Find Out How COVID19 Has Now Shaped The “New Normal”

May 29th, 2020

It is a bit ironic to reflect upon the fact that the very old saying “may you live in interesting times” is generally referred to as an ancient Chinese curse, though I am unaware of any evidence that is actually true.  Nonetheless, SMB IT Security, along with just about everything else, changed dramatically this Spring.  We’ve seen VAST changes in very little time:

  • The very concept of the security perimeter has effectively been obliterated.  For many of us, there are more endpoints outside the firewall than inside it now.
  • The idea that we actually manage our endpoints has also become rather fanciful.  We now support, to varying degrees, machines and usage scenarios that were unthinkable just three months ago.
  • The entire paradigm of how we manage, secure, support and even bill for these devices is changing an has changed.  For many of us this is truly terra incognita.
  • Even the structure of how our clients’ businesses will move forward is in question.  As an owner of a commercial building that is currently almost unoccupied at the moment, all we can be sure of is change.

That leads to questions about what we will do to retain or regain our security posture.  But first we have to understand just what changes have been wrought and then find ways to defend our clients in whatever their new normal may be.

Joshua Liberman, President and founder of Net Sciences, Inc., has built and secured hundreds of networks in New Mexico.  Joshua has been a rock and ice climber, martial artist, and lifelong photographer.  Joshua has traveled across the world and speaks five languages.  Joshua is a writer, public speaker and IT business owner, and raises Siberian Huskies with his wife and best friend, Heidi Olsen, who calls him the Most Interesting Geek in the World.

Share | Download(Loading)

The Role Of vCISO Is Now More Crucial Than Ever Before - Find Out Why

May 28th, 2020

About Third Rock:

Third Rock is a cyber risk and compliance management professional services firm. Based in Round Rock, Texas, Third Rock services include risk assessments, remediation, and rapid incident response in less 65% less time than other firms. Third Rock built a turnkey, simplified, best in class cyber risk management, cybersecurity and compliance software CyberCompass®.

About CyberCompass® LLC:

CyberCompass® cloud-based software empowers and enables businesses to manage and monitor their cyber risk at a holistic level. It is the only cyber risk management and compliance software with one assessment to meet multi standards for both cybersecurity and government privacy regulation such as HIPAA, CCPA, and GDPR. The platform includes tools and guidance for hardening an organization’s IT systems, refining their operational processes, engaging employees with cyber training, and managing
vendor compliance. Excess Line Association of New York (ELANY) offers a complimentary subscription to CyberCompass® for active members to become compliant. CyberCompass®, LLC was recently established as it’s own legal entity.

About Taylor Hersom:

Taylor heads up the CyberCompass® distribution channel development. His specific goal is to help operationalize channel partners in translating cyber risks to better market their cybersecurity solutions. 

His background provides a unique set of skills in translating how cyber risk management can drive the optimization of cybersecurity and compliance solutions. Mr. Hersom has been using CyberCompass® for over a year with his previous customers.

Share | Download(Loading)

Find Out About The Importance & Ramifications Of The CMMC

May 22nd, 2020

Greg Johnson is Founder and CEO of Webcheck Security, a world-class penetration testing and cyber services company.

He loves people and providing solutions with integrity. A BYU graduate, Greg began his technology career in the days of 64k, 5.25” floppy drives and Mac 128k’s. As the industry evolved, Greg moved into the cyber arena and learned a great deal about cyber controls, compliance, data breach and response, and in 2016 earned his PCIP or PCI Professional designation.

In his experience as VP of Business Development with A-LIGN, a multi-national cyber audit and certification firm, Greg consulted, guided and educated dozens of clients in compliance guidelines and certifications for standards such as:

  • PCI
  • ISO 27001
  • SOC 1 and SOC 2
  • GDPR
  • FISMA
  • FedRAMP
  • HIPAA
  • NIST 

Greg also has worked on multiple executive teams over the years and been with notable companies such as WordPerfect/Novell, Global Access, Lancera, and Secuvant Security. 

Also with us today, and perhaps the protagonist in today’s show, is Lori Crooks

Senior Consultant/PM for Webcheck and Founder of Security Compliance Solutions, Inc. d/b/a LB Compliance 

Lori’s deep background includes having managing security and assurance assessment teams at growing cyber firm, A-LIGN, including but not limited to PCI, FISMA, FedRAMP, Penetration Tests, HIPAA, ISO 27001, SOC1 and SOC2. She also served as a Center of Excellence lead for PCI, FISMA and FedRAMP, as well as conducting quality reviews of HIPAA, ISO 27001, SOC1 and SOC2 reports. For a DoD contractor, Lori has:

  • Developed the Governance, Risk and Compliance Program based on NIST 800-53 and 800-171
  • Written the Information Security Policy, and associated policies/procedures
  • Performed DFARS/NIST 800-171 self-assessments on all sites and hubs
  • Worked closely with Project Management Office and Infrastructure & Operations Team to gather audit evidence and develop Plan of Action of Milestones (POA&Ms)
  • Evaluated all evidence provided to meet the NIST 800-171 controls
  • Created the System Security Plan (SSP) Template for NIST 800-171
  • Assisted in completing the first SSP for the DoD contractor
  • Performed DoD contractor’s first annual risk assessment 

Lori has broad and deep knowledge of multiple cyber frameworks and subscribes to the Webcheck Way – meaning helpful customer communication and professionalism in all documentation and consulting.

Share | Download(Loading)

Safer Computing through Invisible Authentication

May 15th, 2020

Intensity Analytics is a distributed software company specializing in the measurement and interpretation of the mathematics of human behavior. The company’s breakthrough contribution to the cybersecurity field is having invented and broadly patented novel algorithms which make possible the comparison of human effort with sufficient accuracy to confirm a claim of identity at scale to make enterprises and individuals more secure. For more information, please visit intensityanalytics.com

Jonathan Nystrom took on the role of Interim CEO at Intensity Analytics in the fall of 2019. Jonathan has over three decades of experience bringing innovations to market, including start-ups, Fortune 500, and Big 4. Jonathan’s defining characteristics include relentless curiosity and an unwavering belief that there is always a better way and that fortune favors those who find a way to deliver it.

Share | Download(Loading)

Actionable Guidance for Corporate Data Protection In The 2020s

May 12th, 2020

Perpetual Storage, Inc. is a specialized data protection company whose mission is to enable clients to actualize cybersecurity best practices for the storage, transport, retrieval, and lifecycle management of vital digital records.  PSI's main campus is an underground vault located in a unique geologically stable formation of solid granite rock east of Salt Lake City, Utah.

JR Maycock is a 14-year IT veteran with a background spanning corporate, service provider, freelance, and K-12 education environments. His areas of expertise include identity management, behavioral security, systems architecture, business continuity planning, and exploring the alignment of technology with business strategy.   He is best known for his accessibility and easy-going attitude, always making time to turn over a topic of interest or answer a question.  JR currently holds the position of CIO at Perpetual Storage in Salt Lake City, UT.

Share | Download(Loading)

The Bot Mitigation Software that’s Challenging the Economics of Automated Attack

May 11th, 2020

Headed up by 24-year-old founder Sam Crowther, cyber-security startup Kasada raised USD 7 million at the end of 2019 with CIA backed In-Q-Tel as its latest investor to continue protecting large Australian, British, and US companies from malicious automation. Founded in 2015, Kasada provides a solution that helps organisations protect from user account takeovers, fraud, data scraping and other disruptive attacks.

Kasada uses dynamic cyber-resilient technology to detect automation from the very first page load request with unprecedented accuracy even for the most sophisticated bots. The solution is the fastest bot mitigation solution to implement. It deploys within minutes and security teams can be monitoring web traffic and neutralising the impact of automated attacks. Kasada operates instantly in the background without affecting user experience. It integrates easily into existing ecosystems without interruptions.

Find out more here at: kasada.io 

Share | Download(Loading)

What Just Happened?! How Companies Should Transition From WFH

May 6th, 2020

RESULTS Technology provides full managed IT, co-managed IT and IT Compliance services to community banks and SMBs across the country. When the Stay-at-Home orders started happening, the RESULTS team scrambled to help it’s 1200 computer users setup secure, compliant remote connections across the country.

Now that some of the Stay-at-Home orders are starting to be lifted, RESULTS talks about what every business should do when transitioning back to the office and how to prepare your company for the next work-from-home situation.

About RESULTS Technology: RESULTS’ in-house support staff, headquartered in Kansas City, provides full IT maintenance services ranging from desktop support, business continuity, disaster recovery, remote and on-site support, proactive network monitoring and ongoing maintenance services.

Share | Download(Loading)

Business Cybersecurity With Alexander Chamandy of Envescent

May 1st, 2020

Today's show is focused on business cybersecurity. Envescent's founder and president Alexander Chamandy joins us to discuss his company's services, his background and the latest threats and best practices in this COVID-19 remote work era.

Alexander Chamandy is a technology and security expert with over 25 years of experience. He is passionate, ambitious and greatly enjoys working with people. His true calling is solving complex problems, with a unique and deep skill set which allows him to lead or assist with a variety of projects.

Alexander’s passion for technology runs deep. He was given a Commodore 64/128 when he was five years old as a birthday present. From there he began teaching himself BASIC so he could program video games.

Starting in the local information technology industry in 1995, Alexander founded his business, Envescent, in 1999. From then he has remained involved with its operation and direction. In 2018 Envescent was awarded the Best Technology Small Business award from the Arlington Chamber of Commerce.

Born and raised in Arlington, Virginia, Alexander has deep roots within the local community. Spending time volunteering, donating to local charities and doing all that he can to help Arlington as well as its many residents and business. He's also interested in economics, finance, health, nutrition and writing.

Share | Download(Loading)

Hear From The Experts How COVID19 Has Impacted The Security Environment

April 25th, 2020

An Introduction To SRMC:

Founded in 1989, Security Risk Management Consultants (SRMC) is a professional, independent security consultancy serving clients throughout the United States and abroad.

SRMC provides security vulnerability assessment, master planning, design development, technical specification and project and program management support services to a wide range of public and privately-owned occupancies.

The Bios Of The Experts:

Rick Amweg:

Rick is a staff consultant.  He as over 35 years of experience working in a higher education public safety/emergency management setting. He has served as the Director of Public Safety Administration and as Assistant Chief of Police with the Department of Public Safety at The Ohio State University, the Director of Campus Safety and Security for the Ohio Board of Regents, and Executive Director for the State of Ohio Center for P-20 Safety and Security.

Jim Clark:

Jim is a staff consultant with SRMC. He has worked with many public and private organizations on vulnerability assessments, policy and procedure development, strategic master planning, staff training, workplace violence prevention and emergency preparedness and response with a special focus on higher education, library, museum, and archival environments.

Paul Denton:

Paul is a Staff Consultant. He has served 28 years with the Columbus Division of Police, then in 2006 was appointed Chief of The Ohio State University Police Division, where he reorganized the division and launched a crime analysis and problem-oriented approach to addressing campus crime issues. He has successfully directed public safety operations for major campus events such as football games, political campaigns and other dignitary visits.

Chuck Smith:

Chuck is a Staff Consultant, highly experienced in healthcare security. He has spent more than four decades serving in public law enforcement and corporate security-related positions, including Director of Security and Safety at The Ohio State University Wexner Medical Center, Nationwide Children’s Hospital and The Limited stores.

Share | Download(Loading)

Learn How To Solve The Cyber Trilogy: People, Process, & Technology

April 20th, 2020

BORDERHAWK Expertise: Understanding Cyberspace & Cybersecurity
• Solving People, Process, and Technology problems involving cyberspace and cybersecurity
• Identifying and investigating contemporary threats involving cyberspace 
• Anticipating the convergence of cybersecurity and the physical world 
• Articulating risk issues related to cyberspace and cybersecurity 
• Crafting custom solutions to the challenges of cyberspace and cybersecurity  

Preventative Solutions:
• Standards Based Information Risk Assessments 
• Cyber Security Testing 
• Information Security Training  
• Cybersecurity Analytics 
• Technical Surveillance Countermeasures 
• Business Forensics  
• Consulting on Information Assurance Issues 
• Cyber Incident Response 
 • Cybersecurity Alerting 
• Information Governance
• Supply Chain & Systems Acquisition Security

Jay Harmon INFORMATION SECURITY, PRIVACY & MANAGEMENT CONSULTANT WITH BORDERHAWK:

Highlights: Managing Director, BorderHawk

Professional Experience:

  • Information Security and Privacy Risk Assessments
  • Information Security Program Management 
  • IT Strategy, Turnaround, and Transformation
  • Change Management
  •  Organizational Communications
  •  Business Continuity and Disaster Recovery Planning
  •  Documentation and Training
  •   Business Process Re-Engineering
  • Information Risk Analysis
  • Project Management 
  • System Development Methodology

 

Share | Download(Loading)

- Older Posts »