The Cyber Rants Podcast

Web applications are drastically different and like anything, are prone to vulnerabilities. Application penetration tests come in all shapes and sizes, some good, some bad, and some are not even penetration tests at all. This week, the guys share their insights about Web Application Penetration Testing and get what you need out of your next test! Do not miss this episode if you are planning a web application penetration test for the first time! 

As we get deeper into the SOC 2 Preparation series, the guys discuss the controls around monitoring activities, tracking deficiencies, and assessing results (CC 4). If a SOC 2 audit is in your future, be sure to catch all the SOC 2 audit readiness episodes! 

This week, the guys continue their series on how to prepare for your SOC 2 audit by discussing controls in Section 3 of the Security Trust Services Criteria. If your organization is about to undergo a SOC 2 audit or looking into it, be sure to catch all the SOC 2 audit readiness episodes! 

The development of a cybersecurity committee will accelerate your company's alignment to a cybersecurity framework and compliance requirements. 

This week, the guys discuss why you may need a committee for your cybersecurity framework adoption, instead of leaving one person to lead the job. 

They also cover operational tempo with a 12-month calendar example to accelerate your progress and maintain compliance. 

This week, the guys welcome IT leader Ken Wiley, who shares about cutting-edge work in the field of supercomputing, insights gained from a highly successful IT and cybersecurity career, plus some current tech trends to watch closely. 

For more on Ken and Silverdraft, please see the links below. 

https://www.linkedin.com/in/wileyken/

https://silverdraft.com/

This week, the guys welcome cybersecurity expert and entrepreneur, Ed Vasko. Ed shares his insights from decades of experience and reveals a much-needed cybersecurity education model that he has built at Boise State University.  With the cybersecurity industry experiencing a severe talent shortage, Ed is answering the challenge by improving the education model with innovative programs that equip students with real-world, hands-on experience. Regardless of whether you're a student, educator, employer, or tech professional, don't miss this episode!

This week the guys reunite for the first episode of 2022 by taking a look into the future. With their crystal ball of predictions, the guys look into the future of cybersecurity, ranting about potential trends, exploits, and tips for you to stay ahead in the new year! Plus, they share some housekeeping tips and how to "tidy up" your cyber risk management program in the new year.

This week the guys (and "Skippy the Intern") are joined by special guest, Caren Shiozaki, to discuss cybersecurity considerations among executive teams and boards of directors. Caren shares her experience as a technology executive, insights at the leadership level, and emerging trends that are changing the thought process around cybersecurity and compliance.

Cyber insurance is critical for risk management and the requirements are changing rapidly. With rate increases averaging 25-45% per year and many companies being declined for coverage altogether, this week the guys get the inside scoop with cyber insurance expert, Adam Guyton. Adam shares some important cyber insurance insights including how to get the most out of your policy, what to look for in your coverage, insurance carrier requirements, how to prepare for your renewal, and more.

Cloud services can offer tremendous benefits and cloud computing environments have become a standard across all industries. However, marketing hype leads consumers to believe that "the cloud is secure" by default and that someone else is taking responsibility for their protection. Too many people are quick to adopt cloud services without truly understanding the risks. This week, the guys discuss the risks and considerations around cloud services to help you ask the right questions and make wise decisions when moving to new technology environments.