AVTECH IP cameras and Huawei HG532 routers (Security Affairs) Record-Breaking DDoS Attack Reached 5.6 Tbps (SecurityWeek) InvisibleFerret Malware Attacking Windows Users Through Fake Job Interview Tactics (Cyber Security News) Fake Homebrew Google ads target Mac users with malware (Bleeping Computer) Over $380,000 Paid Out on First Day of Pwn2Own Automotive 2025 (SecurityWeek) Security Alert: Bots Target NYC Restaurant Week (DataDome) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

New details emerge about Chinese hackers breaching the US Treasury Department. The Supreme Court considers the TikTok ban. Chinese hackers exploit a zero-day flaw in Ivanti Connect Secure VPN. A new credit card skimmer malware targets WordPress checkout pages. The Banshee macOS info-stealer has been updated. A California health services organization reports a data breach. A Florida firm pays a $337,750 HIPAA settlement following a 2018 breach. Samsung patches Android devices. A Proton Mail outage hits users worldwide. A popular e-card site recovers from malware. CertByte segment host Chris Hare interviews our guest Casey Marks, ISC2's Chief Qualifications Officer, about the future of certifications. That's a feature, not a hack.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest CertByte segment host Chris Hare interviews our guest Casey Marks, ISC2's Chief Qualifications Officer, about certifications and where they could be heading. You can check out their 2024 ISC2 Cybersecurity Workforce study here.  Selected Reading Chinese hackers breached US government office that assesses foreign investments for national security risks (CNN) Supreme Court considers whether to allow TikTok ban to take effect (NBC News)  Ivanti VPN zero-day exploited by Chinese hackers (SC Media) New Skimmer Malware Hijacking WordPress Websites to Steal Credit Cards (Cyber Security News) Banshee macOS Malware Expands Targeting (SecurityWeek) BayMark Health Services Reports Data Breach, Exposing Patient Information (The Cyber Express) Florida Firm Fined $337K by Feds for Data Deleted in Hack (BankInfo Security) Samsung Patches Multiple Vulnerabilities That Let Attackers Execute Arbitrary Code (Cyber Security News) Proton Mail still down as Proton recovers from worldwide outage (Bleeping Computer) GroupGreeting e-card site attacked in “zqxq” campaign (Malwarebytes) Microsoft DRM Hacking Raises Questions on Vulnerability Disclosures (SecurityWeek) Facebook awards researcher $100,000 for finding bug that granted internal access (RocketNews) Developers sent into security panic by 'useful feature' (The Register) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Researchers ID a new Mirai-based botnet. Android devices get their first round of updates for the new year. Criminals exploit legitimate Apple and Google services in sophisticated voice phishing attacks. Japan attributes over 200 cyberattacks to the Chinese hacking group MirrorFace. A PayPal phishing scam exploits legitimate platform functionality. SonicWall addresses critical vulnerabilities in its SonicOS software. CISA warns of active exploitation of vulnerabilities in Mitel MiCollab. A new government backed labelling program hopes to help consumers choose more secure devices. On today's CertByte segment, Chris Hare and Steven Burnley unpack a question from N2K's ISC2® Certified in Cyber Security (CC) Practice Test. Streaming license plate readers - no password required. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CertByte Segment Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K. In each segment, Chris is joined by an N2K Content Developer to help illustrate the learning. This week, Chris is joined by Steven Burnley to break down a question targeting the CC - Certified in Cyber Security certification by ISC2®. Today's question comes from N2K's ISC2® Certified in Cyber Security (CC) Practice Test. The CC(SM) - Certified in Cyber Security is an entry-level, ANAB accredited exam geared towards anyone who wants to prove their foundational skills, knowledge, and abilities. To learn more about this and other related topics under this objective, please refer to the following resource: ISC2 (n.d.). https://www.isc2.org/landing/cc-etextbook   Have a question that you'd like to see covered? Email us at certbyte@n2k.com. If you're studying for a certification exam, check out N2K's full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. To get the full news to knowledge experience, learn more about our N2K Pro subscription at https://thecyberwire.com/pro.  Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers. Additional source: https://www.isc2.org/certifications/cc  Selected Reading New Mirai Botnet Exploits Zero-Days in Routers and Smart Devices (Infosecurity Magazine) First Android Update of 2025 Patches Critical Code Execution Vulnerabilities (SecurityWeek) A Day in the Life of a Prolific Voice Phishing Crew (Krebs on Security) Japan links Chinese hacker MirrorFace to dozens of cyberattacks targeting security and tech data (AP News) Casio says hackers stole personal data of 8,500 people during October ransomware attack (TechCrunch) New PayPal Phishing Scam Exploits MS365 Tools and Genuine-Looking Emails (Hackread) Multiple Sonicwall VPN Vulnerabilities Let Attackers Bypass Authentication (Cyber Security News) CISA Warns of Mitel MiCollab Vulnerabilities Exploited in Attacks (SecurityWeek) New Labels Will Help People Pick Devices Less at Risk of Hacking (SecurityWeek) Researcher Turns Insecure License Plate Cameras Into Open Source Surveillance Tool (404 Media) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Europol dismantles the Manson cybercrime market. Operation Destabilise stops two major Russian-speaking money laundering networks. New details emerge on China's attacks on U.S. telecoms. Black Lotus Labs uncovers a covert campaign by the Russian-based threat actor “Secret Blizzard”. Cisco issues patches for a high impact bootloader vulnerability. Trend Micro researchers uncovered Earth Minotaur targeting Tibetan and Uyghur communities. Payroll Pirates target HR payroll systems to redirect employee funds .Pegasus spyware may be more prevalent than previously believed. Our guest today is Jon France, CISO at ISC2, with insights from the ISC2 2024 Workforce Study. How businesses can lose customers one tip at a time.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest today is Jon France, CISO at ISC2, sharing the ISC2 2024 Workforce Study. You can read the press release about the report here and dig into the details of the report itself here.  Selected Reading 50 Servers Linked to Cybercrime Marketplace and Phishing Sites Seized by Law Enforcement (SecurityWeek) UK's NCA Disrupts Multibillion-Dollar Russian Money Launderers (Infosecurity Magazine) The White House reveals at least 8 U.S. telecom firms impacted by China's Salt Typhoon cyberattack (Fast Company) Senators implore Department of Defense to expand the use of Matrix (Element) Snowblind: The Invisible Hand of Secret Blizzard (Lumen) Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage (Microsoft Security) Russian Hackers Exploit Rival Attackers' Infrastructure for Espionage (Infosecurity Magazine) Bootloader Vulnerability Impacts Over 100 Cisco Switches (SecurityWeek) MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur's Multi-Platform Attacks (Trend Micro) Hunting Payroll Pirates: Silent Push Tracks HR Redirect Phishing Scam (Silent Push) iVerify Mobile Threat Investigation Uncovers New Pegasus Samples (iVerify) How a Russian man's harrowing tale shows the physical dangers of spyware (CyberScoop) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Hoy tenemos el lujo y la oportunidad de conversar con Lorenzo Martínez, uno de los más prestigiosos expertos en seguridad informática y a quién múltiples empresas e instituciones solicitan su intervención cuando sufren ataques por parte de grupos de cibercriminales. Es conocido por haber llevado a cabo algunas de las más relevantes negociaciones con todo tipo de atacantes. Es Ingeniero en Informática licenciado por la Universidad de Deusto. Especializado en seguridad informática, cuenta con certificaciones de seguridad como CISSP de ISC2 y CISA de ISACA. Dispone de una amplia experiencia en seguridad informática. Actualmente dirige su propia compañía, Securízame, especializada en seguridad de sistemas y redes de comunicaciones. Lorenzo es co-fundador y editor del blog de seguridad en español Security By Default.Conviértete en un seguidor de este podcast: https://www.spreaker.com/podcast/el-podcast-de-marc-vidal--5231699/support.

We sell out the show to benefactor Walter Speelman. Walter brings us a review of his attendance of ISC2's Security Congress convention, and also a lot of much-deserved compliments. The WannaPractice app: www.wannapractice.com Use the code “WP50POFF” at registration for 50% off the regular price.The WannaBeA training material: wannabeacissp.comMany thanks to co-host Matt Snoddy! Go buy consulting services from him: http://www.networktherapists.com/You can now sponsor The Sensuous Sounds Of INFOSEC! Buy us a gallon of gas here: https://www.buymeacoffee.com/securityzedVisit our friend and co-host Raphty here: safing.io

In this special edition of Solution Spotlight, join us for an exclusive conversation between ISC2's Executive Vice President of Corporate Affairs, Andy Woolnough, and N2K's Simone Petrella. Together, they take a deep dive into ISC2's 2024 Cybersecurity Workforce Study, offering a first look at the most pressing findings. Discover insights from a survey of 15,852 cybersecurity professionals and decision-makers across the globe, including the size of the current workforce, the demand for more professionals, and alarming trends around layoffs, budget cuts, and skills shortages. Andy and Simone also explore the growing disconnect between the skills in high demand by hiring managers and those that cybersecurity pros are prioritizing. Learn why organizations must take immediate action to foster talent and bridge these skills gaps to meet the industry's evolving needs. Plus, today marks the start of the ISC2 Security Congress 2024! Whether attending in person or virtually, this event is packed with opportunities to engage with industry experts and further your knowledge in cybersecurity. Tune in for actionable insights and exclusive details on the state of the cybersecurity workforce and how your organization can stay ahead. For more information on ISC2 Security Congress 2024, visit the event page here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Hackers target Russia's court information system. Patch Tuesday rundown. GoldenJackal targets government and diplomatic entities in Europe, the Middle East, and South Asia.Cybercriminals are exploiting Florida's disaster relief efforts. Australia introduced its first standalone cybersecurity law. CISA and the FBI issue guidance against Iranian threat actors. Mamba 2FA targets Microsoft 365 accounts. Casio reports a data breach. On our Solution Spotlight, Simone Petrella speaks with Andy Woolnough from ISC2's about their 2024 Cybersecurity Workforce Study.  Keeping the AI slop off Wikipedia.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Solution Spotlight today, our guest is Andy Woolnough, ISC2's Executive Vice President Corporate Affairs Executive Vice President Corporate Affairs. Andy shares a first look at ISC2's 2024 Cybersecurity Workforce Study with N2K's Simone Petrella. You can catch Simone and Andy's full conversation on Monday, October 14th in our CyberWire Daily feed. That is also the day the ISC2 Security Congress 2024 kicks off. You can find out more about the event that has a virtual option here.   Selected Reading For a second day, Ukrainian hackers hit Russian institutions (Washington Post) Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (Bleeping Computer) GoldenJackal APT Group Breached Air-Gapped European Government Systems (The Cyber Express) Scammers Hit Florida Hurricane Victims with Fake FEMA Claims, Malware Files (Hackread) Australia Introduces First Standalone Cybersecurity Law (Infosecurity Magazine) CISA Issues Guidance to Counter Iran's Election Interference (BankInfo Security) New Mamba 2FA bypass service targets Microsoft 365 accounts (Bleeping Computer) Casio says recent cyberattack 'caused system failure' (The Record) The Editors Protecting Wikipedia from AI Hoaxes (404 Media) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

In our previous blog, we compiled some basic domain-wise ISC2 CC Exam Practice Questions with Answers, which helped many aspiring cybersecurity professionals get a foothold on their preparation journey. As you advance in your studies and aim to master the details of the ISC2 Certified in Cybersecurity (CC) exam, it is essential to delve into more complex and challenging questions that reflect the depth and breadth of knowledge required for certification. The ISC2 CC exam is designed to validate your understanding of core cybersecurity concepts, best practices, and practical applications in real-world scenarios. To succeed, candidates must not only understand theoretical knowledge but also demonstrate the ability to apply this knowledge in various situations. In this blog, we have listed the top 20 ISC2 CC exam practice questions with detailed answers and explanations. View More: Commonly Asked ISC2 CC Exam Questions with Answers Part-2

Are cybersecurity conferences just another industry event, or are they the driving force behind the next big leap in the field? When you think about the future of cybersecurity, do you consider the role of gatherings like Black Hat USA and DEF CON?In this episode of the Cyber Consulting Room podcast, host Gordon Draper explores the recent Black Hat USA and DEF CON conferences. He is joined by Edward Farrell, an offensive security expert and owner of Mercury Information Security Services, and Shanna Daly, an incident response specialist with Khrushchev. Edward discusses his career in vulnerability hunting and the importance of mentorship, while Shanna shares her experiences as a speaker coach and Call for Papers review board member. They reflect on conference highlights, emerging cybersecurity trends, and the value of community engagement and networking in the ever-evolving field of cybersecurity.In This Episode:(01:07) Guests introduction(01:34) Mentorship in cybersecurity(19:23) Themes from the conferences(19:36) Black Hat research focus(20:28) Vendor tools at Black Hat(24:11) AI in cybersecurity discussions(27:08) Threat intelligence insights(31:56) Conference attendance strategy(39:39) Managing health at conferences(40:34) Post-conference recovery(41:21) Sensory overload in Vegas(43:14) Defcon badge discussion(46:38) Volunteering at Defcon(49:39) Future of cybersecurity innovation(51:35) Consolidation in cybersecurity practices(53:02) Human element in cybersecurityNotable Quotes[00:02:14] "The reward for me wasn't necessarily gaining knowledge or imparting it as I have done in previous years, but mentoring a brand new speaker at B-Sides and supporting my own team who attended DEF CON." — Edward Farrell[00:09:52] "You don't need to prove anything to anyone at this point. The fact that you got selected is already a really, really, really awesome thing. Now you just tell your story." — Shanna DalyOur GuestsShanna Daly, with 20+ years in information security, excels in data breach investigations and leading expert consulting teams.Edward Farrell, a cyber security consultant with 14 years of experience, leads Mercury and has managed over 900 audits and incident responses. With IRAP accreditation and board roles at ISC2 and CREST, he excels in technical, operational, and strategic consulting. Edward also presents globally and develops training materials for the Australian Defence Force.Resources and LinksCyber Consulting RoomCyber Consulting RoomGordon Draperhttps://cybermarket.com/https://www.linkedin.com/in/gordondraper/Shanna Daly https://www.linkedin.com/in/shannadaly/https://mercuryiss.com.au/Edward Farrellhttps://www.linkedin.com/in/31337au/?originalSubdomain=auhttps://mercuryiss.com.au/ For more episodes like this visit https://cyberconsultingroom.com You can find more information about Cyber Consulting Room Podcast Host at https://www.linkedin.com/in/gordondraper/

The UK designates data centers as Critical National Infrastructure. Cisco releases patches for multiple vulnerabilities in its IOS XR network operating system. BYOD is a growing security risk. A Pennsylvania healthcare network has agreed to a $65 million settlement stemming from a 2023 data breach.Google Cloud introduces air-gapped backup vaults. TrickMo is a newly discovered Android banking malware. GitLab has released a critical security update. A $20 domain purchase highlights concerns over WHOIS trust and security. Our guest is Jon France, CISO at ISC2, with insights on Communicating Cyber Risk of New Technology to the Board. And, could Pikachu be a double-agent for Western intelligence agencies? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Jon France, CISO at ISC2, sharing his take on "All on "Board" for AI – Communicating Cyber Risk of New Technology to the Board." This is a session Jon presented at Black Hat USA 2024. You can check out his session's abstract. Also, N2K CyberWire is a partner of ISC2's Security Congress 2024. Learn more about the in-person and virtual event here.  Selected Reading UK Recognizes Data Centers as Critical National Infrastructure (Infosecurity Magazine) Cisco Patches High-Severity Vulnerabilities in Network Operating System (SecurityWeek) BYOD Policies Fueling Security Risks (Security Boulevard) Healthcare Provider to Pay $65M Settlement Following Ransomware Attack (SecurityWeek) Google Unveils Air-gapped Backup Vaults to Protect Data from Ransomware Attacks (Cyber Security News) New Android Banking Malware TrickMo Attacking Users To Steal Login Credentials (Cyber Security News) GitLab Releases Critical Security Update, Urges Users to Patch Immediately (Cyber Security News) Rogue WHOIS server gives researcher superpowers no one should ever have (Ars Technica) Pokémon GO was an intelligence tool, claims Belarus military official (The Register)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential security leaders in the industry. Learn more about our network sponsorship opportunities and build your brand where industry leaders get their daily news. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The White House has made government cybersecurity hiring a priority, releasing a strategy in 2023 to address gaps. Agencies and their partners have stressed the need to build foundational cyber skills in Americans long-term. ISC2 is a professional association for cybersecurity pros, with more than 650,000 members. ISC2 Executive Vice President of Advocacy, Global Markets and Member Engagement Tara Wisniewski spoke about skills-based hiring in cybersecurity, how the regulatory process affects the workforce and how agencies can hire cyber pros easier.

Amy Bogac is the Chief Information Security Officer at Elevate Textiles. As a seasoned security leader, she has over 20 years of experience in information security, IT governance, and compliance. She holds an MBA from Lake Forest Graduate School of Management and a CISSP certification from ISC2. Previously, Amy was the CISO for The Clorox Company during a significant cyber incident. In this episode… The concept of disaster recovery has evolved significantly in recent years, urging companies to evaluate their security capabilities and infrastructure to plan for cyber events and specific scenarios. While publicly traded companies have some measures in place to restore data and minimize disruptions, privately held companies may not be as prepared. And, as new SEC cyber disclosure rules target third-party risk management, this places pressure on privately held companies to disclose breaches. How can companies maintain strong data resilience and incident response planning? With cyber events becoming increasingly disastrous, having a business disaster recovery plan that can recover data and resume operations is more critical than ever. Yet, sometimes the affected data isn't always trustworthy, especially if the breach occurred among third-party vendors. In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels chat with Amy Bogac, the CISO at Elevate Textiles, about the critical need for businesses to revisit their disaster recovery plans and integrate data resilience strategies. Amy stresses going back to the basics by regularly reviewing and updating DR plans and ensuring that all business processes are documented and tested. She also explains the magnitude of risks companies face today, highlighting the need for stakeholder and company-wide involvement in training and incident response planning.

Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by May Brooks-Kempler. May is a cybersecurity expert who has transformed her early curiosity, hacking 90's computer games, into a distinguished cybersecurity career. As a board member of ISC2, an educator, a CISO and the founder of the Think Safe Cyber community, she is dedicated to making the online world a safer place for everyone. [July 15, 2024]   00:00 - Intro 00:19 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                03:17 - May Brooks-Kempler Intro 03:55 - Twist of Fate 05:10 - A Moment of Silence 05:51 - Blame Grandma 08:15 - An Unclear Path 11:34 - It Takes a Village 13:40 - Considering the Other Side 16:10 - Start with "Why" 20:41 - "It's Never Personal -          CyberWise Parenting Course -          Listeners get 20% off with the coupon SOCIAL -          TEDx – Think Cyber 27:47 - Lifelong Learning 30:50 - Going Public 32:57 - Find May Brooks-Kempler online -          LinkedIn: in/may-brooks-kempler -          Instagram: @cybermaynia 33:46 - Mentors -          Avi Weissman -          Oren Bratt -          Itzik Kochav 35:54 - Book Recommendations -          Human Hacking - Christopher Hadnagy -          Countdown to Zero Day - Kim Zetter -          Do You Talk Funny? - David Nihill -          Start with Why - Simon Sinek 37:17 - Wrap Up & Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org

In a digital world where security breaches and cyber threats loom large, the role of cybersecurity professionals is more crucial than ever. In this gripping podcast episode, we delve into the unique perspective of Otis Osborn, an Air Force veteran turned cybersecurity pro. Through his stories and experiences, listeners gain insights into the intersection of military service and the cybersecurity domain. - The parallels between military service and cybersecurity, including discipline, adaptability, and resilience. - The importance of proactive defense strategies in mitigating cyber threats. - The role of mentorship in nurturing the next generation of cybersecurity professionals. - The need for continuous learning and adaptation in the face of evolving cyber threats. Conclusion: Otis Osborn's journey from Air Force veteran to cybersecurity exemplifies the intersection of military service and technological expertise. Through his riveting anecdotes and insightful commentary, listeners gain a deeper appreciation for the vital role played by veterans in securing cyberspace and protecting critical infrastructure. This podcast serves as a tribute to all those who have served their country, both on the battlefield and in the digital realm

Apple warns targeted users of mercenary spyware attacks. CISA expands its Malware Next-Gen service to the private sector. US Cyber Command chronicles their “hunt forward” operations. Taxi fleets leak customer data. Trend Micro tracks DeuterBear malware. The BatBadBut vulnerability enables command injection on Windows. Cybercriminals manipulate GitHub's search functionality. Scully Spider may be utilizing AI generated Powershells scripts. A study from ISC2 shed's light on salary disparities. On our Threat Vector segment, host David Moulton, Director of Thought Leadership at Unit 42, welcomes Donnie Hasseltine, VP of Security at Second Front Systems and a former Recon Marine, as they delve into the indispensable role of a military mindset in cybersecurity. Guest Dr. Sasha Vanterpool, Cyber Workforce Consultant with N2K, introducing the new podcast series Cyber Talent Insights. And AI music sings the license.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guests On our Threat Vector segment, host David Moulton, Director of Thought Leadership at Unit 42, welcomes Donnie Hasseltine, VP of Security at Second Front Systems and a former Recon Marine, as they delve into the indispensable role of a military mindset in cybersecurity. You can listen to the full conversation here.  Guest Dr. Sasha Vanterpool, Cyber Workforce Consultant with N2K, introducing the new podcast series Cyber Talent Insights that is launching on Friday, April 12, 2024. You can read more about Cyber Talent Insights here. Selected Reading iPhone users in 92 countries received a spyware attack warning from Apple (Engadget) CISA to expand automated malware analysis system beyond government agencies (The Record) US Cyber Force Assisted Foreign Governments 22 Times in 2023 (SecurityWeek) Taxi software vendor exposes personal details of nearly 300K (The Register) Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbear (Trend Micro) BatBadBut: You can't securely execute commands on Windows (Flatt) New Technique to Trick Developers Detected in an Open Source Supply Chain Attack (Checkmarx) Malicious PowerShell script pushing malware looks AI-written (Bleeping Computer) Women make less than men in US cyber jobs — but the gap is narrowing (CyberScoop) Permission is hereby granted (Suno)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Facebook's Secret Mission to Unmask Snapchat. The White House wants AI audits. Hackers exploit the open-source Ray AI framework. Finnish Police ID those responsible for the 2021 parliament breach. Operation FlightNight targets Indian government and energy sectors. Chinese APT groups target ASEAN entities. A notorious robocaller is rung up for nearly ten million dollars. In our latest Learning Layer, join Sam Meisenberg as he unpacks the intricacies of the CISSP diagnostic with Joe Carrigan from Johns Hopkins University. And Ann Johnson from Microsoft's Afternoon Cyber Tea visits the world of Smashing Security with Graham Cluley and Carole Theriault . And the UK's watchers need watching. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guests Join us for part three as this Learning Layer special series continues. Learning Layer host Sam Meisenberg talks with Joe Carrigan from Johns Hopkins University Information Security Institute, and co-host of Hacking Humans podcast. In this segment, they continue to discuss the results of Joe's CISSP diagnostic and dive deep into one of the assessment questions. Learn more about ISC2's Certified Information Systems Security Professional (CISSP) certification, and explore our online certification courses, practice tests, and labs that ensure that you're ready for exam day. Microsoft Security's Ann Johnson, host of the Afternoon Cyber Tea podcast, goes inside the Smashing Security podcast with Graham Cluley and Carole Theriault.  Selected Reading Facebook snooped on users' Snapchat traffic in secret project, documents reveal (TechCrunch) NTIA Pushes for Independent Audits of AI Systems (GovInfo Security) Thousands of companies using Ray framework exposed to cyberattacks, researchers say (The Record) Finland confirms APT31 hackers behind 2021 parliament breach (BleepingComputer) Operation FlightNight: Indian Government Entities and Energy Sector Targeted by Cyber Espionage Campaign (EclecticIQ) Chinese Hackers Target ASEAN Entities in Espionage Campaign (Infosecurity Magazine) Federal Court Enters $9.9M Penalty and Injunction Against Man Found to Have Caused Thousands of Unlawful Spoofed Robocalls (US Department of Justice) UK counter-eavesdropping agency gets slap on the wrist for eavesdropping (The Record)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

ODNI's Annual Threat Assessment highlights the usual suspects. The White House meets with UnitedHealth Group's CEO. A convicted LockBit operator gets four years in prison. The Clop ransomware group leaks data from major universities. Equilend discloses a data breach. Fortinet announces critical and high-severity vulnerabilities. GhostRace exploits speculative race conditions in popular CPUs. Incognito Market pulls the rug and extorts its users. Patch Tuesday notes. On the Learning Layer, Sam Meisenberg talks with Joe Carrigan from Johns Hopkins University Information Security Institute, and co-host of Hacking Humans podcast. They explore Joe's journey on the road to taking his CISSP test. And, I do not authorize Facebook, Meta or any of its subsidiaries to use this podcast. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Join us as a Learning Layer special series kicks off. Over the next several weekly episodes of the Learning Layer, host Sam Meisenberg talks with Joe Carrigan from Johns Hopkins University Information Security Institute, and co-host of Hacking Humans podcast. On this episode, they explore Joe's journey as he embarks on the road to taking his CISSP test after fourteen years in the cyber industry, and why he decided to get it now. Learn more about ISC2's Certified Information Systems Security Professional (CISSP) certification, and explore our online certification courses, practice tests, and labs that ensure that you're ready for exam day. Selected Reading ODNI's 2024 Threat Assessment: China, Russia, North Korea pose major cyber threats amid global instability - Industrial Cyber (Industrial Cyber) White House meets with UnitedHealth CEO over hack  (Reuters) LockBit ransomware affiliate gets four years in jail, to pay $860k (bleepingcomputer) Stanford University ransomware attack impacts 27K  (SC Media) EquiLend Employee Data Breached After January Ransomware Attack (HACKread) Fortinet reports two critical and three high severity issues, plan to patch (beyondmachines) Major CPU, Software Vendors Impacted by New GhostRace Attack (SecurityWeek) Incognito Market: The not-so-secure dark web drug marketplace  (Graham Cluley) Microsoft Patch Tuesday – Major Flaws In Office, Exchange And SQL Server (cybersecuritynews) New Facebook photo rule hoax spreads (Malwarebytes)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Infosec and the Cyber Work Hacks podcast are here to help you prepare for and pass the CISSP exam from ISC2. For today's hack, we're talking boot camps. If you've been preparing for the Certified Information Systems Security Professional (CISSP) study guide for six months or more, you might learn better in a concentrated, focused environment with expert instruction. And that expert is Infosec boot camp instructor Steve Spearman, who has helped hundreds of learners prepare for and pass their CISSP. Steve will walk you through what the Infosec 7-day CISSP boot camp is like, which can make the difference between passing on the first try and the headache and heartache of having to re-sit the exam. 0:00 - What is a CISSP boot camp?1:37 - A boot camp versus university cybersecurity education2:47 - What is a cybersecurity boot camp schedule like? 6:54 - Cybersecurity boot camp communication 9:50 - Cybersecurity boot camp homework12:13 - Taking a cybersecurity certification exam15:44 - Is a cybersecurity boot camp right for me? 17:36 - OutroAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

Hello and welcome to Get It Started Get It Done, the Banyan Security podcast covering the security industry and beyond. In this episode, our host and Banyan's Chief Security Officer Den Jones speaks with John Yeoh. John is the Cloud Security Alliance's Global Vice President of Research, a position that allows him to share important industry analysis from a nonprofit perspective. We hope you enjoy Den's discussion with John Yeoh. About John: With over 20 years of experience in research and technology, John provides executive-level leadership, relationship management, and board strategy development. He is a published author, technologist, and researcher with areas of expertise in cybersecurity, cloud computing, information security, and next-generation technology (IoT, DevOps, Blockchain, Quantum). John specializes in risk management, third-party assessment, threat intelligence, data protection, incident response, and business development within multiple industry sectors, including the government. His works and collaborations have been presented in the Wall Street Journal, Forbes, SC Magazine, USA Today, CBS, Information Week, and others. John's contributions continue with involvement in professional organizations such as CSA, IAPP, ISSA, ISC2, and ISACA. John sits on numerous technology committees in government and industry with the FCC, NIST, ISO, CSA, IEEE, and CIS. He represents the US as a delegate for cybersecurity relations to other nation-states.

It's Black History Month and Meredith Harper is on a mission—to empower women and people of color to embark upon careers in tech. Black, Latina and Native American women make up only 4% of tech roles in the U.S.Meredith is the Chief Information Security Officer at Synchrony, a Fortune 500 company that is one of the largest issuers of store credit cards in the U.S. She shares how she has often been the only woman of color throughout her 30-year career in tech and how other strong women partnered with her to get ahead.Tune in for an inspiring conversation with Meredith on how to challenge authority at work so that it benefits you and your company. “It's about being bold and it's about being noisy,” she says.Theme: Don't Do It AloneEpisode Highlights:What your LinkedIn banner says about youChase after experiences, not rolesIt's ok to be different Challenging authority at workPushing back benefits everyoneBe bold and noisy to create changeResources to grow your career in tech and other industriesWork integration with your personal lifeInfuse levity into whatever you're doingMentioned in this Episode:Empowering Black, Latina, and Native American Women in Tech by McKinsey & Company, 8/29/23ISACA, a global association for professionals in information security, governance, assurance, risk, and privacy and quality. ISC2, the world's leading member association for cybersecurity professionalsSANS, an institute that offers cybersecurity training, certifications and researchMeredith's Bio: Meredith Harper is a strategic leader with 30 years of experience, who is passionate about her greatest assets—her team members. Her success has been attributed to her ability to manage large-scale complex programs that cross functional areas while advancing the skill sets and careers of her team members.Meredith is passionate about empowering women and people of color to embark upon careers in technology, especially in information security, where those populations are underrepresented. She's committed to transforming the industry by driving engaging and provocative discussions around diversity, equity, inclusion and empowerment and the value it brings. It is her hope that the industry transforms at a more rapid pace so that women and people of color are normalized in tech and security spaces. Meredith is a proud alumna of the University of Detroit Mercy and the Loyola Chicago School of Law where she received a Master's in Health Services Administration, a Bachelor of Science in Computer Information Systems, and Master's of Jurisprudence in Compliance, respectively.Connect with us on our social media: Instagram and LinkedInJoin our LinkedIn community where we discuss rule-breaking strategies for multicultural women.More from Alisa Manjarrez: Instagram and LinkedInMore from Courtney Copelin:

Recorded live at the recent ISC2 Security Congress, this panel discussion features Kirsten Renner formerly of Accenture Federal Services and now with Cydecor, and Kris Rides with Tiro Security. Hear about top certifications, steps you need to take when you apply for a job, the eternal power of networking, and more.“They apply and wait, apply and wait, apply and wait. There's a good chance, no one's gonna see, sorry, your resume. Go find out who the recruiter is, or go find out who the hiring manager is and send them a direct message on LinkedIn. That's good advice. And say, ‘I have applied. Is there anything else you need from me? Are there any other roles that you think would be a good fit for me?' You have to do the extra thing.”Find show notes and additional links at: https://clearedjobs.net/isc2-security-congress-live-podcast/

Unfortunately, it's not a question of whether  cyber criminals will impact our lives but when. Are you and those you serve prepared? As CEO of  ISC2, the world's leading membership association for cybersecurity professionals, Clar Rosso is eager to share ways we can all improve our cyber literacy and posture. Clar also has thoughts about the intersection between accounting and cybersecurity — and how CPAs may reinforce the integral roles they play for small business by growing and flexing their cybersecurity advisory muscles. Episode HighlightsWhat do we really mean when we say ‘cybersecurity' and what's the 'C.I.A. Triangle'? (03:00)Why Security & Privacy should have a voice in crafting business strategy  (05:51)The risks for small-to-medium-sized businesses  and getting them up-to-speed and certified in cybersecurity risk management (10:31)Cybersecurity: An issue for our entire society  -- and forging a national cybersecurity strategy to address it  (15:40)Free cybersecurity certifications and other launching points for improving cyber literacy, posture and security  (19:00)New research exposes how 95% of businesses with 100 or fewer employees  have NO information security professionals on staff -- and how CPAs can help (30:30)You and your business clients can find additional free cybersecurity resources at CISA.org. 

I'm trying something new this week: These show notes were generated by putting a transcript into ChatGPT. Feedback is appreciated! —Randy We recently heard Jeff Marraccini on the "This Week in Enterprise Technology (TWiET)" podcast. Jeff, the Chief Information Security Officer (CISO) at Altair, joined us this week to share insights into his background and the challenges Altair faces in cybersecurity as a globally acquisitive company. The conversation explores Jeff's transition from a Vice President of IT to a CISO, underscoring the importance of continuous learning and formal courses from ISC2 and ISACA to adapt to the evolving cybersecurity landscape. Emphasis is placed on the complex vendor landscape in cybersecurity and the need to implement zero trust as a methodology rather than just a product. Jeff delves into Altair's approach to global operations, collaborating with teams across China, India, Europe, and the United States. Regulatory challenges, such as restrictions on hardware in China, are discussed. The podcast concludes with a discussion on the evolving cybersecurity landscape, highlighting Jeff's optimism about advancements like memory-safe languages and Microsoft's adoption of Rust. Despite existing challenges, Jeff sees promising developments and disruptive solutions in the cybersecurity space. A noteworthy segment of the discussion involves the importance of identity in cybersecurity. Jeff and Bob emphasize that identity management should be at the crux of security efforts, recognizing its role as a foundational element for effective cybersecurity measures. The conversation highlights the shift in focus from traditional security measures, like firewalls, to a more comprehensive approach centered around identity management. Furthermore, Bob and Jeff touch upon the evolution of cybersecurity news coverage. They discuss the noticeable decrease in mainstream media coverage of security breaches, speculating on whether this shift is influenced by the insurance industry advising companies to keep incidents quiet or if it reflects a change in news priorities. Jeff acknowledges the continued prevalence of security issues covered by specialized outlets like the Cyberwire podcast, CSO Online, and Dark Reading. Towards the end, the conversation pivots to the impact of Gen AI (Generative Artificial Intelligence) and digital transformation on the industry. Jeff shares insights into Altair's recent acquisition of RapidMiner, emphasizing the empowerment of individuals to leverage AI techniques for various applications, including data science and cybersecurity. The discussion underscores the potential for Gen AI to enhance efficiency and collaboration across different fields. The podcast concludes with Bob raising a concern about the younger generation's reluctance to pursue careers in IT, especially in areas like cybersecurity and data science. Jeff offers guidance, encouraging individuals to explore these fields through online courses and hands-on projects, emphasizing their applicability across diverse industries. The conversation touches on the need for a shift in mindset and the potential for technology-driven roles to drive innovation and problem-solving. Overall, the discussion provides a comprehensive overview of cybersecurity challenges, industry trends, and the transformative impact of emerging technologies.

In an era where data breaches, cyberattacks, and digital threats are becoming increasingly sophisticated and prevalent, the need for highly skilled and certified information security professionals has never been more critical. The Certified Information Systems Security Professional (CISSP) certification is a globally recognized and highly esteemed credential that plays a pivotal role in cybersecurity. Introduction to CISSP CISSP is a prestigious certification provided by the (ISC)2 or International Information System Security Certification Consortium. The CISSP certification ensures the extensive technical and managerial expertise of an information security professional, enabling them to proficiently oversee, design, and maintain an organization's comprehensive security framework. The CISSP exam undergoes an update every three years to align with the ever-evolving trends and advancements in the cybersecurity field. ISC2 is scheduled to introduce the next update to the CISSP certification exam on April 15, 2024. View More: What's New in the CISSP Certification Exam in 2024?

28 países se comprometen a regular los riesgos de la AI | Telecomunicaciones en Guerrero aún no se restablecen por completo  | Apple presenta resultados desalentadores en su reporte trimestral | ISC2 reporta incremento de expertos en ciberseguridad, pero escasez también crece | Así lo dijo el presidente de la SMIA, Hiram Calvo | Todavía en las nubes cómo competirá X con Youtube, Linkedin y PR Newswire | Arca Continental es una de las historias innovadoras | Karla Fernández Chavero, directora de IT para Américas OCIO y Chapters de Danone, nos da el IT Masters Insight

The number of unfilled cybersecurity positions across the world continues to grow, despite an overall increase in the cyber workforce, as security professionals struggle with understaffing, burnout and persistent skills gaps, according to a new report. The annual workforce report released today by the International Information System Security Certification Consortium, known as ISC2, shows the global cybersecurity workforce has reached a record-high 5.5 million people, up 8.7% from 2022. But roughly 4 million more cyber professionals are needed worldwide, with the gap widening by 12% from last year. “It is great news that the number of professionals coming in is increasing,” Tara Wisniewski, executive vice president for advocacy, global markets and member engagement at ISC2, said in an interview. “But the gap is scary and getting scarier.” Learn more about your ad choices. Visit megaphone.fm/adchoices

The number of unfilled cybersecurity positions across the world continues to grow, despite an overall increase in the cyber workforce, as security professionals struggle with understaffing, burnout and persistent skills gaps, according to a new report.The annual workforce report released today by the International Information System Security Certification Consortium, known as ISC2, shows the global cybersecurity workforce has reached a record-high 5.5 million people, up 8.7% from 2022.But roughly 4 million more cyber professionals are needed worldwide, with the gap widening by 12% from last year.“It is great news that the number of professionals coming in is increasing,” Tara Wisniewski, executive vice president for advocacy, global markets and member engagement at ISC2, said in an interview. “But the gap is scary and getting scarier.” Learn more about your ad choices. Visit podcastchoices.com/adchoicesSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

If you look at self-help GovCon videos on social media platforms like YouTube and Instagram you see the many “Make Millions in GovCon” ads and videos all the time; and you can make a lot of money; especially through partnering with other companies. However, this commonly used mechanism is not as easily leveraged as it seems. The potential to be rejected is very real. Today we're going to hear a story about how one small business founders' ability to overcome repeated rejection in government contracting.Guest Bio:Romeo Gardner III is a Certified Information System Security Professional (CISSP) with over 20 years of experience in the IT field including working at the White House Communication Agency supporting President George Bush Jr, President Barack Obama, Vice Presidents, and the White House Staff. Recruited from the White House, Romeo went to Microsoft as an Engineer working in various roles for the organization before founding his own company to work with Microsoft as a partner and reseller. His mantra "to be a conduit over a container" supports his passion in being an Adjunct Professor at the University of Mary Washington in Fredericksburg Virginia teaching Cybersecurity focusing on the CISSP exam by ISC2.Call(s) to Action:● Request to join the Hive39 Community on Linkedin● Help spread the word about Unveiled: GovCon Stories● Do you want to be a guest or recommend a topic that you would like to learn or hear about on the podcast?Let us know on our Suggestion Form.Links:● Nehlos Company Website● Nehlos FB PageSponsors:Twenty39 – simplifying the complexity in pursuing government contracts: https://www.twenty39.comIf your business is considering government contracting and need expert advisory, business development, proposal management, and/or operations support we are here to help. We provide end-to-end enablement for pursuing government contracts.Hive39 Community: https://twenty39.com/hive39-community/An inclusive online community for GovCon Small Businesses and Consultants to learn, share, and grow. Receive free resources to support your business in pursuing government contracts; and meet new partners, identify small business relevant events and cost appropriate vendor resources, stay up to date on policy and legal changes impacting small business, and share 1099 and partnership opportunities. Join today! Hosted on Acast. See acast.com/privacy for more information.

Rinki Sethit, CISO at BILL, discusses her journey in cybersecurity from roles at early cloud adopters like Intuit and Twitter to security vendors like Palo Alto Networks and ultimately to board roles at companies like ForgeRock.ABOUT RINKI: VP & CISO (CHIEF INFORMATION SECURITY OFFICER) Rinki is currently the Vice President and Chief Information Security Officer at BILL, where she will be leading the global information technology functions and is also responsible for leading efforts to protect BILL's information and technology assets and advice the company's continued innovations in the security space. Rinki Sethi brings decades of security and technology leadership expertise and was recently VP & CISO at Twitter and Rubrik Inc. Rinki has been at the forefront of developing cutting edge online security infrastructure at several Fortune 500 companies such as IBM, Palo Alto Networks, Intuit, eBay, Walmart.com, and PG&E. Rinki also serves on the board of ForgeRock, a public company in the identity and access management space and Vaultree, a data encryption company. Rinki holds several recognized security certifications and has a B.S. in Computer Science Engineering from UC Davis and a M.S. in Information Security from Capella University. Rinki has served on the development team for the ISACA book, “Creating a Culture of Security” by Stephen Ross and was the recipient of the “One to Watch” Award with CSO Magazine & Executive Women's Forum in 2014 and more recently the Senior Information Security Practitioner Award with ISC2 in 2018. Most recently, in 2023, she was recognized in Lacework's top 50 CISOs list. She led an initiative to develop the first set of national cybersecurity badges and curriculum for the Girl Scouts of USA. Rinki serves as a mentor for many students and professionals.SPONSER NOTE: Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs. Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security. Review and Download Cloud Security Resources: sans.org/cloud-security/ Join our growing and diverse community of cloud security professionals on your platform of choice: Discord | Twitter | LinkedIn | YouTube

The concepts behind Diversity, Equity, and Inclusion have been practiced by some organizations in the past, but in this new era where the border lines between work and life are becoming increasingly blurred, and where technologies are helping people contribute in ways never seen before, it's a good time to reassess what DEI is and how central it is to an organization. Dwan Jones of ISC2 brings her wisdom, some actionable tips, and a great role model organization to follow.

Rick Howard, the CSO, Chief Analyst, and Senior Fellow at N2K Cyber, discusses the meaning of quantum computing through a cybersecurity perspective with CyberWire Hash Table guests Dr. Georgian Shea, Chief Technologist at the Foundation for Defense of Democracies, and Jonathan Franz, the Chief Information Security Officer at ISC2. Research contributors include Bob Turner, Fortinet's Field CISO – Education, Don Welch, New York University CIO, Rick Doten, CISO at Healthcare Enterprises and Centene, and Zan Vautrinot, Major General - retired. Howard, R., 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Wiley. URL: https://www.amazon.com/Cybersecurity-First-Principles-Strategy-Tactics/dp/1394173083.   Deen, S., 2008. 007 | Quantum of Solace | Theme Song [Video]. YouTube. URL https://www.youtube.com/watch?v=YMXT3aJxH_A  Dungey, T., Abdelgaber, Y., Casto, C., Mills, J., Fazea, Y., 2022. Quantum Computing: Current Progress and Future Directions [Website]. EDUCAUSE . URL https://er.educause.edu/articles/2022/7/quantum-computing-current-progress-and-future-directions. France, J., 2023. Quantum Compute and CyberSecurity, in: ISC2 Secure Summits.  France, J., 2023. The Race Against Quantum: It's Not Too Late to be the Tortoise that Beat the Hare [Essay]. Infosecurity Magazine. URL https://www.infosecurity-magazine.com/opinions/race-quantum-tortoise-beat-hare/.  Shea, Dr.G., Fixler, A., 2022. Protecting and Securing Data from the Quantum Threat [Technical Note]. Foundation for the Defense of Democracies. URL https://www.fdd.org/wp-content/uploads/2022/12/fdd-ccti-protecting-and-securing-data-from-the-quantum-threat.pdf  

Last month, the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection brought in four tech leaders to talk about our big cybersecurity problem: the lack of people. The hearing was held to assess potential ways to increase the talent pool for cybersecurity candidates. And ensure that pipeline can satisfy the appetite of cyber incidents to come over the next few decades.Anjelica Dortch, the Senior Director for U.S. Government Affairs at SAP America, Inc., Will Markow, the Vice President of Applied Research at Lightcast, Tara Wisniewski, the Executive Vice President for Advocacy, Global Markets, and Member Engagement at ISC2, and Col. Chris Starling (Ret.), the Executive Director for California NPower were all in attendance at the subcommittee hearing. Joining the Security Clearance Careers podcast is Nelson Abbott, who is the Sr. Advanced Director of Program Operations. He tells us more about the subcommittee hearing, what the US is doing wrong in cyber hiring, and how bootcamps like NPower's can help talent pivot to cyber without being buried in debt. Hosted on Acast. See acast.com/privacy for more information.

אנחנו מזמינים אתכם לפרק שבועי החדש הכולל את הסיפורים המעניינים ביותר בסצנת הסייבר והטכנולוגיה!בפרק הזה של "סייבר עם חברים", תוכנית האקטואליית סייבר וטכנולוגיה, נתחיל עם חדשות הממש טובות של מיי, היא נבחרה להיות בקבוצה ממש קטנה שתבחר להיות בדירקטוריון ISC2, מיי היא הראשונה מישראל שנכנסת להנהלת הארגון, מחזיקים ומחזקים אותך מיי!עוד נושאים שהיו במרכז השיח השבוע:אקזיט לחברת הסייבר הישראלית SCADFence שנרכשה ע"י חברת האניוול האמריקאית. פליי קארד ואל על יצאו בקמפיין שעושה נזק ישיר הלקוחות שלהם, מבלי אפילו לקחת אחריות.פרוגרס ממשיכה לעדכן את מערכת MOVEit עם עוד חולשה קריטית.אירוע חריג בזכרון יעקב - רוכשי כרטיסים נדרשו להציג את עמודי המדיה החברתית שלהם כדרישה להיכנס לאירוע.בהולנד הוגשה תביעה ייצוגית נגד חברת Avast שמכרה כמויות גדולות של מידע על משתמשים.עדכון של פיירפוקס 115 עושה כותרות (וגם מצליח לעצבן כמה אנשים) עם פיצ'ר אבטחת חדש.רוסיה עשתה תרגיל שנתי חדש שבה היא…מנתקת את כל המדינה מהאינטרנט לשעתיים.מחקר חדש מצא שאחד מכל חמישה פקטות באינטרנט הם בעצם תקיפת סייבר (רותם חושב שזה יותר…).וכמובן הטופס החדש לספקי סייבר: https://bit.ly/CyberServiceמגיש: רותם ברפאנליסטית: מיי ברוקסחדשות הבינה: עומר הרריחדשות הפרטיות: עינבר בן ציון רגרמן

Podcast: ICS Cyber Talks PodcastEpisode: Cyber Edu 4: May Brooks-Kempler Director @CRS ISC2 Instructor CISSP & HCISPP about CyberSec trainingPub date: 2023-06-17נחשון פינקו ומלי בר מארחים את מיי (מיטל) ברוקס קמפלר דירקטורית בחברת סייבר באבו דאבי, יועצת, מרצה ומכשירה וותיקה לסיסויים למבחני אי.אס.סי בריבוע מה הם האתגרים של הכשרת סייבר בישראל מה המסלול הנכון למי שרוצה להיכנס לתחום הסייבר בישראל עלויות ההכשרה לסייבר מהווה לא פעם חסם להתמקצעות. מדובר בהרבה אלפי שקלים עד עשרות אלפי שקלים. מדובר בנושא "כואב" ולא פשוט למי שאין את האמצעים, האם קיימת דרך לחסוך חלק מהעלויות? את מראשוני/ות העוסקים בהכשרה להסמכות סייבר בינלאומיות בישראל. מעבר לתעודה, האם יש ערך מוסף לקורס שעוסקים באתגרים של הכשרת לסייבר הנושא מועצם פי כמה וכמה שמגיעים לנושא הכשרת סייבר לסביבות תפעוליות.  מאיפה מתחילים ומה לדעתך הדרישות המקדמיות ממי שרוצה ללמוד ולהיכנס לתחום הסייבר בכלל ומערכות תפעוליות בפרט Nachshon Pincu and Mally Bar co-hosting May (Maytal) Brooks-Kempler, Director at Cyber Range Solutions inc (CRS) and ISC2 Instructor for CISSP ו& HCISPP. Discussing Cyber Security Education and training. Cyber training in Israel, what are the challenges? What do you think is the right path for those who want to enter the cyber field in Israel? The costs of cyber training are often a barrier to professionalization. It is about many thousands of shekels to tens of thousands of shekels, and it is a "painful" issue and not easy for those who don't have the means. Is there a way to save some of the costs? You are among the first to train for the CISSP exams in Israel and have invested a lot in the subject. Beyond the test and the certificate, is there any added value to the course? We said that there are challenges in cyber training. The issue is often intensified in ICS/OT cyber training. Where do you start, and what are the preliminary requirements for those who want to study and enter the field? And moreThe podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

נחשון פינקו ומלי בר מארחים את מיי (מיטל) ברוקס קמפלר דירקטורית בחברת סייבר באבו דאבי, יועצת, מרצה ומכשירה וותיקה לסיסויים למבחני אי.אס.סי בריבוע מה הם האתגרים של הכשרת סייבר בישראל מה המסלול הנכון למי שרוצה להיכנס לתחום הסייבר בישראל עלויות ההכשרה לסייבר מהווה לא פעם חסם להתמקצעות. מדובר בהרבה אלפי שקלים עד עשרות אלפי שקלים. מדובר בנושא "כואב" ולא פשוט למי שאין את האמצעים, האם קיימת דרך לחסוך חלק מהעלויות? את מראשוני/ות העוסקים בהכשרה להסמכות סייבר בינלאומיות בישראל. מעבר לתעודה, האם יש ערך מוסף לקורס שעוסקים באתגרים של הכשרת לסייבר הנושא מועצם פי כמה וכמה שמגיעים לנושא הכשרת סייבר לסביבות תפעוליות.  מאיפה מתחילים ומה לדעתך הדרישות המקדמיות ממי שרוצה ללמוד ולהיכנס לתחום הסייבר בכלל ומערכות תפעוליות בפרט Nachshon Pincu and Mally Bar co-hosting May (Maytal) Brooks-Kempler, Director at Cyber Range Solutions inc (CRS) and ISC2 Instructor for CISSP ו& HCISPP. Discussing Cyber Security Education and training. Cyber training in Israel, what are the challenges? What do you think is the right path for those who want to enter the cyber field in Israel? The costs of cyber training are often a barrier to professionalization. It is about many thousands of shekels to tens of thousands of shekels, and it is a "painful" issue and not easy for those who don't have the means. Is there a way to save some of the costs? You are among the first to train for the CISSP exams in Israel and have invested a lot in the subject. Beyond the test and the certificate, is there any added value to the course? We said that there are challenges in cyber training. The issue is often intensified in ICS/OT cyber training. Where do you start, and what are the preliminary requirements for those who want to study and enter the field? And more

Senior VP of Cyber Defense at Optiv, Jason Lewkowicz, is today's guest on the Cyber Security Matters podcast, hosted by Dominic Vogel and Christian Redshaw.   Jason is an experienced senior executive with over two decades in various aspects of business, specializing in; information security, risk governance, crisis management, technology consulting, outsourcing and operations.    Jason holds certifications from ISACA, ISC2 and Open Text/Guidance Software. He has presented at industry-recognized conferences and local law enforcement information sessions over the past ten years. He has served on advisory boards for; Symantec, McAfee, Digital Shadows and FireEye/Mandiant. Jason received his undergraduate degree from DePaul University in Chicago.   In this episode, we will cover the following: - What “applied security” means  - Why business leaders and cyber security need to have a collaborative relationship - How cyber security can support your company's goals - What key milestones organizations should be hitting in their cyber security journey     #cybersec #technology #business ep: 157

(ISC)² is an international, nonprofit membership association for information security leaders, committed to helping  members learn, grow and thrive. Nearly 280,000 members, associates and candidates strong, ISC2 empowers professionals who touch every aspect of information security. CISO's Secrets Podcast is powered by MIND.Visit CISO ACADEMY to access additional learning opportunities for C level executives

Introduction to ISC2 CSSLP The ISC2 Certified Secure Software Lifecycle Professional (CSSLP) certification concentrates on web application security within the software development life cycle (SDLC). CSSLP Certification validates advanced application security expertise. It demonstrates to organizations and peers that you have the advanced technological skills and knowledge required for authentication, authorization, and auditing throughout the software development lifecycle (SDLC), employing best practices, policies, and procedures set by (ISC)2 cybersecurity professionals. The CSSLP certification demonstrates you as an application security specialist. CSSLP is a fantastic approach to expanding your security expertise, allowing you to maintain your skills. Because it is not product-specific, you can easily apply your abilities to various technologies and approaches. It teaches you how to defend your organization while safeguarding sensitive information.

Richard Ford is an experienced cybersecurity and technology leader. Currently the Chief Technology Officer at Praetorian, he has held leadership positions at many organizations, including Cyren, Forcepoint, and Raytheon. Richard also has a Ph.D. in Physics from the University of Oxford. Personal LinkedIn: https://www.linkedin.com/in/dr-ford/ Praetorian LinkedIn: https://www.linkedin.com/company/praetorian/ ISC2: https://www.isc2.org BSides: https://bsideslv.org 

In this episode, Tony Bryan shares the 3 questions he asks every potential apprentice when CyberUp is contacted about their cybersecurity apprenticeship. 1. What is your timeline?2. What is your budget?3. How do you learn best?These simple questions help point an interested person to the best option for them and ensures they are making the right decision to pursue the industry. There isn't a one size fits all approach to gaining skills and by asking yourself this you will determine the right first step for you.

Security conference season is back in full swing, and Cybrary is here to bring you all the highlights! Our Senior Product Manager, Ned Hinman, shares key takeaways from the Infosecurity Europe Conference in June of 2022. Hear what security leaders organizations like ISC2 are saying about strategies for bridging skills gaps, attracting new talent, and approaching cybersecurity as a psychological challenge.   Read the Psychology of Intelligence Analysis  Follow Cybrary on Social!! ~Twitter ~Instagram ~FaceBook ~YouTube ~LinkedIn

Stop wasting your energy on barking orders and telling people what to do. It's far more effective and satisfying to lead by example. It's one of the greatest leadership hacks of all time because people respond better to what they see, not what they're told. I host Eric Liebowitz, CISO of Thales Americas, who shares a key insight that explains why leading by example works and an essential strategy to immediately begin leading more effectively.  Thales is a global Aerospace, Transportation, Cybersecurity and Defense organization with a complex IT environment and multiple product lines. They have over 81.000 employees across 5 continents. Eric has over 15 years in the cybersecurity space. He is a strong leader who is experienced in building and maturing Information Security programs for large Financial Services and Technology organizations. Eric started his career on Wall Street where he led a global team of security professionals that implemented a 24/7 Security Operations Center to monitor threats and respond to attacks at Lehman Brothers.  Eric then moved on to Freddie Mac where he built and led multiple teams in different security disciplines such as Identity & Access Management, Governance, Risk and Compliance and Security Monitoring & Incident Response. Eric's attributes include strong leadership and communication skills with the ability to translate technical and risk based solutions to senior management as well as business partners. He also has a demonstrated track record of delivering innovative Security solutions that meet corporate strategic goals while promoting a team-oriented work environment. Eric has partnered with peers in other organizations to start a CISO roundtable with security leaders from the Virginia, Maryland and DC area. He is also a 9 year contributing member of the CISO Executive Network. He holds the CISSP, CISA and CISM certifications and is a member of ISACA National DC chapter and ISC2.  LinkedIn Profile: https://www.linkedin.com/in/ericliebowitz/ Company Link: https://www.thalesgroup.com/en What You'll Discover in this Episode What Eric learned at the biggest defining moment in his career. Vital strategies to strike the balance between working hard and taking care of yourself. What to do when you don't speak the language in the room. Why leaders must become PROACTIVE when it comes to employee retention. The reality of the staffing shortages in the Cyber Security industry. Why leading by example is so effective. The importance of leading with integrity and how to do it. How to have a one-on-one meeting that builds a personal connection every time. Resources: https://www.amazon.com/Habits-Highly-Effective-People-Powerful/dp/1982137274/ref=asc_df_1982137274/?tag=hyprod-20&linkCode=df0&hvadid=509245866633&hvpos=&hvnetw=g&hvrand=12380231504550548321&hvpone=&hvptwo=&hvqmt=&hvdev=c&hvdvcmdl=&hvlocint=&hvlocphy=9010496&hvtargid=pla-908915591470&psc=1 (The 7 Habits of Highly Effective People), Stephen Covey https://www.amazon.com/SPEED-TRUST-Thing-Changes-Everything/dp/1416549005/ref=asc_df_1416549005/?tag=hyprod-20&linkCode=df0&hvadid=312009828129&hvpos=&hvnetw=g&hvrand=208795773085388419&hvpone=&hvptwo=&hvqmt=&hvdev=c&hvdvcmdl=&hvlocint=&hvlocphy=9010496&hvtargid=pla-433459424349&psc=1 (The Speed of Trust), Franklin Covey ----- Connect with the Host, #1 bestselling author Ben Fanning https://www.benfanning.com/speaker/ (Speaking and Training inquires) https://followbenonyoutube.com (Subscribe to my Youtube channel) https://www.linkedin.com/in/benfanning/ (LinkedIn) https://www.instagram.com/benfanning1/ (Instagram) https://twitter.com/BenFanning1 (Twitter)

In this bonus episode I talk with Ben Malisow who creates some of the best (ISC)2 training material in the world. He recently started a boot camp where he teaches professionals how to pass some of the top (ISC)2 exams for a reasonable price. As always if you enjoy this podcast please go leave a review of the show and share the podcast with someone. Thanks everyone!Follow the Podcast on Social Media!Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcastPatreon: https://www.patreon.com/SecurityUnfilteredPodcastBen's Links:LinkedIn: https://www.linkedin.com/in/malisow/Boot Camps: wannabeacissp.comPodcast: securityzed.comSupport the show

Adam Cox is joined by Clar Rosso, Chief Executive Officer of (ISC)2, to discuss the brand's recent announcement, and what the new Entry Level Cybersecurity Certification aims to achieve. They look at what the cybersecurity job market looks like right now, and how current students can prepare themselves for success. www.isc2.org

On this episode of the Raving Patients Podcast, Len sits down with Debi Carr to discuss cyber security and how it can protect your practice.   Debi Carr is recognized as a leader in cybersecurity and compliance. She is a Cyber Security and Crisis Management Consultant, Speaker, and CEO of   D K Carr and Associates, LLC.  She assists private practices in obtaining and maintaining security in their practices including performing risk analysis, team security training, and assisting doctors navigate through ransomware and other cyber-attacks.  Debi holds several certifications including HealthCare Information Security and Privacy Practitioner, Certified Associate Healthcare Information and Management Systems and is a member of AADOM, ADMC, HIMSS, IAPP, ISC2, ISSA, ISSAC, FBI InfraGard, SCN and Women of Cyber Security.

Mikhael Felker, VP of Information Security joins the show this week to talk about how he has mastered the financial part of the cybersecurity practice. Mike spends time with us to talk about employment opportunities, how he kicked off his career and what he looks for when hiring new talent. Bio: Information security executive experienced in security, privacy, risk & compliance program development and execution. Diverse sector experience (High Tech/Advertising, eCommerce/Consumer Goods, Education, Healthcare, Defense, Insurance). Extensive regulatory experience in (SOX, GDPR, CCPA, PCI, HIPAA, NY DFS, etc.) and frameworks (ISO 2700X, ITIL, NIST, CoBIT, etc). Ability to explain deeply technical knowledge to broad audiences and influence stakeholders to buy-into solutions. Conference speaker (RSAC, CSA, ISACA, ISSA, ISC2, ARMA, et.al.), educator, mentor and author of 50+ publications. Note: Views and opinions expressed are my own and do not necessarily reflect the views and opinion of my employer. https://www.linkedin.com/in/mikhaelf/   CISO Talk is supported by these great partners please make sure to check them out: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen Here: https://linktr.ee/CISOtalk   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.