silent-sector-us

The Cyber Rants Podcast

Bringing you cybersecurity insider tips, guidance, news, and rants!

apple-logo-white      podcast-icons-google-podcasts     spotify-podcasts     podcast-iheartradio
May 10, 2021

Episode #28: Moving CISOs from Good to Great - with Ed Escobedo

This week, the guys welcome back Ed Escobedo, former Head of Technology Risk Management for PayPal, CIO of Apollo Education Group, VP for DHL, and Charles Schwab, and currently Silent Sector's Chief Strategy Officer. They share how to bust through the growth roadblocks that Cyber security CISOs hit when improving their Organizational Adoption Methodology. They also share the unique Organizational Adoption Framework and Methodology (TM) that Silent Sector uses to bring established cybersecurity programs to the next level.

Open Episode
May 3, 2021

Episode #27: The Joy of SOC 2 Audits

This week, the guys dive into the rapidly growing topic of SOC 2 Security Audits. The SOC 2 Audit is widely becoming a requirement for B2B technology companies serving large enterprise clients. As both SOC 2 auditors and the guys who help companies prepare for audits, they cover common misconceptions such as the SOC 2 being all about IT security. They talk about the important factors to consider when undergoing the SOC 2 Audit Process for the first time such as scope, timeline, and even auditor selection.
 

Open Episode
April 26, 2021

Episode 26: Defense Contractors and CMMC Requirements

This week, the guys dive into all the "fun" requirements that U.S. Government defense contractors are facing when working with Controlled Unclassified Information (CUI), including the NIST 800-171 Self-Assessment and getting CMMC certificated. Learn about defense contractors CMMC, CMMC requirements, and CMMC Regulations. They share their insights and experience about how organizations align to these requirements and what's involved.

Open Episode
April 19, 2021

Episode #25 - CISO As A Service

Companies are turning to Virtual CISO and CISO as a Service providers for help as cybersecurity requirements continue to grow. Some see CISO as a service value, while others might not consider it important. Is hiring a vCISO always the right option? What are the pros and cons? How do you find a good one? This week the guys answer these common vCISO questions and more.

Open Episode
April 12, 2021

Episode #24 - To Cloud or Not to Cloud?

The "cloud" is arguably one of the most common topics of discussion in technology today, primarily for its cost savings and accessibility benefits. Corporate cloud security can be tricky. However, it's also a hot topic for cybersecurity professionals and not always for the best reasons. This week, the guys discuss cloud considerations for organizations of all sizes, providing recommendations for transitioning to the cloud, the security risks of cloud computing, safely storing information, and avoiding data loss nightmares.

Open Episode
April 5, 2021

Episode #23 - Penetration Testing: What You Need to Know (Part 4)

This week in the final part of our Penetration Test Mini-Series, the guys discuss the realities of automated vs. manual penetration tests and what those terms actually mean. They also talk about timeframes, approaches, and situations that seem to cause some confusion for companies undergoing their first penetration test. The team also gets into Virtual CISO Penetration Testing and the VCISO Pen Testing Requirements.

Open Episode
March 30, 2021

Episode #22 - Penetration Testing: What You Need to Know (Part 3)

This week, the guys continue their penetration testing discussion, covering the following common questions:

How often should your organization conduct a penetration test?
What's the right approach, red team penetration testing or purple team penetration testing?
What should you see in your penetration test reports?

Open Episode
March 25, 2021

Episode #21 - Penetration Tests: What You Need to Know (Part 2)

This week we take a deeper dive into the types of penetration testing. The guys discuss why it's important to consider the reason behind a penetration test and some different methods of testing to consider. The team compares white box vs black box penetration test. In addition, they cover options that companies can take in their testing initiatives, along with providing best practices for companies getting their first pen test.

Open Episode
March 22, 2021

Episode #20 - Penetration Tests: What You Need to Know (Part 1)

Penetration tests are vital for nearly every organization to see how secure they really can be. While the demand for them is higher than ever, it can be a bit tricky on deciding whether manual penetration testing or automated penetration testing is best for you. This week, the guys answer questions and give their own advice on how to guide yourself through the world of Penetration Tests.

Open Episode
March 8, 2021

Episode #19 - Diagram Delight!

This week the guys discuss why it's vital for an organization to have a Network Architecture Diagrams, Network Configuration Diagrams, discuss best practices for building them (scotch can help), and explain why a little effort now will make your work life so much better.

Open Episode
10103417-small

Send Us Your Questions & Rants!

Categories

Archives

Silent Sector® builds and strengthens exceptional cybersecurity programs for US-based mid-market and emerging companies.

Expertise-Driven Cybersecurity®

info@silentsector.com
(855) 461-0961
LinkedIn
SERVICES
Pages
Receive News & Updates
© Silent Sector, LLC 2022 All Rights Reserved. Terms & Conditions | XML Sitemap | HTML Sitemap | Privacy Policy