POPULARITY
CyberMarket.com is a marketplace where CyberSecurity Consultancies and clients can find each other. There is a growing trend where CyberSecurity Consultants recognize the gap between what they are worth to a consultancy as being sold out for a daily rate compared to what they get paid. There are a number of consultants who are leaving consultancies to start the next generation of independent / boutique consultancies but they don't have a sales pipeline and sales staff like their old consultancies do. CyberMarket.com is a place to help facilitate the sales pipeline for cybersecurity consultancies of various sizes. Segment Resources: https://www.cybermarket.com There is a blog at https://www.cybermarket.com/homes/blog where an article to help people to start up their own cybersecurity consultancy can be found. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw703
This week, we kick off the show with an interview featuring Jeff Tinsley, CEO of RealMe, to talk about The Online Safety and Security as it Pertains to Dating Apps and Online Marketplaces! Next up, we welcome Gordon Draper, Founder and CEO of CyberMarket.com, to talk about the Democratisation and Globalisation of CyberSecurity Consulting! In the Security News, Trust no one, its all about the information, so many Windows vulnerabilities and exploits, so. many., Saudi Aramco data for sale, Sequoia, a perfectly named Linux vulnerability, is Microsoft a national security threat?, Pegasus and clickless exploits for iOS, homoglyph domain takedowns, when DNS configuration goes wrong and a backdoor in your backdoor! Show Notes: https://securityweekly.com/psw703 Segment Resources: https://www.cybermarket.com There is a blog at https://www.cybermarket.com/homes/blog where an article to help people to start up their own cybersecurity consultancy can be found. Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we kick off the show with an interview featuring Jeff Tinsley, CEO of RealMe, to talk about The Online Safety and Security as it Pertains to Dating Apps and Online Marketplaces! Next up, we welcome Gordon Draper, Founder and CEO of CyberMarket.com, to talk about the Democratisation and Globalisation of CyberSecurity Consulting! In the Security News, Trust no one, its all about the information, so many Windows vulnerabilities and exploits, so. many., Saudi Aramco data for sale, Sequoia, a perfectly named Linux vulnerability, is Microsoft a national security threat?, Pegasus and clickless exploits for iOS, homoglyph domain takedowns, when DNS configuration goes wrong and a backdoor in your backdoor! Show Notes: https://securityweekly.com/psw703 Segment Resources: https://www.cybermarket.com There is a blog at https://www.cybermarket.com/homes/blog where an article to help people to start up their own cybersecurity consultancy can be found. Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
CyberMarket.com is a marketplace where CyberSecurity Consultancies and clients can find each other. There is a growing trend where CyberSecurity Consultants recognize the gap between what they are worth to a consultancy as being sold out for a daily rate compared to what they get paid. There are a number of consultants who are leaving consultancies to start the next generation of independent / boutique consultancies but they don't have a sales pipeline and sales staff like their old consultancies do. CyberMarket.com is a place to help facilitate the sales pipeline for cybersecurity consultancies of various sizes. Segment Resources: https://www.cybermarket.com There is a blog at https://www.cybermarket.com/homes/blog where an article to help people to start up their own cybersecurity consultancy can be found. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw703
This week in the Leadership and Communications section, How much does a CEO or business leader need to know about cybersecurity, How businesses can drive innovation while delivering operational excellence, 6 resume mistakes CISOs still make, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw224
In light of recent events and the pressures of the digital world, the landscape is finally shifting towards risk. The opportunity for cyber risk profiling, standardization, and seamless collaboration between CISOs, CIOs, and business-side leadership has come. Padraic O'Reilly, Co-Founder and CPO of CyberSaint discusses what he's learned from working with members of the Global 500 to achieve truly continuous compliance and risk management, and how CyberSaint is delivering Cyber Risk Automation with it's CyberStrong platform. In the Leadership and Communications section, How much does a CEO or business leader need to know about cybersecurity, How businesses can drive innovation while delivering operational excellence, 6 resume mistakes CISOs still make, and more! Show Notes: https://securityweekly.com/bsw224 To learn more about CyberSaint, please visit: https://securityweekly.com/cybersaint Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
In light of recent events and the pressures of the digital world, the landscape is finally shifting towards risk. The opportunity for cyber risk profiling, standardization, and seamless collaboration between CISOs, CIOs, and business-side leadership has come. Padraic O'Reilly, Co-Founder and CPO of CyberSaint discusses what he's learned from working with members of the Global 500 to achieve truly continuous compliance and risk management, and how CyberSaint is delivering Cyber Risk Automation with it's CyberStrong platform. In the Leadership and Communications section, How much does a CEO or business leader need to know about cybersecurity, How businesses can drive innovation while delivering operational excellence, 6 resume mistakes CISOs still make, and more! Show Notes: https://securityweekly.com/bsw224 To learn more about CyberSaint, please visit: https://securityweekly.com/cybersaint Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week in the Leadership and Communications section, How much does a CEO or business leader need to know about cybersecurity, How businesses can drive innovation while delivering operational excellence, 6 resume mistakes CISOs still make, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw224
The crown jewels are those assets representing the highest value to the organization and deserve the greatest investment to protect. Join this podcast to learn the importance of protecting these crown jewels throughout the information life cycle. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/04/CISOCOMPASS_Steve_Durbin_Article.pdf Durbin,S. 2019. Protecting the “Crown Jewels”. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 77. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleadersFollow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/
This week in the Security News: LinkedIn breach exposes user data, Why MTTR is Bad for SecOps, 3 Things Every CISO Wishes You Understood, USA as a Cyber Power, is ignorance bliss for hackers, flaws let you hack an ATM by waving your phone, PrintNightmare, Bitcoins from Banks and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw701
This week in the Security News: LinkedIn breach exposes user data, Why MTTR is Bad for SecOps, 3 Things Every CISO Wishes You Understood, USA as a Cyber Power, is ignorance bliss for hackers, flaws let you hack an ATM by waving your phone, PrintNightmare, Bitcoins from Banks and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw701
This week, we kick off the show with an interview featuring Rob Shavelle, Co-Founder and CEO of Abine & DeleteMe, to talk about New Security Threats Stemming from PII Online! Then, Haseeb Awan, CEO of EFANI Inc, joins to discuss the The Rise of Sim Swapping! In the Security News, LinkedIn breach exposes user data, Why MTTR is Bad for SecOps, 3 Things Every CISO Wishes You Understood, USA as a Cyber Power, is ignorance bliss for hackers?, flaws let you hack an ATM by waving your phone, and more! Show Notes: https://securityweekly.com/psw701 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we kick off the show with an interview featuring Rob Shavelle, Co-Founder and CEO of Abine & DeleteMe, to talk about New Security Threats Stemming from PII Online! Then, Haseeb Awan, CEO of EFANI Inc, joins to discuss the The Rise of Sim Swapping! In the Security News, LinkedIn breach exposes user data, Why MTTR is Bad for SecOps, 3 Things Every CISO Wishes You Understood, USA as a Cyber Power, is ignorance bliss for hackers?, flaws let you hack an ATM by waving your phone, and more! Show Notes: https://securityweekly.com/psw701 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
In the Leadership and Communications section: Cybersecurity today requires greater digital and business understanding, 12 skills business continuity managers need to succeed, SOC burnout is real: 3 preventative steps every CISO must take, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw222
The CISO is often in a position where vulnerabilities are known and implementing a product may result in an insecure product. Should the CISO say ‘no we can't do that', or ‘figure out how to make it happen?' Join this podcast to learn how a CISO was faced with this dilemma where he was asked by the business to implement a technology, where he had stacks of whitepapers indicating the technology was insecure. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/04/CISOCOMPASS_Dan_Lohrmann_Article.pdf Lohrmann, D. 2019. CISOs Need to be Enablers of Business Innovation-Here Is How. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 106. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald Show Notes: https://securityweekly.com/csp23 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/
In the Leadership and Communications section: Cybersecurity today requires greater digital and business understanding, 12 skills business continuity managers need to succeed, SOC burnout is real: 3 preventative steps every CISO must take, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw222
In the Security News for this week Paul and the crew talk: Windows 11, Drive-by RCE, Cookies for sale, McAfee has passed away, 30 Million Dell Devices at risk, & more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw700
Brief history and purpose of the CFAA. Discussion of the majority and dissenting "Van Buren" opinion. Implications for the computer forensic and security profession. Segment Resources: https://www.supremecourt.gov/opinions/20pdf/19-783_k53l.pdf Prosecuting Computer Crimes DOJ,: https://www.justice.gov/sites/default/files/criminal-ccips/legacy/2015/01/14/ccmanual.pdf "Computer Crime and Intellectual Property Section DOJ": https://www.justice.gov/criminal-ccips/ccips-documents-and-reports Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw700
Offensive Security expert Jim O'Gorman talks through his own career progression and training, revealing what it takes to be successful in infosec. He also covers key learning tracks and gives concrete examples of job roles available to those who prove themselves through industry certifications and other means. This segment is sponsored by Offensive Security. Visit https://securityweekly.com/offSec to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw700
In the Security News for this week Paul and the crew talk: Windows 11, Drive-by RCE, Cookies for sale, McAfee has passed away, 30 Million Dell Devices at risk, & more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw700
This week, we kick off the show with an interview featuring Jim O'Gorman, Chief Content and Strategy Officer at Offensive Security, to talk Career Pathing and Advice from Offensive Security! Then, Thomas Lonardo, an Associate Professor at Roger Williams University, joins to discuss the recent US Supreme Court Case ruling of Van Buren v. US! In the Security News, Windows 11, Drive-by RCE, Cookies for sale, McAfee has passed away, 30 Million Dell Devices at risk, & more! Show Notes: https://securityweekly.com/psw700 Segment Resources: Visit https://securityweekly.com/offSec to learn more about them! https://www.supremecourt.gov/opinions/20pdf/19-783_k53l.pdf: Prosecuting Computer Crimes DOJ,: https://www.justice.gov/sites/default/files/criminal-ccips/legacy/2015/01/14/ccmanual.pdf "Computer Crime and Intellectual Property Section DOJ": https://www.justice.gov/criminal-ccips/ccips-documents-and-reports Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we kick off the show with an interview featuring Jim O'Gorman, Chief Content and Strategy Officer at Offensive Security, to talk Career Pathing and Advice from Offensive Security! Then, Thomas Lonardo, an Associate Professor at Roger Williams University, joins to discuss the recent US Supreme Court Case ruling of Van Buren v. US! In the Security News, Windows 11, Drive-by RCE, Cookies for sale, McAfee has passed away, 30 Million Dell Devices at risk, & more! Show Notes: https://securityweekly.com/psw700 Segment Resources: Visit https://securityweekly.com/offSec to learn more about them! https://www.supremecourt.gov/opinions/20pdf/19-783_k53l.pdf: Prosecuting Computer Crimes DOJ,: https://www.justice.gov/sites/default/files/criminal-ccips/legacy/2015/01/14/ccmanual.pdf "Computer Crime and Intellectual Property Section DOJ": https://www.justice.gov/criminal-ccips/ccips-documents-and-reports Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Brief history and purpose of the CFAA. Discussion of the majority and dissenting "Van Buren" opinion. Implications for the computer forensic and security profession. Segment Resources: https://www.supremecourt.gov/opinions/20pdf/19-783_k53l.pdf Prosecuting Computer Crimes DOJ,: https://www.justice.gov/sites/default/files/criminal-ccips/legacy/2015/01/14/ccmanual.pdf "Computer Crime and Intellectual Property Section DOJ": https://www.justice.gov/criminal-ccips/ccips-documents-and-reports Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw700
Offensive Security expert Jim O'Gorman talks through his own career progression and training, revealing what it takes to be successful in infosec. He also covers key learning tracks and gives concrete examples of job roles available to those who prove themselves through industry certifications and other means. This segment is sponsored by Offensive Security. Visit https://securityweekly.com/offSec to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw700
Join Dr. Casey Marks for a two-part discussion of the merits of cybersecurity certification and learn whether and how it provides training or proves experience or both, the pros and cons, how to start or approach getting certified, and more! Visit https://www.securityweekly.com/scw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/scw77
Join Dr. Casey Marks' discussion of the merits of cybersecurity certification and learn whether and how it provides training or proves experience or both, the pros and cons, how to start or approach getting certified, and more. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw77
Join Dr. Casey Marks for a two-part discussion of the merits of cybersecurity certification and learn whether and how it provides training or proves experience or both, the pros and cons, how to start or approach getting certified, and more! Visit https://www.securityweekly.com/scw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw77
Join Dr. Casey Marks' discussion of the merits of cybersecurity certification and learn whether and how it provides training or proves experience or both, the pros and cons, how to start or approach getting certified, and more. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw77
Communication in any organization can be a challenge, especially when working with different levels of government and the various funding mechanisms. Join this podcast to lean how one State CISO navigated the rough waters by focusing on relationships and increased security spending and knowledge of security activities across government levels. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/04/CISOCOMPASS_Mark_Weatherford_Article.pdf Weatherford, M. 2019. Relationships Matter. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 473. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald Show Notes: https://securityweekly.com/csp22 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/
OpenWRT is a mature and well supported project. It is supported on many hardware platforms and available as production-level products. OpenWRT has developed into a platform that is filled with enterprise level features, making it a successful product for enterprise uses. Due to the fact that it will run on many IoT platforms, including home gateways, and has an easy-to-use web interface, it is also a great platform to use to start building a lab. Segment Resources: Company Website Link: xcapeinc.com Topic Link: openwrt.org Commercial Product for Topic Link: gl-inet.com Personal CI/CD Projects Link: gitlab.com/fossdevops Personal GitLab Link: gitlab.com/geneerik Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw698
OpenWRT is a mature and well supported project. It is supported on many hardware platforms and available as production-level products. OpenWRT has developed into a platform that is filled with enterprise level features, making it a successful product for enterprise uses. Due to the fact that it will run on many IoT platforms, including home gateways, and has an easy-to-use web interface, it is also a great platform to use to start building a lab. Segment Resources: Company Website Link: xcapeinc.com Topic Link: openwrt.org Commercial Product for Topic Link: gl-inet.com Personal CI/CD Projects Link: gitlab.com/fossdevops Personal GitLab Link: gitlab.com/geneerik Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw698
This week in the Security Weekly News, Paul and the Crew Talk: Nagios exploits, hacking a Boeing 747, bypass container image scanning, unpatchable new vulnerability in Apple M1 chips, stop blaming employees (Especially interns), spying on mac users, don't tip off the attackers, security researcher plows John Deere, when FragAttacks, security by design, & more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw696
This week in the Security Weekly News, Paul and the Crew Talk: Nagios exploits, hacking a Boeing 747, bypass container image scanning, unpatchable new vulnerability in Apple M1 chips, stop blaming employees (Especially interns), spying on mac users, don't tip off the attackers, security researcher plows John Deere, when FragAttacks, security by design, & more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw696
Rick Howard joins to talk about his Cybersecurity Canon project, the rock and roll hall of fame for Cybersecurity literature! The Cybersecurity Canon Committee has announced it's hall of winners for 2021. Segment Resources: https://icdt.osu.edu/cybercanon Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw696
Training is critical but it is tough to break away from the day to day. Polarity is running free 15 minute training sessions that leverage our community edition to leave you with a new ability to automate search and save time. Examples include, how to write basic regular expressions, how to find exploit code faster, basics of cyberchef, or how to read a malware sandbox report. Segment Resources: Sign up page: https://polarity.io/ctt/ Past 15min session with GreyNoise: https://youtu.be/sEWQbRU4Duc Teaser for future session on searching malware sandboxes: https://youtu.be/qo3GxeVSdGg Teaser for future session on searching for exploit code: https://youtu.be/mGcA8_8dPfg Teaser for future session on searching for YARA rules: https://youtu.be/Fx8d_fIeFy8 Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw696
Training is critical but it is tough to break away from the day to day. Polarity is running free 15 minute training sessions that leverage our community edition to leave you with a new ability to automate search and save time. Examples include, how to write basic regular expressions, how to find exploit code faster, basics of cyberchef, or how to read a malware sandbox report. Segment Resources: Sign up page: https://polarity.io/ctt/ Past 15min session with GreyNoise: https://youtu.be/sEWQbRU4Duc Teaser for future session on searching malware sandboxes: https://youtu.be/qo3GxeVSdGg Teaser for future session on searching for exploit code: https://youtu.be/mGcA8_8dPfg Teaser for future session on searching for YARA rules: https://youtu.be/Fx8d_fIeFy8 Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw696
Rick Howard joins to talk about his Cybersecurity Canon project, the rock and roll hall of fame for Cybersecurity literature! The Cybersecurity Canon Committee has announced it's hall of winners for 2021. Segment Resources: https://icdt.osu.edu/cybercanon Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw696
This week, Paul Battista, CEO of Polarity, joins us for an interview to talk about Polarity’s Power-up Sessions! Then, Rick Howard the CSO of The CyberWire, joins us to talk about the CyberSecurity Canon! In the Security News: Nagios exploits, hacking a Boeing 747, bypass container image scanning, unpatchable new vulnerability in Apple M1 chips, stop blaming employees (Especially interns), spying on mac users, don't tip off the attackers, security researcher plows John Deere, when FragAttacks, & security by design! Show Notes: https://securityweekly.com/psw696 Segment Resources: Sign up page: https://polarity.io/ctt/ Past 15min session with GreyNoise: https://youtu.be/sEWQbRU4Duc Teaser for future session on searching malware sandboxes: https://youtu.be/qo3GxeVSdGg Teaser for future session on searching for exploit code: https://youtu.be/mGcA8_8dPfg Teaser for future session on searching for YARA rules: https://youtu.be/Fx8d_fIeFy8 https://icdt.osu.edu/cybercanon Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul Battista, CEO of Polarity, joins us for an interview to talk about Polarity’s Power-up Sessions! Then, Rick Howard the CSO of The CyberWire, joins us to talk about the CyberSecurity Canon! In the Security News: Nagios exploits, hacking a Boeing 747, bypass container image scanning, unpatchable new vulnerability in Apple M1 chips, stop blaming employees (Especially interns), spying on mac users, don't tip off the attackers, security researcher plows John Deere, when FragAttacks, & security by design! Show Notes: https://securityweekly.com/psw696 Segment Resources: Sign up page: https://polarity.io/ctt/ Past 15min session with GreyNoise: https://youtu.be/sEWQbRU4Duc Teaser for future session on searching malware sandboxes: https://youtu.be/qo3GxeVSdGg Teaser for future session on searching for exploit code: https://youtu.be/mGcA8_8dPfg Teaser for future session on searching for YARA rules: https://youtu.be/Fx8d_fIeFy8 https://icdt.osu.edu/cybercanon Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Allan Friedman, Director of Cybersecurity Initiatives at NTIA, to discuss SBOM! What is SBOM? Who needs to think about this? Is this required today, and what might the future of compliance look like? What is in the recent EO? Show Notes: https://securityweekly.com/scw74 Segment Resources: https://ntia.gov/SBOM Visit https://www.securityweekly.com/scw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Allan Friedman, Director of Cybersecurity Initiatives at NTIA, to discuss SBOM! What is SBOM? Who needs to think about this? Is this required today, and what might the future of compliance look like? What is in the recent EO? Show Notes: https://securityweekly.com/scw74 Segment Resources: https://ntia.gov/SBOM Visit https://www.securityweekly.com/scw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
What is SBOM? Who needs to think about this? Is this required today, and what might the future of compliance look like? What is in the recent EO? Segment Resources: ntia.gov/SBOM Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw74
This week, in the Leadership and Communications section, CISOs Struggle to Cope with Mounting Job Stress, Corporate Compliance Strategies to Protect Data, Cybersecurity Metrics That Matter, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw218
What is SBOM? Who needs to think about this? Is this required today, and what might the future of compliance look like? What is in the recent EO? Segment Resources: ntia.gov/SBOM Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw74
This week, in the Leadership and Communications section, CISOs Struggle to Cope with Mounting Job Stress, Corporate Compliance Strategies to Protect Data, Cybersecurity Metrics That Matter, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw218
This week, we kick off the show with the Security News: Is the cyber NTSB a good thing?, Russian virtual keyboard for the win, information should be free, hang on while I unplug the Internet, security MUST be taken seriously, poison the water hole to poison the water, bombing hackers, how industry best practices have failed us?, publishing exploits is still a good thing regardless of what the studies say, & more! Then, we have a Technical Segment featuring our own Adrian Sanabria, & Sounil Yu from JupiterOne! Then we wrap up the show with a pre-recorded interview with ‘Wheel’ on the “21 Nails“ Exim Mail Server Vulns! Show Notes: https://securityweekly.com/psw695 Segment Resources: https://blog.qualys.com/vulnerabilities-research/2021/05/04/21nails-multiple-vulnerabilities-in-exim-mail-server Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we kick off the show with the Security News: Is the cyber NTSB a good thing?, Russian virtual keyboard for the win, information should be free, hang on while I unplug the Internet, security MUST be taken seriously, poison the water hole to poison the water, bombing hackers, how industry best practices have failed us?, publishing exploits is still a good thing regardless of what the studies say, & more! Then, we have a Technical Segment featuring our own Adrian Sanabria, & Sounil Yu from JupiterOne! Then we wrap up the show with a pre-recorded interview with ‘Wheel’ on the “21 Nails“ Exim Mail Server Vulns! Show Notes: https://securityweekly.com/psw695 Segment Resources: https://blog.qualys.com/vulnerabilities-research/2021/05/04/21nails-multiple-vulnerabilities-in-exim-mail-server Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
A flurry of legislative and legal activity is re-shaping the way privacy and cybersecurity professionals conduct business. As a result, in addition to actually carrying out their protection responsibilities, professionals charged with protecting private and confidential data must be also be constantly aware of these evolving regulatory and legal obligations. Segment Resources: https://www.otterbourg.com/assets/htmldocuments/Protecting%20Privilege%20in%20Cyberspace%20New%20York%20State%20Bar%20Association%20Erik%20Weinick%20March%202021.pdf Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw73
A flurry of legislative and legal activity is re-shaping the way privacy and cybersecurity professionals conduct business. As a result, in addition to actually carrying out their protection responsibilities, professionals charged with protecting private and confidential data must be also be constantly aware of these evolving regulatory and legal obligations. Show Notes: https://securityweekly.com/scw73 Segment Resources: https://www.otterbourg.com/assets/htmldocuments/Protecting%20Privilege%20in%20Cyberspace%20New%20York%20State%20Bar%20Association%20Erik%20Weinick%20March%202021.pdf Visit https://www.securityweekly.com/scw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
A flurry of legislative and legal activity is re-shaping the way privacy and cybersecurity professionals conduct business. As a result, in addition to actually carrying out their protection responsibilities, professionals charged with protecting private and confidential data must be also be constantly aware of these evolving regulatory and legal obligations. Segment Resources: https://www.otterbourg.com/assets/htmldocuments/Protecting%20Privilege%20in%20Cyberspace%20New%20York%20State%20Bar%20Association%20Erik%20Weinick%20March%202021.pdf Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw73
A flurry of legislative and legal activity is re-shaping the way privacy and cybersecurity professionals conduct business. As a result, in addition to actually carrying out their protection responsibilities, professionals charged with protecting private and confidential data must be also be constantly aware of these evolving regulatory and legal obligations. Show Notes: https://securityweekly.com/scw73 Segment Resources: https://www.otterbourg.com/assets/htmldocuments/Protecting%20Privilege%20in%20Cyberspace%20New%20York%20State%20Bar%20Association%20Erik%20Weinick%20March%202021.pdf Visit https://www.securityweekly.com/scw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Will Lin, founding team member at ForgePoint Capital and co-creator of the CISO community Security Tinkerers, discusses his passion for technology and how it led him to a career helping security companies launch, as well as his work supporting CISOs through collaboration and knowledge sharing. Show Notes: https://securityweekly.com/csp16 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/
This week in the Security Weekly News the crew talks: Pingback is back, was it ever really gone?, damn QNAP ransomeware, anti-anti-porn software, Qualcomm vulnerabilities, spreading pandas on Discord, the always popular Chinese APTs, exploits you should be concerned about, job expectations, westeal your crypto currency, quick and dirty python (without lists), new spectre attacks, Github says don't post evil malware and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw693
This week in the Security Weekly News the crew talks: Pingback is back, was it ever really gone?, damn QNAP ransomeware, anti-anti-porn software, Qualcomm vulnerabilities, spreading pandas on Discord, the always popular Chinese APTs, exploits you should be concerned about, job expectations, westeal your crypto currency, quick and dirty python (without lists), new spectre attacks, Github says don't post evil malware and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw693
US Congressman Jim Langevin joins to talk about Executive Orders, International Interest in Cyber, & more in this gripping interview! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw693
This week in the Security Weekly News Wrap Up Dr. Doug talks: Pings are bad, m'kay, Yahoo Answers, Python ipaddress bugs and the curse of octal, Deepfakes, Qualcom, Spectre, First Horizon Bank, & the show Wrap Ups for this week! Show Notes: https://securityweekly.com/swn120 Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, Bob Erdman, Associate Director of Development at Core Security, joins us for an interview to talk about Building a Risk-Based Vulnerability Management Program! Then, Jim Langevin, US Congressman at the US House of Representatives, joins us for a discussion on Biden Administration EO on Cyber! In the Security News, Pingback is back, was it ever really gone?, damn QNAP ransomeware, anti-anti-porn software, Qualcomm vulnerabilities, spreading pandas on Discord, the always popular Chinese APTs, exploits you should be concerned about, job expectations, westeal your crypto currency, quick and dirty python (without lists), new spectre attacks, Github says don't post evil malware and more! Show Notes: https://securityweekly.com/psw693 Segment Resources: https://www.coresecurity.com/blog/how-mature-your-vulnerability-management-program https://www.coresecurity.com/blog/when-use-pen-test-and-when-use-vulnerability-scan https://www.digitaldefense.com/blog/infographic-risk-based-vulnerability-management/ Visit https://securityweekly.com/coresecurity to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week in the Security Weekly News Wrap Up Dr. Doug talks: Pings are bad, m'kay, Yahoo Answers, Python ipaddress bugs and the curse of octal, Deepfakes, Qualcom, Spectre, First Horizon Bank, & the show Wrap Ups for this week! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn120
US Congressman Jim Langevin joins to talk about Executive Orders, International Interest in Cyber, & more in this gripping interview! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw693
This week in the Security Weekly News Wrap Up Dr. Doug talks: Pings are bad, m'kay, Yahoo Answers, Python ipaddress bugs and the curse of octal, Deepfakes, Qualcom, Spectre, First Horizon Bank, & the show Wrap Ups for this week! Show Notes: https://securityweekly.com/swn120 Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, Bob Erdman, Associate Director of Development at Core Security, joins us for an interview to talk about Building a Risk-Based Vulnerability Management Program! Then, Jim Langevin, US Congressman at the US House of Representatives, joins us for a discussion on Biden Administration EO on Cyber! In the Security News, Pingback is back, was it ever really gone?, damn QNAP ransomeware, anti-anti-porn software, Qualcomm vulnerabilities, spreading pandas on Discord, the always popular Chinese APTs, exploits you should be concerned about, job expectations, westeal your crypto currency, quick and dirty python (without lists), new spectre attacks, Github says don't post evil malware and more! Show Notes: https://securityweekly.com/psw693 Segment Resources: https://www.coresecurity.com/blog/how-mature-your-vulnerability-management-program https://www.coresecurity.com/blog/when-use-pen-test-and-when-use-vulnerability-scan https://www.digitaldefense.com/blog/infographic-risk-based-vulnerability-management/ Visit https://securityweekly.com/coresecurity to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Software Bill of Materials (SBOM) are used to describe the list of ingredients for the software that organizations create or acquire. There's a rapidly expanding community of adopters, implementers, and producers that are creating, consuming, and analyzing them en mass. What are the benefits of SBOMs and what types of risk that can be identified through their use? Segment Resources: https://cyclonedx.org/ https://www.ntia.gov/sbom https://owasp.org/scvs https://dependencytrack.org/ Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw226
Software Bill of Materials (SBOM) are used to describe the list of ingredients for the software that organizations create or acquire. There's a rapidly expanding community of adopters, implementers, and producers that are creating, consuming, and analyzing them en mass. What are the benefits of SBOMs and what types of risk that can be identified through their use? Segment Resources: https://cyclonedx.org/ https://www.ntia.gov/sbom https://owasp.org/scvs https://dependencytrack.org/ Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw226
Healthcare security today is much more complex with integrated clinical systems and connected community networks. No longer are the medical records stored with a single provider. Join this podcast to learn how one Healthcare CISO is forging relationships and having the appropriate risk-based discussions at the right levels to address the challenge. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/04/CISOCOMPASS_Erik_Decker_Article.pdf Decker, E. 2019. Healthcare Cybersecurity. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 106. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald Show Notes: https://securityweekly.com/csp15 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/
Graham Keavney, President at Cybersecurity Collaboration Forum, joins us to provide an overview of the Cybersecurity Collaboration Forum and the benefits of CISO peer-to-peer networks. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw215
Graham Keavney, President at Cybersecurity Collaboration Forum, joins us to provide an overview of the Cybersecurity Collaboration Forum and the benefits of CISO peer-to-peer networks. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw215
Currently, in the United States, there are over 87 billion square feet of commercial real estate. Smart Building control systems pervasive throughout these buildings and helped increase efficiency, profitability, and the occupant experience. This increase of this technology has exponentially increased the attack surface of companies. In this episode, Fred Gordy will discuss findings, attacks, and IT-induced events that he and his team have seen from the thousands of assessments they have performed in the US, Canada, and overseas. He will also provide low-cost basic practices to decrease exposure to these events. Segment Resources: Intelligent Buildings - https://www.intelligentbuildings.com/ Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw692
This week, Fleming Shi, CTO of Barracuda Networks, joins us for an interview to talk about Protecting the Hybrid Workforce! Then, Fred Gordy, Director of Cybersecurity at Intelligent Buildings, joins us for a discussion on Smart Building Control System Cybersecurity - The Real World! In the Security News, Penetration testing leaving organizations with too many blind spots, A New PHP Composer Bug Could Enable Widespread Supply-Chain Attacks, Apple AirDrop Vulnerability Exposes Users’ Personal Information, Darkside Ransomware gang aims at influencing the stock price of their victims, Security firm Kaspersky believes it found new CIA malware, and a Hacker leaks 20 million alleged BigBasket user records for free! All that and more on this episode of Paul's Security Weekly! Show Notes: https://securityweekly.com/psw692 Segment Resources: Visit https://securityweekly.com/barracuda to learn more about them! Intelligent Buildings - https://www.intelligentbuildings.com/ Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Currently, in the United States, there are over 87 billion square feet of commercial real estate. Smart Building control systems pervasive throughout these buildings and helped increase efficiency, profitability, and the occupant experience. This increase of this technology has exponentially increased the attack surface of companies. In this episode, Fred Gordy will discuss findings, attacks, and IT-induced events that he and his team have seen from the thousands of assessments they have performed in the US, Canada, and overseas. He will also provide low-cost basic practices to decrease exposure to these events. Segment Resources: Intelligent Buildings - https://www.intelligentbuildings.com/ Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw692
This week, Fleming Shi, CTO of Barracuda Networks, joins us for an interview to talk about Protecting the Hybrid Workforce! Then, Fred Gordy, Director of Cybersecurity at Intelligent Buildings, joins us for a discussion on Smart Building Control System Cybersecurity - The Real World! In the Security News, Penetration testing leaving organizations with too many blind spots, A New PHP Composer Bug Could Enable Widespread Supply-Chain Attacks, Apple AirDrop Vulnerability Exposes Users’ Personal Information, Darkside Ransomware gang aims at influencing the stock price of their victims, Security firm Kaspersky believes it found new CIA malware, and a Hacker leaks 20 million alleged BigBasket user records for free! All that and more on this episode of Paul's Security Weekly! Show Notes: https://securityweekly.com/psw692 Segment Resources: Visit https://securityweekly.com/barracuda to learn more about them! Intelligent Buildings - https://www.intelligentbuildings.com/ Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
All disciplines need to be able to demonstrate added value and track the ability to improve upon the current practices. The board, technical management, auditors, and engineers may each need a different view of the security initiatives performed. Join this podcast to how different metrics can be applied to different groups so each can improve their performance over time. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/04/CISOCOMPASS_Edward_Marchewka_Article.pdf Marchewka, E. 2019. Security Metrics to Measure Program Effectiveness. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 167. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald Show Notes: https://securityweekly.com/csp14 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/
Hopefully you won't have to hire a lawyer to defend yourself against a government regulator. What happens when the Federal Trade Commission or other powerful body accuses your company of wrongdoing which you do not feel you were responsible for? Join this podcast and hear how the owner of a small company decided to take on the FTC and how he went about choosing a lawyer. The answers will surprise you and provide some useful tips for choosing a lawyer. Show Notes: https://securityweekly.com/csp12 To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/02/CISOSTORIES_MichaelJDaugherty_CCExtract.pdf Daugherty, M. 2019. Finding the Right Lawyer to Defend Your Company. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 337. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/
Today we are going to take a look at security awareness training programs in organizations. We are joined to day by Kelley Bray and Stephanie Pratt who will help facilitate the discussion. We'll start with the history and evolution of security awareness programs; what has worked, or more precisely what hasn't worked. We'll also touch on how most security awareness programs stem from compliance requirements but could be doing so much more. We continue the discussion about the importance of effective security awareness programs and what that would actually look like. We'll also examine how to move beyond "bare minimum" check-box mentality about meeting security awareness training requirements and imagine building a culture of security aware employees in the organization. Show Notes: https://securityweekly.com/scw69 The "Breaking Security Awareness" webinar: https://www.livingsecurity.com/webinar-series-from-compliance-to-culture Visit https://www.securityweekly.com/scw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, Lennart Koopmann, the CTO of Graylog, Inc, joins us for an interview to talk about Nzyme, a Free and Open WiFi Defense System. Then, Dutch Schwartz, Principal Security Specialist at Amazon Web Services, joins us for a discussion on the Lessons Learned When Migrating from On Prem to Cloud! In the Security News, Polish blogger sued after revealing security issue in encrypted messenger, The Facebook dump and Have I Been Pwned, Child tweets gibberish from a highly sensitive Twitter account, LinkedIn and more_eggs, APTs targeting Fortinet, SAP Applications Are Under Active Attack again, Is your dishwasher trying to kill you?, Ubiquiti All But Confirms Breach Response Iniquity, Cyber Threat Analysis, 11 Useful Security Tips for AWS and other stuff too, Signal Adds Cryptocurrency Support and Not everyone is a fan, Zoom 0-click exploit, when firmware attacks, attackers blowing up Discord! Register for Joff's Fun Regular Expressions class here: https://bit.ly/JoffReLife Show Notes: https://securityweekly.com/psw690 Segment Resources: https://www.nzyme.org/ Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Less than 15% of enterprise customers are primarily cloud native. With so many companies still in early stages of cloud migration, what are the key lessons learned from early adopters as well as digitally native companies? What are common mistakes and how can one avoid them? Register for Joff's Fun Regular Expressions class here: https://bit.ly/JoffReLife Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw690
This week in the Enterprise News, Cyble raises $4M, ThreatQuotient raises $22.5M, OneTrust acquires Convercent, Digital Shadows announces new threat intelligence capabilities, Rapid7 Announces Kubernetes Open Beta in InsightVM, LogRhythm Releases Version 7.7, Imperva unveils new data security platform built for cloud, Acronis releases a new version of Acronis Cyber Protect Cloud, Minerva Labs Launches Cloud Version of its Endpoint Threat Prevention Platform, What's Behind the Surge in Cybersecurity Unicorns? Cisco Umbrella unlocks the power of SASE and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw223
Never in history has the cyber defender had access to so many technologies and tools to defend our companies. This has created the “Fog of More”, making the choices difficult to manage. Join the former 35-year NSA software vulnerability analyst and executive manager, and innovator of community-based controls sharing, as he discusses how the CIS controls can be used effectively to manage our environments. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/02/CISOSTORIES_TonySager_CCExtract.pdf Sager, T.. 2019. Jumpstarting Controls Prioritization Within a Control Framework. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 246. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald Show Notes: https://securityweekly.com/csp11 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/
npm netmask library has a critical bug, when AI attacks, firmware attacks on the rise, Microsoft Hololens and order 66, a real executive order 13694, The Ubiquity breach saga, the FreeBSD and wireguard saga, is the cloud more secure? Hopefully for PHP it is, software updates limit muscle car to 3 HP, a brand new Windows 95 easter egg just in time for, well, easter, and aging wine in space, does it make a difference? Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw689
This week, Nick Percoco, Chief Security Officer at Kraken, joins us for an interview to discuss The Intersection of Cybersecurity and Cryptocurrency. Robert Lemos, Cybersecurity and Data Journalist, joins us for a discussion on Cybersecurity and Journalism! In the Security News, npm netmask library has a critical bug, when AI attacks, firmware attacks on the rise, Microsoft Hololens and order 66, a real executive order 13694, The Ubiquity breach saga, the FreeBSD and wireguard saga, is the cloud more secure? Hopefully for PHP it is, software updates limit muscle car to 3 HP, a brand new Windows 95 easter egg just in time for, well, easter, and aging wine in space, does it make a difference? Show Notes: https://securityweekly.com/psw689 https://www.kraken.com/en-us/features/security/kraken-security-labs https://blog.kraken.com/security-labs/ Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/psw for all the latest episodes!
Paul, and the rest of the PSW Hosts, will talk to Robert about how he got his start in InfoSec. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw689
Petri Kuivala, CISO at NXP Semiconductors, recounts his journey from municipal police officer to cybercrimes unit investigator to Chief Information Security Officer during the early days when security was largely an afterthought. Show Notes: https://securityweekly.com/csp10 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/
The information and cybersecurity industry have no shortage of regulations and many organizations run down the listing of requirements, load them into an excel spreadsheet to demonstrate compliance. Is compliance the same as security? Join this podcast for an analogy of why compliance is not security and how we can change our organization's orientation to increasing security. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/02/CISOSTORIES_LeeParrish_CCExtract.pdf Parrish, L. 2019. The Colonoscopy of Cybersecurity. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 15. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald Show Notes: https://securityweekly.com/csp9 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/
Mauro Israel, CISO at ORPEA Group, discusses his colorful background and how he - like so many others in the security field - came to discover his true calling late in life but was able to apply his wide range of knowledge and experience to the role of CISO in the healthcare field. Show Notes: https://securityweekly.com/csp8 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/
Information security departments are often challenged to come up with “ROI” or Return on Investment for the information security initiatives. Why should the information security department be any different? Join this podcast and learn why calculating an ROI may not be necessary and how reducing risk has different considerations. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/02/CISOCOMPASS_PaulHypki.pdf Hypki, P. 2019. Where's the ROI? In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 83. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/
The CISO role in some organizations is relatively new. The CISO role has actually evolved over the past 25 years since Citibank named the first CISO. Join this podcast to learn how Steve navigated the early days of security and the changes in the role today. To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/02/CISOSTORIES_SteveKatz_CCExtract.pdf Katz, S. 2019. Interview with the First CISO. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 8. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/
The CyberPHIx Roundup is your quick source for keeping up with the latest cybersecurity news, trends and industry leading practices, specifically for the healthcare industry. In this episode, our host Brian Selfridge highlights the following topics trending in healthcare cybersecurity this week: HIPAA exceptions for COVID-19 for telehealth, first responders, patient consent, NPPs, and more Zoom videoconferencing security updates and recommendations Maintaining continuity for the Information Security program in a crisis including implications for risk assessments, compliance, managed services, team management, incident response, security certifications, and more