#informationsecurity

In this episode, Kevin and Jason shoot the breeze with fellow Cybersecurity podcaster Chris Glanden, a veteran cybersecurity professional passionate about Security Systems, breakthroughs, vulnerabilities, their mitigation and risk management.

Chris has interviewed some of the most high-profile influencers and specialists in technology, hacking, and cyberspace. His episodes include guests like Phillip Wylie, Freaky Clown (FC), Jack Rhysider from Darknet Diaries, Alyssa Miller, Gummo, and Magda Chelly to name a few!!

Conceptualized in mid-2020 amongst the Covid pandemic, he designed BARCODE to become THE alternative way to continue the social and educational elements of cybersecurity happy hours, technical meet-ups and security conference peer interaction that our industry was so deprived of during that time.  Often, this is where new ideas and innovation is spawned, and not confined within 4 conference walls. Enter a no pressure atmosphere where listeners gain knowledge direct from the industry’s elite.

Chris is working on an amazing documentary project called INHUMAN and Chris is bootstrapping everything, which is tough. If people want to find out more about what they’re doing, inhumandocumentary.com is the website with crowdfunding information and sponsorship opportunities. The documentary will be all about AI and we spill lots of juicy details in this episode.

We really hope you like this episode as much as we enjoyed putting it together and spending time with our man, Chris!

Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MPCS, MCSE, CCA, ITIL-F and serves as a Information Security Director for a Manufacturing company.

 

CITATIONS

THE BARCODE PODCAST:

Chris’ Badass Podcast page can be found here:

https://barcodesecurity.com/

BARCODE at Barcode Episode (Live from Las Vegas) with Special Guest “Freaky Clown:”

https://barcodesecurity.com/bonus-bcp-live-with-fc/

Chris’ LinkedIn page:

https://www.linkedin.com/in/chrisglanden/

Twitter:

https://twitter.com/ChrisGlitz

THE DOCUMENTARY:

Information about Chris’ Upcoming Documentary entitled “InHuman”:

https://inhumandocumentary.com/

INHUMAN Trailer: https://www.youtube.com/watch?app=desktop&v=RZZU28RBb7k

 

Chris’ Partner Filmmaker and Cybersecurity Guru - Matt Barnett’s LinkedIn

 

MORE ON FREAKY CLOWN (FC):

Freaky Clown’s Website:

https://www.freakyclown.com/

Freaky Clowns Book on Amazon “How I Rob Banks”

 

CHRIS’ INTERVIEW WITH BLACK HAT HACKER GUMMO:

Barcode Podcast Episode 53:

https://www.youtube.com/watch?v=_3Uvm_jxRXw

 

MORE ON GUMMO:

Black Hat Hacker “Gummo’s” story on Soft White Underbelly on YouTube:

https://www.youtube.com/watch?v=g6igTJXcqvo

https://www.youtube.com/watch?v=3ZtkMmVDNEo

 

Image Credits:

Caesars Palace - Photo by Wesley Tingey on Unsplash

MGM Photo - Photo by Marcos Nieto on Unsplash

Laptop Image - Photo by Luca Bravo on Unsplash

 

Looking to Start Your Career in IT?

Check out CompTIA as a great entry point into an IT career if you’re interested in a certification:

https://www.comptia.org/home

https://www.comptia.org/career-change/switching-career-path/get-into-it-without-a-degree

In this follow-up episode, we are honored to continue our spirited discussion with (Dr. Aaron Estes – Ironwood Cyber CEO “Chief Epic Officer”) on with us to talk all about his company Ironwood Cyber, and some of the cool things they’re doing over there.

Ever since we met the Ironwood Cyber team based out of Ft. Worth Texas, we knew we had a solid professional passion and connection and we shared MANY similar interests. The Ironwood Cyber team is a strong group of Engineers originally founded by not one, but TWO Lockheed Martin Fellows respected for their incredible skillsets. Aaron Estes and Ethan Puchaty.

Lockheed Martin Fellowship represents less than 1% of the best technical Engineers the company has to offer and their backgrounds are quite impressive having worked for a company engineering some of the best technology the US Department of Defense has to offer.

After leaving Lockheed Martin to start their own Cybersecurity firm (Ironwood Cyber), the company has continued its tradition of developing amazing technology with such out of the box concepts that their endpoint protection solutions boast 3 patents. Focusing on side-channel analysis, they’re quickly becoming a major player in the world of cybersecurity.

This is part two of a two-part podcast episode, where we spend more time talking about their first electronic SWAG badge created in 2022 for DEFCON 30. We’ll be looking at some teasers and talking to Aaron about what fun and interesting things they’re doing for DEFCON 31. There may even be a few hints about the 2023 badge in the second part of this awesome conversation. I guess you’ll just have to wait and see!! The biggest hint of all….THERE IS!

Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MPCS, MCSE, CCA, ITIL-F and serves as a Information Security Director for a Manufacturing company.

 

 

DOWNLOADS:

Find out More about IRONWOOD CYBER:

https://ironwoodcyber.com/

CYBER RX:

https://ironwoodcyber.com/ironwood-cyber-rx

FIRETHORN:

https://ironwoodcyber.com/firethorn

Ironwood on Twitter:

https://twitter.com/IronwoodCyber

BLACKHAT USA CONFERENCE:

https://www.blackhat.com/us-23/

 

DEFCON HACKER CONFERENCE:

https://defcon.org/

The Official DC Documentary:

https://www.youtube.com/watch?v=3ctQOmjQyYg

In this episode, we are honored to have one of these amazing gentlemen (Dr. Aaron Estes – Ironwood Cyber CEO “Chief Epic Officer”) on with us to talk all about his company Ironwood Cyber, and some of the cool things they’re doing over there.

Ever since we met the Ironwood Cyber team based out of Ft. Worth Texas, we knew we had a solid professional passion and connection and we shared MANY similar interests. The Ironwood Cyber team is a strong group of Engineers originally founded by not one, but TWO Lockheed Martin Fellows respected for their incredible skillsets. Aaron Estes and Ethan Puchaty.

Lockheed Martin Fellowship represents less than 1% of the best technical Engineers the company has to offer and their backgrounds are quite impressive having worked for a company engineering some of the best technology the US Department of Defense has to offer.

After leaving Lockheed Martin to start their own Cybersecurity firm (Ironwood Cyber), the company has continued its tradition of developing amazing technology with such out of the box concepts that their endpoint protection solutions boast 3 patents. Focusing on side-channel analysis, they’re quickly becoming a major player in the world of cybersecurity.

The conversation flowed so well, in fact, that we ended up breaking this awesome episode into two parts. The first focusing on the Ironwood origin story, and their technology and the team.

Then, in about a week, we’ll be dropping part two, where we spend more time talking about their first electronic SWAG badge created in 2022 for DEFCON 30. We’ll be looking at some teasers and talking to Aaron about what fun and interesting things they’re doing for DEFCON 31. There may even be a few hints about the 2023 badge in the second part of this awesome conversation. I guess you’ll just have to wait and see!!

Jason Popillion is a CISSP and serves as a Director of Automotive Aftermarket of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MPCS, MCSE, CCA, ITIL-F and serves as a Information Security Director for a Manufacturing company.

DOWNLOADS:

Find out More about IRONWOOD CYBER:

https://ironwoodcyber.com/

CYBER RX:

https://ironwoodcyber.com/ironwood-cyber-rx

FIRETHORN:

https://ironwoodcyber.com/firethorn

Ironwood on Twitter:

https://twitter.com/IronwoodCyber

BLACKHAT USA CONFERENCE:

https://www.blackhat.com/us-23/

 

DEFCON HACKER CONFERENCE:

https://defcon.org/

The Official DC Documentary:

https://www.youtube.com/watch?v=3ctQOmjQyYg

A long time in the making, this episode on the importance of User Awareness may just be the most important episode we’ve released so far.

Kevin Pentecost and Jason Popillion are security veterans and Certified Information Systems Security Professionals (CISSPs) who know their way around a good User Awareness Training program having personally trained in classroom led environments as well as fostered and matured their own corporate training programs over their years as Cybersecurity managers.

Join us as the duo delve into the critical topic of Cybersecurity User Awareness. With their wealth of experience, they provided invaluable insights and practical advice on how individuals can protect themselves against evolving cyber threats.

They emphasize that user awareness plays a pivotal role in defending against cyber threats. They highlight the fact that attackers often exploit human vulnerabilities and trick individuals into compromising their own security. By enhancing user awareness, people can become more proactive in recognizing and responding to potential threats. A key role is understanding that just like every technical control, YOU are a critical layer of defense both in your personal life, and in your corporate environment.

We take a look at the prevalence of social engineering attacks, which manipulate human psychology to deceive individuals into divulging sensitive information or performing harmful actions. We explain common tactics such as phishing emails, vishing calls, targeting spear phishing, CEO Spoofing, and many other non-email related social engineering tactics.

To counter these threats, they recommend adopting a skeptical mindset, scrutinizing unexpected communications, and verifying the authenticity of requests before taking any action.

Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MPCS, MCSE, CCA, ITIL-F and serves as a Information Security Director for a Manufacturing company.

 

 

DOWNLOADS:

PRINT and HANG this on your Wall:

 Printable Version of the Cyber Distortion Podcast “Red Flags” PDF

CyberDistortion Blog:

https://cyberdistortionpodcast.com/

CyberDistortion Swag Shop:

https://cyberdistortionswag.shop/

 

 

HE’S BAAAAAAACK!! In this episode, we RE-visit with our very first guest, Benjamin Hall.

Ben has served as a virtual CISO, and serves as Sr. Information Security Consultant at Heartland Business Systems. With experience in Governance, Risk, and Compliance, Ben has worked in several industries including Banking, Finance, Insurance, and Healthcare. He is a Certified Information Systems Auditor (CISA), a Certified Data Privacy Solutions Engineer (CDPSE), and a HITRUST Certified Common Security Framework Practitioner (CCSFP).  He is skilled in DR (Disaster Recovery), BC (Business Continuity), IR (Incident Response), Documentation, Risk Management, Business Development, and Information Security.

To say Ben is qualified to tackle this very challenging topic is frankly, an understatement! It was our extreme pleasure to have Ben back to join us as we provide helpful tips on what YOU need to do to address third-party risk for your company.

Join Kevin and Jason as they touch on some hard-hitting questions around risk and how to tackle some of the challenges that come with managing your due care and due diligence as it relates to outsourcing, and partnering with companies outside of your own 4 walls.

Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MPCS, MCSE, CCA, ITIL-F and serves as a Information Security Director for a Manufacturing company.

 

 

CITATIONS:

Heartland Business Systems:

https://www.hbs.net/

Mark Cuban Interview with Credit-Suisse.com:

https://www.credit-suisse.com/about-us-news/en/articles/news-and-expertise/mark-cuban-data-is-the-new-gold-201706.html

WE ARE BACK! Happy 2023 friends…

In this exciting episode of or BRAND NEW season 2, Kevin and Jason make good a promise from Season 1 where they go back and take a deep dive into the Dark Web. This time, we’re coming with a purpose! We go back to investigate and see what’s really out there and try to separate myth from reality.

Have you always wondered what really exists out on the Dark Web? Do you have a curious bone just itching to go check it all out for yourself? Well, you’re in luck! In this episode, you’ll learn all about how to properly prep to take this journey for yourself. Do we actually recommend it? Listen and find out!!

Find out more about the original Dark Web marketplace founded by Ross Ulbricht known as the Silk Road and other place you can still visit today. Learn how to browse the Dark Web, how it all started, and how many people actually surf the Dark Web today. Learn facts you probably didn’t know about this mysterious corner of cyberspace. Lastly, find out things you can ACTUALLY purchase on the Dark Web. You might just be surprised at some of these!!

It is important to mention that no humans were trafficked, and no organs were harvested in the making of this episode!

 

CITATIONS:

How to Safely Browse the Dark Web

IDEALLY…Visit the Dark Web via an isolated OS

·         Here are some of the most popular options:

o   Whonix - https://www.whonix.org/

o   Tails  - https://tails.boum.org (as mentioned on our episode)

o   Qubes - https://www.qubes-os.org/

o   Kali Linux - https://www.kali.org/ (awesome hacking tools packaged with this OS)

o   TrueOS - https://www.trueos.org/

Get the Tor Browser:

https://www.torproject.org/download/

Use a good VPN – Here are some popular options (some offer free 30 day trials):

·         NordVPN - https://nordvpn.com/

·         SurfShark - https://surfshark.com/

·         TorGuard - https://torguard.net/

·         Proton VPN - https://protonvpn.com/

·         IP Vanish - https://www.ipvanish.com/

·         Express VPN - https://www.expressvpn.com/

·         RusVPN - https://rusvpn.com/en/

 

 

 

Learn about Surfing the Dark Web Online

https://www.udemy.com/courses/search/?src=ukw&q=Dark+Web

Dark Web Stats and Facts

https://websitebuilder.org/blog/dark-web-statistics/

Dark Web Usage Stats

https://earthweb.com/how-many-people-use-the-dark-web/

In this episode, Jason and Kevin join guest Ross Ingersoll, Executive Risk & Cyber Account Executive at Holmes & Murphy & Associates. We discuss the topic of cyber insurance and how being protected from today’s Cyber risks can better position your company in the event of a major breach event.

If you’ve ever wondered about what Cyber Insurance covers, or what types of things you need to be considering before you even think about applying for Cyber Insurance, then this episode will hit home! In today’s Cyber climate, does your company have the risk appetite to go without the added protection of Cyber Insurance to fall back on? Ross shares his valuable insight on why YOU might want to at least consider a policy for your business.

We’ll also play the “Cyber Claim Game” where we take a look at how some of today’s larger breaches played out and what other companies have paid out due to lack of preparedness. You will take away some valuable insight around this topic and several key actionable items that you can consider if you want to look into cyber insurance for your company! Lastly, you’ll discover the Key Carrier Provisions that every underwriter looks at before inking a policy.

Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MCSE, CCA, ITIL-F and serves as an Information Security Director for a manufacturing company.

In this episode, join Jason & Kevin as they discuss the journeys they both took to obtain the coveted CISSP (Certified Information Systems Security Professional) certification from the governing body of (ISC)2. Anyone who knows ANYTHING about Cybersecurity and has aspirations of becoming a manager know that the CISSP is the most sought after certification offered. In this episode, they discuss why that is. We also discuss the various domains covered in the exam, the weightings of each domain, the exam format, and many helpful tips and tricks to help get you over the hump as you traverse your studies. We know the effort required to obtain this certification and we are familiar with the full experience, even the failure of each of our first exams. That’s a painful pill to swallow but we have some sage advice that might just help you to succeed on your next attempt.

We hope that this episode is considered just one more tool to add to the virtual tool belt for all aspiring future CISSPs that are embarking on this prestigious and esteemed certification. We KNOW that you’ll find this information valuable. After all, don’t you need a light-hearted break from your books and flash cards anyway?!?! =)

 

Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MCSE, CCA, ITIL-F and serves as an Information Security Director for a manufacturing company.

 

CITATIONS: 

Matt Elliott

Blog Post: A Journey Through Hell. My CISSP Experience.

https://medium.com/@pentesta/my-cissp-experience-a-journey-through-hell-56790c4f569e

 

(ISC)2 Official Website

The Pathway to Certification

https://www.isc2.org/Certifications/CISSP

 

How to Think Like a Manager for the CISSP Exam

Luke Ahmed

https://www.amazon.com/Think-Like-Manager-CISSP-Exam/dp/1735085197/ref=sr_1_1?crid=2LO79N1BUYEIS&keywords=Luke+Ahmed&qid=1651298957&sprefix=luke+ahmed%2Caps%2C99&sr=8-1

 

Cybrary.IT

Video Course by Kelly Handerhan – Certified Information Systems Security Professional (CISSP)

https://www.cybrary.it/course/cissp/

 

Host Unknown – The Very Fine Chaps

Host Unknown presents: I'm a C I Double S P (CISSP Parody)

https://podcast.hostunknown.tv/

https://hostunknown.tv/

https://youtube.com/user/HostUnknownTV

 

LMFAO – Yes Instrumental

https://www.karaoke-version.com/mp3-backingtrack/lmfao/yes.html