The Cyber Rants Podcast

This week the guys reunite for the first episode of 2022 by taking a look into the future. With their crystal ball of predictions, the guys look into the future of cybersecurity, ranting about potential trends, exploits, and tips for you to stay ahead in the new year! Plus, they share some housekeeping tips and how to "tidy up" your cyber risk management program in the new year.

This week the guys (and "Skippy the Intern") are joined by special guest, Caren Shiozaki, to discuss cybersecurity considerations among executive teams and boards of directors. Caren shares her experience as a technology executive, insights at the leadership level, and emerging trends that are changing the thought process around cybersecurity and compliance.

Cyber insurance is critical for risk management and the requirements are changing rapidly. With rate increases averaging 25-45% per year and many companies being declined for coverage altogether, this week the guys get the inside scoop with cyber insurance expert, Adam Guyton. Adam shares some important cyber insurance insights including how to get the most out of your policy, what to look for in your coverage, insurance carrier requirements, how to prepare for your renewal, and more.

Cloud services can offer tremendous benefits and cloud computing environments have become a standard across all industries. However, marketing hype leads consumers to believe that "the cloud is secure" by default and that someone else is taking responsibility for their protection. Too many people are quick to adopt cloud services without truly understanding the risks. This week, the guys discuss the risks and considerations around cloud services to help you ask the right questions and make wise decisions when moving to new technology environments.

Ransomware can infect your on-premise or cloud environments at any given time but we've noticed that ransomware attacks seem to spike during certain times of the year. This week, the guys talk about how ransomware can be deployed on your devices, how to prevent ransomware attacks, and even some horror stories from how ransomware has impacted major networks.

This week, the guys discuss some cybersecurity trends, tips, and words to the wise that are timely and relevant in today's technology-centric world! They discuss: 

• Are attacks ramping up and if so, why?
• The pros and cons of spending your cybersecurity budget on Black Hat and DefCon
• Why you need specific objectives in your penetration testing, not just the numbers
• The wrong and right way to establish vendor relationships
• And more! 

Does your company recruit IT and cybersecurity staff with the same methods used to fill other positions? If so, don't miss this episode. This week, the guys welcome Cammas Freeman, an expert on finding and retaining the best technology professionals. Cammas shares a unique approach for recruiting the best talent, using a methodology that saves a tremendous amount of time and money. She also shares tips to build a strong culture for less turnover.

Cyber criminals are heavily focused on compromising backups so their attacks are as crushing and painful as possible for the victims. Good backups and the ability to quickly restore are a critical part of every infosec program but many organizations still treat backups as an afterthought. This week, the guys welcome the recognized authority on data backup W. Curtis Preston (aka. Mr. Backup) to reveal the backup and recovery trends he is noticing, tips organizations can implement to minimize risk, and what to look for in a backup solution.

This week, the guys discuss one of their favorite topics, Payment Card Industry Data Security Standards (PCI DSS)! Companies that transmit, process, or store credit card data need to be compliant but PCI has its own nuances. What level of PCI compliance do you need? How do you determine what is in scope? How do you work with auditors? The guys answer these questions and more, plus share some wizard-like tactics to help you maneuver through the PCI requirements.

Building and managing a cybersecurity program can be confusing for organizations with multiple product lines, subsidiaries, or industry divisions. How do you manage security across all business units? What can you do to set standards that the entire organization follows? How do you control the quality of the cyber risk management practices through different cultures? This week, the guys answer these questions and more, discussing the various aspects of implementing, assessing, managing, and normalizing cybersecurity across a complex organization.