securityawareness

In this episode I had a chance to talk to Lisa Jones-Huff about the importance of data visualization and how it can help both security AND the business. Lisa is the Senior Director of Global Security Specialists for Elastic.

Talking Points:

Some basic steps for understanding how to interpret your data:

• What is the very first thing you should do on your data visualization journey?
• What type of data do you have?
• What is the value of that data?
• What types of use cases provide the most 'Combined Value'?
• How can Graph can help tell the story in a detail that a 'regular' person can understand?

Episode Sponsor:

This episode is sponsored by Elastic. Elastic is a multi-faceted business and security solutions company based out of Mountain View California.  Part of the sponsor ship fee will be going to raise money for the Autism Alliance of Michigan.

In this special episode I had the honor of MC'ing a Security Awareness Month online panel for Cadre Information Security and the topic was Human Factors in Cybersecurity. The panelists were Phil Swaim, Mike Davenport, Tim O'Connor and Mike Peterson.  We not only had great discussions on how to build your Security Awareness Program but actions steps you can take right now to create 'Security Champions' in your organization.

 Talking Points:

• So how is a Security Awareness Program different from Security Awareness Training?
• Why would an organization want a Security Awareness Program?
• Do only larger organizations typically have Security Awareness Programs?
• Why should Social Media exploits be covered in your program and ultimately your training?
• What are some of the pitfalls organizations should try to avoid when implementing Security Awareness Programs and training?

Nathan Caldwell is an inspirational Leadership Speaker focused on Kindness.

Episode Links:
Web: www.empoweringkindness.com
Book: #1 Best Selling Author of Empowering Kindness
Email: nathan@empoweringkindness.com
LinkedIn: https://www.linkedin.com/in/nathan-caldwell/
Instagram: https://www.instagram.com/caldwellned/
Twitter: https://twitter.com/caldwellned

Joey Pinz Conversations Podcast Information:
 • Website: https://www.joeypinz.com
 • Link Tree: https://linktr.ee/joeypinz
 • Music by Tom Izzo: @wahlsinger  https://tomizzomusic.com  

Support our podcast: 
 • Subscribe: https://joeypinzconversations.com/subscribe/
 • How much is this podcast worth to you? Consider $5, $10 or $20/mo with Patreon: https://www.patreon.com/joeypinz 
 • How about a one-time payment? 
 • What is the episode worth to you? $25/$50/$100/$500 /$1,000/$5,000 with PayPal (one-time): https://www.paypal.com/paypalme/JoePannone 

Please subscribe/follow to Joey Pinz Discipline Conversations Podcast:
 • Spotify, Apple, Google, or others.  Please consider rating with 5 stars if you like it.
 • Apple: https://podcasts.apple.com/us/podcast/joey-pinz-discipline-conversations/id1583997438
 • Spotify: https://open.spotify.com/show/69SFwY3XSwcw9qNvElAn10
 • Google: https://podcasts.google.com/feed/aHR0cHM6Ly9mZWVkcy5idXp6c3Byb3V0LmNvbS8xODI4OTA2LnJzcw
 • YouTube: https://www.youtube.com/c/JoeyPinzDisciplineConversations?sub_confirmation=1

Please follow on social media: @TheJoeyPinz
 • Instagram: @TheJoeyPinz https://www.instagram.com/TheJoeyPinz 
 • Twitter: @TheJoeyPinz  https://twitter.com/TheJoeyPinz
 • Facebook: @TheJoeyPinz https://www.facebook.com/TheJoeyPinz
 • TikTok:  @TheJoeyPinz  https://www.tiktok.com/@thejoeypinz

Finally,  join our newsletter: https://joeypinzconversations.com/#newsletter

In this brief end of the year episode I talk about a recent phishing attack on a 3rd party vendor that was compromised via email in a very unique way. I reveal how it happened and why defense in depth in so important.

Talking Points:

• What is a lookalike domain?
• The importance of having a defensive domain strategy
• How bad guys used an operating system and email applications default behavior against the user

In this episode I sit down with Corwin Tobias, to take a deeper dive into maturing a Security Awareness program.  Corwin is the Information Security Awareness Ambassador for Blue Yonder.  I had the pleasure of working with Corwin when he was working on the Information Security Training Team for Spectrum Health.

Talking Points:

• How to quip your staff to identify key risks
• Does an employee know what to do when they make a mistake?
• A Human Firewall sounds good but doesn't always work in real life because cyber criminals adapt
• What are some things that people get wrong about Security Awareness? (Information Security Compliance fallacies)
• What departments does information security frustrate the most? Why is it important to identify them?
• Metrics are more granular than you think? It's not all about volume

In this episode I talk with Tim O'Connor about what companies don't understand about Security Awareness programs. Tim is the Manager of Knowledge Services for Cadre Information Security.

Talking Points:

• Security Awareness is  more than just Phishing awareness training
• What doesn't the business get about Security Education?
• Risk Assessments and Vulnerability Assessments are two different things
• The importance of Table Top exercises
• Brand Name Protection
• IT is NOT where the cybersecurity buck stops

Episode Sponsor:

This episode is sponsored by Cadre Information Security.  Cadre is a trust security partner based out of Cincinnati Ohio.  As always, parts of the sponsorship fee goes to Michigan charities.  In 2021 #RTWAB has raised over $3,000!

In this episode I had a chance to speak with Rob Bowker about using DMARC and other secure email tools to prevent domain spoofing.  Rob is the Director of Sales North America for EasyDMARC.

Talking Points:

• How to use DMARC reports to move from 'quarantine' to 'reject'
• What is process of applying a percentage when moving to quarantine
• How to get around DNS limitations for SPF records
• What is BIMI?
  • What are the pre-requirements for implementing it?
• How to use domain scanners and reputation checks

Episode Sponsor:

The sponsor for this episode is EasyDMARC. EasyDMARC is a phishing protection solution company based out of  Middleton, Delaware. As always part of the sponsorship fee goes towards helping charities in the West Michigan area!

In this episode I get a chance to speak with Dave Stycos who is a Senior Security Engineer for Spectrum Health.  Dave was part of the Security Operation Center that helped thwart a Wannacry attack on a major healthcare system in West Michigan.  We talk about what a day in the SOC looks like and what is going through the SOC analyst's mind during an active incident.

Talking Points:

• What does a typical day look like? Is it like it is in Hollywood movies?
• What are some of the tools that you use everyday?
• What is the hardest part of your job?
• What is the coolest experience?
• Is there a fundamental difference between incident like 'Red October' and the HVAC incident that Jim talked about at Cloud Con last year?

In this episode I speak with Josh Geno about what it's like to be in a ransomware attack.  Josh is one of the Lead Security Engineers for Spectrum Health.  Josh has had the distinction of being in a ransomware attack as well as having to 'clean up' after one.  Josh has created a Ransomware Playbook that is open for use by anyone and is geared to sharing knowledge/lessons learned.

Talking Points:

• Walk Through The Incident 
  • Prepare 
  • Detect 
  • Triage/Prioritize 
  • Analyze 
  • Contain/Eradicate/Recover 
  • Post-Incident 
• How would you use these documents in your organization?
• Can be used as Net New or Augmenting (GAP Analysis) 
  • A scenario were Company A was already affected and didn't know it 
• Read the instructions first 
  • Flowchart will make 1000% more sense if you read the instructions 

Dropbox File Links:

Ransomware Playbook Instructions Link

Ransomware Playbook Link

In this episode I have a special co-host, Alex Ronquillo, and we spoke with Allan Liska about Threat Intelligence and how SMBs can use it.  Alex is a Internet Threat Hunter from rec.  Allan is a Threat Intelligence Analyst from Recorded Future.

Talking Points:

• Why as a SMB should you care about threat intel?
• What are the must have capabilities / resources that a company should have before investing in a threat intelligence platform?
• Are some SMBs starting to understand protecting their 'brand'
• What is everyone getting wrong their 3rd party suppliers?
• What are the biggest changes, if any, they've seen in 2020 regarding threat actors?
• Why Threat Intel needs to expand outside of your SOC in 2021
• Will AI mature in 2021?

In this special holiday episode I have both a special guest and a special co-host.  My co-host is Jim Kuiphof and we got a chance to talk with Tim Francis about Cyber Insurance and Liabilities pertaining to ransomware attacks.  Jim in a Director of Information Security for Spectrum Health and Tim is a Enterprise Lead for Cyber Insurance at Travelers.

These are just some of the questions and topics that we covered:

• What is cyber liabilities insurance and why do some think they don't need it?
• While ransomware attacks are increasing in the public eye, some websites are reporting that ransomware attacks aren't being reported and that is a problem. 
• What trends are you seeing in the insurance industry right now?
• Are attacks truly going up or it is just that there is more 'visibility' in to this area of cybersecurity?
• Why are some incidents just not being talked about?

A HUGE thanks to the following sponsors, as we raised over $1,500 for three charities!

• Sentinel One
• Recorded Future
• Travelers Insurance

Also a shout out to Brock from Okta, Ryan from Optiv and Allan from Recorded Future for supplying some great prizes!

In this special Veteran's Day episode I talk with LinkedIn Top Voices of 2020 honoree, AJ Yawn, about Amazon Web Services security.  AJ is a US Army veteran and also the Co-Founder and CEO of a brand new company called ByteChek.

AJ walks us through his five quick tips for AWS security for small businesses.

1. Protect Your Root Account
2. Identity Access Management (IAM) Report
3. Download Trusted Advisor Report
4. Enable AWS Cloud Trail Across All Regions
5. Automate Something Using Cloud Trail

We also had a chance to talk about the ever elusive thing called the Shared Responsibility Model.

Finally stick around until the end were we took a few minutes and touched based on the state of Diversity, Equality and Inclusion at the end of 2020.

As an added bonus here is a link to AJ's article that we talked about in the podcast.  

How To Effectively Setup AWS CloudTrail in 5 Steps

In this episode I talk about the concept of 'Zero Trust' with Patrick Tyler.  Patrick is a Senior Solutions Engineer for Okta.

Talking Points:

• What is Zero Trust and why should you care?
• What did organizations have to do right away when it comes to Zero Trust?
• Why Zero Trust is important for 'non-traditional' cloud industries like manufacturing to do it?
• While VPN is a powerful tool, it isn't the 'End All Be All' for security.
• What did organizations have to do right away?

This episode is sponsored by Okta.  Okta is a Workforce and Customer identity company that is based out of California.  Proceeds from this sponsorship will be going towards prizes for the holiday fundraiser event.

In this episode I talked with Steve Barnes about physical network security.  Steve is an Enterprise Systems Engineer for Fortinet.

Talking Points:

• Why does physical network security still matter in the age of SASE?
• What is the biggest difference between 'Next Gen' and 'Stateful' firewalls?
• Does content awareness (SSL inspection) really help with visibility and protection?
• Even SASE needs something to connect to
• Why is SD-WAN important in the age of Digital Transformation?
• Ransomware Protection with Default Deny

This episode is sponsored by Fortinet.  Fortinet is On-Prem and Cloud Security company based out of Sunnyvale, California.

 I am happy to share very special event, Tales From The Cyber War Trenches from Jim Kuiphof's Cloud Con GR 2020 Keynote. In this episode Jim talks about real life experiences with vulnerability management lessons learned, how do you deal with 'interesting' government warnings, a ransomware near miss and disruptive security controls.

Cybersecurity Scenarios:

• Tick Tock, Tick Tock - Time is Running Out (A Vulnerability Management Faceplant)
• The Russians are Coming! … to waste your SOC's time 
• Ransomware: How Do You Find An Infected Printer At Midnight?
• Disruptive Security Controls - Implementing Perimeter "Default Deny"

Many, many thanks to Jim and the entire security leadership team at Spectrum Health for sharing this valuable information! 

In this episode I talk with Zane Lackey about Web Application Security.  Zane is the Co-Founder and Chief Security Officer for Signal Sciences.

Talking Points and Listener Submitted Questions:

• What kinds of 'Real World' attacks are people dealing with against web applications?
• How do you detect an attack against a web application?
• How do you measure the effectiveness of your technical web app security controls (WAF, API, Authentication, Business Logic, etc.)?
• How do can you ensure that your companies web application API's cannot be abused to access data that the user is unauthorized to access?
• Do bug bounty programs work?
• Should all SMBs have a web application vulnerability disclosure program?

This episode is sponsored by Signal Sciences.  Signal Sciences is a web application security company based out of Culver City, California.

In this special live stream podcast recording event I spoke with Tim O'Connor. Tim is the manager of Knowledge Services for Cadre Information Security. The topic of this podcast is 'How to Build a Successful Security Awareness (SA) Program.

 Talking points include:

•  What is the first step in building a successful program?
• The concept of a security champion when you don't have a dedicated SA team
• What are some common misconceptions about SA programs?
• Diagramming out a social engineering attack

 This episode is sponsored by Cadre Information Security. Cadre is a security solutions provider that focuses on network data security designs for businesses.  The company is based out of Cincinnati, Ohio.

In this episode I speak with Jared Phipps on the timely topic of ransomware.  Jared is the Vice President of Worldwide Sales Engineering for SentinelOne and had some great insights on what is happening with these types of attacks.

Some of the talking points included:

• Why the sudden surge of ransomware attacks?
• What is really happening behind the scenes?
• What is the impact to cyber liability insurance companies?
• How can you reduce your chances of getting hit?
• What does the future hold for cyber insurance?

The sponsor for this episode is SentinelOne.  SentinelOne is a autonomous AI endpoint security solution based out of Mountain View California.  As always, a majority of the sponsorship goes towards helping At Risk students here in West Michigan. 

In this episode I talk with Kevin Dillaway, who is a Cloud Security Architect for Optiv.  Optiv is security solutions integrator based out of Denver Colorado.

The topic for this episode is bad security horror stories.  Have you ever wondered what the worst security thing a cloud architect has seen?

Well wait until you hear some of the crazy things that he come across!

This episode is sponsored by Optiv and part of the proceeds will be going to help 'At Risk' students in West Michigan.

In this episode I speak with Martin Cannard about Privilege Access Management for Small and Medium Business. Martin is the Vice President of Product Strategy for STEALTHbits Technologies.

 Here are some of the questions that we tackled in this session:

 What is Privileged Access Management and why do you need it?

• Why is PAM so 'scary'?
• What the biggest problems that you are seeing in the PAM space?
• What is wrong with a typical PAM boilerplate?

 This episode is sponsored by STEALTHbits and, as always, proceeds from this sponsorship will go toward At Risk students in West Michigan.