Cyber Security America-logo

Cyber Security America

Technology Podcasts

On the front lines of technology and business there’s a battle of survival.

Location:

United States

Description:

On the front lines of technology and business there’s a battle of survival.

Language:

English


Episodes

Encore: Zero-Trust Paradigm: Secure Browsing Technology - Conceal.io

10/24/2023
Welcome to the Cyber Security America show, a platform for exploring the dynamic and ever-evolving world of cybersecurity and information technology. In episode 17, we delve deep into the topic of zero trust, a security model that assumes all users, devices, and applications are potentially hostile, and requires strict access controls and verification measures to prevent data breaches. We also discuss the national security situation surrounding Jack Teixeira and its impact on security controls in the future. #cybersecurity #zerotrust #nationalsecurity Our guest for today's episode is Gordon Lawson, CEO of Conceal.io, who brings years of experience and ability in implementing zero trust strategies for some of the largest organizations in the world. Together, we explore the concept of zero trust, its advantages and challenges, and how it differs from traditional security models. We also discuss the future of zero trust and how it's shaping the cybersecurity landscape, including the innovative ConcealBrowse technology that detects, defends, and isolates malicious internet traffic. #zerotrustimplementation Gordon Lawson has over 20 years of experience in the physical and cyber security space, with a focus on SaaS optimization and global enterprise business development. Prior to joining Conceal, he was President at RangeForce, a cyber training platform company, and SVP of Global Sales at Cofense through their $400MM acquisition by BlackRock in 2018. With his background as a U.S. Naval Officer and a graduate of the Air Force Command and Staff College and the Army Airborne School, Gordon offers unique insights into the implementation of zero trust strategies and the future of cybersecurity. #cybersecurityleader #militaryexperience Threat Intel Report: US Intelligence Agencies and international partners from the 5 Eyes alliance have released a report detailing Russia's Snake Malware, a peer-to-peer network that infected multiple devices, including diplomatic missions and NATO areas. The malware was a significant part of the Turla framework used by Russian cyber threat actors and attributed to the Federal Security Service Center 16 and military unit 71330, also known as Berserk bear. The report supplies recommendations for mitigations and scanner technology. Additionally, a cybersecurity firm reported a threat actor trying to extort executives by compromising new hire credentials, showing the need for ongoing monitoring and protection of human elements in cybersecurity. The growing impact of cyberattacks on physical outcomes is also noted. #cybersecuritythreats #malware #5eyesalliance

Duration:01:00:00

Encore Artificial Intelligence: Cyber AI is the new Tesla of Security

10/17/2023
Welcome to our podcast, where we explore the fascinating world of generative AI and its profound impact on various fields. Join us as we delve into the intricate details of different models designed for specific tasks, such as text generation, native speech processing, and image/video generation. We also address the pressing concerns surrounding privacy and security in the realm of AI technologies, including the potential risks of phishing emails and deep fake attacks. #malware #informationsecurity #infosec #windows #cyberattack #ciso (https://www.linkedin.com/in/joshuanicholson/) YouTube Channel: https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg Podcast Home Site: https://www.voiceamerica.com/show/4125 In our discussions on text generation, we thoroughly examine popular models like ChatGPT, Bard, Lama, and Bloom, shedding light on the distinctions between closed-source, open-source, and academic models. Additionally, we emphasize the significance of leveraging open-source models from platforms like Hugging Face, while carefully considering the implications for cybersecurity. Discover how organizations can effectively navigate the use of AI models to protect their data and privacy. In this week's Intelligence report, we highlight notable cyber-attacks, including the insidious Akira ransomware and the successful neutralization of the Snake malware by the FBI. We delve into the details of the recent attack on Bluefield University, ensuring you stay informed on the latest developments in cybersecurity. Follow our insightful discussions on topics like AI, machine learning, and enterprise security, as we unveil the crucial intersections between these fields. The Akira ransomware has ruthlessly targeted and breached the security of 16 companies across diverse industries. Employing an encrypt-and-ransom tactic, they demand exorbitant sums of money from their victims. To intensify the pressure, the gang has created a unique data leaks site with a captivating 1980s retro aesthetic. Visitors to the site must navigate using console commands, adding an intriguing dimension to their illicit activities. The leaked data ranges from sizes as small as 5.9 GB to a staggering 259 gigabytes. Ransom demands vary from $200,000 to multimillion-dollar figures, with provisions for lower amounts if the target companies solely wish to prevent the leak of their stolen data. We also revisit the multinational operations that successfully neutralized the Snake malware, a highly sophisticated cyber espionage tool developed by Russia's Federal Security Service (FSB), known as Turla. This covert P2P network of infected computers spanned across 50 countries and targeted government research networks, research facilities, journalists, small businesses, media organizations, and critical infrastructure segments within the United States. #GenerativeAI #PrivacyConcerns #Cybersecurity #AIModels #Ransomware #Malware #FBI #Snake #Podcast #Tech #CybersecurityAwareness

Duration:01:00:00

Encore Cloud Security: AWS Essentials, Challenges, Best Practices

10/5/2023
Welcome to another episode of Cyber Security America with your host, Joshua Nicholson (https://www.linkedin.com/in/joshuanicholson/). In this episode, we delve into the world of cloud computing and its impact on cybersecurity. We explore the major cloud platforms such as AWS, Azure, and GCP, along with their deployment and service models. Discover the benefits of cloud computing, including Infrastructure as a Service (IAAS), Platform as a Service (PAAS), and Software as a Service (SAAS). Podcast Home Site: (https://www.voiceamerica.com/show/4125), YouTube Channel: (https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg) We also tackle the characteristics of cloud computing, including on-demand self-service, broad network access, resource pooling, rapid elasticity, measured service, virtualization, service-oriented architecture (SOA), grid computing, and utility computing. Gain insights into how these characteristics shape the cloud security landscape. This week's Intel briefing covers two critical vulnerabilities: CVE-2023-28771 affecting week's ZyWALL/USG series firmware and CVE-202-2868, a remote command injection vulnerability resulting from incomplete input validation of user-specified dot tar files. Furthermore, we dive into the fascinating topic of conducting Incident Response (IR) in the cloud versus on-premises. Explore the six major differences between these environments and understand the unique challenges and considerations for cloud-based IR. Joining us as our special guest is Martin Brough (Senior Manager of Cyber Defense Operations @ ARM semiconductors). He is a seasoned information security professional with over 20 years of experience. Martin's expertise spans various domains, including secure communications systems, email security, malware analysis, SIEM system logging, and cloud-based threat hunting. He is particularly well-versed in the field of Incident Response, with extensive knowledge in security design, training, and detection and response playbook writing. Martin has shared his insights at renowned conferences such as Def Con, Blackhat, and DerbyCon, and he has contributed to notable security publications like PenTest Magazine and Cyber Defense Magazine. Tune in as we explore the intricate world of cloud computing and its impact on cybersecurity. Stay informed and gain valuable insights on how to secure your cloud infrastructure effectively. This episode is a must-listen for both security professionals and enthusiasts alike. Remember to subscribe to Cyber Security America for more captivating discussions on the latest trends and challenges in the ever-evolving world of cybersecurity. Sponsored by (www.deepseas.com) #CyberSecurity #CloudComputing #AWS #Azure #GCP #IAAS #PAAS #SAAS #CloudSecurity #Virtualization #SOA #GridComputing #UtilityComputing #IncidentResponse #CloudIR #OnPremiseIR #InformationSecurity #Podcast #CyberSecurityAmerica #CybersecurityPodcast #DeepSeasSponsor

Duration:01:00:00

Cybersecurity Training: A 101st Airborne Veteran's Journey

9/27/2023
In episode 29, host Joshua Nicholson welcomes Dennis Kraft, a Penn State graduate and former United States Army Captain who served with the 101st Airborne Division Air Assault in Afghanistan from 2010 to 2011. After his military service, Dennis transitioned to a career in cybersecurity, working for the Department of Veterans Affairs, the Department of Homeland Security, and private companies. He later founded Cyberkraft in 2019 with the mission of bridging the cybersecurity skills gap through elite training courses. Dennis discusses his mission at Cyberkraft, which is to help individuals obtain cybersecurity certifications to advance their careers and fill the growing cyber skills gap. He emphasizes the importance of hands-on training and mentorship, drawing parallels between military training and cybersecurity education. The conversation touches on open source tools versus commercial products, the need for foundational networking knowledge, and the challenges faced by those entering the cybersecurity field. The episode highlights the importance of investing in cybersecurity training and mentorship to prepare professionals for the ever-evolving field of cybersecurity. Dennis also mentions Cyberkraft's competitive pricing, financing options, and veteran discounts for their training programs, emphasizing their commitment to making quality training accessible. The podcast offers insights into the challenges and opportunities in the cybersecurity industry and the value of continuous learning and mentorship. The text discusses the challenges faced by a student in a self-paced entry-level course and suggests that instructor-led training might have been more suitable. The conversation highlights the importance of tailoring teaching methods to individual learning styles and mentions the incorporation of the VARC model (Visual, Audio, Reading, Writing, Kinesthetic) into courses to accommodate different learning preferences. The company, founded in 2019, specializes in cybersecurity training and emphasizes both passing certifications and gaining practical, real-world skills. The text also touches on the use of live labs and hands-on exercises, as well as the importance of understanding the thinking behind complex exam questions. Finally, it briefly discusses cloud certifications like CompTIA Cloud+ and CASP+ as well as the potential alignment of certifications with specific job roles

Duration:01:00:00

Securing E-Learning in a New World: Spoilage & Deepfakes

9/19/2023
Welcome to episode 28 of the Cyber Security America podcast with your host Joshua R. Nicholson (https://www.linkedin.com/in/joshuanicholson/). He is excited to welcome Dayle Alsbury (https://www.linkedin.com/in/daylealsbury/), a distinguished cybersecurity expert with over two decades of experience in information security. Dayle has led diverse global teams, delivering innovative security solutions across highly regulated industries like education, healthcare, finance, banking, and energy. Currently serving as the CISO at Litmos, he plays a pivotal role in securely providing eLearning solutions and integrated Learning Management services to more than 20 million individuals in 150 countries. Before joining Litmos, Dayle spearheaded the cybersecurity program at Stride Learning, implementing an exceptional cybersecurity recovery and transformation roadmap that resulted in a remarkable 90% increase in NIST maturity within just 24 months. Prior to that, he held instrumental roles at Blue Cross Blue Shield of Louisiana, driving security innovation, risk reduction, cloud and mobile adoption, and cost-effective cybersecurity management. Dayle's expertise extends beyond a single organization; he also serves as a virtual or fractional CISO and strategy advisor to numerous organizations facing unique cybersecurity challenges. Over the past two decades, he has made substantial contributions to cybersecurity and IT leadership in small organizations and startups spanning various sectors. Beyond his corporate roles, Dayle is an IT regulatory compliance expert and mentor, offering valuable guidance to innovative organizations and professionals. He has also served as an Executive Member of the Blue Cross Information Security Advisory Committee, providing national-level thought leadership to Blue Cross organizations. His expertise further extends to collaborating on cyber skills training and competitions projects and sharing insights with renowned organizations such as CNN, NBC, Time Magazine, Gartner, Radio America, WWL Radio, and many others. In this podcast episode, Dayle and Josh delve into several critical cybersecurity challenges and captivating stories from the trenches: - Deep Fakes: We'll discuss the growing concern of deep fakes and their potential consequences, including incidents like the Ukraine war deep fake video of Putin. - Security Tool Pollution in the SOC: We'll explore the challenges associated with security tool proliferation in Security Operations Centers (SOCs) and strategies to maintain efficiency. - Spoilage & Deep Fakes: Dayle will share stories related to spoilage and deep fakes, highlighting real-world examples and their impact on security. Join us in this insightful audio podcast episode as we navigate the evolving landscape of cybersecurity, Cyber Security America video podcast located (https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg)

Duration:01:00:00

Measuring Cybersecurity Risks: The Relevance of GRC

9/12/2023
Welcome to our latest podcast episode (Episode 27), where Joshua R. Nicholson (https://www.linkedin.com/in/joshuanicholson/) embarks on an insightful journey through the dynamic world of #cybersecurity. Our distinguished guest, Joshua Copeland, brings his battle-tested expertise and extensive experience to the forefront. As the Director of Cyber at AT&T, Joshua plays a pivotal role in shaping security solutions for State, Local, Tribal, and Territory (SLTT) entities. In this episode, our two Josh's delve into the critical role of Governance, Risk, & Compliance (GRC) in navigating the cyber landscape. Joshua Copeland provides valuable insights into how GRC serves as a compass, guiding organizations to make informed decisions about where to invest their resources. GRC helps identify vulnerabilities, weaknesses, and risks, providing a roadmap for strategic investments in cybersecurity. Youtube video podcast (https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg) As Joshua Copeland aptly puts it, GRC helps quantify and understand the true nature of risks. Without this understanding, organizations may find themselves merely throwing money at the latest cybersecurity tools and gadgets. While cool toys and cutting-edge technology are appealing, they must align with an organization's unique risk profile and vulnerabilities. To effectively mitigate risks, organizations need to intrinsically comprehend their risks, their potential impacts, and the available mitigation strategies. This understanding enables them to select the right cybersecurity solutions tailored to their specific requirements. It's not always about having the most expensive Ferrari; it's about having the right tool for the right job, efficiently addressing the identified risks. But our episode doesn't stop there. Before we delve into Joshua's invaluable insights, we dissect the events of August 2023's Patch Tuesday from Microsoft. This episode explores the two zero-day vulnerabilities and a staggering 87 flaws addressed during that release. As we eagerly anticipate September's Patch Tuesday, we reflect on Microsoft's handling of these vulnerabilities, including the intriguing fact that only six were rated as critical. Our discussion extends to major updates from other industry players, including Adobe's security updates for Microsoft Acrobat Reader, AMD's security enhancements for new hardware, and Cisco's necessary security updates for their VPNs due to ongoing vulnerabilities exploitation. Join us for a thought-provoking discussion with Joshua Copeland, touching on cybersecurity insights, hiring practices, leadership, and pathways into the field. Discover how Joshua, an adjunct professor at Tulane University, teaches cybercrime and cyber leadership. #cybersecurity #grc #informationsecurity

Duration:01:00:00

Operational Threat Intelligence: How does that work?

8/30/2023
Welcome to the 26th episode of How do you managed an operational threat intelligence program? In this installment, Joshua Nicholson (https://www.linkedin.com/in/joshuanicholson/) traverses the realms of business, technology, and those often-unnoticed opportunities that slip through the cracks. Today, our spotlight turns towards a paramount facet that frequently resides in the shadows: Threat Intelligence management. While the realm of Business Intelligence has flourished over decades, employing cutting-edge tools to unveil hidden insights within data, Threat Intelligence has seldom basked in the limelight of decision-making. But why does this crucial component remain relegated to the background? Join us on a journey to unearth the untapped potential and overlooked dimensions of Threat Intelligence. Our host engages in an intriguing dialogue with the distinguished Mr. Brian Mohr, an industry expert who illuminates the striking parallels between Business Intelligence and Threat Intelligence. Despite the availability of advanced technologies, Threat Intelligence remains an underrecognized powerhouse, yearning for its rightful acknowledgment. This episode (https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg). imparts the understanding that tools and technology wield great power, yet their impact rests on those who wield them. The conversation underscores the vital role of a Threat Intelligence analyst—a counterpart to a Business Analyst in the realm of threats. Just as a Business Analyst deciphers intricate data for informed decisions, a Threat Intelligence analyst decrypts threats and vulnerabilities, propelling proactive strategies. Our esteemed guest regales us with captivating anecdotes from workshops, where Intelligence teams dissect a corporation's 10-K statement—a goldmine of insights into a company's risks and pursuits. This reveals that Threat Intelligence isn't a distant relation; it's a sibling with its own unique challenges. Join us in dispelling the misconceptions around Threat Intelligence and discovering its potential to revolutionize decision-making. The time has come to honor a discipline that, like Business Intelligence, holds the key to well-informed choices. Tune in to episode 26, as overlooking Threat Intelligence is a regrettable oversight. Our guest today is Brian (https://www.linkedin.com/in/brianvmohr/), co-founder of Reqfast (www.reqfast.com), a program management platform tailored for intelligence and investigative teams. With over two decades in intelligence and security, Brian's journey began in the Marines, specializing in Counterintelligence/Human Intelligence. Transitioning to a financial services company, he implemented threat intelligence workflows. Brian ventured into an intelligence provider, creating workshops and understanding both sides of the threat intelligence relationship. Holding an MS in Cybersecurity, an MBA, and even an Associate of Arts in Chinese Mandari

Duration:01:00:00

Cybersecurity in the Middle East: Operations Challenges & Threats

8/22/2023
Welcome to Episode 25 of the podcast, where we dive deep into the intriguing world of cybersecurity in the Middle East. In this installment, we're exploring the unique operational challenges faced by foreign companies operating in the region. Join us as we uncover the threats, risks, and intricate dynamics of this operating environment. Building upon our earlier discussion about the Volt Typhoon incident in May, we're shedding light on the intensified scrutiny surrounding Chinese threat activities. These activities are closely tied to the escalating tensions between China and Taiwan, fueling the urgency to analyze such threats. As the podcast unfolds, we venture into the burgeoning landscape of hyperscale presence within the Middle East. The discussion explores the establishment of data centers by tech giants like Google, Oracle, Azure, and Alibaba in countries such as Saudi Arabia, UAE, and Qatar. We uncover the motivations behind this rapid growth and the regulatory push to ensure data sovereignty, compliance, and job creation. Our guest for this episode, Camille Tamimi (https://www.linkedin.com/in/kameltamimi/), an esteemed cybersecurity professional with over two decades of experience, joins us from Dubai, the heart of Middle East cybersecurity and technological advancements. Camille brings a wealth of knowledge and insights into the regional digital transformation and modernization efforts. Threat Intelligence takes center stage as we delve into recent developments. ChatGPT's use in refining Arabic phishing attacks, the alarming employment of the 'Evil Proxy' technique to target VIPs and bypass MFA, and the activities of Threat Actor Storm0558, responsible for compromising O365 accounts at high-profile government entities, are just some of the eye-opening topics we'll explore. The global stage also comes into play, with Russian and Chinese naval exercises around Alaska raising concerns. We're thrilled to be joined by Kamel Tamimi, a seasoned professional with deep expertise and insights into the cybersecurity landscape of the Middle East. With a background spanning sales, engineering, and leadership roles, Kamel's presence adds invaluable depth to our discussion. Tune in to gain an in-depth understanding of the cybersecurity challenges, triumphs, and intricacies that define the Middle Eastern cybersecurity realm. Thank you for joining us on this illuminating journey into the heart of digital defense and transformation. To stay updated on the latest episodes of Cyber Security America, visit the Cyber Security America YouTube Channel (https://www.voiceamerica.com/show/4125) and subscribe to the Cyber Security America Apple Podcast (https://podcasts.apple.com/us/podcast/cyber-security-america/id1668216285). Connect with Joshua Nicholson on LinkedIn (https://www.linkedin.com/in/joshuanicholson/) #Cybersecurity #MiddleEast #Threats #DataSovereignty #TechAdvancements #DigitalTransformation #PodcastEpisode #ForeignOperations

Duration:01:00:00

Managed Services: DeepSeas' Breakthrough in MDR+ Capabilities

8/15/2023
Welcome to **Cyber Security America**, your ultimate hub for all things cybersecurity in the digital era. I'm your host, Joshua Nicholson (https://www.linkedin.com/in/joshuanicholson/), and today we're delving deep into the realm of cutting-edge cyber security managed and consulting services. Get ready to uncover groundbreaking strategies that are reshaping the way we combat digital threats. Our spotlight shines on Pat Joyce (https://www.linkedin.com/in/pjoyce/), a seasoned veteran in the cyber world with an impressive two-decade career. From roles as an enterprise security consultant, a security program leader, to a security product development leader at esteemed organizations like Accenture and Booz Allen Hamilton, Pat now stands as a driving force at DeepSeas (www.deepseas.com). Armed with a B.S. in Management Information Systems from the University of Massachusetts Dartmouth, Pat's insights bring invaluable depth to our discussion. In a landscape where organizations grapple with the intricate challenge of integrating a myriad of security tools from diverse vendors and service providers, Pat unveils a brilliant solution crafted by DeepSeas. As Pat eloquently describes, We typically have environments with multiple products from various vendors, and we strive to integrate them. However, the margins between the management service, tool A, and tool B often harbor significant risks. YouTube Channel: (https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg) Ever wondered how global titans seamlessly weave together an array of security capabilities into their defense strategies? Join us as we embark on a journey through this intricate landscape, exploring how even smaller entities can rise to the challenge without extravagant resources. Pat Joyce sheds light on DeepSeas' pioneering approach that levels the playing field – introducing Managed Detection & Response plus (MDR+). Leveraging their extensive experience gained from reputable enterprises and esteemed consultancies, DeepSeas introduces an avant-garde platform that redefines cyber defense for organizations of all sizes. Pat further elucidates, We've assembled a team of experts who have worked within the largest enterprises and top-tier consultancies, including Fortune 100 companies. Our platform serves to rationalize tools, bringing diverse stakeholders together under one unified platform. DeepSeas stands as more than just a name; it's a symbol of innovation and excellence. With over three decades of delivering premier Managed Cyber Defense Services across five countries, they are at the forefront of the innovative global MDR landscape. Their accolades include Frost & Sullivan's 2022 Frost Radar recognition and being featured in Gartner's MDR Market Guide. Notably, their log aggregation platform secured the prestigious MSP 501 Winner title for two consecutive years.

Duration:01:00:00

Building a Cybersecurity Career: The Journey to CISO, Part II

8/8/2023
Welcome to Episode 23 of Cyber Security America, where we delve deeper into the world of cybersecurity careers in part 2 of our special series, Building a Cybersecurity Career: The Journey to CISO. In this episode, we are honored to host two remarkable guests who have risen to the prestigious position of Chief Information Security Officer (CISO) in the Financial Services industry. Join us as we hear the inspiring stories of Joshua Stabiner and Tom Baxley, two highly skilled and seasoned cybersecurity professionals. Joshua Stabiner is the CISO at General Atlantic in New York City leading the cybersecurity effort, protecting over 84.4 billion in assets under management. He takes us through his incredible journey, starting as a junior Cybersecurity consultant and making his way up to establishing a leading cybersecurity function at Pine River Capital Management. During his impressive 10-year tenure at EY, Josh also led cyber threat management advisory services for esteemed financial sector clients. Now, as the head of cybersecurity efforts at General Atlantic, managing over 84.4 billion in assets, he shares his insights on the critical cybersecurity challenges faced by organizations today. Not only does Josh excel in his role, but he also serves as the Chairman of the FS-ISAC Alternative Investors Council and has been a Cybersecurity Advisory Board Member for Pace University’s Seidenberg School of Computer Science and Information Systems. With a bachelor’s and master’s degree in Computer Science from Dartmouth College and a CISSP certification, his expertise is truly unparalleled (https://www.linkedin.com/in/josh-stabiner/). Our second guest, Tom Baxley, brings his wealth of experience as the Chief Information Security Officer at Balyasny Asset Management (BAM). With a background as the CISO at Pine River Capital Management and as an Information Security Engineer, Tom has a unique perspective on the industry. Before his impressive tenure at Pine River, he honed his skills at Ernst & Young as a Cybersecurity Consultant. Tom holds a Bachelor of Science degree in Information Security and Forensics from Rochester Institute of Technology, adding further credibility to his knowledge (https://www.linkedin.com/in/tbaxley/) Join us as we dive into the minds of these cybersecurity experts and gain invaluable insights for the future. Discover how they tackle some of the most pressing cybersecurity issues in the Financial Services sector and how to prepare yourself for the responsibilities of the role. Whether you're an aspiring CISO or a cybersecurity enthusiast, this episode is packed with invaluable knowledge and tips. And don't forget to engage with us using the following hashtags to join the conversation on the most popular cybersecurity topics: #cybersecurity #CISO #infosec #threatintelligence #vulnerabilitymanagement #securitymonitoring #incidentmanagement #securityengineering #FSISAC #CISSP #GeneralAtlantic #PineRiverCapital #EY #deepseas

Duration:01:00:00

Encore: Ransomware Attacks: Best Practices for Defense & Response

7/25/2023
In the 14th episode of Cyber Security America, we explore one of the most devastating threats that small and large business face today. Ransomware is a form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. In recent years, ransomware incidents have become increasingly prevalent among the Nation’s state, local, tribal, and territorial (SLTT) government entities and critical infrastructure organizations. Ransomware incidents can severely impact business processes and leave organizations without the data they need to operate and deliver mission-critical services. Malicious actors have adjusted their ransomware tactics over time to include pressuring victims for payment by threatening to release stolen data if they refuse to pay and publicly naming and shaming victims as secondary forms of extortion. The monetary value of ransom demands has also increased, with some demands exceeding US $1 million. Ransomware incidents have become more destructive and impactful in nature and scope. Malicious actors engage in lateral movement to target critical data and propagate ransomware across entire networks. These actors also increasingly use tactics, such as deleting system backups, that make restoration and recovery more difficult or infeasible for impacted organizations. The economic and reputational impacts of ransomware incidents, throughout the initial disruption and, at times, extended recovery, have also proven challenging for organizations large and small. From This Ransomware Guide includes two resources: Part 1: Ransomware Prevention Best Practices Part 2: Ransomware Response Checklist • Policy-oriented or technical assessments help organizations understand how they can improve their defenses to avoid ransomware infection: https://www.cisa.gov/cyber-resource-hub Contacts: • SLTT organizations: CyberLiaison_SLTT@cisa.dhs.gov • Private sector organizations: CyberLiaison_Industry@cisa.dhs.gov Ransomware Quick References • Security Primer – Ransomware (MS-ISAC): Outlines opportunistic and strategic ransomware campaigns, common infection vectors, and best practice recommendations: https://www.cisecurity.org/white-papers/security-primer-ransomware/ • Ransomware: Facts, Threats, and Countermeasures (MSISAC): Facts about ransomware, infection vectors, ransomware capabilities, and how to mitigate the risk of ransomware infection: https://www.cisecurity.org/blog/ransomwarefacts- What are the lessons learned on how best to work together to break down the barriers of communications and prioritization. Don't miss this informative episode to learn more about the and its importance in securing your enterprise. Remember to like, subscribe, and turn on notifications for future episodes. Cyber Security America Podcast https://www.voiceamerica.com/show/4125

Duration:01:00:00

Encore Security Operations: Adapting SOC Delivery to Threat Actors

7/18/2023
At the center of your cyber security universe is the Security Operations Center (SOC). This is supposed to be part of your 24/7 Managed Detection & Response (MDR) capability. But how do you know if your security operations team is running in a mature and highly capable manner. This is where the rubber meets the road when identifying and respond to security threats within your environment. What are the different delivery models, lessons learned, and best practices for driving improvements? We will also explore the increasingly sophisticated tactics used by threat actors, including their use of IoT devices to evade detection inside your network and pivot around undetected. Join us as we take our defense strategy to the next level of maturity, exploring what's working and what needs to change to stay ahead of the evolving threat landscape.

Duration:01:00:00

Encore Cyber Supply Risk Management: Defense Strategy Best Practices

7/11/2023
In today's hyper-connected world, no organization can tackle computer threats alone using just their own people, processes, and technology. A successful Chief Information Security Officer (CISO) or Director of Security Operations needs to engage and leverage technology vendors, strategic integrators, and consulting partners to accomplish their mission. That's why we're thrilled to have Mike Johnson, Vice President of Partners & Alliances at DeepSeas, as our expert guest in this episode titled Cyber Supply Risk Management: Defense Strategies for maximized outcomes. Mike brings a unique mix of technical and advisory skills, honed through his experience building successful partner networks at SIEM vendors LogRhythm and Securonix, SaaS GRC provider Pathlock, and now DeepSeas. But first, let's take a look at the latest cyber threats. This week's Cyber Threat Intelligence (CTI) report tracks the active exploitation of PaperCut, a remote code execution (RCE) vulnerability impacting all PaperCut MF or NG versions 8.0 or later (CVE-2023-27350). Additionally, an information disclosure flaw has been found in PaperCut MF or NG versions 15.0 or later (CVE-2023-27351). Reports indicate that the primary exploitation is being done by the ransomware operators of Lockbit and Clop. And if that's not enough, there's a new exploit kit on the block - MacOS Stealer or Atomic Mac OS Dealer (Amos) malware - being sold on Telegram for $1,000 per month. This kit can obtain iCloud Keychain passwords, files from the desktop or documents folder, and can also get the Mac OS password. Don't be caught unprepared - stay up to date with the latest cyber threats and defense strategies. And remember, the material and information presented here is for general information purposes only. Stay Secure and don't forget to Like, Subscribe, Comment, and turn on notifications

Duration:01:00:00

Encore: Thought Leadership: Bruce Schneier on "A Hacker's Mind"

7/4/2023
Welcome to Cyber Security America, the podcast where we delve deep into the world of cybersecurity and provide insights on past trends, current challenges, and areas for improvement. Our goal is to help you stay informed and prepared for the next cyber threat. In this episode, we have a very special guest, Bruce Schneier, an internationally renowned security technologist, known as a security guru by The Economist. With over a dozen books and hundreds of articles and academic papers under his belt, Bruce is a true legend in the information security field. He's also the author of the latest book, A Hacker's Mind, where he takes hacking out of the world of computing and uses it to analyze the systems that underpin our society. During our conversation, Bruce provides us with valuable insights on the current state of cybersecurity. He discusses the impact of coordinated takedowns by federal forces on ransomware actors, and how less payment transactions on the blockchain related to ransomware actors is a promising sign. He also highlights an emerging threat, Black Lotus, and shares his thoughts on how artificial intelligence thinking like a hacker could be catastrophic. This episode is packed with expert tips and lessons learned. So tune in now to Cyber Security America and join the conversation. Don't forget to check out our website, DeepSeas, for more information on cybersecurity. You can also follow Bruce Schneier on Twitter at @schneierblog for more updates and insights on cybersecurity thought leadership. https://www.linkedin.com/in/joshuanicholson/ https://twitter.com/nicholsonj7111

Duration:01:00:00

Cybersecurity Solutions: Innovative cutting edge problem-solving

6/27/2023
Welcome to today's episode! In contrast to our previous discussions on #artificialintelligence, #cloudsecurity, and #burnout, we are taking a different approach today. We have the pleasure of hosting two remarkable CEOs from cybersecurity technology companies. These individuals are at the forefront of driving innovative solutions to tackle the most complex cybersecurity challenges. With their extensive industry knowledge and proven track records, they have successfully developed applications and services that promote innovation, mitigate risks, and enable modern enterprises to thrive in this ever-changing landscape of cyber threats. To add more value, we have invited our esteemed guests to shed light on the top five crucial aspects that the CISO community should be aware of. Their insights will help us gain a deeper understanding of these critical issues. Joining us today are Chris Lehman and Chris Freedman, who will share their expertise and perspectives on this compelling subject. So, let's dive in and explore the valuable insights they bring to the table. Chris Lehman is the Chief Executive Officer (CEO) of SafeGuard Cyber. Chris is a seasoned senior executive with more than 20 years of experience working for some of the highest growth and most successful technology companies in the world. Most recently, Chris was the Chief Revenue Officer (CRO) for ExtraHop, where over four years, he helped lead their transformation into #CyberSecurity's leading Enterprise Network Detection and Response (NDR) company. During Chris' time at ExtraHop, he was responsible for all Go-to-Market functions, and they grew their ARR over 700%, culminating in the successful sale of the business to Bain Capital and Crosspoint Ventures. Prior to ExtraHop, Chris held senior leadership positions at FireEye, Salesforce.com, EMC, and Documentum. Chris holds a BA in Communications with a minor in Business Administration from the Pennsylvania State University. #cybersecurityexpert Chris Freedman is a highly accomplished business leader with a diverse background in diplomacy, business, and philanthropy. Chris began his career serving as a diplomat with the Atlantic Treaty Association and founding a regional real-estate development firm. He continued his career by founding and managing various corporations in the U.S., including MyBenefitsLab, a national online provider of diagnostic testing with the nation's largest laboratories and national physician's network. In 2016, Chris co-founded OnDefend, an international #cybersecurity firm, where he currently serves as the CEO. Civically, Chris has also served several charitable organizations, including Best Buddies Jacksonville and the American Red Cross of Northeast Florida. Chris graduated with the highest honors from the University of Florida. #businessleadership In recent news, the U.S. Cybersecurity and Infrastructure Security Agency has added a batch of six flaws to its Known Exploited Vulnerabilities (KEV) catalog,

Duration:01:00:00

Artificial Intelligence: Automating SOC Workflows - Salem Cyber

6/20/2023
Welcome to the Cybersecurity America Podcast! In episode 21, we have an exciting lineup of topics that cover critical insights from the DeepSeas (https://www.deepseas.com/learn/) Cyber Threat Intelligence (CTI) desk and the latest in cybersecurity innovation with Salem Cyber. Prepare for an informative and engaging discussion! #malware #informationsecurity #infosec #windows #cyberattack #ciso Host, Joshua R Nicholson (https://www.linkedin.com/in/joshuanicholson/) YouTube Channel: (https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg) Podcast Home Site: (https://www.voiceamerica.com/show/4125) In the first part of the episode, we bring you crucial insights on the recent MOVEit managed file transfer vulnerability, now identified as CVE-2023-34362. Learn about how threat actors exploited this vulnerability in Progress' MoveIt software as early as May 27th. Taking advantage of the Memorial Day weekend and limited staffing, they conducted scans and extracted files from multiple organizations. We delve into the tactics employed by threat actors, including the targeting of widely-used software and exploiting holidays when staffing is low. Microsoft and Mandiant have identified clap ransomware as the primary threat actor behind these attacks. What sets this incident apart is that clap ransomware instructed affected organizations to reach out and contact them instead of the usual extortion email. This unexpected approach raises questions about their motivations and capacity to handle a large cache of information. The second part of the episode shifts focus to cybersecurity innovation. We're joined by John Bagg, the co-founder and CEO of Salem Cyber, an AI cybersecurity startup. With over a decade of experience, John shares his expertise in implementing cyber technology and threat detection programs for top commercial organizations. He introduces us to their flagship technology, the Virtual Cyber Analyst, which addresses the challenge of alert overload faced by cybersecurity experts. By leveraging AI capabilities, organizations can prioritize alerts and empower their analysts to focus on critical matters. This episode highlights the significance of reducing attack surfaces, implementing robust monitoring systems, and having a well-defined playbook for incident response. We delve into crucial questions you need to ask within your cyber fusion center or IT department to enhance your cybersecurity measures. Join us for this thought-provoking discussion as we navigate the landscape of cybersecurity, starting with the MOVEit vulnerability incident and moving on to the innovative solutions offered by Salem Cyber. Stay tuned for valuable insights and updates on the latest trends in the field. #Cybersecurity #ThreatIntelligence #DataBreach #Ransomware #AttackSurfaceReduction #IncidentResponse #Innovation #AI #Startup #ThreatDetection #AlertFatigue #AnomalyDetection #SalemCyber #CVE-2023-34362

Duration:01:00:00

Cybersecurity Burn-Out: How to sustain high performing teams?

5/30/2023
There is no doubt that corporate America and our Nation is in desperate need of #cybersecurity analysts and engineers to protect critical infrastructure. For most of the shows on the #CyberSecurityAmerica podcast, we focus on tactical areas of knowledge in order upskill security practitioners in management and executive #leadership. In this episode, we are taking on the sticky subject of mental fatigue and burnout on the job. We have all experienced it at one time or another. We get to a point of mental exhaustion and our well-being and health starts to slip. The stress builds up and we may find external chemical-based mood enhancers such as alcohol or drugs to address the stress, we started fighting with loved ones, friends, and co-workers, which could lead to us making bad employment decisions. In this episode, Chloé talks about what she feels is the greatest stress accelerator which is the number 1 cause of burn-out - poor leadership. Our guest today is Chloé Messdaghi, an accomplished security executive, CEO & Founder of Global Secure Partners, known for advising and developing solutions that have improved security teams and the industry. A sought-after public speaker and trusted source for national and sector reporters, her work has been featured in numerous outlets, and she has been recognized as a Power Player in #Cybersecurity by Business Insider and SC Media. Chloé is also dedicated to various charitable causes, demonstrating her commitment to driving positive change. This week's Intelligence briefing (www.deepseas.com) focusing on Nation State activities related to Operational Technology (OT) and ICS SCADA systems. The first one was a piece of malware that was discovered as Cosmic Energy by Mandiant and an implant from China named Volt Typhoon. Volt is another OT technology implant used primarily for espionage. #malware #informationsecurity #infosec #windows #cyberattack #ciso (https://www.linkedin.com/in/joshuanicholson/) YouTube Channel: https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg Podcast Home Site: https://www.voiceamerica.com/show/4125 Disclaimer: - This podcast is for informational purposes only and should not be considered legal or professional advice. - We are not responsible for any losses, damages, or liabilities that may arise from the use of this podcast. - This podcast is not intended to replace professional technology advice. - The views expressed in this podcast may not be those of the host or the management.

Duration:01:00:00

Encore Cyber Security Governance: Big Shift at SEC & CISA

5/23/2023
Welcome to the latest episode of Cyber Security America, hosted by Joshua Nicholson. In this episode, Joshua welcomes Chris Hetner, a highly respected cybersecurity executive and leader, as their special guest. With his extensive background in both the public and private sectors, Chris has gained valuable experience in developing and implementing cybersecurity programs, particularly in government, financial, and regulatory agencies. His expertise lies in elevating cyber risk awareness at the corporate board level and aligning robust cybersecurity strategies with business objectives. During this episode, listeners will have the opportunity to gain insights from Chris as he shares his perspectives on the current state of the cybersecurity industry. He will delve into the anticipated impacts of the SEC rule change and discuss the challenges faced by businesses in today's landscape. Additionally, Chris will provide valuable tips on how organizations can stay ahead in the ongoing Cyber War. Make sure to tune in to the VoiceAmerica Business Channel every Tuesday at 9 AM Pacific, 12 Noon Eastern to catch this informative episode. Join the conversation with Chris Hetner and host Joshua Nicholson as they explore the dynamic world of cybersecurity. About Chris Hetner: Chris Hetner is a distinguished senior executive, board director, and a prominent figure in the field of cybersecurity. With his focus on elevating cyber risk awareness at the corporate board level, Chris safeguards industries, infrastructures, and economies. He excels in aligning robust cybersecurity strategies with business objectives, ensuring operational resilience. Chris's extensive experience in both the public and private sectors provides him with valuable insights into corporate governance, SEC regulatory compliance, and investor oversight. Currently, Chris serves on the board of directors for PE Fund TCIG and acts as a Senior Advisor for the Chertoff Group. He is also the Special Advisor for Cyber Risk for the NACD, Chair of Cybersecurity and Privacy for the NASDAQ Center for Board Excellence, and a National Board Member of the Society of Hispanic Professional Engineers. Previously, he held prominent positions such as Senior Cybersecurity Advisor to the Chair of the United States Securities and Exchange Commission and Head of Cybersecurity for the Office of Compliance Inspections and Examination at the SEC. To stay updated on the latest episodes of Cyber Security America, visit the Cyber Security America YouTube Channel (https://www.voiceamerica.com/show/4125) and subscribe to the Cyber Security America Apple Podcast (https://podcasts.apple.com/us/podcast/cyber-security-america/id1668216285). Connect with Joshua Nicholson on LinkedIn (https://www.linkedin.com/in/joshuanicholson/) and Chris Hetner on LinkedIn (https://www.linkedin.com/in/christopher-hetner-7969758/). Join the conversation using the following hashtags: #cybersecurity #CISO #infosec #SEC

Duration:01:00:00

Cyber Security Jobs: Demystifying the Various Roles

5/9/2023
Welcome to the Cyber Security America Show, where we dive into the sea of complex technologies and provide real-world context to the world of Cyber Security and Information Technology. In episode 16, we explore the various jobs and roles within the industry, including penetration testers, vulnerability managers, detection analysts, threat hunters, Cloud Security Architects/Engineers, Cyber Security mentorship resources, and Incident Response (IR). Our Threat Intelligence briefing covers the Apple Rapid Response situation, where lack of proper and honest communication caused unnecessary mistrust. We also discuss the latest Ransomware attack against the City of Dallas, U.S. Cyber Teams, and the upcoming International Cyber Competition in San Diego later this year. Our guest for this episode is Steve Cobb, CISO for Security Scorecard, who brings over 30 years of leadership and consulting experience involving IT infrastructure, cybersecurity, incident response, and cyber threat intelligence. Steve is passionate about sharing his knowledge and experience with others through mentorship and training and is a coach for the US Cyber Team. Don't miss out on the US Cyber Games, North Carolina Cyber Academy, Black Hills Training, and Chris Saunders Training. Register now and take the next step in your Cyber Security journey. US Cyber Games - https://www.uscybergames.com/ North Carolina Cyber Academy - https://www.myncca.com/ Black Hills Training - https://www.antisyphontraining.com/ Chris Saunders Training - https://www.networkdefense.co/courses/ - Investigation Theory Join us on this informative episode and stay up to date with the latest Cyber Security news and trends. Follow us on social media and use the hashtags #CyberSecurityAmericaShow #CyberSecurity #InformationTechnology #ThreatIntelligence #USCyberGames #NorthCarolinaCyberAcademy #BlackHillsTraining #ciso #ChrisSaundersTraining to stay connected.

Duration:01:00:00

Breaking Down CISO Communication Barriers Between CIO and Board

4/18/2023
Don't forget to like, subscribe, and turn on notifications for future episodes. Welcome to the 13th episode of Cyber Security America, where we delve into the challenges and issues related to managing up and cultivating the complex relationship between the Chief Information Officer (CIO), Chief Information Security Officer (CISO), and the Board of Directors. Effective identification and mitigation of systemic corporate risk toward technology crown jewels and assets are crucial for the success or failure of a company's Cyber Security program. In this episode, we explore the lessons learned on how to work together to break down the barriers of communication and prioritization. Join us for this informative episode to learn more about this critical issue and its importance in securing your enterprise. Our guest speaker for this episode is George Tsantes, a renowned Cybersecurity expert with over 40 years of experience in delivering innovative solutions and securing enterprises across industries. He is the co-founder and CEO of CYBERPHOS, a Software as a Service (SAAS) focused on improving cybersecurity risk governance. He also operates GT3 Consulting, a boutique consultancy that helps clients across a wide spectrum of industries understand and manage their cybersecurity risk. During his career, Mr. Tsantes was a Principle at EY where he led the firm’s cybersecurity practice for the Financial Services Office (FSO) and advised many of EY’s key clients across a wide range of cyber topics and projects. He was also Executive Vice President and Chief Technology Officer of Intersections, Inc., and a Partner at Accenture, a global management consulting and technology services company. He is the co-author of Cybertax, Managing the Risks and Results and a frequent speaker at corporate and industry events. As part of this episode, we will also be discussing the latest Cybersecurity threats, including CVE-2023-21554 rated as a 9.8 CVSS score, a RCE vulnerability involving Microsoft Message Querying Services, and CVE-2023-28528252, an out of bound write vulnerability in Microsoft Windows that is being exploited by the Ransomware group known as Noco Ywa. Additionally, research shows that over 360,000 IP addresses are exposing Microsoft MSMQ services over the Internet via TCP port 1801, and the Lockbit 3.0 attack strikes again. Join us for an insightful discussion on Executive Development and how to avoid the CISO, CIO, and Board Communications chasm. Follow us on Cyber Security America Podcast https://www.youtube.com/@cybersecurityamerica_show/featured #cybersecurity #CISO #infosec #Iinformationsecurity #riskreduction #threatintelligence #computersecurity

Duration:01:00:00