The Cyber Rants Podcast

When the turn of the year comes, so do the projections of Zach, Mike, and Lauro. Sharing both obvious reminders and concepts that are not widely known, the guys break out the crystal ball and give their take on what's coming this year in cybersecurity. 

We are thrilled to welcome back Chris Rock, a cyber mercenary with the expertise to dismantle individuals, institutions, and even entire nations. Join us as Chris shares insights, captivating stories, and the harsh realities of the hacker's world, offering a unique perspective to help you comprehend the intricacies of safeguarding your organization. From explaining why hacks against certain CVEs are often just fluff and hype to the importance of specific technologies, Chris and the guys dive even deeper into the murky realm of cyber crime. If you were captivated by his previous appearance on our show, this is one you won't want to miss!

In a digital realm rife with misinformation, the guys dissect the reliability of cyber score sites like Security Scorecard that rate the security level of companies. They discuss the repercussions of false ratings and the pressures on organizations to pay for correcting misleading information. Breaking down real-world examples to a technical level, the guys explore the nuances of these scoring systems and give a concise yet insightful perspective on the pros and cons. Listen to this episode and decide for yourself whether cybersecurity scoring sites are providing real value or misinforming the public.

Let's face it, disasters are prone to strike anytime and almost always when least expected. Most businesses can't afford to stop operations for an extended period of time. Having a plan for disaster recovery and business continuity is central to your cybersecurity program and most compliance requirements. This week, the guys talk about developing effective plans that you hope you never have to use. 

The guys are asked regularly, "How can vendor risk management be quicker and easier?" After all, the process can be quite time-consuming. Others ask, "How do we answer these giant questionnaires from our clients without making ourselves look bad?"  This week, the guys share tips to help organizations both manage vendor risk and present themselves in the best possible way when asked about their own cybersecurity. Regardless of whether you are the vendor under scrutiny or you are evaluating the security of your vendors, this episode is for you.

Let's face it, the end of the year is the busiest time in many areas of business - but fear not! Cybersecurity shouldn't be an end-of-year rush to catch up. This week the guys break down what you can do to make the 4th quarter easier for you so you can actually enjoy some time off during the holidays. They share their observations and insights so you can go into the new year ready and confident.

Headlines:

This week, Zach and Lauro are joined by Milton Chavez, as all three guests have one unique connection - they're all U.S. Army Veterans that have made the post-military transition to the Cybersecurity sector. They discuss what life is like making the jump from a military background to the cybersecurity industry, and tips for current soldiers to make the same transition when they hang up the uniform.

This week, Zach and Lauro talk about some critical but often overlooked topics including in-person social engineering attacks, the nuances of change management, and what it really means to hack wireless networks. They share why organizations need to do more in-person physical penetration testing and how to help employees react properly in the event of a face-to-face social engineering attack. 

Cyber criminals continue to increase their focus on executives and other high-profile individuals. Using well crafted and targeted attack methods, criminals are able to coerce people into sending money and information directly into the wrong hands. This week, the guys talk about whaling, spear phishing, and other tactics being used in successful attacks! 

This week, the guys welcome one of the most interesting figures in cybersecurity! Meet Chris Rock, the hacker and cyber mercenary who can overthrow a government, digitally birth and kill people, and leverage a lot more unique skills he doesn't share with everyone. In addition to founding SIEMonster and being a three time DefCon presenter, Chris has worked across the Middle East, the US, and Asia preventing cyber attacks for both governments and private organizations. This episode is as entertaining as it is eye-opening!