Podcasts about observeit

  • 20PODCASTS
  • 51EPISODES
  • 48mAVG DURATION
  • ?INFREQUENT EPISODES
  • Mar 13, 2023LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about observeit

Latest podcast episodes about observeit

The Conference Room with Simon Lader
Episode 95 - Clients, Customers and Employees... The secret to relationship development with Arik Kasha

The Conference Room with Simon Lader

Play Episode Listen Later Mar 13, 2023 35:31


This week we welcome Arik Kasha, VP EMEA of Seraphic Security to talk about his strategy and philosophy to successfully growing and scaling startups - and it's all about relationships. Arik Kasha is the VP Sales EMEA of Israeli cybersecurity vendor Seraphic Security. He is a graduate of The College of Management Academic Studies and began his sales career with Aladdin Knowledge Systems, now part of SafeNet, where he spent ten years. After running the EMEA sales team at AlgoSec, he joined ObserveIT who were acquired by ProofPoint for $225m (ProofPoint were then acquired by Toma Bravo for $12.3Bn) and after almost ten years with them joined Seraphic Security where he has responsibility for scaling the European revenues. LINKEDIN: https://www.linkedin.com/in/kasha Website: www.seraphicsecurity.com YOUR HOST Simon Lader is the host of The Conference Room, Co-Founder of global executive search firm Salisi Human Capital, and online coaching firm Salisi Academy. Since 1997, Simon has helped Senior Executives achieve Life Transformation by finding their ideal job and consulting with leading enterprise software and cybersecurity vendors to build highly effective teams. Get to know more about Simon at: Podcast: https://theconferenceroompodcast.com Website: https://simonlader.com/ Blog: blog.salisi.com Twitter: https://twitter.com/simonlader LinkedIn: https://www.linkedin.com/in/headhuntersimonlader Spotify: https://open.spotify.com/show/3dd0obQSM8cYRV0HCxiuF0

Your Cyber Path: How to Get Your Dream Cybersecurity Job
EP 52: Replay of "Security Awareness Training"

Your Cyber Path: How to Get Your Dream Cybersecurity Job

Play Episode Listen Later Sep 3, 2021 64:10


This week we are highlighting one of our popular episodes! First covered back in Episode 40, we covered the topic of Security Awareness Training, and wanted to revisit it again in this epsiode. Looking for a nontechnical job in Cybersecurity?! This might be a good option for you! In today's episode, we have a very special guest, Gabriel Friedlander, the founder of Wizer Security and Co-founder & CTO of ObserveIT. Join experienced hiring managers, Wes Shriner, Kip Boyle, and Gabriel Friedlander as they explore Governance Risk and Compliance (GRC) and Security Awareness and training from the Common Security Service Catalog. They will be exploring: ✅ Cybersecurity Awareness Month ✅ Required Training ✅ Behavioral Training ✅ Skills Training Loved this episode and want to learn more about Wizer?! Check out more here: https://www.wizer-training.com/ Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf

Your Cyber Path: How to Get Your Dream Cybersecurity Job
EP 40: Security Awareness & Training

Your Cyber Path: How to Get Your Dream Cybersecurity Job

Play Episode Listen Later Mar 25, 2021 64:22


Looking for a nontechnical job in Cybersecurity?! This might be a good option for you! In today's episode, we have a very special guest, Gabriel Friedlander, the founder of Wizer Security and Co-founder & CTO of ObserveIT. Join experienced hiring managers, Wes Shriner, Kip Boyle, and Gabriel Friedlander as they explore Governance Risk and Compliance (GRC) and Security Awareness and training from the Common Security Service Catalog. Download the slides here: https://try.yourcyberpath.com/cyber-org​  Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide:  https://www.YourCyberPath.com/pdf --- Send in a voice message: https://anchor.fm/yourcyberpath/message

Human-Centered Security
The Role of Storytelling in Cybersecurity Awareness Training with Gabriel Friedlander

Human-Centered Security

Play Episode Listen Later Dec 8, 2020 44:18


Gabriel has been studying human behavior for a long time. His first company, ObserveIT, an insider threat management platform recently acquired by Proofpoint, dealt with monitoring and reporting on out-of-policy employee behavior. Today, as the founder of Wizer, a security awareness training platform, Gabriel is focused on ensuring, as he put it, “security awareness is a basic human skill.” In fact, not only is Wizer's training user-friendly and in digestible chunks, most of it is free.In this episode, we talk about: Cybersecurity awareness training should start with stories, to connect with people and encourage them to take action. Cybersecurity awareness training should then focus on developing the skills that can be applied to a variety of scenarios (as Gabriel says, "we can't teach everything."). Make security easy--but roadblocks may necessary to get users to slow down and think.

CarahCast: Podcasts on Technology in the Public Sector
A Holistic People-Centric Approach to Insider Threat Management

CarahCast: Podcasts on Technology in the Public Sector

Play Episode Listen Later Nov 20, 2020 20:02


Tune into our podcast, A Holistic People-Centric Approach to Insider Threat Management, to discover how the ObserveIT platform helps agencies protect against data loss, malicious acts, and brand damage.

Business of Cyber
BoC #1: Approach Your Security Projects From a Marketing Perspective to Get Business Buy In

Business of Cyber

Play Episode Listen Later Jun 12, 2020 28:06


Welcome to the first episode of the Business of Cyber podcast. We provide consistent, relevant, and valuable content to help security leaders better align with their business peers while helping business people better understand the value and business impact of cyber security. Our guest today is Gabriel Friedlander. Gabriel is the Founder of Wizer - an organization with the mission to provide free security awareness training for everyone. To date they've partnered with over 3000 organizations to offer free, simple, educational, and entertaining training content. Prior to starting Wizer, Gabriel was a Co-Founder of ObserveIT, an insider threat management platform, which sold to Proofpoint last year for $225 million. On today's episode, Gabriel and I walk through: How do view the potential business impact of insider threats, given insiders can have direct access to the "keys to the kingdom?" What training/HR policies can be put in place to best minimize the risk of insider threats? How can security teams market their projects, solutions, and investments, to be better received by the business? What do car brakes and security teams have in common? Contact Joe and the Business of Cyber: Email: joe@businessofcyber.com Website: businessofcyber.com LinkedIn: Joe Vinck Twitter: @joey_vinck Instagram: @businessofcyber OFFER FOR FIRST TEN EPISODES In order to enter for a chance to win each book discussed in the first 10 episodes, please rate & leave a review wherever you listen to podcasts and reach out to Joe via Email, LinkedIn, or Instagram with your username to let us know you've rated. Winners will be announced after Episode 10.

Business Built Freedom
146|Enhancing Your Business With Madeline Clift

Business Built Freedom

Play Episode Listen Later Jun 8, 2020 22:49


Enhancing Your Business With Madeline Clift Josh: G'day everyone out there in podcast land. We've got a guest here from Level Up Chartered Accountants called Madeline Clift, and she's going to be going through some awesome ways that you can enhance your business methods and processes with the help of technology. So Madeline, a quick question for you. What would you say is the number one thing that businesses can implement to make sure that they are able to enhance their processes? Learn more about enhancing your business at dorksdelivered.com.au Madeline: It's real listening. It's a weird one, but that's probably the best one that you can do, make sure you're listening to your staff and your clients. The first thing we've done was making sure that the business runs smoothly for ourselves internally as a company ourselves, even though we're accountants helping other businesses, is we ask our staff what they want. We make sure that they can do their job to the best of their abilities, and it's really paid off for us, especially during this scary pandemic time. Josh: Yeah, it is definitely a time of unknowing, isn't it? And I think you're on the right page there, where you say invest in your staff is very, very important. We were given two ears and one mouth, so use them in that ratio. Listen twice as hard as you're talking. Madeline: Exactly. Josh: That's very, very good advice. So start by listening and making sure that you've got the processes in place to get rid of the deadwood, I guess, would you say? How would you go about making sure that you do have a team of unicorns? Madeline: Team of unicorns, that's a funny way of putting it. We call them wizards actually, funnily enough. Josh: Oh, wizards. Madeline: Yeah. We'll have to tell them that they were referred to as unicorns. Josh: Yeah. Or ninjas. Sometimes I call them ninjas as well, but yeah. Madeline: That'll work too. Yeah, so our internal wizards, the first thing that they said to us was that they actually love how simple it is to work away from home if they need to. A lot of the guys have kids. This was long before pandemic time, but the guys were like, "Oh, I'm really glad you guys just gave me a laptop that sits on a desk with two monitors, because I can go home and work if I need to, if my kid gets sick for the afternoon," things like that. And because we invested in them right from the get-go, that wasn't an initial cost for us when everyone had to start working from home. Everyone was already ready to go. They took their laptops home and they even stole, basically, half of the monitors that we had floating around the office, so that they were even more set up at home. Everyone's working with two screens. Everyone's super comfortable. And that was just from that simple thing of listening. It's really already paid off for us when it comes to the stressful times. We know our IT provider, again, was really stressed out just trying to provide laptops for the week to get other businesses sorted. Josh: Being ahead of the curve there's really important, and it'll pay off in significant quantities, I think you'll find over next few months and years. Because it means that your commercial overheads from a commercial real estate perspective can be kept a bit lower. Which means that your footprint, that you're putting your carbon footprint, if people are working from home, is lower. Your time wasted between traveling is lower, which means people have time to spend with their family. They're spending less time and money on maintenance for cars. It's by far the most sensible way to go. Josh: And we started the business 13 years ago in mum and dad's garage, where all tech startups start. Went from there to a bricks-and-mortar building a couple of years later and had the staff coming in there. And then, same as you guys, have gone and went, "This is stupid. What am I doing? We're going to other people. We're very, very rarely having anyone come to us." And I thought, if they want to come to us then they're probably close enough to have them come to the house and have a beer on a Friday afternoon anyway. So that's the approach that we went, and I think a lot of businesses are going to be adapting that. Josh: And one of the things that I found, actually, after we started going through the remote workforce, this is probably now 2013 or so, we found it took a little bit of refining and adjustments for people that were used to coming into work. And we put in systems and practices to make sure that we had different KPIs, that we're able to manage around that. What would you say would be a method that you guys are using to be able to monitor and manage your staff to make sure that they're not having a few sneaky looks at Facebook? Or maybe they are. Maybe you've got that written in their agreement. Madeline: Technology-wise, we've actually already got a monitoring system in place. The guys know that they've got ActivTrak on their laptops. So if they're ever doing something they shouldn't be, like installing Bitcoin to try and make money, it flags our IT subsidiaries. There's one method, I suppose. We make that clear so the guys know that they can't be stuffing around. Madeline: Second one, which we're quite lucky for because in our industry, we have to report billable hours. So everyone has to put in a time sheet for what they're working on. It can be done simplistically, like you can say, "All right, for the first three hours this morning, I'm going to be working on this client's data. So I won't be free, don't talk to me." But then we've actually got the time sheet logged in there and saying, "Okay, well, they've actually done all of the work papers. They've done the end of financial year job for the entire client and all the individuals." Things like that. Madeline: Even for our admin staff at the moment, them working remotely, they're doing time sheets per hour. They're much smaller slots, but they're still actually putting in, "Okay, well, I actually spoke to this client for half an hour on the phone." It may or may not be billable, but they've at least put that time sheet in. So at the end of the week or the fortnight in the pay period, the director and myself are able to go through those time sheets and double check, "Okay, well, actually, you've worked a 12-hour day." Funnily enough, I find that more of the staff are spending more time, realising, because they're not doing anything at home, they're actually doing more work, which is really funny. But we're really lucky. Madeline: Yeah. Time sheets and actually the software tracking systems are probably the best bet, I would say, for most business. Josh: Cool. And so I guess we have two different models of clients. The majority of them, we charge a set rate per month where we just give them unlimited support, which works great for the clients. And then we guarantee their uptime to make sure that they're not. If they have downtime, in fact, we pay them. So we don't want them to have downtime. So we make sure they don't have downtime. So we're fighting for them to be up as much as possible and to be as efficient and utilised as possible. So that's the model of payment that we have for our customers. Josh: But for our staff, we have a similar model where we have hours that are measured, and then KPIs, which are normally on the efficiency of the work that was accomplished. Josh: So say if you have a client that's bringing in $2,000 a month, for instance, and that client calls up 10 times and the hourly rate, or the amount of time that client is spent on, if that was say a thousand dollars worth of time, the staff pool bonus is 10% of the difference. So they'd only get 10% of the money remaining. So it's in everyone's interest to make sure then it works, don't go down, and they stay up as much as possible. Josh: Then that's a sort of the big metric that we found because we put in place a program assistant called ObserveIT, which lets you see all the screenshots and keyboard logs and activity and things like that. And then we built a couple of other bits and pieces ourselves so that we can see if the sort of traffic and how utilised each PC is and if one's running slightly slower and all that sort of stuff. But when it came back to it, we just needed to make sure that the staff and the business were steering in the same direction, was the big thing of making sure that the reasons why businesses are working with you are bred into the culture of your business. So then it sounds like you guys are doing pretty well the same thing, which means you're a step ahead of a lot of accounting firms out there. Hats off to you. Madeline: Yeah. I don't like to toot my own horn, but we think we've really taken it to a different approach, I suppose, than a lot of the boutique accounting firms in the past. And then even at the moment, we've found other firms that are roughly the same size as us, the way they approach, I suppose, how they treat their staff, the hierarchy in the office, they're all 50-year-old practices. They've upgraded maybe the technology. They know how to use Xero now, which is great, but all of the rest of their systems and their processes are just stuck in the last century. Josh: We were using QuickBooks. It was about 1,000, $1,500 or whatever it was, back in 2007 to 2013. I hated it. I hated it so much, but it was the only system that our ERP solution integrated into, and smile from ear to ear the moment we moved across to Xero. You guys would use XPM as well, I'd imagine because you're a practice manager? Madeline: Yes, we do. We use both. Then again, a third system, monday.com as well, just for tasks and scheduling. Yeah, that was even simpler to use for our staff. Pretty much all of our systems are cloud-based. We don't want anything not to be on the cloud because we actually feel that that's more secure for us. So there's nothing wasted and paying for installing systems. I think the only thing that we pay for a subscription for is a PDF-editing software system. Josh: That's not too bad. As long as you've got the security behind it. I'm a big advocate for the cloud as long as it's been set up correctly. And that's another thing, a lot of people sort of just hear lots about it on the internet and read about it. And then Yellow Pages, even we're doing big campaigns about it, saying, "Everyone needs to move to the cloud," and I'm like, "Yeah, okay. That's cool." As long as you know your data is secure, encrypted, and isn't going to be attacked. Josh: My goodness, the number of solicitors and accounting firms that we've seen that have vulnerable data that's out there that we've been able to find, show them and they've just gone, "Oh my goodness, how'd you get access to that?" Or, "You shouldn't have access to that." And I'm like, "I know I shouldn't." I said, "And there's other people in there that wouldn't be telling you that they've got access to it." I said, "We're one of the good guys to help you guys out." Madeline: Our biggest expenses as a business actually are the people we employ to do our IT and I'm happy to speak their name, which Connected Platforms, and our actual staff. Those are the biggest costs for us as a business. Staff that we employ and how much we pay our IT company to manage everything that we're doing on the cloud. So those are our two biggest investments that I think are the biggest payoff, really. Josh: Absolutely. That's a differentiator with a lot of businesses. Some businesses look at staff and some of the other required services, such as IT, as a liability and an expense, where really it should be an investment. It should be something that you're sitting there and your Connected Platforms hopefully sits there with you on there, as like a virtual CIO or CTO to talk about how they can leverage new technologies, and what's your exit strategies for the business, and how are you going to be going along with that to make sure that your practices have built up around that? I would completely disagree with what I just said if it was 50 years ago, but nowadays, you can't run a business. It's kind of like saying, you want to run a business without electricity. It's like, yes, it can be done. Is it the most efficient, easiest way to do it? Absolutely not. IT is definitely where people need to be investing their time and money. IT automation and marketing would be our biggest expenses internally. Madeline: I think it will change, depending on industries. For example, we have a lot of clients, where their IT isn't obviously their biggest investment. It might be the equipment that they're using. Because they might be that kind of industry, where they're actually like earth moving or something like that, that's quite a big investment, earthmoving machinery and things like that. Madeline: Then secondary to that. It's always the people that they employ. They need to trust their staff. They're moving those million dollar machines around and things like that. So I think those two are pretty integral, regardless of the industry that you're in. Josh: I agree, obviously you have set up costs and bits and pieces. If you've got, as you said, earthmoving equipment or any sort of industry-specific equipment, it's going to have a big cost. But the good news is, I guess it's also equity sitting there in the business that if shit hit the fan and they had to start getting rid of staff, the equipment they could sell and it's going to give them something back, hopefully, unless it's completely depreciated. What have you guys found that are things that many businesses or accounting businesses can put in place that removes staff overheads and things like that? Madeline: Training in those systems, I think. The biggest problem with accounting, I suppose, is you've got a lot of young people coming out of university who, a hundred times work and study, then you're really trusted and really, really knowledgeable accountants in their forties and fifties. There's a definite gap there where you've got people who are incredibly tech savvy and just want something done and know that they can get it done quickly. And then you've got people who are used to looking at the Tax Agent Master Guide, which is a book bigger than any Harry Potter novel. They're going, "Check this index against this," and they're going, "Well, I could just Google it, mate," where like, what's the term or phrase kind of thing, like, just so we can make sure that we've got the ruling right if we want to make changes. So training and investing in those staff is the biggest thing that's kind of, I suppose, saved us, especially during this pandemic. Madeline: I know that other businesses that we engage personally have just absolutely had to shut down, apart from their few youngest employees who have to run the show at this point because they can work remotely. They figured out how to use the laptop and remote login to the systems. Things like that. Their older employees are just like, "Well, what do I do? I sit at home and do nothing?" It's like, "Well, I can teach you how to, I don't know, use Slack or something like that." Like a direct messaging system, that like, if you're struggling with Facebook Messenger, going to be a problem. Josh: A degree in Google is what I refer to that as. People just need to know how to search for what they need to find. You don't need to know absolutely everything. You just need to know how to use the tools that you've got to be able to find the answers, and the tools can be people or it can be your search engines or documentation systems and the like. Josh: And documenting your processes is great because it allows for you to level up. It lets you level up. You can easily chuck in more accountants and they can read through the on boarding documents. If you have a new business that you're working with, there can be on boarding documents for them as well. And off boarding documents, if you are downsizing or a business is no longer working with you, it makes everything more straightforward. Josh: And the way I would relate it is the biggest business that's operating or one of the biggest businesses is McDonald's and it's run by 14 and nine month year olds. Madeline: Yes, step one, step two, step three, press the button. It's all automated. Yeah. Josh: Exactly. And so getting those processes in place is super important. What do you normally use to create the documentation? Is that something that you're doing with the likes of video recordings or text-based things or both, or situationally, are you putting people into a situation where you can have them learn to become the teacher? Madeline: Yeah, actually funny, you just said that, just last learn to become the teacher. That's probably pretty much the best thing, we want to level up the staff that've spent years in the office because once they can write their own processes and teach someone how to do it, it's... I have two 18 year olds in the administration team, reception and administrative assistant. They're sitting there telling the 40 year olds, "Okay, this is how we're going to use this process." Madeline: It gets rid of that hierarchy as well, because you've got an 18 year old teaching a 35 year old how to use a program, but we're not using kind of like recording processes because everyone's an individual in how they teach. Everyone's, I suppose, an individual on how they learn. So there's no one set way of learning. I think we've discovered that a lot, just through focusing on the individuals in the office. It's one-on-one, 100%, but we document what needs to be done. Madeline: We use another program called MyGlue. So that one's again, referred to from our IT company. They use it for a lot of their internal processes and you can step out what you have to do for on boarding a client, like the step-by-step processes with that. We document the basics, but it's really a one-on-one experience. Yeah. That's why the business has basically quadrupled in size over the last year and a half. Just on that one-on-one mentoring, it's just that keeping to the basics in a PDF document. Josh: Talking about MyGlue, that's a, I think it's a part of another product called IT Glue. Madeline: Yes, it is, sorry, yeah. Josh: Yeah, yeah, yeah. Okay. So when you said MyGlue, I'm thinking, I'm pretty sure it's IT Glue. It's a fantastic tool. We have the same family of tools that we use internally, and having that documentation there, as you said, not everyone learns the same way. We've spent a lot of money to have multiple ways for people to learn, videos of onboarding of new staff, as well as then screen captures, as well as then videos that they can watch from a screen recording, as well as in the text document. So you can then have your own internal research to be able to look it up and find out something. Josh: The biggest thing is to start with something. Having something's better than nothing. Having a process there and being able to write yourself out of the business is really important. You don't want to be sitting there working day in, day out, as the business owner. You want to make sure that as long as you're not in a position where you can become redundant, you want to be able to make yourself redundant. Madeline: Exactly. It's funny. Bring it back to you were mentioning the DISC profile before. And a lot of accountants being just one type. We used to do the DISC profile on all new employees coming in, but I no longer bother with that because I want that personality that's able to speak to clients and isn't just really process-based. It's just like, "Well, no, I just follow the process." We go, "Well, that's not being an innovative creative accountant." We don't want you to absolutely defraud the tax office or anything like that. But there is ways that you can be innovative and help the client in that business advisory way as well. So if it leads back into that we don't want to be that typical accounting firm where you're just following a step-by-step process and individualising it to every person and employee, making sure that they fit in. Josh: I think it's important to be personable and not be like what the industry says. Like I'm a, as I said, I started in mom and dad's garage, but that doesn't mean that I'm not the guy that jumps up on stage and talks to everyone about how they can better their business. It's about making sure that you are the thorn in the bush, if everyone else is the bush. So be the one that stands out and be refreshing. Madeline: Yeah. We're definitely not your typical accounting firm. Really accounting is a secondary, I suppose, skill that we want you to have if we're hiring you as an accountant, we actually want you to be able to talk to us and have a meeting with us and want to work for the company because I'll tell you what, the amount of offices or typical, even real estate agents I've worked in too where you walk in and it's sort of funeral tone to it. Because there's no sound. It's just a quiet receptionist sitting there that goes, "Hello. How are you?" And speaks very professionally. Madeline: In our office, when it's open, when there's not a pandemic on, we've actually got a dog. Usually in the office, there's always music playing. People are welcome to come and go as they please, if they've got appointments with work and stuff like that, the office is just where they can come to work. But there's definitely an open-door policy as well. No one has their own office except the director. If they need a private space, we've got those areas. But we're basically a big team where you can yell out across the room and go with someone, so and so, about this, "Who's handling that?" So it's definitely not your typical accounting firm. We don't want that. That's what we're trying to avoid. Josh: Well, it sounds like you're the Google of accounting firms. If anyone out there in podcast land's looking to level up the way that their business is running and make sure that they've got someone there that they can give you advice as much as they can give you without being a financial advisor, I'd definitely suggest checking out Level Up Chartered Accountants. Is there anything else that you'd like to cover off on, Madeline, before we finish the podcast? Madeline: Don't be surprised at how young some of us are. If you are interested in coming into the office and seeing how things go. We do have people that are experts, been in the industry for 20, 30 years. But Drew himself is in his early thirties, me myself only just turned 30, I'm pretty much the captain of the ship. So yeah, we've got a lot of young wizards in there, and that can be scary, I think, for some businesses where they they've known their industry, it's been the same way for 20, 30 years. And we don't disregard that. We know that it's your business kind of thing. We're just going to make sure one part of it runs smoother because we've taped up, we've leveled up so we can hopefully level up at least one part of your business and maybe it'll flow through to the rest. Josh: You heard it from the head wizard's mouth. And I think that's absolutely appropriate because when I started in business, we were dealing with much bigger businesses. When I was in mom and dad's garage 13 years ago, as a... Far out, was I, 19 years old at that stage. I was talking to these businesses and they're looking at me going, "What could you possibly know?" But people just, at the moment, anyone gave you the... Open up their ears, and that's circling back to what you were saying earlier. People need to listen more than they're talking. The moment they were able to listen and they went, "Oh geez, this person knows what they're talking about." Josh: I know myself, I was a few years ago, sent over to Vegas to do a presentation in front of three and a half thousand IT businesses about how we automate some of our internal processes. And I was freaking out because I'm thinking, Oh no, I'm like nearly 30-ish. And these people, when I'm looking in the audience are like you said, 50s, 60s, 70s. And I'm going, they are going to think just I'm a wally. They're probably still talking about punch cards. Anyway, I get up there and I start talking. And first minute, you see people's eyes sort of like not really paying attention. Second minute, everyone's there taking notes and writing down things and you could see their attention. I went, "Awesome." Josh: It just takes a couple of minutes for people to see the change and the benefit that you can have. And it's refreshing, I think, not doing things the same way that people have been doing it for decades. It's good to have some fresh blood in a business, to be able to push that along and have that experience, have some of the nomads in there, the grey-haired nomads, but also have some of the younger whippersnappers that are going to be able to break out, change, a difference. Madeline: Definitely. Yeah. We've found a happy medium, I think. Josh: Sounds good. Sounds exciting. And yeah, if anyone out there does want to have a discussion with Madeline, definitely jump across to levelupca.com.au That's levelupca.com.au, and you can check out what they've got on their page there, and probably even be able to book in a session to jump in there and meet the team and pat their dog. Madeline: Yeah. He's Chewy, he's lovely. Josh: Chewy. Awesome. Well, I've loved having you on the show and look forward to seeing how everything goes after this COVID situation. If anyone has any questions or has any reviews or feedback, make sure to jump across to iTunes and leave us a review, give us some love. Everyone out there, stay healthy and stay good.  

Help Me With HIPAA
Insider Issues 2020 - Ep 242

Help Me With HIPAA

Play Episode Listen Later Feb 20, 2020 55:29


Another report comes out that says insiders are a huge problem.  You have to worry about the people, people. We have been saying this for years.  The lastest news on that front is in the 2020 Cost Of Insider Threats Global Report released by the Ponemon Institute and sponsored by ObserveIT and IBM.  It does tell us a lot of things we already knew but the details including those about how it is growing are important to note. More info at HelpMeWithHIPAA.com/242

Business Built Freedom
126|How to Secure Your Business Network

Business Built Freedom

Play Episode Listen Later Feb 18, 2020 55:24


How to Secure Your Business Network Joshua Lewis: Everyone listening out there in the cybersecurity world and business owners, I've got a very special guest on here, Alex from Jolly Frogs. And he does something called pen testing and that's something that might sound really scary, or might sound like you've only ever seen it on NCIS or CSI. When they're jumping through, getting through all the firewalls and breaking into the hackers websites and all these other sort of fun stuff. But it's actually quite a lot more involved than the way they make it look on TV. What could you tell me about what you do Alex, and how that affects businesses? Learn more on how to secure your business network at dorksdelivered.com.au Alex Penrose: Currently I focus on training, penetration tests. So I've got a lot of experience, and I've done probably a ridiculous amount of research myself to get myself to the level that I wanted to be at. And I'd like to do nothing more than to share that knowledge. So primarily at the moment, I'm training pen testers, I'm training reverse engineers and forensics experts as well. Before I started doing the trainings I held the role of Director of Cyber Security at Queensland Public Education. And before that, I had various management roles in Queensland health and Queensland police. So most of the knowledge that I accumulated is not from work but from personal research. You get home after six in the evening, and you've got four or five hours to do your own research, every weekend 12 hours per day. Researching various new technologies, new ways to get into websites or get into companies and doing various certifications to get to that level as well. So I enjoy doing it. It's something that I like doing. It's a hobby for me. Joshua Lewis: Cool. I think it's a cool hobby to have. That could definitely get you in trouble if you do to the wrong things. If you're doing the black hat stuff instead of the white hat stuff. And- Alex Penrose: Yeah absolutely. You got to be very careful. For instance one of the interesting things that I was looking at was reverse engineering. And some of the things that are the most interesting to me are reverse engineering hardware devices. And do you know IoT, the Internet of Things? Joshua Lewis: Absolutely. Alex Penrose: They're basically the little things that you can buy. The little cameras, little portable devices, even coffee machines. Anything that's connected to your network or to the internet for updates. Fridges nowadays, ovens, and the way that these devices are being put out to the market, it's all about speed. To get them out to the market as quick as you can because, it's innovative only for the first few months. And after three months, six months, that device starts to get old. So those devices are not always given the scrutiny that other devices are being given Like your Operating System. Your Windows Operating System has a lot of scrutiny going over it. Linux as well, which is another Operating System that has a lot of scrutiny going over it. And it takes many months for particular patches or security updates to come through to be tested by Microsoft or by the Linux consortium. So these IoT devices, these little hardware devices you can buy them off Alibaba or eBay. And some of them come from China and they're really not that secure, but you still connect into your network. So they're an entry point for a hacker to come into a network. I love to do reverse engineering of those devices. But coming back to the issue of black hat, white hat, there are some legal issues with reverse engineering. You're not always allowed to do it. So the best way to go about that I found, was to contact the vendors and to agree with them that you're going to do it. And a lot of the vendors are more than happy to help you out and say, "Yes, sure." And I ask for a signed form from a high up executive in that company. And what I found that a lot of the Asian companies out there are more than willing to do that. They don't immediately call a lawyer and try and get it all sorted out. They just say, "Yeah, go ahead and test it for us. If you want to do that in your free time, and for free we'll even help you out with that." I had one vendor send me a device, quite an expensive device that I could reverse engineer. Found a few bugs in that one, a few security vulnerabilities for them, reported it directly to them, and they security updated it in the back end. And all of that went on without anyone knowing about it in the public, and their devices are now more secure. So you've got to be careful especially at say with American and European companies that when you start reverse engineering anything or unpacking firmware that you are covered legally. I'll stop talking now. Joshua Lewis: That's all right. It was really good because it's something that I'm a huge believer in the IoT movement. I've got a very, I'm going to call it automated house, and I'm also going to call it vulnerable. I would say that it's ... And it comes down to the way that you do it. With any new flexibility with technology, comes about generally inherent security issues. And I can say my gates, my locks, my watering system, the level of my pool, my lights, everything is automated or has some level of IoT connectivity If I want to turn on the waterfall and the pond, I can do that with my voice. So it's all really, really cool. But what people don't understand, and this is ... I've set it up as an IT specialist, which means I've got everything on ... You know what I'm talking about for everyone out there, and the rest of the world on it, sort of VLAN. Which means it is separated to anything that I have that I hold dear myself. So worst case scenario, someone hacks in, and they're able to open the gate. The locks, I intentionally went with something that I've developed myself, which means although the security ... and this isn't what everyone should do, the security might not be as unpenetrable as what you'd have with a Western country developed device. I can say that the obscurity would definitely mean it would be zero chance of being attacked. And that's what it is. It's kind of balances with everything. The worst thing that could happen if someone was to gain peering eyes onto my IoT network as a separate network to everything else is, they'd be able to turn my waterfall on and make my lights go to music or something against my want. And that would be obviously quite an interesting thing to happen. And I would do something about it at that stage. You're exactly right. A lot of companies have these products that they just want to send out the door as quickly as possible. You look at Apple and Samsung, just as their basic phones, they're both fighting to be the biggest market competitor. And so, they're releasing these things. Like Apple had a vulnerability on their device for years that was being backdoored and utilised by Google. And it was only found out that they were tracking and grabbing information out of these iOS operating system for years before something was actually done about it. And it is just because we are in this instant gratification life cycle with the people, the Tinders wanting people to have everything straight away and not necessarily thinking about what the longterm risks are with that. And I think that's bad on a home IoT device level. But there's also something that gets a bit more concerning, and that's the PLC world to me. When you have these controllers that are controlling main water systems, how much fluoride's being dumped into the different areas. And if something was to be broken into there, we could have some serious issues. What are your thoughts on where the world's going, and how do you think you'd be able to fix those things without taking them away? What would you do? Alex Penrose: Yeah, I think your approach at home is actually really, really good. And that's something that I would advise most businesses and organisations to do as well. Consider the vulnerabilities of your networks. And every network is going to be vulnerable to something, to a certain degree. And you need to be comfortable with what happens in the worst case scenario. As you said, worst case scenario, they can turn on the pump of my fountain or they can turn it off, and I don't care about that too much. I might lose a bit of order, but I'll find that out the next day because I can visibly see that it's on, or I can hear it during the night, and I can do something about it then. So the damage is controlled. And I think you need to treat your network in that way as well. Joshua Lewis: Absolutely. Alex Penrose: Consider the worst case scenario. Do a risk profile and do a risk appetite statement as well for your organisation. This is something that is really big in the Information Security Management System world or ISMS world. Is that you create a risk appetite statement, where you state what your appetite is for particular risks and you always have a certain appetite for risks. For instance, you might think that DePaul education might have a zero tolerance zero appetite for any risk related to personal injury because you don't want your students to get injured and you don't want your teachers to get injured, so there would be a very low appetite for risk there. But the police, you're sending your police force out there is an inherent risk of your police officers getting hurt. So you might have a slightly higher level of tolerance for that risk of people getting injured during their work. Same for firemen, you're sending them out in the middle of a fire, what's more dangerous than that? So you must have some level of risk associated with that, and you must accept that risk. And the same is true for cyber security. So a bank especially like a Bitcoin bank, an online bank will have a very high a ceiling of where the cyber security would be. Right? Whereas someone who owns I don't know ... it's hard for me to give an example because everyone cares about their security. Right? but you might have a personal home light in your home. You might not have the same level of cyber security requirements as a bank because you say, "Well, okay, so they can come in and they can turn on the pump. I don't really care about that. They can tend to shut those down or the lights on and off. Okay, big deal. I'll learn from it and I'll fix whatever the issue is, but it's not going to cost me outside of my risk appetite." Joshua Lewis: Yep. And that's, I'll walk in that ... exactly you've said there too. Like Oceans 11 or any of the big heist movies where they're going to break into a bank or break into a casino and grab a bunch of money. And they have these really crazy plans where there's distractions, an illusion. What I think it comes down to is banks have great security. And if you have to think about the actual physical banks now, physical banks don't have anywhere near the security relative to their online counterparts. And that's because, a physical bank will hold 40,000 or $50,000. They'll have many security cameras, but not ... when I say not as much security, I mean it's not too indifferent to what you'd have in a commercial property for a business. You'll have screens that go up, a safe, most businesses will have safes. Most businesses will have security cameras, but the chances of them getting caught is incredibly high. The chance and the prize at the end, the booty, the reason for them spending all this time and effort making these big plans is so high. It's not worth the prize at the end. And that's what security I think is all about. Anyone that wants to get into anywhere will work out a way to do it if they have enough time, patience and the motive is high enough to get whatever the prize is at the end. But most people are not going to be too bothered because, there is so many steps that you have to take through. If someone had to break into my wifi or through my internet connection, to get into the VLAN, to then jumping and turn my fountain on. The amount of times to get to spend to do that well outweighs the advantages it's going to be for them in the end. Alex Penrose: Yeah, I agree. Another thing to consider as well, you spoke about the physical versus the cyber breaking in. One thing to consider as well is, back in the old days when you broke into a bank, you had to have a truck, a major truck to carry all those bags of money. Right? Joshua Lewis: Yeah. Alex Penrose: But if you break in with the cyber method, you don't need any kind of big truck. You don't need any bags, you don't need any effort. It all fits on a little USB stick nowadays. So it's much easier to exfiltrate information via the cyber way. So I do agree. I think cyber is more important than the physical. Because, in the physical world, you've got physical guards, you've got your security cameras, but also it's incredibly difficult once you do have your loot as you say, you still need to walk away with it. And that can be a major problem. Whereas if you're in into a network, all you do is you download it to some Cloud provider and you're done. And once it's out, it's out as well. You can't stop it then. Joshua Lewis: No, that's right. And then it's out in the dark web, people are buying new information. And that's a big thing that I think people have this misconception of what penetration testing is, and what hacking is. In where Frank Abagnale, who was famously put into a movie called Catch Me If You Can played by Leonardo DiCaprio fooled people to make everyone think that he was a pilot, and that he was a solicitor, and that he was a doctor and a bunch of other things. And what he was doing is social engineering, social hacking to be able to get into a spot that he's not meant to be. And penetration testing doesn't just stop at the wall of your internet service provider or with the security of your physical network. If you were to ring up someone and you said, Oh hi, my name is X, Y, Z, and you've worked at this, they had this client name because they had a testimonial on their website or something like that. And then you said, Oh, I'm just double checking if our account's delinquent or if we're all up to scratch, because we're changing accounting systems or whatever story you feel like saying. And then all of a sudden, they're telling you the financial position of this other company. And then you're able to use that information and then slowly bite away and break into their network or break into accounts' information. So then use it on the flip side and potentially break into the network that you're pretending to be. And so what it's about I guess, is the way that you talk, and that comes down to the security of your staff and the training that they've had in how to deal with suspicious questions. I rang up I'm not going to say which one of the big four banks it was, but I rang up one of the big four banks. I spoke as I'm standing right now. And I gave them my mother's details, her birthdate, full name and the address. And it was able to change around her mortgage on the phone sounding nothing, indifferent to what I sounded like right now. And I thought how bad is that? That I can answer three security questions and I could have been a stranger. I was doing it to help her out because she was at a season, needed to sort something out. But I could've done anything, and that would've absolutely caused a world of trouble for someone. I have written letters from mom to say that this is okay, and was ready to patch in on a three way call, but I thought, let's just try, I've already got permission from mom to say this and I was surprised at how easy it was. Alex Penrose: Yeah, it is. And I think the two easiest ways to get into a company in terms of cyber is either via the help desk. And the reason for that is because, as you did with the bank, you were probably connected to a help desk. And as the name implies, it's a help desk. They're conditioned to help, right? So from the very first day they come into the organisation their performance is monitored and managed based on helping people. And the more happy people leave the help desk, the better the performance. Now if you're a hacker, you'd be extremely happy to get whatever passwords that you want. So that's what they're going to give you, right? Because as a hacker, you're asking for the password and they're going to give it to you. The only thing you need to do is you need to make sense. So for instance, the help desk is one way to get in, the other way is the HR department. So human resources, and in order to make sense what you would do is, you might wait for some kind of position to open up at that company. And the HR department would then at that point expect PDF documents or word documents to come in with people's resumes, and it makes sense to them. So they will open them without thinking usually. Because, well that job interview did co ads, I'm expecting a document. Because I'm expecting a document, I'm going to open it without thinking twice. And it's really easy at that point from a hacker's perspective to have some kind of malicious code in your resume- Joshua Lewis: An old version of Adobe reader or something like that and bang, they're in. Alex Penrose: Oh yeah, absolutely. And all you need to put in there, you put a message saying, in order to view this message, you need to download this programme. And then off they go, they download the programme. Because again, they're conditioned to do this, this is their job, to open these PDFs, to read the contents and to process these applicants. So you got to play to that weakness in a way of those departments. But definitely, help desk, HR department very easy to get in via that way as long as you are believable, and as long as you do it in a way that they expect you to act. So don't send a PDF with the resume saying, Oh yeah, I saw this job for blah and actually the job doesn't exist. You need to make sure it probably exists, it's listed and that's within the timeframe as well. And that they want to open the document. You need them to want to do something. Joshua Lewis: Yup. And that's as easy as creating an anonymous account on LinkedIn and double checking when they're putting up posts for a new job. And that's where the biggest vulnerability ... Or I'd like your opinion on this, the biggest vulnerability though in my opinion is your staff. Your staff are by far the biggest gateway to bring people into your network, and to bring unwanted nasties and IP and other integral documents of your business outside of your network. Alex Penrose: Yup. I agree. Staff is behind 50% of all the access. I saw a number a few years ago, it was 50% that they are behind it. This is insiders. So you might've stopped doing accidental things but you might also have malicious staff doing malicious things. So you've got to consider both those approaches. Not all your staff is happy to work for your company. And some staff might be enticed by a few thousand dollars that they could grab if you gave them the opportunity. So you've got to remove that opportunity. And you've got to expect your staff to do something like that. So you've got to monitor your staff in that respect. Both for accidental things, but also for malicious things. And actually most stuff would be accidental, opening a PDF in the HR department is something that they're expected to do, but they accidentally compromise your security for doing that. Joshua Lewis: We use a tool for monitoring our staff as well, there's a tool that we use for our clients called ObserveIT. Alex Penrose: Yes, you've got to use some kind of a tool to monitor what people are doing. And you would have read in the news that a few QPS employees were indicted looking up people in the system that they shouldn't have looked up. They didn't have any reason to look that up. This is all public news. And they were indicted for that. So I think there's two or three cases of coppers abusing their position to get into the backend system. And you need to take into consideration that a big organisation like the police or like education, they have tens or even hundreds of thousands of people working for them. And some volunteers as well, right? The Queensland Volunteers, education volunteers, health volunteers. And they get more privileges than the public. So you got to monitor them somehow and whatever monitoring system you use, whether it's ObserveIT or something else or ... There's various solutions for that. You've got to monitor your staff, but you can't monitor every staff all the time. So usually, you'll have some kind of trigger going off and you would use some kind of screen recording software to then check what actually happened. Was it just accidental? Because someone could accidentally double click on a programme and open it up private. It does happen. It's happened for me as well. Where you open up the word document, it just double clicks. The mouse might have double clicked by accident and it does happen. So that's completely different than someone opening the tool, specifically searching for a particular person that they might know, and then finding out some details that they're not supposed to know. So there's a difference as well. And to differentiate between accidental and malicious that's where your screen recording software comes in. So I'm not sure if they use ObserveIT or not, it might be something else. But yeah. Joshua Lewis: I was just going to say anyone listening out there in the podcast world ObserveIT is just a tool that lets you audit what your staff are doing, or what a network is doing. Gives you text data so can see if they're opening out notepad or Firefox or Google Chrome or something that they wouldn't have normally opened up. And then also lets you see suspicious login activity. So if your receptionist for whatever reason logged in at 2:30 in the morning for half an hour and that wouldn't be what her normal process would have been. It will then create an alert, and send that off so that you can then monitor and work out more accurately what your staff is doing. So it's good that we both know what we were talking about, anyone else don't know what we're doing. Joshua Lewis: So above and beyond putting that sort of software in, there's obviously tools like Nmap or Wireshark and things like that. So Nmap lets you scan over a network and monitor what new devices might've appeared. And then Wireshark depending on how you have it set up, lets you intercept and then see the type of information that's being transmitted. Now these tools are only just a couple of free tools that imagine you would have in the plethora of tools that you would use to go and work out vulnerabilities in a network. And then once you've gone through, say an Internet of Things device and you've accessed it, and how you can actually work out the goodies on the other side. What other tools do you use? Alex Penrose: I like to categorise the tools that I use. I use a plethora of tools, hundreds of tools. And I also write my own tools as well. I'll write most of tools in a programming language called Python. But I also write it and see whatever's needed. If I need a fast programme, I might write in C or C++, if I need a programme really quickly, I might write it in Python. I like to categorise the applications passive, which means you already raised Y shock. You can passively tap the network and listen to the network, you won't get detected doing that. It's basically having like a microphone on the network which records everything that goes over the network. And you might pick up passwords, you might pick up network protocols that should not be enabled or which you might be able to abuse. So I would say that would be the one category. The passive reconnaissance. Then you've got your active reconnaissance tools Nmap would be one of those. So, Nmap is a port scanner with some additional functionality that is able to recognise certain protocols and certain services that run on a particular computer. So you might be able to detect not only that there is a web server listening on a particular network port, but also what type of web server that is. It might be an Apache web server, it might be a Microsoft IIS server, it might be whatever the make of that web server is. And sometimes, even the version of the web server as well. And all that information allows you to then research to find vulnerabilities. And one of the tools that I like to use for finding vulnerabilities is a Kali tool, which is Searchsploits So there is a distribution, a Linux distribution or Linux operating system that you can download for free on the internet. It is called Kali, K-A-L-I. And Kali is preloaded with a lot of different tools on it. And one of those tools is Searchsploits. So you can type Searchsploit in the Kali prompt, and then space, and then puts an Apache in there, and that will list you all the available public exploits for Apache web server. So if you find a particular vulnerable Apache servers, say whatever version number and you use Searchsploit, it might give you the exploit ready-made and you can just run the exploit right there. Obviously, there's another tool called Metasploit, which does a very similar thing. Metasploit automates that hacking process to a certain extent. It allows a hacker or a pen tester to break into the system using known exploits, and then instal a backdoor automatically on the server that was compromised or the IoT device that was compromised. And the backdoor, not everyone will know what that is. It is effectively a piece of software that allows you to easily get back into the system at a later date. So like a Trojan horse kind of thing. Joshua Lewis: Well, I guess the way that I would describe it, a general network is imagine you've got a unit complex, and there's one big gate at the front. You could call that your router, and then all these little things inside the unit complex, all these little units, could all be different devices. And if you're able to grab the key to one of these units, that means you're able to get through all those different ... The front as you said, you have a backdoor created, it means that the more devices you have on your network, the more chance of vulnerability things are being looked at, and actively patched. And using one of the Internet of Things devices or any known patchy server or web server or anything like that could then mean that you gain access to absolutely everything for a later stage. So, that's kind of the way I sort of normally think about it. If you've got lots of doors into a building, and you just have one door that you leave open a lot of the time, they're not going to go and check that. Alex Penrose: Yeah, that's true. It's a good comparison actually to how it really works. You try and find an open door or a door that is ajar and you get in. And then once you're in, and you are at a particular security level on that system, it is then very, very difficult to first of all detect that person. And to get rid of it is difficult as well. So there is a thing in cyber security which we call a privilege escalation. So as a normal user on the computer, you typically have low privileges. Which means that you can't instal programmes. For instance, especially in managed environments like big government organisations or banks, employees are generally not allowed to instal programmes. And the reason for that is that, if you do instal a programme that is a back door then that's installed in your system and you need to provide access to a hacker remotely. So generally speaking, people have low privileged accounts, normal user accounts. And what you want to do as a hacker is, you want to try and get access to administrative accounts or a high privileged user. So the process of hacking into a company is to first get access to a low privilege account on a PC. For instance, using the HR department trick or the help desk trick you might get access to a PC. You get what we call a remote shell which allows you to enter commands on a desktop. And the next step would then be to try and elevate those privileges to an administrative account on that PC. And that is usually fairly easy to do on the Windows and Linux machines. There will always be some kind of vulnerability on the PCs that aren't specifically hardened, especially the PCs that haven't been updated. If the automatic updates on windows have not been enabled, you can be almost certain to find some kind of vulnerability in that system. There was a test done at one point. Some university did a test, they put an unpatched or unupdated system on the internet and they checked how long it would take for that machine to be compromised. And this is back in 2015 so I'm sure that nowadays it's even faster. But in 2015, it took four minutes for a device to be connected to the internet for it to be fully compromised and added to a botnet. Joshua Lewis: All right. That's quick, isn't it? And that that goes, should I say the severity of security and how much more important it has become even over the last years? Alex Penrose: Yes. And the importance of running automatic updates. I understand that large organisations don't want to enable automatic updates. They don't want to disrupt the business. And security is always a concentration between usability and security. But I believe that not enabling automatic updates is probably one of the bigger issues in metrics being compromised nowadays. So, one of the things I always advise is, enable automatic updates on everything. On your web servers, on your user fronting servers, VPN servers, routers, everything. Just automatically update that thing. And don't wait a day, don't even wait half a day. Because one of the things that hackers do is, they run daily scans of the internet. And when I say the internet, I mean the whole internet. So they've got what's called a botnets which is a network of compromise machines. And these might be very big. You might have 10,000 computers that have been compromised, that have been added to these botnets. And the botnet can be operated from one central location, from one central server, one computer effectively will then manage all those 10,000 compromised machines. And you can give those compromised machines orders. You can tell them to do certain things. And one of the things that hackers do is, they take scans of the internet Nmap scans specifically, to find services and service versions. So they might find that your organisation might run a WordPress site and it runs WordPress 5.7 or whatever the version is. They will add that knowledge into it's database. So there are hacker groups that just do that. They scan the internet every 24 hours, the whole internet, and they add your WordPress sites with the version number to that database every time. Now, when a public exploit then comes out ... and an exploit is something that exploits a vulnerability. If an exploit comes out and they find that's odd as an exploit for WordPress 5.7, I'm not sure if WordPress 5.7 exists. Might be a different version number. But let's assume that it does exist and that you are running that on your- Joshua Lewis: It doesn't yet. Alex Penrose: Yeah. Well there you go. And so the hackers know, as the public exploit comes out for that version ... They know the IP addresses or the locations of all the vulnerable machines on the internet. So it doesn't take them weeks to find your server. They already have that information. They already have it in a database. So as soon as the exploit comes out, what they will do is, they will run that exploit against your database to those IP addresses that they know to be vulnerable. And bomb suddenly they got another thousand nodes, a thousand robots in their botnet. So that's how things happen nowadays. So you can't wait even hours anymore after a public exploits comes out. You have to run automatic updates. If you don't run automatic updates, you will at some point get owned. That's just the way it is. Especially on your web servers, they're extremely vulnerable. Joshua Lewis: Absolutely. And then when you have services like WordPress, you kind of hope that there's no vulnerabilities that come out. But given it's all open source, if there's anyone that's a bit tricky, they may find a vulnerability and then not release it to the public. Like there was the Heartbleed attacks a couple of years ago that had been seen to have been patched on the Google servers years before it was released as public knowledge. And- Alex Penrose: Yeah. Joshua Lewis: Again, that's a bit sass. Was Google using that as they were aware of the vulnerability and doing something about that? Or were they just a bit sass in my opinion? But, the best thing you can do ... I guess the take home would be, if you're a small business and you don't want to have any downtime, which is what hacking is going to create, is make sure you keep things up to date, secure, and have an active backup that's not connected to the same physical network. Would there be any other tips that you would give to make sure that they can stay protected in this ever worrisome world? Alex Penrose: Backups. That's the only thing you can really do. The thing that you were talking about there was, we call them Zero-days in the cyber world. So they're effectively vulnerabilities that have not been released, that are not public knowledge. But the chance of getting hit by one of those things if you're a fairly small business here in Australia is extremely low, and this comes down to your risk appetite again. Are you going to worry about being owned by a Zero-day? I personally run WordPress on my website. So jollyfrogs.com is a WordPress site. I do automatically update everything. I don't care if it goes down for five minutes, I'll shut the website's offline for a bit. If I want it to be 100% available, I'll run a second one and I'll run the patching five minutes apart. Oh, sorry. I touched my microphone there. So I'll still have 100% uptime, but I don't even care about that I just want to update. But I'm aware as someone who has a Zero-day against the particular WordPress site that I'm using, they could break into the website. But then again, there isn't very much on there. The only damage that would be done is, someone could what's called defacing the website and could put some nasty things on the front page. But it will be obvious that'll be taken, but I don't really care about that. It's a risk I'm willing to take and I think everyone else should consider that as well. Unless you're the NSA or the FBI, the CIA or some major international organisation that works on defence contracts. Zero-days they're not really used that much because there is always a chance that if you use your Zero-day that it'll be found out. And then your Zero-day's gone because they'll be patched. So they're very valuable for hackers to have Zero-days and most hackers would have one or two Zero-days that they don't disclose. Because it helps with pen testing. And so you don't disclose everything. But you do disclose some of the things I would say. But yeah, you can't really worry about those kinds of things I would say. So you ask what other things can people do? Definitely backups, have backups and make sure your backups are not connected to the network. So that if something happens, you can always restore it and practise your restoring process. Don't just have backup. Because I worked for a company a long time ago and they had a backup system that they never checked, they made the backups and they made it on what's called a tape, which nowadays is old fashioned technology of course. But a lot of companies still use tapes. And they're magnetic tapes, and they never actually checked them. So they ran them for years and years and years, and eventually they would fade in their effectiveness. And when there was an incident at this particular organisation, we had to restore something. And that's when they found out the restore process didn't work. So the backups that they had were useless. Luckily, it was only one small system that wasn't too important. But it immediately sparked replacing the whole backup process and also testing your backup. So don't just make the backups, also test your backups as well. And that'll allow you to restore your things much quicker. If something does go wrong, you'll have all your processes ready and you can usually be online within an hour. Joshua Lewis: Yeah. If you've got active backups, you've got verification on your backups and UI. As you said, you're going into a mode of let's do a test when it's an available time for the business as opposed to in the middle of their busiest weeks. Which let's be honest, is the only time things really break. It gives you then the ability to get, "Okay, we're having some downtime, a three day weekend or something's coming up. Let's restore everything on current hardware and see what happens, see what breaks, see what doesn't." And it gives you the ability to see if it was going to work hopefully when you don't have a catastrophic event. But hopefully if you did have a catastrophic event, you then know that you're going to be protected. We were very lucky that ... well not lucky I guess prior planning prevents piss poor performance. Alex Penrose: That's it. That's the piss perfomance. Joshua Lewis: And when the Brisbane floods came through a number of years ago, we had clients that were evacuated from Brisbane, and they had their backups that were offsite. And as soon as they were able to be at the offsite location, we were able to restore their servers, workstations, and everything to a workable state. And that meant that they were down as you said hours, not days or weeks. Where their office wasn't going to be manageable, ended up being in two foot of water where they were and everything was covered. So it was replaced everything. I was going to say hilariously, not hilarious really. But two years later, they've moved buildings and they said, ah, we're never going to have a problem with the floods. Two months later the roof collapsed in, in the middle of the storm and everything was in a foot of water. But part of the times they had backup, and so they were all back up and running. And you don't know when these things are going to happen. And just for small business, I think it's more important than ever to have backup because you can't afford to have ... If you have a work workforce of 10 or 20 staff and all of them are sitting there doing nothing, you don't have the cash flow that cash buffer to be able to be paying them all while everything is being recreated, as opposed to just being restored. Alex Penrose: Yeah, absolutely. Backups are probably at the top of the list. There's some other things that I would advise people to do. The other thing that's probably as important as backups is, to use some kind of a security proxy in front of your web server so- Joshua Lewis: Like CloudFlare? Alex Penrose: Yeah like CloudFlare for instance. So the way it works is instead of web browsers, web users going directly to your website, they'll instead go through this security service like CloudFlare, you mentioned it just now. There's a few other ones out there as well. They're very cheap by the way. They cost almost nothing but $29 a month or something or a year even, I don't know. It's really cheap. It's something that doesn't cost a lot of money. And what these proxy services do is, they sit in between the end user on the internet and your web server. So even if your web server has a vulnerability, say in WordPress, and some hacker's trying to exploit that vulnerability, the proxy security service will pick up on that and actually block that request. So your web servers vulnerable, but your proxy security provider will actually save you from being compromised. So that's a really important thing to do as well. And it's cheap. They know that these are not expensive services and they offer additional services as well like speeding up the content delivery of your website to the users in different countries. So definitely look at CloudFlare or some other kind of provider in terms of security proxy services. Joshua Lewis: Yeah, I couldn't agree more. That's very good advice, CloudFlare. These attacks called DDoS attacks or these denial-of-service attacks where these bots, like you were talking about will just go and smash your server with 10,000 requests a second or something ridiculous. And these services such as CloudFlare allow for you to overcome that problem because it goes, "Hmm, that's odd, you're getting a lot of traffic from Turkey at the moment or a lot of traffic from some that you wouldn't normally get. All seems a bit weird." And then protects it and blocks it out and has them go through typing one of those annoying codes that no one likes, that robots seem to have a big issue with, the CaptureCodes. Alex Penrose: That's the ones, Yes. And those security proxy services are getting smarter by the day. They are actually using what's called artificial intelligence to learn what your web server normally is exposed to. So normally you get 90% of your customers out of Australia for instance, and only 10% out of the US and suddenly you start to get 99% of your requests starting to come out of Russia or China or the UK or wherever. And that's not normal. And then the security proxy will go "Actually, well, let's have a look at what that is. And based on AI we'll then make a decision." Say, "Hey, hold on a minute. This is actually an attack happening because this is not what we've seen the last year on average." So they're really smart. So don't underestimate them. They're very cheap for what they provide in terms of security. And that'll provide your front end, your web server, which is really important. Because if your web server gets compromised as a business, and someone puts the Iranian flag on there with ISIS stuff and whatever. That's not something that you want on your website, or worse, illegal materials, illegal content. They could put all kinds of things on your web server and if you get caught with that on your web server, you're in deep trouble, legal trouble at that point. So you really want your web server to be very secure. So put that in front of CloudFlare or similar kind of service and you'll be sleeping a lot better. So the other thing that I'm recommending as well is, use the Cloud more. The Cloud is actually really secure if you do it properly. Cloud services, Cloud web servers, everything is all monitored. And you can automatically update that without having any downtime whatsoever. Everything is automatically backed up for you in three physical stores, locations if you want that to happen. Everything's kept up to date. So you kind of remove the human element a little bit from the maintenance aspects if you use Cloud. And the human element like you said, that's one of the biggest elements in terms of security issues, it's the human element. So if you can remove that by going Cloud, that's actually a good thing. Now you do need to use the Cloud very securely. There are ... I would definitely advise doing a training. So Microsoft offers one, Amazon offers a training as well. If you purchase a contract with the Cloud, they might even offer you something for free. Who knows. So that's something that I definitely advise doing. Get a training, don't just go into the Cloud without having had training because, you'll end up on the front page. Because, you've left a particular what they call buckets with information exposed to the internet. And that's really bad because, once it's ... everything in the Cloud is on the internet, right? So you need to lock that down. So before you put it in the Cloud, get some training. Usually it is three or five days with training for your IT staff. And then consider getting stuff into the Cloud. Because it is ultimately if done properly very secure. More secure, I would say than most organisations I have to manage. Because a lot of the aspects of security are actually managed by a company that does a really good job of doing security, whether that's Microsoft or Amazon or Google or some other provider of Cloud services. They cannot be seen as not doing security because, if one of their servers ever gets hacked, it'll hurt their business too much. So they invest a lot of money into security. So that's the third piece of advice there. And then the fourth one which is a really good one as well I think. Personal security, use a password database. Joshua Lewis: Yup LastPass. Alex Penrose: Yeah, LastPass is a good one. KeePass is the one I personally use because it's offline. Joshua Lewis: Really good. Alex Penrose: LastPass is really good yeah. There's a lot of really good ones out there. Just have a look at the history. Just Google, "Has LastPass ever been hacked? Has KeePass ever been hacked?" Whatever, just get some information. Don't just go with a random password provider if they have ever been hacked in the last few years. And I would suggest not going with those particular ones. But LastPass is a really good one, KeePass is a really good one as well. And the benefit of using that, is that you don't reuse passwords because by now most people would have hundreds of websites with a council there. You might just go shopping for shoes and you need an account on there. You might go shopping for motorcycle parts and you need an account on there. You have an account on eBay, you have an account on Facebook, Google, Gmail, Hotmail various accounts. So it's very easy to get to more than a hundred accounts. And a human brain, typical human brain is not able to remember all those passwords. So what people start doing is, they start reusing the same password and the same user ready for the various ... for their work but also for the personal accounts. So if one of those accounts then gets hacked, and people are able to find your username and your password in one service, then it might be able to break into your work, or your VPN account, or your web server because you use the same account details there. Now this can be overcome with a password database. So the way that I use password is, just every single account that I have is a unique generated 30 plus character password that is generated by KeePass. If someone were to try and get the password from me for a particular website, I could not give it to them. They could torture me, I could simply not give it to them because I do not know my passwords. They are automatically generated in a password database and they are stored there. Sorry, you wanted to say something? Joshua Lewis: No. I was going to say ... what you're saying is ... what's the term that hackers use when they find out one password and then go and hook into other accounts? Because it's if someone has reversing- Alex Penrose: I think you're looking for Natural Movement maybe so- Joshua Lewis: It's like my fitness pal accounts were broken into only recently, where they've got millions and millions of passwords. If you use that same password for LinkedIn they're in your LinkedIn, but as you said, if you use a Password database manager, they're not. Alex Penrose: Yeah, password reuse. You have password reuse. And the way that, if you use a password on one side and you use it on the other as well, you can basically possibly reuse. You can reuse it in another service as well. And this is actually a big issue because, you can go to a particular website. I can't remember the name. It's a guy in the Gold Coast who manages that. You might know the website. Joshua Lewis: Yeah, I do. Alex Penrose: Have I Been Pwned. Joshua Lewis: Yeah that's it. Alex Penrose: That's the one. And you can actually look up your email address to see if your password has ever been exposed anywhere. And if your password ... and this is some something I'd advise everyone doing just check your work email and check your personal email to see if that email address has ever been compromised. Because if it was compromised, I would start changing passwords really quickly if you have been reusing the same password. So this again, if you use a password database, you only need to change that one password that was compromised, not all your passwords. Joshua Lewis: It makes it so easier, and especially if using say a password database as well as with as many services as possible. Two factor authentication and ... Alex Penrose: Yes, two factor authentication very, very important. I would advise using two factor authentication on most important administrative accounts at your workplace. So if you manage a firewall, definitely have ... because that's one of the key security devices in your network. Use two factor authentication at work, but also personal. For your Facebook or for your LinkedIn use two factor authentication, unless you don't care about your account being compromised. In which case, it comes down to risk assessment, isn't it? Do I care about this account being compromised? Do I care about this shoe shopping account that I have that I created 10 years ago? I never shop for shoes there anymore. As long as I don't have any financial details, link there, personal details, you might just think, Oh, actually I don't really care if they get compromised or not. I'll just put a really hot password on it, save it in my KeePass and never actually look back. The other benefit of KeePass is that it automatically enters your passwords for you. So if you go to a website, you don't need to type your password anymore, it does it for you. So you go to a website, then you're automatically logged in, in a secure way. So that's another benefit of using KeePass. So it's not just more secure. It is also more user friendly and that's how I was able to sell it to some businesses. You start using it ... once you use it. It's really good. Joshua Lewis: People don't want to remember their passwords as you said. They have too many things to remember. Too many other things that are going through their mind and it's unnatural to remember what can end up looking like a 30 long character string of hieroglyphics. So it's sensible to me and it should look like that. I'm not saying don't use your mother's maiden name, zero, exclamation mark or the word password with an exclamation mark that is not secure. That is- Alex Penrose: That's it, it's one password. Password one most common passwords. Joshua Lewis: One of the best passwords that I had someone come to me with and they said, Oh yeah, I believe to log into my computer, the password ... I said, well what's your password? He said, what password? And I said, you pop up your computer is what password? And the guy's, "It's what password? Capital W capital P. What password is the password. And I was "All right, that is terrible." Alex Penrose: Yeah. Well if you can't use a password database for whatever reason, the most secure way in terms of making it as unbreakable as you can ... Nothing is unbreakable given enough time of course. But use full words put together even in low capitals, it doesn't matter. So horse, bank, suitcase, school, four random words put together is incredibly difficult for a computer to break, but incredibly easy for a person to remember. So, if you absolutely cannot or don't want to use password databases, then use full words together. Random ones. Joshua Lewis: And you can make those words something easy enough to remember. Like your name Alex. You could have the word apple, elephants, Lima, xenon, or something like that. And it would be easy enough to remember it's your name, Alex. But it's your words and incredibly beautiful. Alex Penrose: And from a computer perspective, it would take millions or billions of years to crack such a password like that. It would be unfeasible in terms of time to crack, something like that. But from a human perspective, still fairly easy to remember. So don't try and remember the really difficult passwords with all kinds of things in it. Make it long and make them just normal words, and put together four words or five words and you're good. Very difficult to break that. If people make good backups and they use password database, they use CloudFlare, use Cloud services. I really do believe that Cloud services are more secure than most networks in Australia. Because of that focus on security, right? These Amazons and Microsofts, they employ some of the biggest brains and security in the world to work for them. So I think that's a really good thing to do as well. So I think we covered a lot of the simple do's and don'ts of security. Joshua Lewis: Cool. Well, Alex, it's been lovely speaking with you and I really appreciate you coming on the show and going through some of the different dos and do-nots for security, giving a few different tips there. And if anyone is looking to get more advice or maybe even get their network tested out, jollyfrogs.com would be somewhere to be checking out to start off with and having a late through and jump through some of the different potential vulnerabilities you have in your network. Alex Penrose: Yeah, absolutely. And for training as well. OECP, OSCE kind of preparation trainings or Assembly or Exploit Development. Send me an email and I can give you some training. Joshua Lewis: Cool. Well is there anything that you'd like to go through before we finish off? Alex Penrose: No. I think that's it. Joshua Lewis: Thank you very much for your time. Alex Penrose: Thank you for having me. Alex Penrose: Thank you very much. Joshua Lewis: Thanks. Bye.  

The Get: Finding And Keeping The Best Marketing Leaders in B2B SaaS

Erica Sheehan is a cybersecurity marketing whiz and the VP of Marketing at Guardsquare, a Belgian mobile application security company that she is helping to expand to the US market. Aside from stints at Novell and Oracle, Erica was most recently VP of marketing at ObserveIT. During her tenure, the company quickly grew 4X and was recently acquired. Erica is a great example of a marketing leader who has successfully gone from larger to smaller companies. Hear what it means to make that switch, why being analytical is crucial to the marketing leadership role, how high-performing marketing leaders should evaluate a potential employer; and what it's like to build a marketing team in a rapidly-growing company. Here are some of the themes from the conversation: 1. The difference between average and great in a B2B marketing leadership role 2. Why analytical skills and field marketing experience are both important in shaping a marketing leader 3. How CEOs can assess if a marketing leader coming from a large enterprise to a high-growth smaller company can ‘scrap' 4. The trend of the CMO or VP of Marketing reporting into the CRO (as opposed to the CEO) 5. How to know whether you need a marketing leader who is more demand-oriented, more brand-oriented, or more product marketing-oriented 6. And finally, some unmissable insights into hiring and building a marketing team in a high-growth environment

Hacking Humans
I really wanted that shed.

Hacking Humans

Play Episode Listen Later Dec 5, 2019 30:45


Joe shares the story of a woman losing her life savings to a scammer claiming to be from the FBI. Dave describes the $139 shed scam. The catch of the day is another threat of revealing compromising photos. Carole Theriault speaks with Chris Bush from ObserveIT about security threats from employee burnout. Links to stories: https://www.wsj.com/articles/robocall-scams-exist-because-they-workone-womans-story-shows-how-11574351204 https://youtu.be/zFQUCCbodHc Thanks to our show sponsor KnowBe4.

fbi wanted shed knowbe4 chris bush observeit carole theriault
Enterprise Security Weekly (Audio)
No Place to Go - ESW #158

Enterprise Security Weekly (Audio)

Play Episode Listen Later Oct 25, 2019 81:00


This week, In our first segment, we talk Enterprise News, discussing how ManageEngine launched a holistic take on privileged access security, Avast faced a security breach aimed at messing up its CCleaner, Recorded Future enhanced partnership with ServiceNow to reduce organizational risk, and the Sophos Cloud Optix are now available on AWS marketplace! In our second segment, we welcome Erich Anderson, Insider Threat Principal at ObserveIT, to talk about the Foundational Elements of an Insider Threat Program! In our final segment, we welcome Kevin O'Brien, CEO & Co-Founder at GreatHorn, to discuss Pen Testers, Social Engineering, and more!   To learn more about GreatHorn, visit: https://securityweekly.com/greathorn Show Notes: https://wiki.securityweekly.com/ESWEpisode158   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly
No Place to Go - ESW #158

Paul's Security Weekly

Play Episode Listen Later Oct 25, 2019 81:00


This week, In our first segment, we talk Enterprise News, discussing how ManageEngine launched a holistic take on privileged access security, Avast faced a security breach aimed at messing up its CCleaner, Recorded Future enhanced partnership with ServiceNow to reduce organizational risk, and the Sophos Cloud Optix are now available on AWS marketplace! In our second segment, we welcome Erich Anderson, Insider Threat Principal at ObserveIT, to talk about the Foundational Elements of an Insider Threat Program! In our final segment, we welcome Kevin O'Brien, CEO & Co-Founder at GreatHorn, to discuss Pen Testers, Social Engineering, and more!   To learn more about GreatHorn, visit: https://securityweekly.com/greathorn Show Notes: https://wiki.securityweekly.com/ESWEpisode158   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Enterprise Security Weekly (Video)
Insider Threat (Whistleblowers) - Erich Anderson, ObserveIT - ESW #158

Enterprise Security Weekly (Video)

Play Episode Listen Later Oct 25, 2019 25:07


Erich Anderson is the Insider Threat Principal at ObserveIT. Erich will be covering: Authorities, Processes, Staff and Operations, Exploring the types of protections employees have in an organization, There are very limited laws and regulations at the Federal level, more at the State level but still not enough, and much more! To learn more about ObserveIT, visit: https://securityweekly.com/observeit Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode158

Paul's Security Weekly TV
Insider Threat (Whistleblowers) - Erich Anderson, ObserveIT - ESW #158

Paul's Security Weekly TV

Play Episode Listen Later Oct 25, 2019 25:07


Erich Anderson is the Insider Threat Principal at ObserveIT. Erich will be covering: Authorities, Processes, Staff and Operations, Exploring the types of protections employees have in an organization, There are very limited laws and regulations at the Federal level, more at the State level but still not enough, and much more! To learn more about ObserveIT, visit: https://securityweekly.com/observeit Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode158

Business Security Weekly (Video)
Investigating the Insider Threat - Chris Bush - BSW #143

Business Security Weekly (Video)

Play Episode Listen Later Sep 19, 2019 38:07


Chris Bush is the Head of Security at ObserveIT. He will be discussing: Investigating the Insider Threat. To learn more about ObserveIT, visit: https://securityweekly.com/observeit Full Show Notes: https://wiki.securityweekly.com/BSWEpisode143 Visit https://www.securityweekly.com/bsw for all the latest episodes!

Paul's Security Weekly TV
Investigating the Insider Threat - Chris Bush - BSW #143

Paul's Security Weekly TV

Play Episode Listen Later Sep 18, 2019 38:07


Chris Bush is the Head of Security at ObserveIT. He will be discussing: Investigating the Insider Threat. To learn more about ObserveIT, visit: https://securityweekly.com/observeit Full Show Notes: https://wiki.securityweekly.com/BSWEpisode143 Visit https://www.securityweekly.com/bsw for all the latest episodes!

Paul's Security Weekly
The Feedback Loop - BSW #143

Paul's Security Weekly

Play Episode Listen Later Sep 17, 2019 68:03


This week, we welcome Chris Bush, Head of Security at ObserveIT, to discuss Investigating the Insider Threat! In the Leadership and Communications segment, Why So Many Companies Fail at Strategy and How to Fix It, 8 Things Leaders Do That Make Employees Quit, The changing role of the CIO, How to Rehearse for an Important Presentation, and 10 Steps To Get Started In Cybersecurity Careers: What High-Achievers Do While Others Don't!   To learn more about ObserveIT, visit: https://securityweekly.com/observeit Full Show Notes: https://wiki.securityweekly.com/BSWEpisode143   Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Business Security Weekly (Audio)
The Feedback Loop - BSW #143

Business Security Weekly (Audio)

Play Episode Listen Later Sep 17, 2019 68:03


This week, we welcome Chris Bush, Head of Security at ObserveIT, to discuss Investigating the Insider Threat! In the Leadership and Communications segment, Why So Many Companies Fail at Strategy and How to Fix It, 8 Things Leaders Do That Make Employees Quit, The changing role of the CIO, How to Rehearse for an Important Presentation, and 10 Steps To Get Started In Cybersecurity Careers: What High-Achievers Do While Others Don't!   To learn more about ObserveIT, visit: https://securityweekly.com/observeit Full Show Notes: https://wiki.securityweekly.com/BSWEpisode143   Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly TV
Investigating the Insider Threat - Chris Bush - BSW #143

Paul's Security Weekly TV

Play Episode Listen Later Sep 17, 2019 38:07


Chris Bush is the Head of Security at ObserveIT. He will be discussing: Investigating the Insider Threat. To learn more about ObserveIT, visit: https://securityweekly.com/observeit Full Show Notes: https://wiki.securityweekly.com/BSWEpisode143 Visit https://www.securityweekly.com/bsw for all the latest episodes!

Paul's Security Weekly TV
Enterprise News - ESW #150

Paul's Security Weekly TV

Play Episode Listen Later Aug 24, 2019 40:49


In the news, ThreatConnect released Enhanced Integration with Flashpoint, ObserveIT unveils crowdsourced insider threat analytics solution, Thycotic launches automated solution for managing service accounts, and StackRox Kubernetes Security Platform is offered on the GCP! Full Show Notes: https://wiki.securityweekly.com/ES_Episode150 Visit https://www.securityweekly.com/esw for all the latest episodes!

flashpoint kubernetes gcp thycotic esw stackrox observeit threatconnect enterprise news
Enterprise Security Weekly (Video)
Enterprise News - ESW #150

Enterprise Security Weekly (Video)

Play Episode Listen Later Aug 23, 2019 40:49


In the news, ThreatConnect released Enhanced Integration with Flashpoint, ObserveIT unveils crowdsourced insider threat analytics solution, Thycotic launches automated solution for managing service accounts, and StackRox Kubernetes Security Platform is offered on the GCP! Full Show Notes: https://wiki.securityweekly.com/ES_Episode150 Visit https://www.securityweekly.com/esw for all the latest episodes!

flashpoint kubernetes gcp thycotic stackrox observeit threatconnect enterprise news
Paul's Security Weekly
Wither on the Vine - ESW #150

Paul's Security Weekly

Play Episode Listen Later Aug 22, 2019 110:31


This week, Paul is joined by John Strand and Matt Alderman to talk Enterprise News, in which ThreatConnect released Enhanced Integration with Flashpoint, ObserveIT unveils crowdsourced insider threat analytics solution, Thycotic launches automated solution for managing service accounts, and StackRox Kubernetes Security Platform is offered on the GCP! In our second segment, we air three pre-recorded interviews from BlackHat 2019 with Steve Laubenstein of CoreSecurity, Ian McShane from Endgame, and Peter Smith from Edgewise! In our final segment, we air two more pre-recorded interviews from BlackHat 2019 with Carsten Willems of VMRay and David Etue of BlueVoyant!   Full Show Notes: https://wiki.securityweekly.com/ES_Episode150 Visit https://www.securityweekly.com/esw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Enterprise Security Weekly (Audio)
Wither on the Vine - ESW #150

Enterprise Security Weekly (Audio)

Play Episode Listen Later Aug 22, 2019 110:31


This week, Paul is joined by John Strand and Matt Alderman to talk Enterprise News, in which ThreatConnect released Enhanced Integration with Flashpoint, ObserveIT unveils crowdsourced insider threat analytics solution, Thycotic launches automated solution for managing service accounts, and StackRox Kubernetes Security Platform is offered on the GCP! In our second segment, we air three pre-recorded interviews from BlackHat 2019 with Steve Laubenstein of CoreSecurity, Ian McShane from Endgame, and Peter Smith from Edgewise! In our final segment, we air two more pre-recorded interviews from BlackHat 2019 with Carsten Willems of VMRay and David Etue of BlueVoyant!   Full Show Notes: https://wiki.securityweekly.com/ES_Episode150 Visit https://www.securityweekly.com/esw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly TV
Email Data Exfiltration, ObserveIT - Enterprise Security Weekly #143

Paul's Security Weekly TV

Play Episode Listen Later Jun 28, 2019 24:23


In our second segment, we welcome Sai Chavali, Security Strategist at ObserveIT. Most companies have preventative controls on email today, however, they are still finding that users exfiltrating sensitive data through corporate email is all too common. Currently, detection and investigation of out-of-policy user activity and security incidents are time-consuming and riddled with manual processes. Learn more on how ObserveIT helps security teams with real-time detection and take investigation time from months to minutes. To learn more about ObserveIT, visit: https://securityweekly.com/observeit Full Show Notes: https://wiki.securityweekly.com/ES_Episode143 Visit https://securityweekly.com/esw for all the latest episodes!

data enterprise security weekly observeit enterprise security weekly saichavali
Enterprise Security Weekly (Video)
Email Data Exfiltration, ObserveIT - Enterprise Security Weekly #143

Enterprise Security Weekly (Video)

Play Episode Listen Later Jun 28, 2019 24:23


In our second segment, we welcome Sai Chavali, Security Strategist at ObserveIT. Most companies have preventative controls on email today, however, they are still finding that users exfiltrating sensitive data through corporate email is all too common. Currently, detection and investigation of out-of-policy user activity and security incidents are time-consuming and riddled with manual processes. Learn more on how ObserveIT helps security teams with real-time detection and take investigation time from months to minutes. To learn more about ObserveIT, visit: https://securityweekly.com/observeit Full Show Notes: https://wiki.securityweekly.com/ES_Episode143 Visit https://securityweekly.com/esw for all the latest episodes!

data enterprise security weekly observeit enterprise security weekly saichavali
Enterprise Security Weekly (Audio)
Cash Cows - Enterprise Security Weekly #143

Enterprise Security Weekly (Audio)

Play Episode Listen Later Jun 27, 2019 81:04


This week, Matt and John join Paul to discuss the Enterprise Security News, in which CyberArk opens integration ecosystem to community contributions, ExtraHop Announces Reveal(x) Cloud, McAfee announced updates to McAfee MVISION Cloud for Amazon Web Services, and Elastic expands cybersecurity push in new version of software suite! In our second segment, we welcome Sai Chavali, Security Strategist at ObserveIT to talk about Email Data Exfiltration, and why Prevention is ideal, but Detection and Response is a must! In our final segment, we welcome Britta Glade, Director of Content and Curation of RSA Conference, and Linda Gray, Director and Chief of Operations for RSAC APJ, to discuss what's coming new this year for the RSA Conference APJ!   To learn more about ObserveIT, visit: https://securityweekly.com/observeit To learn more about RSAC APJ, visit: https://www.rsaconference.com/events/ap19 Full Show Notes: https://wiki.securityweekly.com/ES_Episode143   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

director chief security operations cloud prevention enterprise detection amazon web services mcafee rsa curation elastic cash cows rsa conference rsac cyberark apj linda gray extrahop security weekly esw observeit enterprise security weekly rsa conference apj brittaglade rsac apj mnvision saichavali enterprise security news extrahop announces reveal mcafee mvision cloud
Paul's Security Weekly
Cash Cows - Enterprise Security Weekly #143

Paul's Security Weekly

Play Episode Listen Later Jun 27, 2019 81:04


This week, Matt and John join Paul to discuss the Enterprise Security News, in which CyberArk opens integration ecosystem to community contributions, ExtraHop Announces Reveal(x) Cloud, McAfee announced updates to McAfee MVISION Cloud for Amazon Web Services, and Elastic expands cybersecurity push in new version of software suite! In our second segment, we welcome Sai Chavali, Security Strategist at ObserveIT to talk about Email Data Exfiltration, and why Prevention is ideal, but Detection and Response is a must! In our final segment, we welcome Britta Glade, Director of Content and Curation of RSA Conference, and Linda Gray, Director and Chief of Operations for RSAC APJ, to discuss what's coming new this year for the RSA Conference APJ!   To learn more about ObserveIT, visit: https://securityweekly.com/observeit To learn more about RSAC APJ, visit: https://www.rsaconference.com/events/ap19 Full Show Notes: https://wiki.securityweekly.com/ES_Episode143   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

director chief security operations cloud prevention enterprise detection amazon web services mcafee rsa curation elastic cash cows rsa conference rsac cyberark apj linda gray extrahop security weekly esw observeit enterprise security weekly rsa conference apj brittaglade rsac apj mnvision saichavali enterprise security news extrahop announces reveal mcafee mvision cloud
Business Built Freedom
072 | How to Spot a Phony Employee and Save Some Coin

Business Built Freedom

Play Episode Listen Later May 21, 2019 6:03


How to Spot a Phony Employee and Save Some Coin Oh, stock counts out, your competitors are doing better than you, something seems amiss. Maybe it's something as simple as you're having a bad day, or it could be something as terrible as one of your employees are smuggling away paths or clients. We're going to talk about that today and what you can do about it, what measures you can put in place, how you can sort of work out what it is that's going on. We've been pretty lucky in our business in where we haven't had anyone knock off anything from us, at least not anyone that we've employed, but we do deal with a lot of companies that need to have some investigations put in place to try and work out what is going on. Why have they had this sudden decline in stock counts being right or a decline in income. Read more about leadership and management: https://dorksdelivered.com.au/blog/354-spot-a-phony-employee-save-some-coin Build a Friendly Environment With Your Employees There's many ways that you can go about fixing this problem and the best way is to make sure it's not introduced to start off with. Having a great level of trust and a relationship where you can be friends, but still business friends, is a good start, making sure you're on first name basis with everyone in the office. You've had a beer and a one-on-one conversation with everyone in the office and they know your hobbies, you know theirs, and you can engage in some level of conversation. It's less likely for someone to be stealing from you if they know you a bit more and there's a face to the business and it's not just you verse them as you're all in it together, they're less likely to steal and do things like that. And I say less likely because there's shit people everywhere really. Look Into Monitoring Technology If you happen to have a situation where you think something is amiss, what I'd suggest you do is look into technology where you can monitor and pull up data on all of their activities. It's things such as screenshots which are recorded consistently every second that they're actually doing something on the machine. It gives you all of the different auditing information so you can see if they're opening up Google Chrome, what websites they're going to, when they went there, how often they went there, what they're authentic into and all that good stuff. The programme that we use for this is called ObserveIT and it's an amazing product. It's actually used by the Queensland police to make sure they can see who's accessing what records and when, so they're able to make some diagnosis if anyone is abusing the systems, which is cool stuff. ObserveIT is a really cool tool and definitely gives you a good insight into what they're doing on the computers. Real Case Study We had that put in place in a business just around the southeast Queensland area and they're able to find one of their employees that was actually employed by one of their competitors as well, and they would be dishing their clients off. That resulted in a court case, and although I don't like being the bearer of bad news and be like, hey, look what I found, but you got to be that person some days, and it was better for the business and that person obviously was rewarded successfully for his misconduct. What Systems Do You Have In Place? One of the more interesting ways that I've found you can find out if someone is actually stealing from you is putting in systems that you wouldn't have otherwise thought of in any way, shape or form ever related to stealing. Another different client that we've got was having a lot of time taken away by doing all the time sheets and data entry for payroll. What we did is, instead of having them having all this time taken away is we put in fingerprint readers. So when the staff got there they just dropped their thumb on this machine and once the thumb is gone on the machine it signs them in and when they leave it signs them out, and if there's a window in between the day and they press it, it takes them out for lunch and pops them and back in. So that way they know from an insurance perspective or if there's any fire drills or anything like that, what is the situation, how many people are we accounting for, what is where and who is what. That was something we thought was going to be amazing, it went from two days to do all the payroll down to about two hours. It was interesting because five of the different staff members out of a crew of 140 were absolutely against the idea and they are all people that worked with expensive equipment in inventory are. They were like no, not going to do it, no, you don't have any right to take my fingerprints. They didn't want to have their thumb on record because they thought that could result in somehow that coming back, they were knocking off stuff. So those staff members were more closely watched through tracking CCTV surveillance that was put in place and we were able to ascertain that in fact they were stealing items and that resulted in their dismissal. Access Their Body Language The last and final way that I would suggest to try and work out if someone is pulling a barney is, if you're sitting down and you're talking to someone, look at their eye movements and their body language and see if that is consistent with someone who you trust. Hopefully all of my listeners have never gone through a situation where they're talking to someone who they trusted and no longer trusted after finding out they were lying to them but as it happens, shit happens and people lie. The Final Word They are just a few hints and tips if you're dealing with someone that you're a bit suss on, but hopefully you'll live in the most best trusted industry in the world and that's never going to be a problem. Hopefully they're not stealing your intellectual property and dishing it off to competitors or knocking off your clients and dishing them out as well. But anyway, hope you've enjoyed this and if you have, make sure to jump across the iTunes and leave us some feedback. Stay good. Read more about leadership and management: https://dorksdelivered.com.au/blog/354-spot-a-phony-employee-save-some-coin  

Business Built Freedom
063 | How to Manage Your Time

Business Built Freedom

Play Episode Listen Later Apr 30, 2019 9:02


How to Manage Your Time We're going to be talking about repetition, time management and making sure you're making the most of your time and not doing things twice or two times. I promise I won't do that again. Sorry, not sorry. Read more about productivity and efficiency: https://dorksdelivered.com.au/blog/342-how-to-manage-your-time  Document Things Down! So, how do you make sure that you're not going to do the same task twice? You not going tobe wasting time doing the same mundane task and the way I would suggest to do that is by documenting it down. Yes, I know, no one likes doing that but we all should be. It's my main pain and, what I think really has been my main gain by being able to document so much as I do. Because, once you've got stuff documented down, you don't have to do it again. All of our computer systems and the whole way that we manage our clients, we fix a problem, if we are able to monitor for that problem, we can then create the script to make sure that problem never happens again. You might think, you know that's going totake ages. So, let's say there's a password pop up box or something like that that comes up with Outlook. We have a client call up about it. If we can work out a way to monitor for that situation that that occurred, and then stop that occurring, and we do that on a network of over a thousand machines, we have a thousand less calls. It All Adds Up Even though, to fix the problem might only take a minute or two minutes, if I have a thousand calls come through to the call systems here, our technicians are going to have the shits and it's such a boring task. So, instead, we'll spend an hour or two hours creating a script to stop that happening. So, if we spend two hours we could've fixed that same thing 60 times. But, instead, if the total yield is higher by having a thousand end points being managed, then we already know that we're in a better spot. You can relate that to any task that you do. The way that I like to manage my time and really put value on my time is, look at what I would like to earn per year then know what's realistic to be out of work. And then, know the times that you're not working you could still be getting paid that dollar figure. And, that figure could be anything. It could be $20, $50, $100, $500. For nice round numbers, let's call it $100 an hour.If you're getting paid $100 an hour, all the time, or just while you're working. Let's call it just while you're working for eight hours a day, $800 a day. $4,000 a week. If you're getting $4,000 in a week and then you realise that you're not working the full eight hours or you're doing other stuff. Or, that, I mean and isn't what you want. The amount of time that you're spending on other tasks, you gain a lot of respect to the value of what they cost you. Time Management If you're able to be invoicing a client while you're working with them at X amount and instead, you're mowing the lawn, and that takes you two hours. That task list is getting bigger, you better off getting someone else to come in and mow the lawn. And, it's obviously different for every business and every situation. But, time management is very, very important. First things first, you need to know where you're spending your time. That's a hard one. A lot of people go, "Aw, you know, I'm just working." But, unless you're able to go down and drill down per minute, per 15 minutes, per hour, you don't really know what you're working on or how long tasks are taking you. We use internally, several tools. One is ObserveIT, another isManicTime and the final one isRescueTime. Theygive us input into how much time we're spending on our phones, on phone calls, in Outlook, on different websites, in different customer programmes, responding to customer requests, as well as in our own documentation systems, reviewing videos or whatever it is that we're doing.   How Are Employees Wasting Time? We can see very quickly and very easily how much time is wasted in different tasks. You might have a policy at work where you're able to have your employees use Facebook. And, you might think, ah, it's just because I'm a cool boss, and that's what cool bosses do. Right on. Diggity cool, virtual high five. But, in fact, looking through the data, you'll find that your employees are on there, even if it's like, oh, I'm just on there for 10 minutes. They're on there for 10 minutes, 12 times a day and they don't even realise that all of a sudden, two hours of productivity is down the drainper employee. That is the numbers that we found from real customers. They are big numbers. That's a lot of money that you're paying your staff to look at Facebook. I'm not saying they shouldn't do it. But, being aware of it at least lets you hone in and take control of the situation making it as a benefit and not a liability. Move On To Optimising Similar things, as soon as you can start managing your time, you can have a look at how long things are taking. So, maybe you're old school and you still on mild and you haven't moved across to zero. Or, maybe you're on zero and you're looking to get a new plug in or add on that's going to make your life even easier. Being able to see how long every task is taking around the product. So, if you're on mild and you're in there for five hours a day or six hours a day doing payroll once a week or whatever it is, you're able to see how long that's taking and then you're able to go, "Well, let's try all this other product and see how long this takes." And then, you know, straightaway, is this goingbe a benefit? Maybe it's costing you more per month, but it's going tocost you less in man hours. Or, maybe it's costing you less per month, and it was going tocost you more in man hours. Work out what works for your business but being able to measure the data is the most important thing. Time wasted is money wasted and that's ultimately wasted time that you could be spending with your family, friends, or having a beer at the pub. Whatever you want to do in your spare time, I guess. Lists Are Very Helpful You got to just make sure you're able to measure. If you can't measure your time, you won't be able to fix the problem. Once you know what you're spending your time on, you can then work out a method that works for you and your lifestyle to keep on top of it. So, for me, I'm a big list person. I've got everything in Outlook, I've got that in different task lists and different priority lists depending on if they're short term tasks, long term tasks, tasks that I can just do.Around the house, I've got a list of what I call beer tasks, which is tasks you can do with a beer in your hand. And then, I've got other more important tasks that you definitely want to make sure your full compass. You don't want to have a beer in your hand for some of the other tasks. But, having the lists lets you see what you want to achieve. It's really, really so fulfilling, a positive feeling. When you're having a look at this list, and you're going, "Oh, wow, look how many things I've been able to tick off of that," and you can see that you've actually done those things, makes you feel good, as well. But, you're able to plan out your whole day. You can schedule everything out and if you don't get them all done, it doesn't matter because you know you'll fully utilise working on those tasks. You also need to be able to take into account the interruptions. Account for Interruptions Dun, dun, dun. The naughty, devilish interruptions that cause havoc in every business. It's always interruptions that come up. And, like an aeroplane or an airline that overbooks an aeroplane, they've accounted for the fact that there's going to be people and problems and so they make sure that they're able to overcome it by overbooking the aeroplane. The same thing, if you notice that you're getting interrupted and it's an on average two hours a day, you can hone in and own those interruptions by scheduling them in and writing them into your task lists. Not as a task, but as something that you're aware that's going to happen. That way, you're not getting negative about the whole process going, "Uh, didn't get everything finished today." And, it can sometimes get the better of you. But, being able to look at the tasks, understand what you need to do, having it very easy and written in front of you really makes things straightforward, to be able to make a difference and get some ticks in those boxes. Some days it works, some days it's just full of disruptions and interruptions. But, overall, you've got to see yourself succeeding and own your own time. And hopefully, with a bit of automation you won't have to have double data entry. That's going to save you heaps of time. You're goingown those systems and everyone is going to be fully accountable and that is gonna save you hours of time. Read More About Efficiency: https://dorksdelivered.com.au/blog/342-how-to-manage-your-time The Final Word I hope you've enjoyed this. And, it's been a ripper of an episode. I've enjoyed just talking about it. I feel like it's cost me a bit of time, but it's probably saved a lot of time for everyone else. If you have enjoyed it, jump across to iTunes and leave us a review, it would be very appreciated. Stay good.  

CISO-Security Vendor Relationship Podcast
Productivity Tip! Get More Done By Refusing To Do Anything

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Feb 18, 2019 34:03


CISO/Security Vendor Relationship Podcast and Series is available at CISOSeries.com. We tip our hat to the much maligned "Department of No" for having the foresight to see that refusing service is probably the most efficient and secure response. This show, like all the previous ones is hosted by me, David Spark (@dspark), founder of Spark Media Solutions and Mike Johnson, CISO of Lyft. Our guest this week is April Wright (@AprilWright), CEO, ArchitectSecurity.org. Thanks to our sponsor, Endgame Endgame makes nation-state grade protection as easy as anti-virus. Their converged endpoint security platform is transforming security programs – their people, processes and technology – with the most powerful endpoint protection and simplest user experience, ensuring analysts of any skill level can stop targeted attacks before damage and loss. To learn more visit www.endgame.com. Endgame will be at RSA this year in booth 1827 in the south hall. On this episode How CISOs are digesting the latest security news In an effort to improve security before the 2020 Olympic games, the government of Japan will try to hack its own citizens by using default passwords on webcams, routers, and other Internet connected devices. If they break through they will alert the people that their devices are susceptible to attacks. How good or bad is this idea? Will this give way to easy phishing scams? Why is everybody talking about this now? Online, Mike brought up the subject of security rockstar culture and specifically pointed this comes from the security staff playing offense vs. the ones playing defense who really need a team behind them to be effective. We look at the difference between a healthy leading voice in security vs. “a look at me” security rockstar. It’s time to play, “What’s Worse?!” Two rounds and the first one Mike spends a lot of time debating. Ask a CISO Brad Green of ObserveIT asks, “Do CISOs pay attention to competitive market conditions of different vendors?” Are you aware of what’s going on and what impact do analysts have? What do you think of this pitch? Two pitches to critique. Lots of insight.  

Paul's Security Weekly
Do Your Job - Business Security Weekly #103

Paul's Security Weekly

Play Episode Listen Later Oct 23, 2018 65:25


This week, Michael and Paul interview Mike McKee, CEO of ObserveIT, and he joins us to talk about the importance of focussing on people, and you do that to experience growth! In the Article Discussion, Michael and Paul talk about the root cause of workplace drama, how to make the most of meetings between IT and your business partners, how to stop procrastinating on your goals by using the “Seinfeld Strategy", and more on this episode of Business Security Weekly! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode103   Visit https://www.securityweekly.com/bsw for all the latest episodes!   Visit https://www.activecountermeasures/bsw to sign up for a demo or buy our AI Hunter!!   →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

Business Security Weekly (Video)
Michael McKee, ObserveIT - Business Security Weekly #103

Business Security Weekly (Video)

Play Episode Listen Later Oct 23, 2018 34:32


Mike McKee, CEO of ObserveIT, joins us to talk about the importance of focussing on people, and you do that to experience growth. Full Show Notes: https://wiki.securityweekly.com/BSWEpisode103 To Learn More About ObserveIT, Go To: www.observeit.com/securityweekly

Business Security Weekly (Audio)
Do Your Job - Business Security Weekly #103

Business Security Weekly (Audio)

Play Episode Listen Later Oct 23, 2018 65:25


This week, Michael and Paul interview Mike McKee, CEO of ObserveIT, and he joins us to talk about the importance of focussing on people, and you do that to experience growth! In the Article Discussion, Michael and Paul talk about the root cause of workplace drama, how to make the most of meetings between IT and your business partners, how to stop procrastinating on your goals by using the “Seinfeld Strategy", and more on this episode of Business Security Weekly!   Full Show Notes: https://wiki.securityweekly.com/BSWEpisode103 Visit https://www.securityweekly.com/bsw for all the latest episodes!   Visit https://www.activecountermeasures/bsw to sign up for a demo or buy our AI Hunter! Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly

Paul's Security Weekly TV
Michael McKee, ObserveIT - Business Security Weekly #103

Paul's Security Weekly TV

Play Episode Listen Later Oct 23, 2018 34:32


Mike McKee, CEO of ObserveIT, joins us to talk about the importance of focussing on people, and you do that to experience growth. Full Show Notes: https://wiki.securityweekly.com/BSWEpisode103 To Learn More About ObserveIT, Go To: www.observeit.com/securityweekly

Paul's Security Weekly TV
Michael Gordover, ObserveIT - Enterprise Security Weekly #109

Paul's Security Weekly TV

Play Episode Listen Later Oct 5, 2018 30:55


Mike Gordover is a Pre-Sales manager and solutions architect at ObserveIT. He has been at ObserveIT consulting on insider threat management for 5 years, working hands on with over 300 deployments, and working with researchers and analysts on strategies to mitigate internal risk. Paul and John talk with Michael about the current perception in the market of DLP, how ObserveIT’s solutions differ from traditional DLP, what challenges he faces when combating insider threats, and much more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode109 ObserveIT Landing Page: www.observeit.com/securityweekly Visit http://securityweekly.com/esw for all the latest episodes!

interview presales dlp john strand paul asadoorian observeit enterprise security weekly es episode109 observeit landing page
Enterprise Security Weekly (Audio)
Super Evil - Enterprise Security Weekly #109

Enterprise Security Weekly (Audio)

Play Episode Listen Later Oct 4, 2018 50:52


This week, Paul and John Strand interview Mike Gordover, iSenior Solutions Architect at ObserveIT! They discuss the current perception in the market of DLP, how ObserveIT’s solutions differ from traditional DLP, what challenges he faces when combating insider threats, and much more! In the Enterprise Security News, Mimecast offers free training kit as part of Cybersecurity Awareness Month, Microsoft will finally kill off the old Skype client (for real this time), LogRhythm receives patent for data monitoring tech, Tufin launches first of its kind program for MSSPs, three reasons why BlackBerry stock is potentially about to soar, and more on this episode of Enterprise Security Weekly!   Full Show Notes: https://wiki.securityweekly.com/ES_Episode109 ObserveIT Landing Page: www.observeit.com/securityweekly Visit https://www.securityweekly.com/esw for all the latest episodes! Visit https://www.activecountermeasures/esw to sign up for a demo or buy our AI Hunter!   →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

Enterprise Security Weekly (Video)
Michael Gordover, ObserveIT - Enterprise Security Weekly #109

Enterprise Security Weekly (Video)

Play Episode Listen Later Oct 4, 2018 30:55


Mike Gordover is a Pre-Sales manager and solutions architect at ObserveIT. He has been at ObserveIT consulting on insider threat management for 5 years, working hands on with over 300 deployments, and working with researchers and analysts on strategies to mitigate internal risk. Paul and John talk with Michael about the current perception in the market of DLP, how ObserveIT’s solutions differ from traditional DLP, what challenges he faces when combating insider threats, and much more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode109 ObserveIT Landing Page: www.observeit.com/securityweekly Visit http://securityweekly.com/esw for all the latest episodes!

interview presales dlp john strand paul asadoorian observeit enterprise security weekly es episode109 observeit landing page
Paul's Security Weekly
Super Evil - Enterprise Security Weekly #109

Paul's Security Weekly

Play Episode Listen Later Oct 4, 2018 50:52


This week, Paul and John Strand interview Mike Gordover, iSenior Solutions Architect at ObserveIT! They discuss the current perception in the market of DLP, how ObserveIT’s solutions differ from traditional DLP, what challenges he faces when combating insider threats, and much more! In the Enterprise Security News, Mimecast offers free training kit as part of Cybersecurity Awareness Month, Microsoft will finally kill off the old Skype client (for real this time), LogRhythm receives patent for data monitoring tech, Tufin launches first of its kind program for MSSPs, three reasons why BlackBerry stock is potentially about to soar, and more on this episode of Enterprise Security Weekly!   Full Show Notes: https://wiki.securityweekly.com/ES_Episode109 ObserveIT Landing Page: www.observeit.com/securityweekly Visit https://www.securityweekly.com/esw for all the latest episodes! Visit https://www.activecountermeasures/esw to sign up for a demo or buy our AI Hunter!   →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

The Tech Blog Writer Podcast
541: From The NHL To Tech: ObserveIT CEO On Insider Threats

The Tech Blog Writer Podcast

Play Episode Listen Later Jun 3, 2018 19:34


Mike McKee, CEO of ObserveIT reveals more about how his career as a professional hockey player enabled him to take the lessons he learned from sports and take them into the security space-- most notably the idea of “Moneyball.”  As more and more businesses begin to rely on contractors rather than full-time employees, in today'ss episode focuses on the cybersecurity trend of insider threats and how to protect your company. Guest Michael McKee, CEO & Director of ObserveIT Previously, Mike led the award-winning Global Services and Customer Success organizations at Rapid7, served as Senior Vice President CAD Operations and Strategy at PTC, and Chief Financial Officer at HighWired.com. Additionally, he held Analyst roles at Broadview Associates, McKinsey & Company, and Goldman Sachs. Mike played professional hockey as a defenseman for the Quebec Nordiques. He graduated cum laude from Princeton University and received an M.B.A., with honors, from Harvard Business School. What Is ObserveIT A lightweight endpoint solution that helps organizations—particularly large enterprises—identify and eliminate insider threats. They provide detection and prevention to enable proactive defense against both malicious and negligent user behavior from employees, privileged users, and third parties. With ObserveIT, organizations can significantly reduce the risk of security incidents by monitoring user behavior and offering real-time education and deterrence. ObserveIT cuts investigation time from days to minutes and offers full playback of security incidents to improve response times and simplify compliance. ObserveIT is trusted by more than 1,700 customers in 87 countries and across a wide range of industries.

The VentureFizz Podcast
Episode 21: Mike McKee - CEO of ObserveIT

The VentureFizz Podcast

Play Episode Listen Later Apr 21, 2018 41:14


Welcome to Episode 21 of The VentureFizz Podcast, the flagship podcast of Boston's most trusted source for startup and tech jobs, news, and insights! This time, I want to start with a question: How do the worlds of professional hockey and business relate to each other? Well, you're about to find out, as I interview my first former professional athlete for the podcast. His name is Mike McKee and he is the CEO at ObserveIT, a company that is rapidly growing in Boston's massive security cluster. Mike played professional hockey for the Quebec Nordiques before the franchise relocated to Colorado and became the Avalanche. Upon entering the business world, he graduated from Harvard Business School and later became an executive at PTC and Rapid7 before joining ObserveIT as CEO. In this episode, we cover topics like: -What playing professional hockey taught him about the business world, and of adversity -How he charted his way through lots of different roles, to the point of landing a CEO position at a venture-backed company -His “hire slow” philosophy, and why he talks people out of jobs -And so much more! Lastly, if you like the show, please remember to subscribe to and review us on iTunes, or your podcast player of choice! And make sure to follow ObserveIT on Twitter @ObserveIT and VentureFizz @VentureFizz.

Enterprise Security Weekly (Video)
Cisco, Tufin, Infocyte, & ObserveIT - Enterprise Security Weekly #87

Enterprise Security Weekly (Video)

Play Episode Listen Later Apr 13, 2018 18:36


In the news this week, Product announcements from Infoblox, Infocyte, ObserveIT, ThreatQuotient, Cisco and Tufin. Symantec could be in hot water, and CA and Palo Alto both made a recent acquisition, and more on this episode of Enterprise Security Weekly! Full Show Notes: https://wiki.securityweekly.com/ES_Episode87 Visit http://securityweekly.com/esw for all the latest episodes!

security product cisco palo alto symantec infoblox john strand tufin threatquotient observeit enterprise security weekly infocyte enterprise news
Paul's Security Weekly TV
Kevin Donovan, ObserveIT - Enterprise Security Weekly #87

Paul's Security Weekly TV

Play Episode Listen Later Apr 13, 2018 31:17


Paul is joined by the long lost John Strand, for this interview with Kevin Donovan. Kevin is one of ObserveIT’s insider threat experts and a Senior Solutions Architect. Full Show Notes: https://wiki.securityweekly.com/ES_Episode87 Visit http://securityweekly.com/esw for all the latest episodes!

Paul's Security Weekly
This Is What We Do - Enterprise Security Weekly #87

Paul's Security Weekly

Play Episode Listen Later Apr 12, 2018 49:54


This week, John Strand and I interview Senior Solutions Architect at ObserveIT, Kevin Donovan! In the news this week, Product announcements from Infoblox, Infocyte, ObserveIT, ThreatQuotient, Cisco and Tufin. Symantec could be in hot water, and CA and Palo Alto both made a recent acquisition. All that and more, on this episode of Enterprise Security Weekly!   Full Show Notes: https://wiki.securityweekly.com/ES_Episode87   Visit https://www.securityweekly.com/esw for all the latest episodes!

Enterprise Security Weekly (Video)
Kevin Donovan, ObserveIT - Enterprise Security Weekly #87

Enterprise Security Weekly (Video)

Play Episode Listen Later Apr 12, 2018 31:17


Paul is joined by the long lost John Strand, for this interview with Kevin Donovan. Kevin is one of ObserveIT’s insider threat experts and a Senior Solutions Architect. Full Show Notes: https://wiki.securityweekly.com/ES_Episode87 Visit http://securityweekly.com/esw for all the latest episodes!

Paul's Security Weekly TV
Cisco, Tufin, Infocyte, & ObserveIT - Enterprise Security Weekly #87

Paul's Security Weekly TV

Play Episode Listen Later Apr 12, 2018 18:36


In the news this week, Product announcements from Infoblox, Infocyte, ObserveIT, ThreatQuotient, Cisco and Tufin. Symantec could be in hot water, and CA and Palo Alto both made a recent acquisition, and more on this episode of Enterprise Security Weekly! Full Show Notes: https://wiki.securityweekly.com/ES_Episode87 Visit http://securityweekly.com/esw for all the latest episodes!

security product cisco palo alto symantec infoblox john strand tufin threatquotient observeit enterprise security weekly infocyte enterprise news
Enterprise Security Weekly (Audio)
This Is What We Do - Enterprise Security Weekly #87

Enterprise Security Weekly (Audio)

Play Episode Listen Later Apr 12, 2018 49:54


This week, John Strand and I interview Senior Solutions Architect at ObserveIT, Kevin Donovan! In the news this week, Product announcements from Infoblox, Infocyte, ObserveIT, ThreatQuotient, Cisco and Tufin. Symantec could be in hot water, and CA and Palo Alto both made a recent acquisition. All that and more, on this episode of Enterprise Security Weekly!   Full Show Notes: https://wiki.securityweekly.com/ES_Episode87   Visit https://www.securityweekly.com/esw for all the latest episodes!

Paul's Security Weekly TV
Kevin Donovan, ObserveIT - Paul's Security Weekly #545

Paul's Security Weekly TV

Play Episode Listen Later Jan 28, 2018 45:36


Kevin is one of ObserveIT's insider threat experts and a Senior Solutions Architect. He joins Larry and team this week for an interview on Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode545 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

interview senior solutions architect kevin donovan observeit larry pesce paul's security weekly
Paul's Security Weekly (Video-Only)
Kevin Donovan, ObserveIT - Paul's Security Weekly #545

Paul's Security Weekly (Video-Only)

Play Episode Listen Later Jan 27, 2018 45:36


Kevin is one of ObserveIT's insider threat experts and a Senior Solutions Architect. He joins Larry and team this week for an interview on Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode545 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

interview senior solutions architect kevin donovan observeit larry pesce paul's security weekly
Paul's Security Weekly
Tom Brady with Six Fingers - Paul's Security Weekly #545

Paul's Security Weekly

Play Episode Listen Later Jan 26, 2018 140:30


This week, Kevin Donovan, Senior Solutions Architect at ObserveIT joins us for an interview! John Strand joins us for the Technical Segment on Critical Security Control Resources! In the news, we have updates from Dell, Meltdown, Spectre, and OnePlus! Larry Pesce hosts this weeks episode, Carlos Perez makes his epic return, and more on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode545   Visit https://www.securityweekly.com/psw for all the latest episodes!

Paul's Security Weekly (Podcast-Only)
Tom Brady with Six Fingers - Paul's Security Weekly #545

Paul's Security Weekly (Podcast-Only)

Play Episode Listen Later Jan 26, 2018 140:30


This week, Kevin Donovan, Senior Solutions Architect at ObserveIT joins us for an interview! John Strand joins us for the Technical Segment on Critical Security Control Resources! In the news, we have updates from Dell, Meltdown, Spectre, and OnePlus! Larry Pesce hosts this weeks episode, Carlos Perez makes his epic return, and more on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode545   Visit https://www.securityweekly.com/psw for all the latest episodes!