S2 - Episode 002 – 2022 Breaches and Some Retrospection

S2 - Episode 002 – 2022 Breaches and Some Retrospection

Author: Jason Popillion and Kevin Pentecost March 3, 2023 Duration: 1:21:06
Cyber Distortion Podcast Series
TechnologyNews

In this exciting second episode of the new season, we're offering up a buffet of delicious options to feast your incessant little cybersecurity appetites on!

BREACHES

We start by spending time on 5 of the top breaches that took place in 2022, but shift into some real world thoughts and ideas on what concepts could have helped in preventing those types of breaches.

FRAMEWORKS

Jason and Kevin dig deep into their CISSP bag of tricks to discuss cybersecurity frameworks and do a bit of a shallow dive into NIST, and then migrate into the CIS Top 18 cyber controls for effective cyber defense.

GAP ASSESSMENTS and MATURITY ASSESSMENTS

The guys hit on two very important aspects of how to leverage a framework for your business, for both analyzing your security overlap and your gaps. Then, they take a look at how you can use that same framework to monitor growth and maturity over time. They use hypothetical company 'XYZ Company' to show real-world examples of gap matrices and maturity matrices. These types of critical elements in your security program are items that should be assessed annually or even more frequently.

A LOOK AT KPIs

The guys move from leveraging the frameworks into looking at KPIs (Key Performance Indicators) and how you can pull KPIs from your controls to determine if you controls are actually working for you! What good is a robust framework if you can't measure its success?

3RD PARTY RISK

Lastly, the guys take a look at the importance of 3rd-party risk and how your partners, customers, vendors, and joint ventures might play a part in your overall security posture. Not only how they play a part, but WHAT you can do to take actionable steps around 3rd party risk.

This one is VERY action packed and we cover a lot of ground. Jump on the rollercoaster as we hit ALL the rides in the cyber theme park on this one!

 

CITATIONS:

All about the NIST Cyber Framework

https://www.nist.gov/cyberframework

CIS Top 18 Cyber Controls

https://www.cisecurity.org/controls/v8

Training for using the Frameworks offered by SANS

https://www.sans.org/blog/cis-controls-v8/

YouTube Training Videos on each of the 18 Controls

https://www.youtube.com/@TheCISecurity

https://www.youtube.com/watch?v=pGZViAZlg1k&list=PLpNN1VAyNhovvTU6pye4cNYZksP5CLTyy


Ever feel like the world of cybersecurity is explained in a language only experts understand? That's exactly why Cyber Distortion Podcast Series exists. Hosts Jason Popillion and Kevin Pentecost, both seasoned professionals who hold top certifications like the CISSP, cut through the jargon and distortion to talk about digital safety in clear, practical terms. Each episode feels like a conversation with two colleagues who have been in the trenches-Jason as a CIO/CTO and Kevin as an Information Security Manager-and who genuinely want you to walk away with something useful. You won't just hear abstract theories; you'll get actionable advice that applies whether you're protecting your personal data or responsible for an entire organization's security posture. This podcast demystifies the concepts that matter now, from everyday online habits to broader organizational strategies, making crucial knowledge accessible without oversimplifying the real challenges. Tune in for straightforward discussions that equip you with the understanding to navigate an increasingly complex digital landscape with more confidence.
Author: Language: English Episodes: 60

Official website RSS
Cyber Distortion Podcast Series
Podcast Episodes
S2 - Episode 005 – Third Party Risk – It's not Me, It's You! [not-audio_url] [/not-audio_url]

Duration: 1:20:01
HE'S BAAAAAAACK!! In this episode, we RE-visit with our very first guest, Benjamin Hall. Ben has served as a virtual CISO, and serves as Sr. Information Security Consultant at Heartland Business Systems. With experience…
S2 - Episode 004 - "AI and ChatGPT is Scary Sh*t! – Part II" [not-audio_url] [/not-audio_url]

Duration: 43:36
In this MUCH anticipated follow-up to our episode 003 on AI an ChatGPT, expect more mind-numbing and terrifying facts about this incredible new technology! Kevin and Jason wrap up their discussion with Justin "Hutch" Hut…
S2 - Episode 003 - "AI and ChatGPT is Scary Sh*t! – Part I" [not-audio_url] [/not-audio_url]

Duration: 55:03
What in the world does AI and ChatGPT have to do with Cybersecurity? Well, this episode is going to answer that question for you, and so much more!! In today's exciting episode, Jason and Kevin discuss the incredible wor…
S2 - Episode 001 – The Dark Web Revisited [not-audio_url] [/not-audio_url]

Duration: 1:14:40
WE ARE BACK! Happy 2023 friends… In this exciting episode of or BRAND NEW season 2, Kevin and Jason make good a promise from Season 1 where they go back and take a deep dive into the Dark Web. This time, we're coming wit…
S1 - Episode 014 – Women in Cybersecurity - Part II [not-audio_url] [/not-audio_url]

Duration: 42:52
There is a worldwide shortage of over 3 million in the ranks of cybersecurity professionals, with half a million of that shortage in North America alone. The problem is only expected to get worse as the demand for infose…
S1 - Episode 013 – Women in Cybersecurity - Part I [not-audio_url] [/not-audio_url]

Duration: 46:00
There is a worldwide shortage of over 3 million in the ranks of cybersecurity professionals, with half a million of that shortage in North America alone. The problem is only expected to get worse as the demand for infose…
S1 - Episode 012 – Unraveling the Zero Trust Mystery [not-audio_url] [/not-audio_url]

Duration: 1:22:23
If you're like many others in information security, you too may struggle with understanding the concept and basic premise of "zero trust." Well, we have good news for you! After this episode, you can rest-assured that we…
S1 - Episode 011 – The Fine Art of Social Engineering [not-audio_url] [/not-audio_url]

Duration: 1:07:03
In this exciting episode, we cover the very fascinating topic of "Social Engineering" aka: Human Hacking! Anyone that lives in Cybersecurity knows that the weakest link in any company's cyber defenses is sitting between…
S1 - Episode 010 – Doomsday Breach Prepping - 101 [not-audio_url] [/not-audio_url]

Duration: 53:10
When the world comes crumbling down and your entire existence is burning to the ground, will you be prepared to handle it? What am I talking about anyway? The post-breach apocalypse, of course. What else?! You see, we ha…
S1 - Episode 009 – #Badgelife ft. AND!XOR [not-audio_url] [/not-audio_url]

Duration: 1:19:29
Electronic Blinky-Bling?!! What the heck is that?! Take a quick walk around the Las Vegas strip around mid-summer at the DEFCON Hacking/Security Conference and you'll find out pretty darned quick! #BADGELIFE is a sub-cul…

«123456»