Podcasts about secure anchor consulting

Welcome to Strategy Skills episode 545, an interview with the author of Cyber Crisis: Protecting Your Business from Real Threats in the Virtual World, Dr. Eric Cole.   What do cybersecurity and entrepreneurship have in common? According to Dr. Eric Cole, a former CIA hacker turned tech entrepreneur and cybersecurity expert, they all require pattern recognition, disciplined thinking, and a commitment to doing what's right.    In this episode, Dr. Eric Cole shares his journey from an unprepared college student to a leading voice in digital security, and how those early days in the CIA shaped his approach to business and protecting intellectual property. He explains why companies need to secure their trade secrets, how leaders can make better decisions using data instead of emotion, and what it really takes to build a high-performance life—starting with health, clarity, and purpose.   Dr. Eric Cole, DPS is a cybersecurity expert, entrepreneur, public figure, and best-selling author who has built a solid reputation in the cybersecurity industry over the last three decades. His career has advanced from starting as a professional hacker for the CIA to become the 44th President's commissioner on cybersecurity to currently advising companies and teaching professionals on how to implement security measures that serve as a business enabler.   Dr. Cole's accomplishments have earned him an induction into the Information Security Hall of Fame and have awarded him as a Cyber Wingman from the US Air Force. His recognition has caught the interest of current clients, who include international banking institutions, Fortune 500 organizations, Bill Gates, and Saudi Aramco. His entrepreneurial accomplishments include three successful exits building eight-, nine-, and ten-figure organizations. Secure Anchor Consulting is his fourth cybersecurity business venture.   Aside from his seasoned technical expertise, Dr. Cole is a well-known public figure and author of various publications. His eighth book, Cyber Crisis: Protecting Your Business from Real Threats in the Virtual World, debuted at #1 on the Wall Street Journal's bestseller list. Dr. Cole is currently focusing on fulfilling his purpose of being on this planet to end suffering in cyberspace and his mission to secure cyberspace by making cyberspace a safe place to live, work, and raise a family.    Get Eric's book here: https://rb.gy/qjwsdz Cyber Crisis: Protecting Your Business from Real Threats in the Virtual World   Here are some free gifts for you: Overall Approach Used in Well-Managed Strategy Studies free download: www.firmsconsulting.com/OverallApproach   McKinsey & BCG winning resume free download: www.firmsconsulting.com/resumepdf   Enjoying this episode? Get access to sample advanced training episodes here: www.firmsconsulting.com/promo  

Dr. Eric Cole, founder, and CEO of Secure Anchor Consulting, Cleat Bordeaux, director of Healthcare Business Development at HID Global, and Mike Ramstad, System Senior Director of Security from Essentia Health, explore the physical identity challenges in the healthcare industry. They address current challenges like COVID's impact on motivation, visitor management, and healthcare security. 

Dr. Eric Cole, is a cyber James Bond (according to Fox News) who started off his career as a professional hacker trained by the CIA. He has the ability to make complex and dry topics exciting for his audience by drawing on his 30 years of experience helping entities understand and implement cost-effective security measures. His career has spanned industry and government roles including CTO at McAfee, Chief Scientist for Lockheed Martin, and member of the Commission on Cyber Security for President Barack Obama. Dr. Eric Cole is the author of several books, including Online Danger: How to Protect Yourself and Your Loved Ones from the Evil Side of the Internet. In 2014, he was inducted into the InfoSecurity Hall of Fame. Secure Anchor Consulting and I offer expertise across the whole spectrum of cyber security, including perimeter defense, secure network design, vulnerability discovery, penetration testing, and intrusion detection systems. Some of the current key focus areas include advanced threats, insider threat, CISO support and security coaching. Secure Anchor also works with startups and established enterprises bringing innovative products to market, and bridges the gap between executive and technical stakeholders. I bring additional experience in positioning technology for acquisition. I started in the cyber world as an analyst with the CIA, with computer security in its infancy, when most advanced threats manifested as physical instead of virtual. It became clear to me that this field requires constant, ongoing learning, or your knowledge and expertise will quickly expire. From the intelligence community, I landed at the SANS Institute and developed coursework that is now the foundation of SANS information security training and security certification, building out the Cyber Defense curriculum and authoring the top selling cyber security course. Now, my teaching, research, and the constant learning demanded by rapidly changing technology all merge to create a skill set and knowledge base that serve both individuals and corporations in their cyber security efforts. Sharing what I know, whether as a teacher or a speaker, fuels my desire to keep growing and giving each day. What can I help you understand?

Businesses today are under increasing pressure to level up data security as ransomware and data theft continue to rise. Data-first security solutions provide businesses with next-generation protection against exfiltration while maintaining accessibility for day-to-day operations, even during an attack. In this episode of the EM360 Podcast, https://www.linkedin.com/in/dr-eric-cole-92a164211/ (Dr. Eric Cole), CEO and Founder at https://secure-anchor.com/ (Secure Anchor Consulting) speaks to https://www.linkedin.com/in/paul-lewis-17ba987/ (Paul Lewis), CEO of https://calamu.com/ (Calamu), about: Today's biggest threats to data The problem of data exfiltration How a data-first security approach provides next-generation protection

When it comes to cybercrime and cybersecurity threats, social engineering attacks are unique in the way that they rely on human error versus software and operating system vulnerabilities. This is because as technological defenses become more and more robust, cybercriminals are increasingly targeting the weakest link in the chain: people. Using a variety of means both online and offline, unsuspecting users can be conned into compromising their security, releasing sensitive information or even transferring money. Secureworks Adversary Group, a security consulting department within Secureworks, walk-us through various social engineering scenarios used during their attack simulations. In the third episode of this three-part podcast with Secureworks, our host Dr Eric Cole the Founder and CEO of Secure Anchor Consulting will be talking with Ben Jacob, Technical Lead at Secureworks, about: Social engineering attack techniques and their lifecycle How phishing, vishing, and spear-phishing impact industries from a social engineering standpoint What can companies offer from a training and education standpoint to help mitigate these risks Value of XDR in detecting suspicious user behaviour

Cyber insurance helps to provide critical cover for those who need protection against digital threats. While businesses are responsible for their own cybersecurity, liability coverage can help provide crucial support to help them stay afloat when the worst happens. This includes the costs of investigating a cybercrime, recovering lost data and restoring of the systems. It can even recoup the loss of income, manage reputation, and notification costs if required to notify a third party. In this third episode of a three-part series with Sophos, Senior Director Nicholas Cramer talks to Dr Eric Cole CEO and Founder of Secure Anchor Consulting about: The current state of cyber insurance Difficulty in getting policies How to better position your EDR and MDR

Mapping data flow is a fundamental part of the enterprise data process. There's no way an organization can understand their data cycle without knowing where their data is located. Despite this, findings from the 2021 Data Threat Report by Thales reveals that only 24% of companies have complete knowledge of where their data is stored. With such strong ties between the two data operations, the numbers just aren't adding up - why? How to Approach the Enterprise Data Process In this podcast, Dr Eric Cole, Founder and CEO of Secure Anchor Consulting, and Todd Moore, Global Head of Encryption Solutions at Thales, look at the relationship between data flows, data discovery, automation, and understanding the data process. In his exploration, Todd draws on Thales's report on data security in the era of accelerated cloud transformation and remote work, alongside the company's stance on 'discover, protect and control' based on their CipherTrust Data Security Platform. The question of how organizations should approach the data process and bridge gaps in their knowledge remains the overarching focal point of the conversation.

In today's episode of (CS)²AI Podcast, Derek Harp is joined by Dr. Eric Cole, PhD, an industry-recognized security expert with over 20 years of hands-on experience in consulting, training, and public speaking. As the founder and CEO of https://secure-anchor.com/ (Secure Anchor Consulting), Dr. Cole focuses on helping customers prevent security breaches, detect network intrusions, and respond to advanced threats. In addition, he is a sought-after expert witness and a 2014 inductee to the InfoSecurity Hall of Fame. Dr. Cole is the author of several books, including Advanced Persistent Threat: Understanding the Danger and How to Protect Your Organization; Hackers Beware: The Ultimate Guide to Network Security; and Insider Threat: Protecting the Enterprise from Sabotage, Spying, and Theft; and Hiding in Plain Sight. With over 20 patent applications, he is on the cutting edge of cyber security research and development. Eric will share his incredible journey from interning for the CIA as a hacker to becoming a successful entrepreneur in the cybersecurity space, and share actionable tips about the practices that led him on the path to success and fulfilment while doing what he loves most.  From his cybersecurity wisdom, he will also help us understand how cybersecurity fits within this new landscape that we call life and how we can position ourselves and our businesses to take advantage of that. At the least, this episode will help you take an assessment of your inventory of skills and other resources so you can survive through the current challenging environment brought about by the Covid-19 pandemic, so stay tuned. Show Highlights From being a professional hacker for the CIA to an entrepreneur in the cyber security space (01:58) His constant love for technology, from a programming and functionality perspective, throughout his life (06:42) Making the choice to work while going to school and how it equipped him with what he needed to succeed in life (11:42) The importance of approaching people who can help you find opportunities and achieve goals (14:09) How powerful old school methods of reaching out are, compared to the more modern methods like email (17:22) Looking at challenges as opportunities to keep winning even in the most difficult of times (19:40) The experience Eric has had with following his heart versus chasing money (22:14) Helping people understand the actual issues that bring about cybersecurity breaches  (30:20) Reading widely, exercising and eating well to keep his performance at the highest level (32:03) Links and Resources http://cs2ai.org/ (More about (CS)²AI) https://secure-anchor.com/ (Secure Anchor Consulting) https://www.amazon.com/Online-Danger-Protect-Yourself-Internet/dp/1683505336 (Online Danger By Dr. Eric Cole) This podcast is brought to you by: https://www.cs2ai.org/sap/waterfall (Waterfall Security Solutions), https://www.cs2ai.org/sap/fortinet (Fortinet), https://www.cs2ai.org/sap/network-perception- (Network Perceptions), https://www.cs2ai.org/sap/industrial--defender (Industrial Defender), https://www.cs2ai.org/sap/tripwire (Tripwire) and https://www.cs2ai.org/sap/q-net (Q-Net Security). Mentioned in this episode: Our Sponsors: We'd like to thank our sponsors for their faithful support of this podcast. Without their support we would not be able to bring you this valuable content. We'd appreciate it if you would support these companies because they support us! Network Perception Waterfall Security Tripwire KPMG Cyber Join CS2AI Join the largest organization for cybersecurity professionals. Membership has its benefits! We keep you up to date on the latest cybersecurity news and education. https://cs2ai.captivate.fm/cs2ai (Preroll Membership)

Welcome to Pillars of Wealth Creation, where we talk about building financial freedom with a special focus in business and Real Estate. Follow along as Todd Dexheimer interviews top entrepreneurs, investors, advisers and coaches. In this episode, Todd talks with cybersecurity expert Dr. Eric Cole about the risks of cyber attacks on your business and how to protect yourself from them. With more than 30 years of network security experience, Dr. Eric Cole is a distinguished cybersecurity expert and keynote speaker who helps organizations curtail the risk of cyber threats. Dr. Cole has worked with a variety of clients ranging from Fortune 500 companies, to top international banks, to the CIA. He has been the featured speaker at many security events and has been interviewed by several chief media outlets such as CNN, CBS News, FOX News and 60 Minutes. Dr. Eric Cole has also been a member of many key organizations including the Commission on Cybersecurity for the 44th President, SME for the Nuclear Regulatory Commission, Purdue University Executive Advisory Board and more! As a world-renowned cybersecurity entrepreneur and founder of Secure Anchor Consulting, Dr. Cole understands the dangers of cybersecurity and knows how to build successful companies. Based on his experience, he shares lessons learned from overcoming adversity and staying committed to your purpose. Dr. Cole focuses on security and innovation with a mission to make cyberspace safe in a world where it can be an unrecognized danger and threat. 3 Pillars 1. Invest in what you know 2. Have a real business that runs without you, makes money, and is a sellable asset 3. Keep the money you made by not working for others Books: Cyber Crisis by Dr. Eric Cole, Blue Ocean Strategy by W. Chan Kim and Renée Mauborgne, and Play Bigger by Al Ramadan, Dave Peterson, Christopher Lochhead, and Kevin Maney You can connect with Dr. Cole at secure-anchor.com or ecole@secure-anchor.com Get your tickets to the Northstar Real Estate Conference here: https://northstarunlimited.live/nrec-2021/ Interested in coaching? Schedule a call with Todd at www.coachwithdex.com Connect with Pillars Of Wealth Creation on Facebook: www.facebook.com/PillarsofWealthCreation/ Subscribe to our email list at www.pillarsofwealthcreation.com Subscribe to our YouTube channel: www.youtube.com/c/PillarsOfWealthCreation

Shared security, also known as shared responsibility, is a cloud security management model that describes the distribution of enterprise data security management and accountability between a company and its cloud service provider(s). The framework essentially enables improved productivity and unparalleled agility, so why isn't every organization adopting it? In this episode, introduced by Neira Jones, Dr. Eric Cole, Founder and CEO of Secure Anchor Consulting,, explores adopting shared security as best practice. Dr. Eric speaks with Chris Martin, IAM Presales Solution Architect for EMEA at Thales. The podcast delves into the main areas of organizational risk concerning cloud migration and vendor native decisions before shedding light on the limitations of a single service provider. The guests then discuss the shared security model - its benefits and the implementation process. Final thoughts centre on what organizations need to understand about control over all users and effectively build a best practice shared security strategy You can also learn more about this topic in our new whitepaper, Owning Your Own Access Security. Dr Eric Cole Dr. Eric Cole is an industry-recognized expert with over 20 years of hands-on experience, founder and an executive leader at Secure Anchor Consulting where he provides leading-edge cybersecurity consulting services, expert witness work, and R&D initiatives to advance our field. Dr. Cole has experience in information technology with a focus on helping customers focus on the right areas of security by building out a dynamic defense. Dr. Cole has a master's degree in computer science from NYIT and a doctorate from Pace University with a concentration in information security. He served as CTO of McAfee and Chief Scientist for Lockheed Martin. Dr. Cole is the author of several books, including Advanced Persistent Threat, Hackers Beware, Hiding in Plain Sight, Network Security Bible 2nd Edition, and Insider Threat. You can connect with Dr Cole on LinkedIn. Chris Martin Chris Martin is the lead EMEA Pre-Sales Solution Architect at Thales. With over 20 years expertise in the IAM space, Chris' extensive background includes Enterprise SSO, PAM, IDaaS and Identity Governance that enables him to bring a holistic approach to enterprise IAM. Within Thales, Chris works alongside our customers to help them define, develop and execute their IAM strategies, either aligning Thales solutions to an existing IAM architecture or building from the ground up. Prior to joining Thales, Chris honed his IAM skills with Sentillion, Centrify, OneLogin, Omada and MicroFocus. You can connect with Chris on LinkedIn.

Network security encompasses the security tools, policies, and techniques used to monitor, prevent, and respond to unauthorised network access. Having such a broad definition and, therefore, challenging approach, it is important that businesses know what key areas to focus on and what enterprise tech solutions they should look to to ensure appropriate, airtight protection. Forming part of an exclusive three-part cybersecurity podcast series featuring Thales and host Dr. Eric Cole, Founder and CEO of Secure Anchor Consulting, this episode looks at data in motion and future-proofing from a quantum perspective. Dr. Eric speaks with Julian Fay, CTO at Senetas, a global partner of Thales. The pair explore the primary concerns of network security within the realm of data in motion with the help of key findings from our latest global survey on the encryption of public/private networks. You can also learn more about this topic in our new whitepaper, Security Weaknesses in Data in Motion Identified in Cybersecurity Survey.

Whoever propagates the rumor that the goal of cybersecurity is to prevent all attacks deserves to be punched in the face. The goal of cybersecurity is timely detection and damage control. In this episode, we interview Dr. Eric Cole, Founder and CEO at Secure Anchor Consulting and author of, most recently, Cyber Crisis, about killing unprofitable cybersecurity myths. We also discussed: - Believing that you are a target - Becoming aware of online danger - The law of cybersecurity - The 3 basic non-negotiable security rules - Dr. Cole's parting advice to CISOs To hear this episode, and many more like it, you can subscribe to The Virtual CISO Podcast here. If you don't use Apple Podcasts, you can find all our episodes here. Listening on a desktop & can't see the links? Just search for The Virtual CISO Podcast in your favorite podcast player.

Dr. Eric Cole, former CISO and founder of Secure Anchor Consulting, explains how learning to communicate with business language can create a more compelling case for executive buy-in.

With me in this episode is Eric Cole. Eric is the CEO and Founder of Secure Anchor Consulting, where he has provided guidance for companies of all sizes and the Obama administration. He is also an established author who will have a total of 8 published books after the release of Cyber Crisis at the start of June. In the episode we dive into the common themes between entrepreneurship and authorship, and how he became successful in both. Pre-order the book now on Amazon: https://www.amazon.com/Cyber-Crisis-Protecting-Business-Threats/dp/1950665836

This week Dr. Eric Cole and I talk cybersecurity and entrepreneurship. Most of you will have been on the edge of your seat while you tracked the news of the ransomware attack on the Colonial Pipeline. Security can not be an afterthought. Remember this is not a drill; this not hype.  Also, preorder Dr. Cole’s new book Cyber Crisis which will be released on June 1st. Dr. Cole is a world-renowned cybersecurity entrepreneur and founder of Secure Anchor Consulting, Eric understands the dangers of cybersecurity and knows how to build successful companies.  Today, Dr. Cole shares the many lessons learned from overcoming adversity and staying committed to your purpose. Dr. Cole focuses on security and innovation with a mission to make cyberspace safe in a world where it can be an unrecognized danger and threat.  Website: https://secure-anchor.com/ LinkedIn: https://www.linkedin.com/in/ericcole1/  The Software Process and Measurement Cast is a proud media sponsor of the Global Scrum Master Summit which starts tomorrow!  The First Global Scrum Master Summit Week of May 17th, 2021, Live and Recorded Organized by the Scrum Master Toolbox Podcast http://bit.ly/scrummastersummit21   Re-Read Saturday News  Chapter 14 in Fixing Your Scrum, Practical Solutions to Common Scrum Problems, by Ryan Ripley and Todd Miller, shines its spotlight on the Sprint Review. This event is geared to generating feedback to help the team and organization deliver value.  We are getting close to the end of the book and I would like your input on what to tackle next.  There is a poll in the show notes to collect your ideas! If you have not bought your copy -- what are you waiting for? Fixing Your Scrum: Practical Solutions to Common Scrum Problems  This Week’s Installment  Week 14: The Sprint Review - https://bit.ly/3huZvgP    Previous Installments Week 1: Re-read Logistics and Front Matter - https://bit.ly/3mgz9P6  Week 2: A Brief Introduction To Scrum, and Why Scrum Goes Bad - https://bit.ly/37w4Dv9  Week 3: Breaking Bad Scrum with a Value-Driven Approach - http://bit.ly/3stGc9Q  Week 4: The Product Owner - https://bit.ly/3qpKvSn  Week 5: The Product Backlog - http://bit.ly/3cAEk9c  Week 6: The Development Team - http://bit.ly/2OLVAAs  Week 7: Embracing The Scrum Master Role -  https://bit.ly/3m0HB5D  Week 8: Management - https://bit.ly/31Kv39l  Week 9:  Thinking In Sprints - https://bit.ly/321wXTg  Week 10: Sprint Planning - https://bit.ly/3stWOhx  Week 11: Sprint Backlog - https://bit.ly/3njezit  Week 12 - Reclaiming The Daily Scrum - https://bit.ly/3eNzMgz  Week 13: Deconstructing the Done Product Increment - https://bit.ly/3bedTGc    Next SPaMCAST In the next Software Process and Measurement Cast, I talk with Rick Martin about intellectual property, and why everyone involved in software needs to understand how IP law can impact the value they deliver. Copyrights, patents, trademarks, and trade secrets are all part of protecting intellectual property.  

Email is the front door into an organisation and humans typically manage it. However, with phishing attacks becoming more targeted and sophisticated, and increasing cases of account takeover and data loss due to a successful email attack, humans alone can no longer be relied on to protect the inbox. Fortunately for businesses, there are email security solutions - Artificial Intelligence (AI) technologies - that can help. Join Dr Eric Cole, CEO and Founder of Secure Anchor Consulting, and Mariana Pereira, Director at Darktrace, as they discuss email security and why organisations now, more than ever, need to treat it as a top priority. In this podcast, the pair explore how to secure enterprise inboxes with AI. Mariana leads the conversation by sharing her knowledge and expertise on the current threat landscape for email in 2021, the use of AI in email security, and the key factors decision-makers should consider when determining the best AI system. The discussion ends with a look at a real-life case study of an email attack autonomously stopped by AI. Want to learn more? Check out our recent Q&A with Mariana on how Antigena Email can create a self-defending inbox.

In this episode of Cyber Security Inside, Tom and Camille once again speak with Dr. Eric Cole, CEO and Founder of Secure Anchor Consulting. This time, the topic is insider threats. Some insider threats are a result of bad actors, while others stem from more innocent and unwitting insiders.   What can CISOs do to prevent, detect, and track down these insider threats? Let’s find out.    Here are some key take-aways:   •  There are really two sides of cyber security: prevention and detection. Everything else generally falls under one of these two categories.    •  You’re going to miss things with prevention technology, which is why you have to have a detection piece in place. And you have to focus on both inbound and outbound traffic if you’re going to detect both outsider and insider threats.    •  One of the biggest issues with detection is a lack of resources. IT is being bombarded by sometimes thousands of alerts daily, and they’re simply not equipped to handle them all. The proposed solution is to tune down false positives and focus on the biggest threats.   •  In situations where you can’t possibly address every threat, you have to make sacrifices and choose to address the most impactful threat.    •  When determining a hierarchy of importance with server-based threats, malicious code that’s impacting the operating system that runs every time you restart the system will take priority over something that isn’t a threat when the computer’s turned off. With network-based threats, again, you need to determine which threat has the most impact and address that if you can’t address each.    •  There are two types of insider threats: the malicious employee and the good intentioned employee inadvertently doing bad things. Both can cause damage, but how you approach each differs. With malicious employees, prevention through limiting and controlling access is the best approach. With employees who are inadvertently causing harm, the best approach is detection, because they won’t be covering their tracks.    •  CISOs and CIOs need to understand where the damage is caused and use that information to build better security. Always have the mindset of “There’s a creative way to get this done.”   •  Threat hunting is an approach that some businesses take — somewhat in the same spirit as a hackathon. With threat hunting, you assume your network is compromised and then find the adversary. The thing is: many times, businesses that do this actually end up finding an insider threat.    •  Focusing on the base core components rather than the specific threats and exploits keeps you flexible and more open to see and spot potential issues.   Some interesting quotes from today’s episode: “Most companies want to focus all their energy on prevention — on stopping the adversary. The problem is you can only prevent things that are 100% bad, 100% of the time. Which means if something is bad 90% of the time, you can't prevent it because that would be blocking 10% of legitimate traffic.”   “I call it the car alarm issue. When we used to be able to go to malls, and you were walking through a mall, if somebody's car alarm was going off, what did you do? You just kept walking. You didn't call the police. Because they go off with such high frequency we become numb to it. We totally ignore it. And that's the problem with detection.”   “I would rather catch the 10% that are most significant than miss 100% because of the noise.”    “Now this is where world-class security engineers get themselves into trouble because they can't help but say, ‘But they're both important!’ Yes, they're both important. But if you can't do both, greatest good. You sometimes have to make sacrifices.”    “When you're talking about the deliberate malicious insider, because they know they're causing harm, they're going to cover their tracks. So in that case, you really have to focus a lot on prevention. Limit the access that they need to do their job…Go with the principle that we call ‘least privilege’ — only give people the absolute minimal access they need to do their job.”   “If you go in and look at Edward Snowden, when you do the analysis post-mortem, 80% of the data that he stole that harmed this country, he did not need access to to do his job.”   “On the accidental insider — the one that is thinking they're doing good, but inadvertently causing harm — that’s where detection is powerful, because they don't know they're doing harm, so they're not going to try to cover or hide themselves.”    “What I find today is if somebody needs something to do their job and you just tell them no and block it, they're going to do it anyway and just treat it as a covert mission.  So what I would do in that situation is, I would go to them and say, ‘Listen, what functionality do you need? Don't tell me, you need a USB drive. Tell me what are the actions that are needed’.”   “How specifically the threat works, how specifically the exploit propagates, I don't care because it would be too much work. I'm going to focus on those base core components. And once again, based on my experience, it works most of the time.”

Dr. Cole has a master's degree in computer science from NYIT and a doctorate from Pace University with a concentration in information security. He served as CTO of McAfee and Chief Scientist for Lockheed Martin. Dr. Cole is the author of several books, including Advanced Persistent Threat, Hackers Beware, Hiding in Plain Sight, Network Security Bible 2nd Edition, and Insider Threat. He is the inventor of over 20 patents and is a researcher, writer, and speaker. He is also a member of the Commission on Cyber Security for the 44th President and several executive advisory boards. Dr. Cole is the founder and an executive leader at Secure Anchor Consulting where he provides leading-edge cybersecurity consulting services, expert witness work, and leads research and development initiatives to advance the state-of-the-art in information systems security. Social Links for Dr. Cole: YOUTUBE: https://www.youtube.com/channel/UCwg_j4TF1dnP9OZFXzYussA TWITTER: https://twitter.com/drericcole​ FACEBOOK: https://www.facebook.com/DrEricCole/​ INSTAGRAM: https://www.instagram.com/drericcole/​ E-Books by Dr. Eric Cole: Threat Hunting: https://ar407.isrefer.com/go/mm2ythun Insider Threat: https://ar407.isrefer.com/go/mm2ytit/...​ Online Danger: https://www.onlinedanger.com

In this episode, we discuss the rapidly evolving cybersecurity environment and what it takes to secure a system today, and the impact of remote work and remote system access on cybersecurity.   Eric Cole is the CEO and Founder of Secure Anchor Consulting. Secure Anchor Consulting provides high-touch cybersecurity services that help organizations prevent security breaches, detect network intrusions, and respond to advanced threats. Twitter: @drericcole secure-anchor.com ecole@secure-anchor.com     IoT ONE is a IIoT focused research and advisory firm. We provide research to enable you to grow in the digital age. Our services include market research, competitor information, customer research, market entry, partner scouting, and innovation programs. For more information, please visit iotone.com

You’ve seen bits and pieces of the SolarWinds story in the news, but what actually happened (to the best of our knowledge) and what can CISOs learn from it?  On this episode of Cyber Security Inside, Tom and Camille invite Dr. Eric Cole, CEO and founder of Secure Anchor Consulting, onto the show to talk about the SolarWinds hack.    Plus, during Fun Facts: •  What’s an early sign of Alzheimer’s or dementia? •  What did people believe would kill you in 1954?  •  Why was a donkey-less game named Donkey Kong?   Tune in to find out. This is one you can’t miss!   Here are some key take-aways: •  Large-scale data breaches all share one commonality: a lack of awareness about unprotected data. •  When it comes to asset inventory and patching configuration management, automation is key. Businesses can’t rely solely on humans to get the job done. There’s technology available that can recognize when a new asset appears, so businesses only have to respond when there’s a problem. They don’t have to be looking 24/7.  •  The SolarWinds attack was a two component attack. First was the attack against SolarWinds to modify their source code for their Orion product. Second, was the distribution of a malicious update to all of their clients (which then created a back door). •  Unlike attacks in the past where a specific company is targeted, with the SolarWinds attack, it’s more likely that a list of companies was compiled. From there, the hackers looked for common denominators between those companies in search of a way in. •  There wasn’t a single point of failure with the SolarWinds attack. Source code shouldn’t have been directly accessible on Internet facing systems; checks and validations should have been done before sending out updates; and checking and testing should have been done in-house. •  If you have servers or software from a third-party vendor, that needs to be isolated on a separate segment and going through a firewall. •  Businesses should always be watching outbound traffic for anomalies.  •  The SolarWinds hackers knew that it’s not uncommon for vendors to push out patches for software. So, they made their malicious code look like a patch update. •  Not all SolarWinds customers were affected. With this attack, you had to be running a specific version of SolarWinds in order to be affected.  •  These types of attacks aren’t typically spotted by security departments. They are usually caught as a result of performance issues with IT equipment. The reason is the attackers are clever enough to fly under the radar with security, but they don’t understand the thresholds of the hardware. •  Even if you’re not a customer of SolarWinds, you need to work with your suppliers to ensure that they weren’t attacked through SolarWinds.  •  What else do you need to do now? Design as if you were compromised and it will happen again.    Some interesting quotes from today’s episode:   “When you're looking at any of the large-scale data breaches over the last five years, anytime you're seeing more than 50 million records compromised, it's pretty much the same exact playbook. There is a server visible from the Internet that the organization isn't aware of. It's missing a patch. It contains critical data. And that data is not properly encrypted or protected.”   “The real big problem is companies don't have a hundred percent asset inventory and therefore they don't know what's out there and they can't patch it, protect it, or secure their data.”   “Anything that's based on a human is eventually going to fail. But computers are systematic and can be programmed.”   “In the past, if I wanted to target Company X, I break into company X. If I want to break into Company Y, I target them individually. But in this case, they went in and said, ‘Okay, we want to break into all these companies. How do we go after it?’”  “I will tell you how I would have done this attack when I was on the offensive side. I would have put together a list of the companies and government entities that I wanted to break into. I would then start looking at what is the common denominator?”   “They got access to one of those computers. They used that computer to set up what we call a pivot point. They did lateral movement into the network and ultimately found the source code computers. Then from there, they were able to upload malicious code into that source code…They then push that update out to all of the clients. And then all of those systems got infected, installed malware, and then set up outbound command and control channels to communicate with the adversary.”   “Now whether they broke into other vendors is yet to be seen. Remember, most organizations don't detect attacks for two to three years.”   “What they were going after on the source code is the ability to take control of the client computers that ran the SolarWinds software. So essentially what they wanted to do is have a command and control piece of code that, once it was installed on the system, would then be able to take control, make outbound connections, and give somebody access to those networks.”   “I believe they had a long list and they had specific reasons and goals for each of those. Because the malicious code that got distributed with the SolarWinds software, it didn't specifically gather data, exfiltrate data, or delete data. What it did is create access paths for the adversary. So all we know is that the adversary wanted to gain access to this list of networks.”   “That's the interesting thing with not only SolarWinds, but most of these other attacks that we've seen over the last three years. It's typically the IT department that catches it. It's not the security department.”   “At some point they make the false conclusion, ‘Oh, no one's going to catch us. We've been doing it for two years.’ And then they start cranking it up and they inadvertently go in and overload the computer systems. Because these attackers know how to bypass the security equipment, but they don't know the thresholds of the IT equipment.”    “It's often ‘Let's get access and maintain the access to see what we can do, so we can use it at a later point in time.’ Sometimes it's the cell access. Sometimes it's to ransom it back to the company. Sometimes it's to sell to a third party. But the name of the game now is whoever has access wins the game. And that definitely looks like what they were after with the SolarWinds attack.”   “The best bet is to assume that you were compromised and use this as a lesson learned. It will happen to you. You have software vendors, you have components. SolarWinds was not the first and they won't be the last. So you need to go in and assume that you were compromised. Be proactive. And then whatever you would have done to respond to an actual compromise, those are the things you need to put in place today.”

I spoke with Dr. Eric Cole, the founder of Secure Anchor Consulting, a provider of cybersecurity solutions and services. We discussed the most significant cybersecurity issues that law firms and law department leaders should be aware of in 2021, how the pandemic has changed the way organizations manage their cybersecurity, and the potential threats that professionals could face in the coming year.

I spoke with Dr. Eric Cole, the founder of Secure Anchor Consulting, a provider of cybersecurity solutions and services. We discussed the most significant cybersecurity issues that law firms and law department leaders should be aware of in 2021, how the pandemic has changed the way organizations manage their cybersecurity, and the potential threats that professionals could face in the coming year.

Dr. Eric Cole is Dialedin / Episode 80 Dr. Cole is a cybersecurity expert frequently called upon by major media outlets such as CNBC and FOX, he's an official member of the Forbes Technology Council, and the founder and CEO of Secure Anchor Consulting providing expertise across the whole spectrum of cyber security, including perimeter defense, secure network design, vulnerability discovery, penetration testing, and intrusion detection systems. Topic: "You Are a Target" -=- Sponsored by Acuerdo.io the Orchestration Agency for the Future of Work™ The Dialedin + ElevateXchange series consists of weekly interviews with leading chief information officers (CIOs), chief information security officers (CISOs), & directors of information technology (IT Directors) YouTube | Linkedin | Dialedin - #Dialedin --- Send in a voice message: https://anchor.fm/dialedin/message

Since the Internet has become an important part of our lives, the cyberattacks have grown in number, significance, and the damage they can do to us. Unfortunately, most people still don’t take cybersecurity seriously because they believe only the important institutions are targeted. But, as our guest today stressed many times in this episode, everybody is a target, regardless of their financial status, and it’s our job to protect ourselves. Luckily, as cyberattacks intensify, so does cybersecurity, and there are people like Dr. Cole that have made it their mission to make cyberspace a safe place to live, work, and raise a family. Dr. Eric Cole is a distinguished cybersecurity expert and keynote speaker, with more than 30 years of experience, who helps organizations curtail the risk of cyber threats. He has worked with a variety of clients, ranging from Fortune 500 companies to top International organizations, banks, CIA, and he’s been the featured speaker at many security events and has been interviewed by several chief media outlets, such as CNN, CBS News, Fox News, 60 Minutes. Eric focuses on creating, enhancing, and solving complex problems. He is the founder of Secure Anchor Consulting – a leading provider of cybersecurity solutions and services. As you can tell by this description already, he’s the go-to guy for all the cybersecurity concerns you might have, whether in your personal or your professional life. If you want to find out more about the first steps you can take right now, to protect your online life, then tune into Episode 240 of Becoming Your Best, and learn cybersecurity 101 from an industry expert! Some questions I ask: What’s your background, and how did you end up in cybersecurity? (02:22) How did you keep your feet under you with all those noes, and keep moving forward and looking for the ‘Yes’? (07:30) How do you help people in the cybersecurity space? (12:14) What are some of your favorite stories from being a hacker for the CIA? (13:42) What are some of the dangers of cyberspace? (15:11) How do we recognize these cybersecurity threats and protect ourselves from them? (17:46) In this episode, you will learn: The importance of always asking questions even if no one else is. (03:39) Persistence is the key to finding the “Yes” you need. (04:44) Getting laser-focused on one thing only can help you create the life that you want. (08:53) The two-year rule that Eric applies to his goals and ideas. (10:08) Eric’s mission for his business. (11:26) What steps you should take to protect yourself if you do online banking. (18:49) Why you should not ignore any anomaly in your accounts - however small - and what action you can take. (20:58) What ransomware means and how you can protect your data from such attacks. (22:35) What Windows users can do to protect themselves from malware. (24:05) Connect with Dr. Cole: Website Book: Online Danger Facebook Page LinkedIn Twitter Instagram Becoming Your Best Resources: Becoming Your Best Website Becoming Your Best University Website Becoming Your Best Library Email: support@becomingyourbest.com Book: Becoming Your Best: The 12 Principles of Highly Successful Leaders Book: Conquer Anxiety: How to Overcome Anxiety and Optimize Your Performance Facebook Group – Conquer Anxiety See acast.com/privacy for privacy and opt-out information.

In this episode I interview Dr. Eric Cole, who is the CEO and founder of Secure Anchor Consulting. Secure Anchor Consulting is a global leader in information security services for Fortune 500 companies, financial institutions, international organizations and the federal government. Eric started with the CIA as an intern and progressed to roles as a Program Manager and Technical Director with the Internet Program Team, which specializes in rapid development and exploitation of the latest internet technologies. The team designs, develops, tests, and deploys products in three to six month intervals. This experience has solidified his desire to use technology in support of the country, and to protect both public and private resources from cyber adversaries. In this episode we discuss: Helping out his dad at the garden center [4:05] Hustling when he was younger [5:01] An opportunity that he regretted accepting [6:30] Lessons from being a professional hacker for the CIA [8:16] Making cyberspace safe with his business Secure Anchor Consulting [10:02] Tips on explaining complex topics [12:22] How he applied Blue ocean strategy to his business [15:04] Plans on growing and expanding his business [17:57] Creating metric, systems and processes [20:02] Companies that are at risk for cyber attacks [23:10] The questions you need to ask to find out if you need to secure your website [24:51] How to find out how often you're data gets attacked [27:20] What happens when you get hacked [29:02] Mac vs Windows, which is more secure? [30:43] How to know more about cyber security [33:31] Quotable Quotes If you're not willing to live your dreams, somebody will pay you to build theirs. You can ask the same person 3 different ways. One way they're super excited and they're gonna do an amazing job. The second way they'll do the job but they're going to be angry and mad. The third way is they'll do a crappy job. And it's all in how you ask them. If you want to be a good teacher, know your technology really well or be entertaining. But if you want to be an amazing teacher, do both. Smart people know the right answer and brilliant people ask the right questions. So, I would say ask questions. Some of the questions you want to ask are: what is our critical data? Where is that critical data located? What would be considered a really bad day if we got hacked? How many times do we get attacked a day? Links to sources and tools Follow Dr Eric Cole on social media: LinkedIn: https://www.linkedin.com/in/ericcole1/ Facebook page: https://www.facebook.com/DrEricCole/ Twitter: https://twitter.com/drericcole Instagram: https://www.instagram.com/drericcole/ Go to https://www.secure-anchor.com/ to learn more about Secure Anchor Consulting and their services Support our podcast Rate and review: https://podcasts.apple.com/us/podcast/pass-the-secret-sauce-by-matt-shields/id1506940483 the podcast on iTunes or wherever you subscribe. Tell a family member, friend, or colleague about the show. Subscribe: https://podcasts.apple.com/us/podcast/pass-the-secret-sauce-by-matt-shields/id1506940483 so you never miss an episode. Subscribe to us on YouTube

Dr. Eric Cole, CEO of Secure Anchor Consulting, considered to be one of the Nation’s Top Cyber Security Experts, advising President Obama, the CIA, Bill Gates, McAfee, & Lockheed Martin, author of many books on cyber-security participates in Risk Roundup to discuss the “Current State of Cyber Defense.” Cyber Defense When security risks from cyberspace, merge, and converge with […] The post The Current State Of Cyber Defense appeared first on Risk Group.

Dr. Eric Cole is the leading cybersecurity expert in the world, known as the go-to for major political and business power players. Full Show Notes: https://wiki.securityweekly.com/Episode590 Follow us on Twitter: https://www.twitter.com/securityweekly

This week, we welcome Dr. Eric Cole, the Founder and CEO of Secure Anchor Consulting for an interview! In the Technical segment, our very own Joff Thyer will be demonstrating some syntax with PowerShell useful for transferring data into a network while pen testing! In the Security News, two code execution flaws patched in Drupal, 773 million records exposed in massive data breach, prices for Zero-Day Exploits are rising, new attacks target recent PHP Framework Vulnerability, Microsoft launches a new Azure DevOps Bug Bounty program, and more!   Full Show Notes: https://wiki.securityweekly.com/Episode590 Visit https://www.securityweekly.com/psw for all the latest episodes! For more information about Black Hills Information Security, visit: securityweekly.com/bhis   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Dr. Eric Cole is the leading cybersecurity expert in the world, known as the go-to for major political and business power players. Full Show Notes: https://wiki.securityweekly.com/Episode590 Follow us on Twitter: https://www.twitter.com/securityweekly

This week, we welcome Dr. Eric Cole, the Founder and CEO of Secure Anchor Consulting for an interview! In the Technical segment, our very own Joff Thyer will be demonstrating some syntax with PowerShell useful for transferring data into a network while pen testing! In the Security News, two code execution flaws patched in Drupal, 773 million records exposed in massive data breach, prices for Zero-Day Exploits are rising, new attacks target recent PHP Framework Vulnerability, Microsoft launches a new Azure DevOps Bug Bounty program, and more!   Full Show Notes: https://wiki.securityweekly.com/Episode590 Visit https://www.securityweekly.com/psw for all the latest episodes! For more information about Black Hills Information Security, visit: securityweekly.com/bhis   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This podcast was originally broadcast in November 2017. Listen in for great threat hunting insights from Bob Stasio, program director of cyber threat hunting and analysis at IBM Security and special guest Dr. Eric Cole, founder of Secure Anchor Consulting. To learn more, read Eric's Security Intelligence blog series on threat hunting [ibm.co/2hQ535Y] and follow both Bob [bit.ly/2haHdAX] and Eric [bit.ly/2znGgNX] on Twitter.

Marian Harkin, European Union Parliament Member representing Ireland, discusses Brexit and the border between Northern Ireland and the Republic. Jennifer Bartashus, Senior U.S. Food Retail Analyst for Bloomberg Intelligence, and Alan Bjerga, Bloomberg agriculture reporter, on Walmart: farming drones and e-commerce whistle blower.Chuck Lieberman, Bloomberg Prophet and Chief Investment Officer & Managing Partner Advisors Capital Management LLC, on more bad news for the MLP sector. Dr. Eric Cole, CEO of Secure Anchor Consulting, and former Technical Director for the C.I.A. who served on the Cybersecurity Commission for President Obama, discusses the Russian hack on US critical infrastructure.

Have questions about what threat hunting is or how and when to use it? Then this is the podcast you've been waiting for. Listen in for great threat hunting insights from Bob Stasio, program director of cyber threat hunting and analysis at IBM Security and special guest Dr. Eric Cole, founder of Secure Anchor Consulting. To learn even more, read Eric's recent Security Intelligence blog series [https://ibm.co/2hQ535Y] and follow Bob [http://bit.ly/2haHdAX] and Eric [http://bit.ly/2znGgNX] on Twitter.