Socializing Security

In this episode, AJ Nash, founder of Unspoken Security, discusses the challenges and rewards of podcasting in the security space. He emphasizes the importance of authenticity in conversations about security, the need to break the taboo surrounding these discussions, and the generational shift in attitudes towards privacy and security. The conversation also touches on the role of ignorance in security awareness and the challenges of personal security practices. AJ shares insights on creating safe spaces for dialogue and the importance of community in enhancing security awareness.Connect with AJ: https://www.unspokensecurity.com/https://www.linkedin.com/in/nashaj Chapters00:00 Introduction to AJ Nash and Unspoken Security Podcast00:37 Introduction to AJ Nash03:45 Podcasting About the Unspoken Parts of Cybersecurity08:18 Making Security More Approachable14:07 Breaking the Taboo: Why Security Topics Remain Unspoken19:23 The Challenge of Acknowledging Ignorance32:20 The State of Privacy in a Digital Age38:15 Reflections41:25 Outro

In this episode of Socializing Security, Milou and Brian discuss the complexities of job searching during the holiday season, sharing personal experiences with layoffs and the evolving job market in the technology industry. They explore the impact of freelancing and consulting as alternative income sources, the importance of financial planning for job security, and the value of building a supportive network during transitions. The conversation emphasizes lessons learned from their experiences and offers insights for navigating the current job landscape. Chapters00:00 Navigating Job Market Challenges During the Holidays03:03 Personal Experiences with Layoffs and Job Searches05:48 The Impact of Freelancing and Consulting09:04 Financial Planning and Job Security12:09 Building a Supportive Network During Job Transitions14:51 Lessons Learned and Moving Forward21:02 Navigating Job Search Challenges24:25 The Importance of Networking27:13 Effective Job Posting Strategies29:33 Leveraging Social Media for Job Search32:51 Building a Personal Brand35:14 Utilizing Diverse Platforms for Job Opportunities38:33 The Value of Informational Interviews

In this episode of Socializing Security, Milou and Brian discuss various cybersecurity frameworks, their applications, and the importance of compliance in building effective information security programs. They explore the NIST Cybersecurity Framework, MITRE frameworks, CIS Critical Security Controls, and compliance standards like SOC 2 and ISO 27001. The conversation emphasizes the need for organizations to adopt a comprehensive approach to cybersecurity that goes beyond mere compliance, focusing on continuous improvement and maturity models to enhance security posture.
Chapters
00:00 Introduction and Context Setting01:34 Exploring Cybersecurity Frameworks09:24 Deep Dive into NIST Cybersecurity Framework12:48 Understanding MITRE Frameworks15:01 CIS Critical Security Controls Overview18:17 Compliance Frameworks: SOC 2 and ISO 2700121:30 Governance and IT Management Frameworks25:35 Industry-Specific Compliance Standards29:51 Maturity Models in Cybersecurity35:49 Conclusion and Future Discussions

In this episode, Amanda Berlin discusses the importance of mental health in the tech industry, particularly within cybersecurity. She shares her journey in founding Mental Health Hackers, a nonprofit organization aimed at providing support and safe spaces for individuals struggling with mental health issues. The conversation explores the challenges faced by tech professionals, the impact of keynote talks on mental health awareness, and the significance of community support. Amanda emphasizes the need for open discussions about mental health, coping strategies, and the balance between privacy and security in the tech world.Links and Resourceshttps://www.mentalhealthhackers.org https://infosecindustry.com/category/podcasts/brakeing-down-security/If you need help, and it’s an emergency, don’t hesitate and call 988. For less severe situations, Mental Health Hackers has a wealth of information here: https://www.mentalhealthhackers.org/resources-and-links/Chapters00:00 Introduction to Amanda Berlin04:39 The Birth of Mental Health Hackers10:36 Expanding Mental Health Conversations in Tech13:08 Helping Others With Mental Health Hackers21:56 Giving People Space for Mental Health28:31 Finding Professional Help32:17 The Fight for Privacy36:24 Reflections41:25 Outro

In this episode, Milou and Brian delve into the concept of cyber resiliency, exploring its definition, importance, and the various components that contribute to a robust cyber resilience program. They discuss the nuances of cyber recovery compared to traditional disaster recovery, the significance of incident response planning, and the role of cyber insurance in mitigating risks. The conversation emphasizes the need for organizations to consider the maturity of their cyber resilience plans, ensuring continuous improvement and adaptation to the ever-evolving cybersecurity landscape. Further reading:- In retrospect: Normal Accidents: https://www.nature.com/articles/477404a- NIST Cybersecurity Framework: https://www.nist.gov/cyberframeworkChapters 00:00 Introduction to Cyber Resiliency 03:14 Understanding Cyber Resilience 08:39 Cyber Resilience vs. Disaster Recovery 14:10 Building a Cyber Resiliency Program 19:47 The Role of Cyber Insurance 23:51 Testing with Tabletop Exercises 26:49 Measuring Maturity of Cyber Resilience 31:13 Outro

In this episode, Brian and Milou talk with David Klee, a database expert, to discuss the often-overlooked topic of database security. They explore the challenges companies face in securing their databases, the impact of cloud technology on security practices, and the importance of a top-down approach to security mandates. David emphasizes the need for organizations to integrate security into their database practices and the ongoing fight for privacy in the digital age.
Continue to socialize with David Klee!https://bsky.app/profile/kleegeek.bsky.socialhttps://www.linkedin.com/in/davidakleedavidklee.netheraflux.com Chapters00:00 Introduction04:22 Common Gaps in Database Security07:06 The Interactions of Databases and Applications12:12 The Impact of Cloud on Database Security15:51 Improving Security From the Top Down22:35 Infrastructure Security for Databases26:57 Privacy vs Security29:44 Conclusion and Final Thoughts

In this episode of Socializing Security, Brian and Milou discuss the importance of community in the tech industry, especially in the context of networking and professional development. They share personal experiences from conferences, the value of building connections, and strategies for engaging with local and online communities. The conversation emphasizes the need for ongoing interaction and the challenges of creating a sustainable community, while also exploring future directions for enhancing listener engagement.Chapters00:00 Navigating the Busy Season03:05 The Importance of Community in Tech05:59 Learning Through Interaction09:12 Building Connections and Friendships12:06 Engaging with Local Communities15:06 Strategies for Networking and Community Building17:53 The Role of Online and In-Person Events21:02 Creating a Sustainable Community24:12 Future Directions for Community Engagement

In this episode, Milou and Brian delve into the issue of privacy, exploring various scenarios that highlight the importance of consumer awareness and data protection. They discuss the alarming findings from Mozilla's analysis of car privacy practices, the implications of government biometric data collection, and the pervasive nature of targeted advertising. The conversation emphasizes the need for individuals to be proactive in understanding and managing their privacy in an increasingly connected world. Chapters 00:00 Introduction 01:31 The Privacy Concerns of Car Manufacturers 11:26 The Collection of Biometric Data by Governments 18:42 The Invasion of Privacy through Targeted Advertising 25:19 Wrapping up 26:05 Conclusion 26:21 Outro

In this episode, Milou and Brian discuss the often-overlooked importance of compliance in the realm of information security. They explore how to build effective compliance programs, the significance of engaging with sales teams, and the various frameworks and standards that organizations should consider. The conversation emphasizes the need for proactive compliance strategies, the challenges of navigating audits, and the importance of continuous improvement as organizations scale. Milou shares her insights on how compliance can be a differentiator in the market and the necessity of celebrating compliance achievements within organizations.00:00 Introduction to Compliance and Its Importance03:01 Building a Successful Compliance Program05:55 Proactive vs Reactive Compliance Strategies08:57 Engaging Sales and Compliance Teams11:54 Common Compliance Frameworks and Standards15:07 Navigating Audit Processes and Findings18:09 Scaling Compliance Programs for Growth20:59 Continuous Improvement in Compliance24:09 Conclusion and Final Thoughts