#incidentresponse

A long time in the making, this episode on the importance of User Awareness may just be the most important episode we’ve released so far.

Kevin Pentecost and Jason Popillion are security veterans and Certified Information Systems Security Professionals (CISSPs) who know their way around a good User Awareness Training program having personally trained in classroom led environments as well as fostered and matured their own corporate training programs over their years as Cybersecurity managers.

Join us as the duo delve into the critical topic of Cybersecurity User Awareness. With their wealth of experience, they provided invaluable insights and practical advice on how individuals can protect themselves against evolving cyber threats.

They emphasize that user awareness plays a pivotal role in defending against cyber threats. They highlight the fact that attackers often exploit human vulnerabilities and trick individuals into compromising their own security. By enhancing user awareness, people can become more proactive in recognizing and responding to potential threats. A key role is understanding that just like every technical control, YOU are a critical layer of defense both in your personal life, and in your corporate environment.

We take a look at the prevalence of social engineering attacks, which manipulate human psychology to deceive individuals into divulging sensitive information or performing harmful actions. We explain common tactics such as phishing emails, vishing calls, targeting spear phishing, CEO Spoofing, and many other non-email related social engineering tactics.

To counter these threats, they recommend adopting a skeptical mindset, scrutinizing unexpected communications, and verifying the authenticity of requests before taking any action.

Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MPCS, MCSE, CCA, ITIL-F and serves as a Information Security Director for a Manufacturing company.

 

 

DOWNLOADS:

PRINT and HANG this on your Wall:

 Printable Version of the Cyber Distortion Podcast “Red Flags” PDF

CyberDistortion Blog:

https://cyberdistortionpodcast.com/

CyberDistortion Swag Shop:

https://cyberdistortionswag.shop/

 

 

HE’S BAAAAAAACK!! In this episode, we RE-visit with our very first guest, Benjamin Hall.

Ben has served as a virtual CISO, and serves as Sr. Information Security Consultant at Heartland Business Systems. With experience in Governance, Risk, and Compliance, Ben has worked in several industries including Banking, Finance, Insurance, and Healthcare. He is a Certified Information Systems Auditor (CISA), a Certified Data Privacy Solutions Engineer (CDPSE), and a HITRUST Certified Common Security Framework Practitioner (CCSFP).  He is skilled in DR (Disaster Recovery), BC (Business Continuity), IR (Incident Response), Documentation, Risk Management, Business Development, and Information Security.

To say Ben is qualified to tackle this very challenging topic is frankly, an understatement! It was our extreme pleasure to have Ben back to join us as we provide helpful tips on what YOU need to do to address third-party risk for your company.

Join Kevin and Jason as they touch on some hard-hitting questions around risk and how to tackle some of the challenges that come with managing your due care and due diligence as it relates to outsourcing, and partnering with companies outside of your own 4 walls.

Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MPCS, MCSE, CCA, ITIL-F and serves as a Information Security Director for a Manufacturing company.

 

 

CITATIONS:

Heartland Business Systems:

https://www.hbs.net/

Mark Cuban Interview with Credit-Suisse.com:

https://www.credit-suisse.com/about-us-news/en/articles/news-and-expertise/mark-cuban-data-is-the-new-gold-201706.html

In this episode, Jason and Kevin join guest Ross Ingersoll, Executive Risk & Cyber Account Executive at Holmes & Murphy & Associates. We discuss the topic of cyber insurance and how being protected from today’s Cyber risks can better position your company in the event of a major breach event.

If you’ve ever wondered about what Cyber Insurance covers, or what types of things you need to be considering before you even think about applying for Cyber Insurance, then this episode will hit home! In today’s Cyber climate, does your company have the risk appetite to go without the added protection of Cyber Insurance to fall back on? Ross shares his valuable insight on why YOU might want to at least consider a policy for your business.

We’ll also play the “Cyber Claim Game” where we take a look at how some of today’s larger breaches played out and what other companies have paid out due to lack of preparedness. You will take away some valuable insight around this topic and several key actionable items that you can consider if you want to look into cyber insurance for your company! Lastly, you’ll discover the Key Carrier Provisions that every underwriter looks at before inking a policy.

Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MCSE, CCA, ITIL-F and serves as an Information Security Director for a manufacturing company.