The Cyber Rants Podcast

Nobody loves cybersecurity governance documentation like we do! This week, the guys discuss cybersecurity policies and why the proper policies make all the difference for security, compliance, and audits. Plus, learn what documents are most important, why the "one size fits all" cybersecurity policy templates don't work, and how to build documentation to your exact needs. 

What's the difference between having an Incident Response Plan and just "winging it"? This week the guys talk about their real-world cybersecurity incidents and share their knowledge about proper planning and preparation. Having an incident response plan for cybersecurity is important. Learn what goes into incident response planning, who should be involved, and how to ensure everyone is on the same page for quick response and minimizing damage during a cyber-attack.

What is a cybersecurity risk assessment? This week, the guys take a deep dive into the intricate world of Cyber Risk Assessments. They cover best practices from choosing an industry recognized cybersecurity framework, to scoping and preparing for your cyber risk assessment, plus how to make cybersecurity standards like NIST, CSF, and CIS Controls work for your company.

Cybersecurity is critical for financial services organizations, but many mid-market and emerging companies struggle tremendously with their cyber risk management programs.

Not anymore with Fintech Cybersecurity. This week, the guys talk about credit union cybersecurity, bank security, and any other issue in the industry including staffing, risk assessment, penetration testing, and compliance. Financial services companies are an attractive and highly targeted sector for cyber criminals. It is also an industry where Zach, Mike, and Lauro have a deep history.

This week, the guys talk about a topic that everyone loves, PCI (Payment Card Industry) Compliance! They rant about PCI-DSS compliance levels and standards, plus what first timers need to consider when preparing for a PCI audit. PCI DSS Legal Compliance can be tricky, but the team is ready to share tips about how to make your PCI compliance process simpler throughout the year and how to deal with the QSA (auditor), especially when the auditor doesn't understand your environment.

This week, the guys discuss considerations in cybersecurity for healthcare organizations. Despite some people thinking that healthcare organizations have a completely different set of circumstances than other organizations, they must meet HIPPA Cybersecurity Compliance. However, that is not the case for the most part. They discuss despite some different nuances, it's still vital for Healthcare organizations to be equipped in cybersecurity and protection, and the same rules and protocols for HIPPA Digital Security can still apply.

There's no "right way" to get started in cybersecurity but there are a lot of different paths to become a cybersecurity expert. This week, the guys talk about their career paths starting from the ancient IT world and moving into modern day cybersecurity disciplines. They share some of the most important skill sets that you rarely hear about. Get the latest tips and tricks to start your cybersecurity career today.

Zach and Lauro discuss 10 common cybersecurity myths that are causing business leaders to make poor decisions and making companies an easy target for cyber criminals. They clear up these myths and share how you can be better informed if you hear something that doesn't sound quite right. Learn about the most common cybersecurity questions on this week’s episode.

This week, the guys discuss Social Engineering - the most common way cyber criminals get access to their targets. They discuss the controls smart companies are implementing to prevent their staff from falling for cyber-criminal scams and how to minimize exposure resulting from human error.