Episodes
7 days ago
E26 - Cyber Resilience
7 days ago
7 days ago
In this episode, Milou and Brian delve into the concept of cyber resiliency, exploring its definition, importance, and the various components that contribute to a robust cyber resilience program. They discuss the nuances of cyber recovery compared to traditional disaster recovery, the significance of incident response planning, and the role of cyber insurance in mitigating risks. The conversation emphasizes the need for organizations to consider the maturity of their cyber resilience plans, ensuring continuous improvement and adaptation to the ever-evolving cybersecurity landscape. Further reading:- In retrospect: Normal Accidents: https://www.nature.com/articles/477404a- NIST Cybersecurity Framework: https://www.nist.gov/cyberframeworkChapters 00:00 Introduction to Cyber Resiliency 03:14 Understanding Cyber Resilience 08:39 Cyber Resilience vs. Disaster Recovery 14:10 Building a Cyber Resiliency Program 19:47 The Role of Cyber Insurance 23:51 Testing with Tabletop Exercises 26:49 Measuring Maturity of Cyber Resilience 31:13 Outro
Tuesday Nov 19, 2024
E25 - Securing Databases
Tuesday Nov 19, 2024
Tuesday Nov 19, 2024
In this episode, Brian and Milou talk with David Klee, a database expert, to discuss the often-overlooked topic of database security. They explore the challenges companies face in securing their databases, the impact of cloud technology on security practices, and the importance of a top-down approach to security mandates. David emphasizes the need for organizations to integrate security into their database practices and the ongoing fight for privacy in the digital age.
Continue to socialize with David Klee!https://bsky.app/profile/kleegeek.bsky.socialhttps://www.linkedin.com/in/davidakleedavidklee.netheraflux.com Chapters00:00 Introduction04:22 Common Gaps in Database Security07:06 The Interactions of Databases and Applications12:12 The Impact of Cloud on Database Security15:51 Improving Security From the Top Down22:35 Infrastructure Security for Databases26:57 Privacy vs Security29:44 Conclusion and Final Thoughts
Tuesday Nov 12, 2024
E24 - Building Your Security Community
Tuesday Nov 12, 2024
Tuesday Nov 12, 2024
In this episode of Socializing Security, Brian and Milou discuss the importance of community in the tech industry, especially in the context of networking and professional development. They share personal experiences from conferences, the value of building connections, and strategies for engaging with local and online communities. The conversation emphasizes the need for ongoing interaction and the challenges of creating a sustainable community, while also exploring future directions for enhancing listener engagement.Chapters00:00 Navigating the Busy Season03:05 The Importance of Community in Tech05:59 Learning Through Interaction09:12 Building Connections and Friendships12:06 Engaging with Local Communities15:06 Strategies for Networking and Community Building17:53 The Role of Online and In-Person Events21:02 Creating a Sustainable Community24:12 Future Directions for Community Engagement
Tuesday Nov 05, 2024
E23 - A Pivot to Privacy
Tuesday Nov 05, 2024
Tuesday Nov 05, 2024
In this episode, Milou and Brian delve into the issue of privacy, exploring various scenarios that highlight the importance of consumer awareness and data protection. They discuss the alarming findings from Mozilla's analysis of car privacy practices, the implications of government biometric data collection, and the pervasive nature of targeted advertising. The conversation emphasizes the need for individuals to be proactive in understanding and managing their privacy in an increasingly connected world. Chapters 00:00 Introduction 01:31 The Privacy Concerns of Car Manufacturers 11:26 The Collection of Biometric Data by Governments 18:42 The Invasion of Privacy through Targeted Advertising 25:19 Wrapping up 26:05 Conclusion 26:21 Outro
Tuesday Oct 29, 2024
E22 - How To Build An Effective Compliance Program
Tuesday Oct 29, 2024
Tuesday Oct 29, 2024
In this episode, Milou and Brian discuss the often-overlooked importance of compliance in the realm of information security. They explore how to build effective compliance programs, the significance of engaging with sales teams, and the various frameworks and standards that organizations should consider. The conversation emphasizes the need for proactive compliance strategies, the challenges of navigating audits, and the importance of continuous improvement as organizations scale. Milou shares her insights on how compliance can be a differentiator in the market and the necessity of celebrating compliance achievements within organizations.00:00 Introduction to Compliance and Its Importance03:01 Building a Successful Compliance Program05:55 Proactive vs Reactive Compliance Strategies08:57 Engaging Sales and Compliance Teams11:54 Common Compliance Frameworks and Standards15:07 Navigating Audit Processes and Findings18:09 Scaling Compliance Programs for Growth20:59 Continuous Improvement in Compliance24:09 Conclusion and Final Thoughts
Tuesday Oct 22, 2024
E21 - Fighting Security Monsters Through Psychology
Tuesday Oct 22, 2024
Tuesday Oct 22, 2024
In this episode, Brian and Milou engage in a thought-provoking conversation with Zach Eikenberry about the psychology behind security training. They explore how to make security training more engaging and effective by understanding human behavior, the role of gamification, and the importance of tailoring training programs to meet the needs of employees. The discussion also touches on the challenges of compliance, the impact of technology on security awareness, and the future of privacy in an increasingly open digital world. Zach emphasizes the need to socialize security within organizations to foster a culture of awareness and proactive behavior against cyber threats.Socialize with Zach on LinkedIn: https://www.linkedin.com/in/zbey/ 00:00 Introduction03:52 Using Psychology in Security Training08:16 Gamification Isn't Necessarily Engaging12:59 The Mixed Results of Team-based Training16:40 Psychology Use in the MGM Breach17:59 AI In Social Engineering22:54 The Importance of Socializing Security29:03 Designing a Training Program to Engage Learners33:51 The Parting Question: Privacy vs. Security39:04 Engaging Insights on Security Training43:20 Conclusion
Tuesday Oct 15, 2024
E20 - Socializing About Social Media
Tuesday Oct 15, 2024
Tuesday Oct 15, 2024
In this episode, we discuss the intersection of social media, security, and compliance. We emphasize the importance of understanding your purpose and persona on social media, as well as being mindful of privacy concerns and the information you share. We also explore the different platforms and their audiences, the role of encryption in protecting your data, and the need to review and adjust your settings for security and privacy.
Chapters:00:00 Introduction and Background02:52 Privacy Concerns and Mindful Sharing07:03 Compliance and Representing Your Company13:17 Choosing the Right Platforms19:20 Reviewing and Adjusting Settings26:15 Data Protection and Encryption31:04 Conclusion
Tuesday Oct 08, 2024
E19 - AI in Brand and Content Development
Tuesday Oct 08, 2024
Tuesday Oct 08, 2024
In this episode, we welcome Mark Adams, a creative director, discussing the intersection of AI and branding. We explore how AI can enhance creative processes while emphasizing the importance of maintaining authenticity and a human touch in branding. The conversation delves into the challenges of creating secure brand identities in a digital age, the nuances of effective communication, and the potential pitfalls of over-reliance on AI in creative endeavors. Socialize with Mark on Threads (https://www.threads.net/@markapolooza), LinkedIn (https://www.linkedin.com/in/mergingdesign), and his website (markadamscreative.com)00:00 Introduction 03:28 AI in Creative Circles 09:35 Maintaining Authenticity in Brand Messaging 13:29 Creating a Unique and Properly Branded Logo 18:30 AI as a Tool for Idea Generation and Acceleration 20:21 The Importance of the Human Element in Brand Communication 28:55 The Fight for Privacy vs. the Fight for Security 30:28 Conclusion and Contact Information 31:18 Reflections 34:50 Outro
Tuesday Oct 01, 2024
E018 - Building Cyber Resiliency with Layers of Protection
Tuesday Oct 01, 2024
Tuesday Oct 01, 2024
In this episode, Brian and Milou discuss the concept of layers of security and the importance of implementing multiple layers of security controls. They explore the physical, logical, and backup layers of security and how they contribute to overall cybersecurity resilience. They also touch on the challenges of implementing zero trust and the need for continuous improvement and monitoring in security strategies.Chapters00:00 Introduction and Overview02:20 Physical Security Controls07:23 Logical Security Controls17:05 Backup Security and Cyber Resiliency19:54 Challenges of Implementing Zero Trust27:34 Continuous Improvement and Monitoring30:57 Conclusion
Tuesday Sep 24, 2024
E017 - The Future of Authentication
Tuesday Sep 24, 2024
Tuesday Sep 24, 2024
This week we're joined by Robert Fowler, Director of Identity and Access Management at Tyson Foods, and discuss the evolution of authentication methods, the importance of security in the digital age, and the future of identity management. He emphasizes the shift towards passwordless authentication, the role of biometrics, and the potential of emerging technologies like quantum computing and brainwave authentication. Find Robert Fowler on LinkedIn: https://www.linkedin.com/in/robert-j-fowler/Osaka University brain wave research: https://resou.osaka-u.ac.jp/en/research/2022/20220318_2 Chapters00:00 Introduction and Overview04:32 Introduction and Background05:52 The Current State of the Industry07:59 Authentication Recommendations10:22 Finding the Right Level of Authentication14:36 The Future of Authentication22:30 Implantable Technology26:30 Quantum Authentication29:59 Other Futuristic Authentication Methods32:13 The Fight For Privacy vs. Security Question33:55 Robert's Parting Thoughts and Contact Info36:04 Reflections40:49 Outro