The Cyber Rants Podcast

This week the guys talk about vCISO challenges from the perspectives of both the vCISOs and their clients. But wait - what does it really mean to be a vCISO? How do you know if a vCISO is right for your organization? Which vCISO is best? You’ll get answers from the guys as they share their vCISO stories and discuss cybersecurity expertise for rent in today's confusing marketplace! 

This week, the guys welcome one of the most interesting figures in cybersecurity! Meet Chris Rock, the hacker and cyber mercenary who can overthrow a government, digitally birth and kill people, and leverage a lot more unique skills he doesn't share with everyone. In addition to founding SIEMonster and being a three time DefCon presenter, Chris has worked across the Middle East, the US, and Asia preventing cyber attacks for both governments and private organizations. This episode is as entertaining as it is eye-opening!

It seems like there is a new cybersecurity regulation popping up every week and with so many changes, it can be hard to keep track. This week the guys explain the Securities and Exchange Commission Rule 10 and the Federal Trade Commission Safeguards Rule. They share who's affected and what these requirements could mean to your organization.

For better or for worse, Artificial Intelligence has been dominating the news. Is it really what people say? What does easy access to AI tools mean for your cybersecurity program? The guys discuss pros, cons, and their opinions on how AI should be utilized in your cyber risk management program. 

Enterprise customers want to work with vendors that are secure and reputable. This week, the guys discuss how smart companies leverage their cybersecurity efforts to increase revenue and gain a competitive edge. Zach, Mike, and Lauro share how they've helped clients gain millions of dollars in new contracts and tips so you can help your company thrive!

This week, the guys celebrate the 100th episode of The Cyber Rants Podcast! They share Silent Sector’s origins as a company and how Cyber Rants was launched out of the desire to improve the cybersecurity industry. They also share a bit about their backgrounds and throw in quite a few rants for good measure. Help us look forward to another 100 episodes by rating and sharing!

We’ve covered various forms of remote penetration testing, so in this episode we get up close and personal. On-site penetration testing has its own benefits, risks, and nuances. This week, the guys discuss activities such as Wireless Network Penetration Testing and Physical Security Assessments that are conducted on-site. This is “the fun stuff” and you don’t want to miss this episode!

This week, the guys discuss network penetration testing which is a critical aspect of cyber risk management. They share how internal and external network pen testing validates the effectiveness of the controls you have in place and helps you find exploitable vulnerabilities before the cyber criminals do. They discuss the differences between Black Box and Grey Box penetration testing, Red Team and Blue Team approaches, the intricacies of internal network pen testing, and compliance considerations.

This week, the guys reach the epic conclusion of the SOC 2 audit preparation series. They finish the Security Trust Services Criteria, discussing Control Categories 7,8, & 9. They also share tips and tricks to succeed with your SOC 2 audit.

This week, the guys return to helping you prepare for your SOC 2 audit. This time, they discuss Control Categories 5 and 6 in the Security Trust Services Criteria. They cover risk management controls and answer the question, "How does hosting in the cloud help with the audit?"