The Cyber Rants Podcast

This week, the guys discuss Social Engineering - the most common way cyber criminals get access to their targets. They discuss the controls smart companies are implementing to prevent their staff from falling for cyber-criminal scams and how to minimize exposure resulting from human error.

This week, the guys welcome back Ed Escobedo, former Head of Technology Risk Management for PayPal, CIO of Apollo Education Group, VP for DHL, and Charles Schwab, and currently Silent Sector's Chief Strategy Officer. They share how to bust through the growth roadblocks that Cyber security CISOs hit when improving their Organizational Adoption Methodology. They also share the unique Organizational Adoption Framework and Methodology (TM) that Silent Sector uses to bring established cybersecurity programs to the next level.

This week, the guys dive into all the "fun" requirements that U.S. Government defense contractors are facing when working with Controlled Unclassified Information (CUI), including the NIST 800-171 Self-Assessment and getting CMMC certificated. Learn about defense contractors CMMC, CMMC requirements, and CMMC Regulations. They share their insights and experience about how organizations align to these requirements and what's involved.

The "cloud" is arguably one of the most common topics of discussion in technology today, primarily for its cost savings and accessibility benefits. Corporate cloud security can be tricky. However, it's also a hot topic for cybersecurity professionals and not always for the best reasons. This week, the guys discuss cloud considerations for organizations of all sizes, providing recommendations for transitioning to the cloud, the security risks of cloud computing, safely storing information, and avoiding data loss nightmares.

This week we take a deeper dive into the types of penetration testing. The guys discuss why it's important to consider the reason behind a penetration test and some different methods of testing to consider. The team compares white box vs black box penetration test. In addition, they cover options that companies can take in their testing initiatives, along with providing best practices for companies getting their first pen test.

This week the guys discuss why it's vital for an organization to have a Network Architecture Diagrams, Network Configuration Diagrams, discuss best practices for building them (scotch can help), and explain why a little effort now will make your work life so much better.

There is a lot of talk about "proactive cybersecurity against threats" but what does that really mean and is it better than reactive? On this week's show, the guys discuss proactive versus reactive cybersecurity considerations and where to focus.