POPULARITY
Cybersecurity lingo can be overwhelming, but once you get the hang of the essentials, staying secure becomes much easier.In this episode, host Jara Rowe sits down with Marie Joseph, Senior Security Advisor at Trava, to break down key terms like vCISO, PII, and cybersecurity maturity models. They also differentiate between terms like hacker vs. threat actor and firewall vs. antivirus by highlighting the nuances that matter most. Plus, Marie reveals why continuous compliance is crucial, and how concepts like attack surface and risk tolerance fit into the bigger picture of your security strategy.Key takeaways:Essential cybersecurity terms and definitions: vCISO, PII, and more The importance of understanding and managing your attack surfaceWhy cybersecurity compliance can't be a one-time effortEpisode highlights:(00:00) Today's topic: Understanding cybersecurity terms(01:47) What is a vCISO, and why it benefits small businesses(02:54) Definition of PII, BCP, SIEM, DevSecOps, and BCRA (08:40) Hackers vs. threat actors Explained(10:28) Why businesses need an antivirus and a firewall(13:37) Patch management and cybersecurity attack surfaces(16:04) Continuous cybersecurity compliance(21:27) Recapping cybersecurity essentialsConnect with the host:Jara Rowe's LinkedIn - @jararoweConnect with the guest:Marie Joseph's LinkedIn - @marie-joseph-a81394143Connect with Trava:Website - www.travasecurity.comBlog - www.travasecurity.com/learn-with-trava/blogLinkedIn - @travasecurityYouTube - @travasecurity
Aplicativo de comunicação instantânea mais popular do mundo, o WhatsApp também é alvo de golpistas e pessoas más intencionadas. Um dos golpes que é comum de ser aplicado é o Trava-Zap, um ataque cibernético que trava completamente o dispositivo apenas com o envio de uma mensagem. Nesta edição de CBN e a Tecnologia, o comentarista Gilberto Sudré fala do assunto.
Bom dia! Esse episódio é um oferecimento de ADEMICON e TOTALPASSMUNDO: Justiça francesa tira Marine Le Pen da corrida presidencialBRASIL: Governo trava fiscalização da Usina de Itaipu TENDÊNCIA: Boysober: A tendência que faz as mulheres fugirem dos homensNEGÓCIOS: A estratégia por trás do banco que vende mais Iphones que a AppleECONOMIA: Tour pelas principais manchetes
A Primeira Turma do Supremo Tribunal Federal rejeitou todos os recursos da defesa do ex-presidente Jair Bolsonaro (PL) durante o julgamento da denúncia da Procuradoria-Geral da República. A analista de Economia da CNN Thais Herédia, o diretor da CNN em Brasília, Daniel Rittner, e Oscar Vilhena Vieira, professor de Direito da FGV-SP, comentam o assunto.
Edição de 20 Março 2025
A pauta segue praticamente travada mesmo depois de mais de um mês do novo comando no Congresso Nacional. A única grande votação nesta semana foi a que definiu as regras para a execução de emendas parlamentares. A analista de Política da CNN Jussara Soares e Leonardo Barreto, sócio da consultoria Think Policy, comentam o assunto.
Para fazer parte do CDS e começar hoje mesmo a ser uma mulher mais confiante, corajosa, livre e realizada, fala com o nosso suporte. Já sentiste medo de publicar algo e ser criticada? Mesmo quando esse algo é relevante para o teu crescimento pessoal e profissional? Tenho certeza que a tua resposta é sim. Por isso, hoje vamos falar sobre como superar o peso dos julgamentos.Acompanha-nos no instagram:Instagram do podcast: @sonharsemlimitespodcastInstagram da host: @edulanycardoso
No podcast ‘Notícia No Seu Tempo’, confira em áudio as principais notícias da edição impressa do jornal ‘O Estado de S.Paulo’ desta sexta-feira (20/12/2024): A Proposta de Emenda à Constituição que inclui o pacote de contenção de gastos proposto pelo governo foi aprovada pela Câmara com mudanças no abono salarial e no Fundo de Manutenção e Desenvolvimento da Educação Básica (Fundeb). Também foi aberto caminho para votação de projeto que limita os supersalários no funcionalismo público. As propostas para barrar os supersalários, porém, foram esvaziadas em relação ao que propunha a equipe econômica. O governo estima que os três projetos incluídos no pacote (além da PEC, existem mais dois projetos de lei) vão gerar economia de R$ 71,9 bilhões em dois anos, mas especialistas preveem um ganho menor, da ordem de R$ 40 bilhões a R$ 50 bilhões. O valor só será conhecido após a tramitação. O texto seguiu para o Senado. E mais: Economia: Dólar cai 2,27% e fecha a R$ 6,12 após intervenção recorde do BC Política: Lula aborta saída de Múcio da Defesa, mas Alckmin já é cotado para a pasta Metrópole: Prefeitura libera festival no Allianz Park; Câmara de SP pode mudar Psiu Internacional: Decisão histórica condena marido que tramou estupros da mulher na França Caderno 2: Vencedor do Oscar, Barry Jenkins dirige ‘Mufasa: O Rei Leão’, usando técnica que torna mais real a aparência dos animaisSee omnystudio.com/listener for privacy information.
Sessão de Enroscos, por Paula Quintão Especial Dinheiro e Trabalho
Tormenta Solar + Lua Minguante
Na tokratnem zasedanju Tajnega društva OFC je bilo govora o rutinski zmagi proti Radomljam, kruti usodi stoženske travnate površine, naših reprezentantih, kazni s strani Uefe in njeni nenavadni interpretaciji rasizma. Na koncu pa še o zapletenem primeru, ki ga bo moral raziskati inšpektor Steve Bruce.
Emissão Vespertina Fim de Semana - Voz da América. Subscreva o serviço de Podcast da Voz da América
Ao sábado discutimos em profundidade um assunto em debate em Angola durante a semana, revimos as melhores reportagens da semana. E as notícias do dia. Horário: Sáb-Dom Hora UTC: 1700 Duração: 60 min
A fresh episode of The Sprina Sessions is live for your listening pleasure! Join Keila, Jasmine, and extra special guest co-host Tiffany as they recap the week for Spencer and Trina on General Hospital. The Rundown Includes: The power of campaigning, Trina checks Joss, Ava keeps it 100 with Trina, Jason drags Anna, and Molly ethers Kristina at Baby Irene's Memorial Service. The show wraps with Sprina Speculations for the week ahead and the Song Picks of the Week. Enjoy!Sprina Sessions Playlist Song SelectionsEverybody Breaks A Glass - LightsWhat About Your Friends - TLCFollow Keila on X: https://x.com/LadyWrestlingXFollow Jasmine on X: https://x.com/twin_fangirlFollow Tiffany on X: https://x.com/ReadingRN1
A fresh episode of The Sprina Sessions is live for your listening pleasure! Join Keila and Jasmine as they recap the week for Spencer and Trina on General Hospital. The Rundown Includes: The Pikeman Storyline ends on a sour note, Trina gets an eyeful of Jagger in his towel, Kristina yeets herself out of Ava's hotel window, and Trina's faith in Ava is shaken. The show wraps with Sprina Speculations for the week ahead and the Song Picks of the Week. Enjoy! Sprina Sessions Playlist Song SelectionsI'm Always Here - Jimi JamisonTrust In Me - Joe Cocker f/ Sass JordanFollow Keila on X: https://x.com/ladywrestlingxFollow Jasmine on X: https://x.com/twin_fangirl
We apologize for the lack of info, but Soundcloud's description limitations have our hands tied. Also, better late than never on this Podcast Episode
00:00 Reforma Tributária: Brasil deve ter maior IVA do mundo 00:31 Lista dos países com maior imposto sobre consumo do mundo 00:50 Quanto será a alíquota do IVA no Brasil 01:28 Trava da Reforma Tributária 03:08 Problema empurrado com a barriga até 2033 04:27 Estamos indo sem atalhos para o abismo 04:53 A dura realidade sobre a Reforma Tributária 06:07 Conclusão sobre a Reforma Tributária
No podcast ‘Notícia No Seu Tempo', confira em áudio as principais notícias da edição impressa do jornal ‘O Estado de S.Paulo' desta quinta-feira, (11/07/2024): O texto-base da regulamentação da reforma tributária foi aprovado ontem pela Câmara. A proposta estabelece uma trava para a alíquota do novo Imposto sobre Valor Agregado (IVA), que não deverá ultrapassar 26,5%, e amplia a cesta básica com imposto zero – deixando, porém, as carnes fora da lista de produtos isentos. Pivô dos principais embates no Congresso nos últimos dias, a demanda pela isenção das proteínas animais, defendida pelo setor de alimentos, pela bancada do agronegócio e pelo próprio presidente Luiz Inácio Lula da Silva, será analisada por meio de um destaque (sugestão de mudança ao texto principal) do PL, que lidera a oposição. Os deputados continuavam reunidos ontem à noite para concluir a votação. Encerrada a votação dos destaques, o texto segue para análise do Senado. E mais: Política: Ofícios mostram ‘rateio' irregular de emendas de bancada no Congresso Economia: Anotações mostram que ex-CEO ‘acompanhava' fraudes ‘de perto', diz PF Metrópole: Prédio da Boate Kiss começa a ser demolido Internacional: Aliados da Otan enviam primeiros caças F-16 para guerra na Ucrânia Esportes: Argentino Ramón Díaz é confirmado como técnicoSee omnystudio.com/listener for privacy information.
"Multi-factor authentication? You better get it today. Don't wait till tomorrow." – Jim GoldmanWe talk a lot about SaaS companies in this show, but today, we're bringing you something a little different. Jim Goldman, CEO of Trava and one of our favorite cybersecurity experts, joins host Jara Rowe to discuss the complexities of cybersecurity across healthcare and banking, including their unique challenges and regulatory requirements.Jim discussed how healthcare organizations navigate a web of medical providers, claims processors, and pharmacies while adhering to the stringent HIPAA regulations. He also discusses how banking and finance sectors have long led the way in cybersecurity, thanks to rigorous compliance standards meant to protect both consumer data and financial integrity. He offers compelling analyses and real-world examples, like how a simple multi-factor authentication (MFA) oversight can lead to billion-dollar repercussions.In this episode, you'll learn:How the banking and healthcare industries keep our sensitive information safe and how it all comes back to those pesky (yet essential!) regulationsThe importance of regulations like HIPAA and how they help guard this vast data network and ensure your health information stays secureYet another reason why Multi-Factor Authentication (MFA) is a cybersecurity must-haveJump into the conversation: [00:00 - 00:46] Introduction to cybersecurity beyond SaaS and Jim Goldman[00:47 - 02:58] How cybersecurity differs in Healthcare and Banking vs. SaaS[02:58 - 05:41] The most pressing cybersecurity threats facing healthcare organizations today[05:41 - 08:25] How healthcare institutions are adapting their cybersecurity to ensure data integrity[09:17 - 13:00] Key cybersecurity risks in banking and finance and how they are mitigating these risks[13:01 - 14:33] What is GDPR? [14:34 - 15:11] What is PCI DDS?[15:11 - 16:11] How financial institutions prioritize cybersecurity initiatives to maintain compliance[16:45 - 19:48] Jara's receiptsConnect with the Guest:Jim Golman's LinkedInConnect with the host:Jara Rowe's LinkedInConnect with Trava:Website www.travasecurity.comBlog www.travasecurity.com/blogLinkedIn @travasecurityYouTube @travasecurity
"Every business today runs on technology. Every business is a technology business. Right? Even a taco cart uses a little payment thing that you swipe your card in to do that." - Michael MagyarMichael Magyar, a seasoned cybersecurity expert with a decade of experience, joins host Jara Rowe on this episode of The Tea on Cybersecurity to give us the tea on third-party risks. As a penetration tester and a virtual Chief Information Security Officer (vCISO) with Trava, Michael brings unparalleled insight into the challenges and solutions surrounding vendor security. Michael and Jara discuss the complex subject of third-party risks and why every business, big or small, needs to be cautious about their vendors' security practices. From identifying potential risks to evaluating security measures, Michael offers essential steps businesses should take if a vendor experiences a security incident, stressing the importance of containment, breach notification, and calling in the right experts for help.Key Takeaways:Third-Party risks are everywhere and to understand where these gaps could be, think about a vendor or third-party as “outsourced staff”What to look out for when working with any vendor or third - party, namely Public Statements of SecurityHow to handle a situation if a vendor or third-party of yours is breachedTimestamps:[00:00 - 01:24] Introducing Identifying Third-Party Vendor Risks with Michael Magyar, Trava[01:25 - 02:36] Expanding understanding of vendors and third parties[03:59 - 05:25] Real-world examples of third-party risks - SolarWinds in 2020 and XZ Utils in 2024[02:36 - 03:59] How to identify risks associated with vendors and third parties[05:25 - 07:53] Red flags to look out for, plus Microsoft breach [07:54 - 09:16] Penetration testing and third-party security[09:16 - 11:19] Other ways that businesses can help evaluate the security practices of a third-party[11:19 - 12:54] Key cybersecurity measures to look for when working with a vendor[12:54 - 13:40] Why it's essential for businesses to regularly check in on their external partners' cybersecurity efforts[13:41 - 15:42] Cybersecurity steps my company needs to take when signing on with a new vendor[16:41 - 20:02] Jara's ReceiptsConnect with the Guest:Michael Magyar's LinkedInConnect with the host:Jara Rowe's LinkedInConnect with Trava:Website www.travasecurity.comBlog www.travasecurity.com/blogLinkedIn @travasecurityYouTube @travasecurity
No Fórum Onze e Meia de hoje: Julgamento do senador Jorge Seif (PL-SC) no TSE prossegue hoje. É um ensaio para a cassação de Moro. Participam do programa a professora Ivana Bentes e o jornalista Rogério Thomaz. Apresentação de Cynara Menezes e Felipe Pena.Become a supporter of this podcast: https://www.spreaker.com/podcast/forum-onze-e-meia--5958149/support.
“Especially if this is the first time an organization is creating a plan like this, the focus should really be working on it piece by piece to not be overwhelmed. So, start outsmall. What are the designated roles and responsibilities that you have? Then, determine how the plan can best fit your needs. This can be done by assessing what types of incidents are most detrimental to your organization.” - Christina AnnechinoHost Jara Rowe and guest Christina Annechino delve into incident response plans and tabletop exercises in this week's episode. We'll identify common challenges with developing incident response plans and the ins and outs of tabletop exercises. Gain tips on forming an incident response plan and insight into the documentation and testing requirements and compliance standards such as NIST, SOC 2, PCI DSS, and ISO 27001. We provide a comprehensive understanding of the critical elements and processes involved in incident response planning, compliance, and tabletop exercises.In this episode, you'll learn: What defines an incident, and what to include in an incident response plan to be prepared and compliant. Why tabletop exercises are essential for identifying any gaps in the documented processes and procedures and preparing teams for emergencies.How incident response plans and tabletop exercises are crucial in compliance readiness and maintaining security certifications. Things to listen for:[01:58 - 02:40] Definition of an incident and incident response plan[03:55 - 04:34] Tips for creating an incident response plan[04:51 - 05:25] The role of incident response plans in overall risk management[05:33 - 06:00] How incident response plan maintain security and annual certifications[06:21 - 07:05] Definition of a tabletop exercise and its role in incident response plans[07:10 - 08:18] How often to conduct tabletop exercises and their challenges and benefits[08:34 - 09:19] Addressing compliance-related aspects through tabletop exercises[09:30 - 09:59] Compliance standards and the importance of testing incident response capabilities[10:06 - 10:36] Demonstrating a functional incident response plan during compliance audits[10:47 - 10:56] Structure of documentation for incident response plans and tabletop exercises[11:07 - 11:43] Tips on creating an incident response plan and the purpose of tabletop exercises[12:1 - 15:15] Jara's receiptsResources:Data Security 101: Decoding Incidents and BreachesData Breach Preparedness: Developing an Incident Response Plan7 Tips for Talking to Your Customers After Getting HackedConnect with the Guest:Christina Annechino's LinkedInConnect with the host:Jara Rowe's LinkedInConnect with Trava:Website www.travasecurity.com Blog www.travasecurity.com/blogLinkedIn @travasecurityYouTube @travasecurity
O historiador Bruno Cardoso Reis comenta o pedido de adesão da Palestina às Nações Unidas, e as declarações do secretário-geral da ONU sobre a falta de ajuda humanitária em Gaza.See omnystudio.com/listener for privacy information.
“Keeping the inventory up to date, make sure that you have all possible points of entry covered and accounted for, similar to a building. When people try to put safeguards for a building, you're doing it, but just like on a network that you can't really physically see if you're missing an asset, that is a hole for an attacker to get into, and we do not want to give them easy access to things for sure.” - Marie JosephThis episode's conversation covers the basics of asset inventories and asset management with host Jara Rowe and guest Marie Joseph, Senior Security Solutions Engineer at Trava. We discuss the categories of assets and the challenges of establishing a comprehensive asset inventory.Hear how tracking and managing hardware and software within an organization is necessary for cybersecurity compliance. We dissect the impact of Bring Your Own Device (BYOD) policies on asset management, the concept of shadow IT, and the role of automated tools and technologies in asset management tasks.In this episode, you'll learn: Why asset inventories are a crucial part of cybersecurity and compliance and the challenges of continuous upkeep.How “Bring Your Own Device” (BYOD) policies help and hinder operations, including cybersecurity risk levels.Why most compliance frameworks require companies to maintain different types of inventories to ensure that security and privacy measures are in place and monitored to meet regulatory requirements. Things to listen for:[00:00 - 00:18] Intro to The Tea on Cybersecurity[00:48 - 02:44] The definition of asset inventory and asset management[04:06 - 04:34] Maintaining an accurate software inventory for compliance with licensing agreements[04:34 - 05:51] Common challenges with establishing a complete asset inventory[07:42 - 09:27] Explanation of shadow IT, traditional asset management, and cybersecurity efforts[09:34 - 10:29] How asset management contributes to maintaining compliance.[12:04 - 13:30] Using automated tools in asset management tasks for continuous compliance[13:48 - 14:55] The importance of tracking all devices connected to a network[15:23 - 17:48] Jara's receiptsResources:From Bonnie and Clyde to Hackers: Taking the First Step to Protecting Your Digital AssetsRegular Software Updates and Patching: The Importance of Staying on Top of ThisConnect with the Guest:Marie Joseph's LinkedInConnect with the host:Jara Rowe's LinkedInConnect with Trava:Website www.travasecurity.com Blog www.travasecurity.com/blogLinkedIn @travasecurityYouTube @travasecurity
“Not only do we need to understand what risks might exist, but we need to understand what impact that might have. That goes into both the chance that they're going to happen and the chance that they're going to be successful in creating damage, and then also the likely damage that's going to happen from them.” - Michael MagyarOn this week's episode, host Jara Rowe gets the tea on risk management with Trava's vCISO consultant, Michael Magyar. Hear what risk management is, how it differs from crisis management, and what considerations fall under each to maintain compliance. This episode serves as a comprehensive guide for listeners looking to gain a better understanding of risk management, compliance, and general cybersecurity practices. Michael encourages a proactive approach to risk assessment and management to enhance organizational cybersecurity with actionable advice. What you're learn:Why risk management is proactive and crisis management is reactive, and how to approach both from a preparation standpoint.What components of risk management realistically fall under compliance, and why understanding this helps you mitigate potential risk.How to start small with risk assessment to identify possible risks and how they might impact your business to build a foundation for effective risk management and cybersecurity practices. Things to listen for:[02:57 - 03:28] Explanation of risk as exposure to danger, harm, or loss[05:45 - 06:53] The importance of risk management for businesses[06:59 - 07:54] Comparison of risk management and crisis management[08:14 - 10:00] Key components of being proactive in cybersecurity[10:07 - 12:27] The role of risk management in compliance efforts[12:37 - 14:38] Challenges and tips in aligning risk management with compliance standards[15:17 - 17:47] Michael's advice for organizations and general cybersecurity[17:55 - 20:32] Jara's receiptsResources:How to Choose the Right Cyber Risk Management Solution ProviderWhat is Risk Management?Connect with the host:Jara Rowe's LinkedInConnect with Trava:Website www.travasecurity.com Blog www.travasecurity.com/blogLinkedIn @travasecurityYouTube @travasecurity
Hablamos con la creadora del Librero de Valentina Trava, para conocer la historia detrás de una de las figuras más influyentes en Youtube como « Booktuber », uno de los fenómenos literarios que tanto atrae a los lectores. Hablamos sobre su oficio, sobre cómo se contagia este amor a los libros, sobre la experiencia de los clubes de lectura, su relación con tantos lectores, y claro, sobre sus libros recomendados
“Find a compliance platform, it'll make life a lot easier. Then I would develop the policies and procedures, if you don't already have those, and then collect evidence to justify, to prove everything you're doing that's in the framework. It's going to be important for audits and just internal or external audits.” - Scott SchlimmerIn this episode, host Jara Rowe is once again joined by cyber risk specialist Scott Schlimmer with a deep dive into the world of compliance frameworks and certifications. Listen as we explain the challenges of compliance and non-compliance with certification programs in cybersecurity. Learn which regulated industries must follow specific frameworks and how noncompliance can affect business opportunities and your bottom line. We also unravel Fedramp, CMMC, CCPA, and CPRA, offering a clearer understanding of their cybersecurity roles. In this episode, you'll learn:How to follow a compliance framework without having the certification, though having the certification can demonstrate to partners and customers that your organization has strong cybersecurity measures.The significance of certifications and the value of the NIST framework as a reliable source for general cybersecurity best practices.What the legal and financial consequences of noncompliance for different industries may be, such as failing to follow frameworks like Fedramp or CMMC when working with the government. Things to listen for:[00:47 - 01:27] The relationship between compliance frameworks and certification programs[01:27 - 02:54] The difference between regulated and non-regulated industries[02:54 - 04:40] Explanation of the NIST framework and insights into other compliance acronyms[04:40 - 08:59] Multiple compliance frameworks, compliance audits, and non-compliance issues[08:59 - 10:54] Improving cybersecurity posture, security assessment, and maturity models[10:54 - 13:56] Preparation for compliance audits and the importance of a compliance platform[13:56 - 14:31] How to become compliant or get certified and reasons for external assistance[14:38 - 17:20] Jara's receiptsResources:Cracking the Code: Understanding Cybersecurity Compliance FrameworksWhat is the NIST Framework?Conquer Compliance Jargon: Download the Free Cybersecurity Compliance GlossaryConnect with the Guest:Scott Schlimmer's LinkedInConnect with the host:Jara Rowe's LinkedInConnect with Trava:Website www.travasecurity.com Blog www.travasecurity.com/blogLinkedIn @travasecurityYouTube @travasecurity
Tengo como invitado a Oso Trava, conductor de Cracks, uno de los podcasts de negocios más escuchados de Latinoamérica, con más de 25 millones de descargas.Pero Cracks ya no es solo un podcast, sino un ecosistema de negocios en torno a su audiencia, que incluye una empresa de educación, una comunidad de empresarios y el Cracks Fund, un fondo de inversión en startups.Antes de Cracks, Oso fue fundador de Instafit, una plataforma de fitness que levantó cerca de 1 millón de dólares, pero eventualmente se dio cuenta de que no era una negocio compatible con el modelo del venture capital.-Este episodio es presentado por Zendesk, la plataforma en la que confían miles de startups y empresas globales como Slack, Shopify y Airbnb para gestionar su atención al cliente. Prueba Zendesk completamente gratis por 6 meses registrándote en: https://bit.ly/3SqKvCV-Hoy Oso y yo conversamos: •De su decisión de dejar el camino del venture capital como emprendedor •Del riesgo de poner toda tu identidad en tu empresa cuando la probabilidad de fracasar es tan alta •De cómo evaluar el potencial y carácter de un emprendedor, basado en sus más de 250 entrevistas •Y de por qué decidió levantar un fondo de venture capital Por favor ayúdame dejando una reseña en Spotify o Apple Podcasts: https://ratethispodcast.com/startupeableNotas del episodio: https://startupeable.com/baubap/Para más contenido síguenos en:YouTube | Sitio Web -Este episodio es presentado por Zendesk, la plataforma en la que confían miles de startups y empresas globales como Slack, Shopify y Airbnb para gestionar su atención al cliente.Gracias a la plataforma omnicanal de Zendesk que integra todos tus canales de comunicación en un solo lugar, puedes gestionar tickets, ofrecer un gran experiencia, aumentar tus ventas, pero sobre todo construir relaciones cercanas con tus clientes.Como beneficio exclusivo por escuchar Startupeable, prueba el CRM de Zendesk completamente gratis por 6 meses registrándote en: https://bit.ly/3SqKvCV
“It's hard to have privacy without security and to have effective security that requires strong protection of personal identifiable information, or PII. So security, privacy, and compliance really must go hand in hand. If one is prioritized over the other, it can have an adverse effect.” - Christina AnnechinoOn this episode, we welcome back both Christina Annechino and Marie Joseph to bring us back to a little more 101 on Cybersecurity. With host Jara Rowe, the team breaks down terms and buzzwords that you need to know to keep you and your company's data safe. Find out the difference between a breach and an incident, the nuances of security, privacy, and compliance, and gain insights into the crucial importance of cyber hygiene. We'll also explore the key differences between data security and data protection, understanding acronyms like GDPR, CCPA, HIPAA, and PIPEDA, and grasping the significance of maintaining asset inventories.In this episode, you'll learn: The difference between a breach, when a threat actor gains unauthorized access, and an incident, where data is compromised, is crucial for proactive security measures.Understand frameworks vs. standards: Frameworks provide an overview of requirements for compliance and certification, while standards outline specific criteria that must be met, forming the foundation of cybersecurity best practices.The importance of cyber hygiene or the tools, processes, and policies you need to maintain a strong security posture, enabling constant improvement in cybersecurity health within organizations.Things to listen for:[00:24 - 02:47] Introduction to episode and compliance series[02:57 - 04:25] The difference between security and privacy and compliance[04:28 - 06:08] The challenges in balancing security, privacy and compliance[06:26 - 07:24] The difference between risk and control[07:31 - 09:46] The difference between a breach and an incident[09:58 - 11:03] The difference between data security and protection[11:03 - 12:18] The most common data protection regulations[12:31 - 13:10] The difference between frameworks and standards[13:22 - 14:50] What is RBAC and how it relates to cybersecurity[14:50 - 16:45] The meaning of IoT and maintaining inventory assets[16:50 - 18:00] What does Cyber Hygiene mean[18:01 - 20:37] Jara's receiptsResources:Conquer Compliance Jargon: Download the Free Cybersecurity Compliance GlossaryData Security 101: Decoding Incidents and BreachesSafeguarding Your Connected Devices: A Practical Approach to IoT SecurityConnect with the Guest:Marie Joseph's LinkedInChristina Annechino's LinkedInConnect with the host:Jara Rowe's LinkedInConnect with Trava:Website www.travasecurity.com Blog www.travasecurity.com/blogLinkedIn @travasecurityYouTube @travasecurity
“There's a converging of several forces or several trends going on right now that I think are going to potentially cause significant changes in 2024.”@Jim Goldman, CEO of Trava Security, knows a thing or two about cybersecurity. In this episode, Jim and host @Jara Rowe dive into the latest scoop on what's happening in the world of cybersecurity and compliance and what you need to know to keep your business safe and secure in 2024. They discuss how ransomware is alive and well, and federal governments worldwide are taking a stand, which is great news for us, bad news for the cyber terrorists. They also talk about the changes in the compliance landscape in 2024, with a big focus on changing breach disclosures and cybersecurity risk management. They also filled us in on a very helpful resource – CISA, Cybersecurity and Infrastructure Security Agency – available for all of us to stay up-to-date on compliance. In this episode, you'll learn: Ransomware is a real and growing threat. Learn how federal governments are joining forces to tackle this issue, and discover proactive measures like multifactor authentication to keep your business safe.Compliance equality through new regulations are ensuring that all companies, public and private alike, are held to the same standard for cybersecurity risk management and breach disclosures.How to secure company laptops and contractor access to ensure remote work resilienceThings to listen for:[01:51 -5:14] Overview of Cybersecurity and Compliance Landscape in 2024[5:14 - 6:38] Proactive Measures we can take to mitigate Ransomware attacks[8:34 - 9:58] Cyber Insurance [9:59 - 13:40] Changes in Compliance Frameworks in 2024[16:16 - 19:01] Other threats to be on the lookout in 2024 include work-from-home issues[21:53 - 23:28] How to stay agile and resilient[24:25 - 25:36] Final thoughts from Jim[25:48 - 28:54] Jara's receiptsResources:Unlocking Cybersecurity and Compliance Success in 2024A Global Escalation: Ransomware Threats, Trends, and Solutions for 2024Cybersecurity for Remote Workers: Best Practices for Securing Your Home OfficeISO 27001 Certification: What Is It and Why Does It Matter?Connect with the Guest:Jim Goldman's LinkedInConnect with the host:Jara Rowe's LinkedInConnect with Trava:Website www.travasecurity.com Blog www.travasecurity.com/blogLinkedIn @travasecurityYouTube @travasecurity
Aprenda Inglês com Inamara Arruda - The Fast Mover Audio Experience
Você tem medo de falar em público? Se sente inseguro na hora de expor suas ideias? Trava na hora de falar? Isso acontece com muitas pessoas! Segundo algumas pesquisas, de todos os medos que as pessoas sentem, falar em público ganha em primeiro lugar! Então convidei meu amigo Felipe Suhre para aprendermos a lidar com esse bloqueio na hora de se comunicar! Aproveite bastante esse papo!
Acompanhe O Antagonista no canal do WhatsApp. Boletins diários, conteúdos exclusivos em vídeo... e muito mais. Link do canal: https://whatsapp.com/channel/0029Va2SurQHLHQbI5yJN344 Ser Antagonista é fiscalizar o poder. Aqui você encontra os bastidores do poder e análises exclusivas. Apoie o jornalismo independente assinando O Antagonista | Crusoé: https://hubs.li/Q02b4j8C0 Não fique desatualizado, receba as principais notícias do dia em primeira mão se inscreva na nossa newsletter diária: https://bit.ly/newsletter-oa Leia mais em www.oantagonista.com.br | www.crusoe.com.br
En este capítulo Oso Trava me explicó porqué la famosa “fuerza de voluntad” es nuestra enemiga, porqué el fracaso y el éxito van de la mano, porqué cuando intentamos complacer expectativas ajenas la terminamos regando, cómo desestancarnos después de un intento fallido de lograr nuestras metas, cuáles son los hábitos que te alejan del éxito y de qué manera construir un sistema coherente y eficiente para llegar a nuestro objetivo más profundo. ¡Cuéntame qué opinas de este capítulo en @lamagiadelcaos! Learn more about your ad choices. Visit megaphone.fm/adchoices
En este capítulo Oso Trava me explicó porqué la famosa “fuerza de voluntad” es nuestra enemiga, porqué el fracaso y el éxito van de la mano, porqué cuando intentamos complacer expectativas ajenas la terminamos regando, cómo desestancarnos después de un intento fallido de lograr nuestras metas, cuáles son los hábitos que te alejan del éxito y de qué manera construir un sistema coherente y eficiente para llegar a nuestro objetivo más profundo. ¡Cuéntame qué opinas de este capítulo en @lamagiadelcaos! Learn more about your ad choices. Visit megaphone.fm/adchoices
See omnystudio.com/listener for privacy information.
AUTONIMIA TOTAL PARA TITE | FLAMENGO TRAVA RENOVAÇÕES DE BRUNO HENRIQUE E EVERTON RIBEIRO by colunadofla.com
Muchos hemos escuchado o visto a nuestro invitado de hoy. Oso Trava ha explorado muchas versiones de sí mismo a lo largo de su camino. Le gusta conquistar, lograr, aprender y retarse constantemente. Además de ingeniero, emprendedor, youtuber, podcastero y -más recientemente- inversionista en Shark Tank ; Oso es amigo, papá, esposo y un intenso preguntón que se ha permitido reinventarse una y otra vez. Creyente de la capacidad que tenemos todos de mejorar cada día y de que la clave para poder disfrutar de lo cotidiano es el agradecimiento.En este episodio Oso nos abre una puerta al detrás de escenas de el “crack” para mostrarnos el valor de aceptar nuestros defectos y utilizarlos para crecer, convencido de que tenemos una capacidad innata de reinventarnos y que no tenemos que seguir siendo algo que no queremos ser.
Uno de los tiburones de Shark Tank visitó al rincón, ¡Qué platica tan enriquecedora!Productividad, familia, liderazgo y otros temas hablamos con Oso, un gran ser humano. Disfruta de este episodio hasta el final Síguenos en nuestros canales:https://www.instagram.com/elrincondeloserrores/https://www.tiktok.com/@elrincondeloserrores Si quieres navegar por el rincón en un solo lugar, visita nuestra webhttps://elrincondeloserrores.com/
"Whenever you have a piece of software that has an obligation to perform a duty, like a SaaS company, the intersection of cyber insurance and professional liability is crucial. It's important to transfer the risk with a comprehensive cyber insurance policy to protect against both code failures and potential cyber breaches."In the latest episode of The Tea on Cybersecurity, @Jara Rowe chats with @Ryan Dunn, Director of Insurance at Trava, to discuss the importance of cyber insurance as it relates to SaaS companies.Businesses heavily rely on their digital infrastructure to conduct operations, making them vulnerable to cyber attacks and breaches. This is where cyber insurance comes into play… Cyber insurance helps cover the costs associated with incident response, data recovery, legal fees, notification and credit monitoring services for affected individuals, and potential lawsuits. In today's digital age, where cyber threats are becoming increasingly common and sophisticated, having cyber insurance can help businesses mitigate the financial impact of a cyber incident and recover more quickly. Ryan breaks this all down in this episode of the Tea on Cyber Security by explaining exactly why cyber insurance is a necessity, the reasoning for why the relationship between a strong cybersecurity posture and insurance premiums is currently a challenge in the cyber insurance industry, and the key factors insurance companies should pay close attention to when it comes to assessing cyber risk of their company.This is an episode filled with information you don't want to miss out on. Listen to hear the tea on cyber insurance.What you'll learn in this episode:The importance of cyber insurance for SaaS companies and why all businesses should consider procuring it.How insurance companies assess the cyber risk of a SaaS company, including factors like master service agreements, MFA (multi-factor authentication), EDR (endpoint detection response), CVE vulnerabilities, and web app data scans.The impact of a strong cybersecurity posture on insurance premiums and the ongoing challenge of finding ways to reward companies for investing in their cybersecurity stack.Things to listen for:[03:41] SAS policy and cyber breach liability, MFA and EDR requirements for insurance, and CVE vulnerabilities and vulnerability management.[08:55] Cyber insurance frustrations: uncertain path to savings.[11:50] Limited information hampers SaaS purchasing behavior.[17:27] Continuous cybersecurity is a shared industry belief. Trava is a big supporter. Agents should check cybersecurity and deploy Atrava platform. Quarterly checks and monthly scans recommended.[21:34] Key cyber insurance policies for SaaS companies.[23:15] Essential coverage for small companies: email, ransomware, business interruption.Connect with the Guest:Ryan Dunn's LinkedInConnect with the host:Jara Rowe's LinkedInConnect with Trava:Website www.travasecurity.com Blog www.travasecurity.com/blogLinkedIn @travasecurityYouTube @travasecurity
See omnystudio.com/listener for privacy information.
"It's easier to protect your company's assets when you know exactly what your security posture looks like and where your problems are."In the latest episode of The Tea on Cybersecurity, @Jara Rowe chats with @Christina Annechino, Cybersecurity Analyst at Trava, to delve into the world of penetration testing or “pen Testing” and its significance in the realm of cybersecurity.Pen Testing involves carrying out controlled attacks that mimic real-world scenarios, allowing businesses to identify weaknesses before hackers can exploit them. This process enables companies to evaluate their security measures and implement more robust practices. Christina breaks down the various types of Pen Tests, including network, web application, and internal Pen Testing. She walks us through the different stages of a Pen Test, starting at reconnaissance through covering tracks and reporting,while highlighting the crucial role played by Pen Testers in uncovering vulnerabilities and offering strategies for remediation. Listen in to boost your understanding of Pen Testing to safeguard your digital assets effectively.What you'll learn in this episode:Pen Tests help companies assess their security strength and implement better security practices.The stages of a Pen Test include reconnaissance, scanning and enumeration, vulnerability assessment, exploitation, maintaining access, covering tracks, and reporting.Certified ethical hackers not only identify vulnerabilities but also provide remediation strategies to fix them. Things to listen for:[1:34] What is a Pen Test? [5:24] Stages of Pen Test: reconnaissance, scanning, vulnerability assessment, exploitation, maintaining access, covering tracks, reporting.[09:03] How Pen Testers summarize vulnerabilities and remediation strategies and prioritizing the severity of the vulnerability.[10:39] Difference between Pen Tests and ethical hackers. [11:34] Common tools and techniques used in penetration tests.Connect with the Guest:Christina Annechino's LinkedInConnect with the host:Jara Rowe's LinkedInConnect with Trava:Website www.travasecurity.com Blog www.travasecurity.com/blogLinkedIn @travasecurityYouTube @travasecurity
Quando se reunirem em Brasília, nesta terça-feira 29, os governadores das 27 unidades da Federação vão iniciar um novo embate sobre o Conselho Federativo, que vai gerir e distribuir os recursos do Imposto sobre Bens e Serviços (IBS). Se na primeira etapa da discussão na Câmara dos Deputados, os gestores do Sul e Sudeste se uniram na discussão, desta vez enfrentarão um racha. O principal motivo é a reclamação de que governadores dos Estados que têm as maiores populações teriam articulado “uma pegadinha” para ficarem com poder de veto em qualquer decisão do Conselho. "Foram colocadas algumas travas para as discussões deste colegiado: além da maioria, os votos têm de corresponder a pelo menos 60% da população brasileiro e, nisto, três estados do Sudeste juntos já teriam poder de veto", explica Kennedy.See omnystudio.com/listener for privacy information.
Tengo ya varios años utilizando una metodología que diseñé para organizar mi vida y no solo organizarla, sino que me ayude a cumplir mis metas. A esta metodología llegué después de muchos años de correr en una caminadora interminable que no me llevaba a ningún lado.Después de 4 años, más de 200 entrevistas a gente del más alto rendimiento, después de estudiar una maestría en la mejor universidad del mundo me di cuenta de algo, y fue que las personas más exitosa del planeta tienen una sola cosa en común, todos usan SISTEMASEso es el método DMS
"Security is all about the protection of your data. While privacy is determining how your data is being used."On this episode of The Tea on Cybersecurity, join host Jara Rowe as she delves into the world of privacy and security certificates with expert guest @Marie Joseph, Senior Security Solutions Engineer at Trava.Protecting sensitive data has become more important than ever. But with the vast array of privacy and security certifications available, it can be challenging to know where to start.Marie helps us understand the different certifications and their importance. In this episode we discuss the most common privacy and security certifications, such as GDPR, CCPA, and SOC 2. We explore the benefits of obtaining these certifications, the challenges organizations may face during the process, and how to verify if a company has a privacy or security certificate. Discover the differences between various certifications and gain valuable insights on how to navigate the world of cybersecurity certificates. What you'll learn in this episode:Understand the main differences between privacy and security certifications, and the benefits they offerThe challenges that organizations face when implementing cybersecurity and privacy measures and the importance of patience in the process. The potential benefits of partnering with a cybersecurity expert.Things to listen for:[5:54] Various frameworks create cybersecurity best practice lists.[8:12] Focus on one, readiness, audit, and certificate renewal.[9:50] Understanding the costly process.[13:28] Be patient, take simple steps, and ensure feasibility.[16:37] Patience is key. Privacy and security certificates.Connect with the Guest:Marie Joseph's LinkedInConnect with the host:Jara Rowe's LinkedInConnect with Trava:Website www.travasecurity.com Blog www.travasecurity.com/blogLinkedIn @travasecurityYouTube @travasecurityGuest InformationName: Marie Joseph Title: Senior Security Solutions Engineer at TravaBio: Marie Joseph is an Indiana University alumna. While studying law and public policy, she studied abroad in the UK and learned from government agencies about US and National Security—sparking her interest in cybersecurity. Marie then headed back to IU for a master's degree in cybersecurity. Marie now helps Trava customers begin and/or mature their security and compliance programs as a Sr. Security Solutions Engineer.Social: https://www.linkedin.com/in/marie-joseph-a81394143/
“When a customer compares between vendors, the one with an ISO certification is going to have an edge.”We've covered the concept of compliance frameworks in previous episodes, but now we're taking a deep dive into what it takes to obtain a specific certification: ISO 27001.If you've ever wondered about the benefits of ISO compliance and the potential challenges you may face during the certification process, you're in the right place.In this conversation, Marie Joseph, Senior Security Solutions Engineer at Trava, and Anh Pham, Senior Security Engineer at Trava, discuss the benefits that ISO compliance brings not only to your organization, but also to your stakeholders and customers.What you'll learn in this episode:ISO 27001 is an international standard for managing your security.ISO certification gives you a competitive advantage over your competitors and builds customer confidence.It's crucial to budget enough time and bandwidth to work on ISO certification.Don't stress about doing things perfectly. Use a checklist to stay organized through the process and you should be good to go.Starting with ISO certification can give you a head start on other compliance frameworks you may want to pursue in the future.Things to listen for:[02:00] What ISO 27001 is and how it fits into a broader cybersecurity strategy[05:00] The benefits of achieving ISO 27001 certification[08:00] What to expect during the certification process[11:00] Anh and Marie's advice for organizations considering ISO 27001 certificationConnect with the Guests:Marie Joseph's LinkedInConnect with the host:Jara Rowe's LinkedInConnect with Trava:Website www.travasecurity.com Blog www.travasecurity.com/blogLinkedIn @travasecurityYouTube @travasecurity
Aquel que es amo de su tiempo, es amo de su vida. Cuando eres capaz de organizarte, tu productividad, tu propósito e incluso tu energía, son aprovechadas al máximo de aquí la importancia de la organización para el éxito.
Conseguir entrevistas, organizar tiempos, prepararse ¿Qué es lo más importante para tener un podcast exitoso? La pregunta de muchos creadores de contenido sobre cómo manejar su marca y sus creaciones.
Cuando te unificas con personas que tienen resultados, tienes los mismos resultados, sumar fuerzas y crear sinergia son acciones determinantes en el desarrollo personal y pueden ser el motivante para crear un proyecto de cracks.
El instagram de nuestro estudio sigue cerrado. Mientras tanto envía un mail a soygratitudestudio@gmail.com si quieres tener una sesión con Alfredo o conmigo. Ya tenemos grupo en TELEGRAM. Únete, estoy compartiendo cosas súper lindas por allá. Encuentra el Instagram del podcast y el mio personal. En este episodio Yannina Thomassiny tiene el placer de entrevista a Oso Trava, creador del podcast Cracks. Un podcast muy exitoso que ha logrado compilar mentes brillantes para platicar, no solo de su visión sobre los negocios, sino también sobre su caminar por este mundo y todas esas visiones especiales que les han permitido convertirse en quienes son. Oso es empresario también, y aunque es un hombre que no para, ha logrado encontrar un equilibrio entre todo lo que importa. Y justo de eso hablan: cómo el equilibrio, la mente abierta, experimentar cosas distintas y el escuchar con atención a los demás nos lleva a un estado de consciencia profundo y sincero. Escucha el podcast de Oso y ayúdanos compartiendo este episodio. Dale click a la campanita.
In this episode of The Power Producers Podcast, David Carothers and co-host Kyle Houck interview Ryan Dunn, Director of Insurance at Trava. Ryan discusses the importance of being proactive with cyber insurance, how to leverage cyber to earn new business, and how Trava is enabling agents to collect internal infrastructure data and provide it to carriers for cyber underwriting. Episode Highlights: Ryan shares that he has been in the industry for eight years and has seen a correlation between worker's comp and cyber, where worker's comp used to be a massive door opener opportunity and now cyber is becoming a major opportunity. (2:19) Ryan mentions that you don't have to be a cyber insurance expert to make the conversation valuable if you have the data to make it valuable. (4:46) Ryan explains that delivering the coalition report proactively instead of reactively makes a huge difference. (9:51) Ryan discusses the need for carriers to access internal data on modern cybersecurity infrastructure, including cloud environments, web apps, and third-party applications, to properly assess risk and prevent significant losses in cyber insurance. (12:54) Ryan explains that Trava is changing the dynamic of cyber underwriting by creating an agency platform that allows agents to collect internal infrastructure data and pass it off to carriers, rather than having carriers scan clients directly. (15:56) Ryan explains that their agency platform is a multi-tenant platform that simplifies the process of accessing data for carriers and provides an insurance readiness report to help clients prepare for the renewal period. (17:38) Ryan mentions that Trava's product is designed to drive more revenue to the agency. (22:33) Ryan discusses the trend in cyber insurance towards more in-depth underwriting and how it will impact pricing and coverage for clients. (31:13) Ryan shares that investing in product solutions to bring more value to clients is key to winning against larger agencies. (39:14) Ryan believes that changing the mindset from reactive to proactive is essential in the insurance industry, particularly in cyber insurance. (50:59) Tweetable Quotes: “If we give the agents the power to be able to collect the proper information from that internal infrastructure, and then pass it off to the carrier, that's where the W is. So we're working with some larger agencies and some of the very well-known carriers in creating that connection.” - Ryan Dunn “We are big believers in education…we constantly are training our partner agencies. We do in-person training, we do internal webinar training as well. And we do that on an ongoing basis.” - Ryan Dunn “We actually recently just changed our pricing like last week, but we wanted to change it so that it could mold with any size agency and grow with the agency, right? At the end of the day, the point of our product is to drive more revenue to the agency.” - Ryan Dunn Resources Mentioned: Ryan Dunn LinkedIn Trava David Carothers Kyle Houck Florida Risk Partners The Extra 2 Minutes