Dark Rhino Security Podcast

This week on Dark Rhiino Security’s Security Confidential podcast, Host Manoj Tandon talks to Troy Fine. Troy is an industry-recognized thought leader (and meme creator) at the intersection of compliance, auditing, and cybersecurity. His expertise spans a range of frameworks, from SOC 2 and ISO 27001 to HIPAA, HITRUST, PCI, FedRAMP, CMMC, and privacy regulations. Through a holistic approach, Troy helps clients navigate the complexities of compliance and fosters a culture of continuous improvement within organizations. 00:00 Introduction 00:15 Our Guest 01:27 Finding a job during an Economic Crisis 06:26 Auditing is not Sexy 09:50 Learning by experience and teaching others 13:44 Top 3 most common questions 17:02 Does this do anything to improve security? 32:30 Why should I be liable? 39:35 Overbearing controls 44:42 Jumping from SOC2 type 1 to type 2 50:01 Book recommendations from Troy ---------------------------------------------------------------------- To learn more about Troy visit https://www.linkedin

This week on Dark Rhiino Security’s Security Confidential podcast, Host Manoj Tandon talks to Chandra Pandey. Chandra is an expert with 20+ years of experience in the cybersecurity and networking domain. Chandra has been associated with multiple disruptive innovations for cybersecurity and networking domains. Current innovations at Seceon is already used by 6000+ customers around the globe and make industry’s best cybersecurity affordable to organizations of any size and eliminate the need for customers to buy 15+ products like SIEM, SOAR, NBAD, UEBA, MDR, Cloud Security, Container Security, IDS etc. 00:00 Introduction00:16 Our Guest06:57 The Culture at Seceon09:32 The culture one comes from or the culture that one finds oneself in, What’s more important?11:23 Transitioning from a technical engineer to a business leader12:45 Adapting to changes in the industry13:34 How to get the most out of Ai21:46 Will we ever be able to get rid of the human in the SOC and have the SIEM be automated by AI?23:40 Why develop

This week on Dark Rhiino Security’s Security Confidential podcast, Host Manoj Tandon talks to James Potter. James is an Active Directory veteran with nearly 25 years in the field. A native of Detroit, James started his career at the University of Michigan where at the tender age of 17, he helped U of M develop their computer systems. For the next two decades James earned his stripes in consulting with organizations like Ernst & Young and PwC before founding his own company, DSE, in 2019. At DSE, James leads a dynamic group of architects, engineers, and SMEs who help large international organizations secure and modernize their AD infrastructure. He currently resides in the Pacific Northwest where—like a true son of Michigan—he restores old cars in his spare time.     00:00 Introduction 00:18 Our Guest 01:11 Starting in Active Directory 06:29 Has the security changed on a Jet Database? 08:06 The 3 tiers of security 11:44 What should SMBs do? Compliance vs Security 13:12 When you’re small, you’re the easiest

This week on Dark Rhiino Security’s Security Confidential podcast, Host Manoj Tandon talks to Matt Brown. Matt is a serial entrepreneur, author of the #1 Amazon Best Selling book: Your Inner Game, podcaster, and the host of the Matt Brown Show podcast. The Matt Brown Show has built a global following, with millions of downloads and a network of talent unrivaled by most other business podcasts. He has hosted more than 650 extraordinary guests, with billionaires on six continents, New York Times Best Selling authors, navy seals, professors, scientists, and many leading business thought leaders throughout his 800 episodes. He has also founded 14 startups in the last 25 years and now he’s on a mission to help startup founders, entrepreneurs, and the community of business to change the world for the better. 00:00 Introduction 00:20 Our Guest How do you build something of value? 05:57 Unlocking the human potential 09:21 Self-limiting themselves 10:00 Why do 99% of Startups Die? 16:30 Overcoming challenges and In

This week on Dark Rhiino Security’s Security Confidential podcast, Host Manoj Tandon talks to Angela Bergsma. Angela is the Founder & President of Latinas In Cyber, an Entrepreneur, a Navy Veteran, and an executive leader with over 20+ years of diverse experience encompassing national security (federal intelligence agencies), strategic analytics, program management, and security and IT practice management.  She founded Latinas in Cybersecurity (LAIC), a 501(c)3 non-profit with a mission to improve the representation of Latinas in within the cybersecurity industry. She is also an active advocate for veterans and neurodiversity in the workspace, as well as a member of cyber and defense women groups. 00:00 Introduction 00:18 Our Guest 01:12 Transitioning from Intelligence into Cyber Security 06:09 How did you target people? 08:59 Compromising an individual 09:45 The Psychology of Cybersecurity 16:44 Do I have to be a conspiracy theorist in order to understand Cybersecurity? 19:50 Teaching employee awareness

#SecurityConfidential #DarkRhiinoSecurity This week on Dark Rhiino Security’s Security Confidential podcast, Host Manoj Tandon talks to Dr. Eric Cole. Dr. Eric Cole, Ph.D., is a cybersecurity expert, entrepreneur, public figure, and best-selling author. His career has advanced from starting as a professional hacker for the CIA to becoming the 44th President's commissioner on cyber security. His accomplishments have earned him an induction into the Information Security Hall of Fame and have awarded him as a Cyber Wingman from the US Air Force. His recognition has caught the interest of current clients, who include international banking institutions, Fortune 500 organizations, Bill Gates, and Saudi Aramco. His entrepreneurial accomplishments include three successful exits building eight-, nine-, and ten-figure organizations. Aside from his seasoned technical expertise, Dr. Cole recently released his eighth book, Cyber Crisis, which debuted at #1 on the Wall Street Journal's bestseller list. Dr. Cole&

This week on Dark Rhiino Security’s Security Confidential podcast, Host Manoj Tandon talks to Aaron Painter. Aaron is an Entrepreneur, Author, former VP of Microsoft in China, and is currently the CEO of Nametag Inc. This company invented “Sign in with ID” as a more secure alternative to passwords. Aaron has successfully integrated his human identity platform with major organizations such as Reddit and Web.com. In his 2017 best-selling book, LOYAL, he describes his key to leadership: fostering a culture of listening. Through codifying and implementing a business listening framework, Aaron has built success worldwide. 00:00 Introduction 00:22 Our Guest 01:22 Motivated by cause 06:57 How do they handle cyber in Brazil or China? 09:12 Traditional vs Online ways of verifying your identity 11:34 NameTag Inc 20:31 Okta Breach 22:55 Holiday season attacks 24:15 Humans will be at fault 26:45 Flaws in SSMS 35:23 FaceID verification 37:56 Government help with verification 39:03 India's Aadhaar Verification 42:56

#SecurityConfidential #DarkRhiinoSecurity This week on Dark Rhiino Security’s Security Confidential podcast, Host Manoj Tandon talks to Dave Sobel. Dave is the host of the “Business of Tech” podcast, a leading IT services-focused news and analysis podcast and YouTube show, with thousands of listeners and subscribers. He also co-hosts the podcast “Killing IT”, and authored the book Virtualization: Defined. Dave has been recognized as one of the top virtualization experts globally as a Microsoft MVP for Virtualization. Dave has served on the executive council for Managed Services and Emerging Technologies, the Vendor Advisory Council, as the founding Chair for the Mobility Community for CompTIA.  00:00 Introduction00:22 Our Guest01:18 Business of Tech Podcast03:21 Dave’s Origin story05:19 Remaining positive06:30 Checklist before switching roles09:35 The market is brutal13:54 Boring is perception16:54 The adoption of Ai, User behavior, and applying common sense28:00 Why would I pay for security?30:25 Laws to pr

#SecurityConfidential #DarkRhiinoSecurity This week on Dark Rhiino Security’s Security Confidential podcast, Host Manoj Tandon talks to Joseph Steinberg. Joseph is a Cybersecurity thought leader, CEO of SecureMySocial, and technology influencer. He has led businesses and divisions within the information-security industry for nearly two decades, and is one of the top 3 cybersecurity influencers worldwide He is also one of only 28 people worldwide to hold the suite of advanced information security certifications, CISSP, ISSAP, ISSMP, and CSSLP. 00:00 Introduction 00:15 Our Guest 01:57 Getting Computers to do what they are not supposed to do 03:14 Cybersecurity professionals are still making the same mistakes 05:57 Good advice that’s actually terrible 11:42 Government Regulations: Holding software developers accountable for breaches 15:16 Age restrictions for adult content 17:54: Smart Guns 19:22 Is Cybersecurity really relevant? 22:07 Not all about tech. 27:57 Humans are the Achilles heel in Security 30:07 A

#SecurityConfidential #darkrhiinosecurity Chris Rock is no stranger to Security Confidential. He is a Cyber Mercenary, A three-time presenter at DEFCON, Author of The Baby Harvest, and Co-Founder of SIEMonster. Chris has spent the last 30 years in the Middle East, the US, and Asia preventing cyber attacks for governments and private organizations alike. 00:00 Introduction 00:16 Our Guest 01:19 What does the talent pool look like for our industry? 04:48 Do you see any non-traditional jobs entering the field? 06:01 Researching how companies and AI handle the finances 08:25 How money is moved through the drug trade 13:09 The Advancement of Natural Language Processes 18:03 How do you build trust? 18:59 The further we go into an automated environment, the easier it is to hack 23:07 Would you rather come up against a Bank teller or a Bot? 25:30 Ransomeware as a service 29:04 Defeating MFA and how we deal with it 38:14 Shelf Babies: Killing and Birthing someone virtually 50:02 More about Chris -----------------

#SecurityConfidential #DarkRhinoSecurity 00:00 Introduction 01:10 Apple Zero-Day Exploited 06:14 TEMU App 09:42 Cisco to buy Splunk 13:35 Bookers Bourbon 14:50 F35 Hacked 21:47 MGM Breached 23:43 5 Lawsuits against MGM resorts 28:14 Sony Systems Hacked by new Group 32:53 Cyber Horror Stories ---------------------------------------------------------------------- Articles Mentioned: https://thehackernews.com/2023/09/latest-apple-zero-days-used-to-hack.html https://grizzlyreports.com/we-believe-pdd-is-a-dying-fraudulent-company-and-its-shopping-app-temu-is-cleverly-hidden-spyware-that-poses-an-urgent-security-threat-to-u-s-national-interests/ https://www.nytimes.com/2023/09/21/business/cisco-splunk-deal.html https://nybreaking.com/im-a-former-defense-official-who-warned-about-the-f-35s-catalogue-of-safety-and-security-problems-years-ago-this-is-why-it-may-have-been-hacked-or-malfunctioned/ https://www.reuters.com/technology/hackers-who-breached-casino-giants-mgm-caesars-also-hit-3-other-firms-okta-says-2

Dmytro Bielievtsov is the CTO and Co-founder of Respeecher. Respeecher focuses on high-fidelity voice cloning and their synthetic speech technology was the first one to be adopted by big Hollywood production studios in 2019. Respeecher's has already shown up in major Feature films, TV projects, and Video Games. Animation studios, Localization and media agencies, in Healthcare, and other areas are using it. Some of their projects include artificially voicing God of War Ragnarok, de-aging Mark Hamill’s voice in The Mandalorian and The Book of Boba Fett, and James Earl Jones’s voice for the Obi-Wan Kenobi series. They have also been featured in Forbes, The Guardian, TechCrunch, VentureBeat, to name a few.00:00 Introduction00:19 Our Guest01:33 Running a company in the Ukraine04:55 Respeecher07:24 How does Respeecher work?10:37 How did Hollywood find you?12:10 Voice work for Star Wars14:55 Do you keep the voice?16:23 Deep Fake in the Election22:02 Vishing23:25 Luke Skywalkers Voice25:26 De-Aging Mark Hamill’s

Frank is a cybersecurity and privacy expert and former C-level executive with 25 years of experience developing compliance and privacy programs for large healthcare systems. Riccardi has held positions as Chief Compliance and Privacy Officer overseeing high-profile data breaches and cybersecurity investigations. His book, “Mobilizing the C-suite: Waging War Against Cyberattacks,” urges C-suite leaders to take action against cyberattacks by deploying basic cybersecurity controls and supporting frontline cybersecurity professionals with companywide cyber hygiene training. It also introduces real-world cybersecurity principles to college students, our future generation of cyber-savvy leaders. 00:00 Introduction 00:19 Our Guest 01:20 Frank’s Background 02:05 2021 Events, Motivation, and the Colonial Pipeline 07:28 Regulations in Healthcare  10:14 Does the C-suite understand that Cyber is a business problem or an I.T. problem? 17:53 The trickery behind the technology 21:17 The Human Factor is the weakest link in

Taking a break from our regularly scheduled Security Confidential episodes to talk about Streaming services, important skills that need to be taught in schools, an Okta Breach, and "Owning" DVDs. To learn more about Dark Rhino Security visit https://www.darkrhinosecurity.com ---------------------------------------------------------------------- SOCIAL MEDIA: Stay connected with us on our social media pages where we'll give you snippets, alerts for new podcasts, and even behind the scenes of our studio! Instagram: @securityconfidential and @OfficialDarkRhinoSecurity Facebook: @Dark-Rhino-Security-Inc Twitter: @darkrhinosec LinkedIn: @dark-rhino-security Youtube: @Dark Rhino Security ​ ---------------------------------------------------------------------- #darkrhinosecurity #securityconfidential #cybersecurity #cyberpodcast #ai #artificialintelligence #securitypodcast #cybernews #technews #techsoftware #informationtechnology #infosec #cybersecurityforbeginners #technewstoday #disneyplus #hulu

Her career started with music. From then on, she did hundreds of commercial jingles (famously, Tillie the All-Time Teller for the first successful ATM in the US) and sang backup vocals on tour with Burt Bacharach and Roy Orbison. She got into voiceover and acting work at Doppler Studios in Atlanta, when the voice actor hired for a particular commercial didn't show up, and studio owner Pete Caldwell suggested she do the spot instead. She ended up doing spots for Coca-Cola, IBM, Papa John's Pizza, McDonald's, AT&T, Wendy's, Goodyear, Ford, Chiquita, etc., for both radio and TV. She also ended up working on camera for such clients as Morrison's, Ford, GA Pacific, IBM, Kimberly Clark, etc. But she’s Best known as the original VOICE OF SIRI. 00:00 Introduction 00:18 Our Guest 01:18 Her background 03:01 How Apple Took Her Voice 04:55 Remaining positive 05:16 Working with Roy Orbison 06:55 Perfect Pitch 07:40 Learning to play the Piano 08:40 How Siri affected her career 09:31 A Siri-like

Peter Warmka is a Keynote Speaker, Author, Cybersecurity/Insider Threat Consultant, Founder of Counterintelligence Institute, and a retired senior intelligence officer with the U.S. Central Intelligence Agency (CIA) where he specialized in clandestine HUMINT (human intelligence) collection. He was on previously to talk about his book “Confessions of a CIA Spy” and now he’s here to promote his new book “Why Are You Messing With Me? - Senior Survival Guide on Fraud, Privacy, and Security". 00:00 Introduction 00:19 Our Guest 02:06 ChatGPT and Generative Ai: How they’re used 06:14 Evil ChatGPT 07:16 How do we remain secure with Ai? 12:18 Why you shouldn’t be giving out your SSN 13:35 Sim Swapping Case 16:26 U.A.E Voice Cloning Case 23:07 What measurements does the CIA take? 25:55 Facial recognition 27:03 Educating the Public 29:38 Why are you messing with me? - Senior survival guide 43:28 More about Peter --------------------------------------------------------------------- To learn more about Dark Rhino

#SecurityConfidential #DarkRhinoSecurity Dan Wachtler is the CEO of DarkLight Inc and an accomplished entrepreneur with over 20 years of experience serving in both executive and sales leadership roles. Previously, he was the President of root9B Holdings, Inc., a NASDAQ-listed advanced cybersecurity firm and creator of the first-ever commercial HUNT platform. Dan has led numerous capital raises and managed large corporate realignment efforts including international expansion efforts. 00:00 Disclaimer 00:09 Introduction 00:25 Our Guest 01:18 Journey into Becoming an Entrepreneur 03:44 What is success to you? 08:21 What’s the secret to bringing awareness to your startup? 12:22 How do you differentiate? 16:43 What does DarkLight do? 22:53 How does your system differentiate between industries? 28:30 Understanding Risk 31:09 Does A.I. have a role in this? 36:07 Getting a Demo with DarkLight 37:44 More about Dan and DarkLight ---------------------------------------------------------------------- To learn more ab

Ryan is the CEO of Neuvik and the author of the book “Understand, Manage, and Measure Cyber Risk”. His past adventures include growing a cyber research and development company, formerly serving as Chief of Staff and Associate Director of Cyber for the U.S. Department of Defense, a cybersecurity strategist for McKinsey, and a technologist at IBM. 00:00 Introduction 00:17 Our Guest 01:08 Behind the name Neuvik 02:20 What does Neuvik do? 03:29 Imperfect Technology layered on Imperfect Technology 05:35 Is the next gadget worth it? 07:54 Guiding a newbie CXO 10:50 What is it that you're protecting? 22:54 Which framework has worked the best? 25:56 Understand, Manage, and Measure Cyber Risk 35:39 Leveraging vulnerabilities for offensive purposes 40:35 Connecting with Ryan --------------------------------------------------------------------- To learn more about Dark Rhino Security visit https://www.darkrhinosecurity.com --------------------------------------------------------------------- SOCIAL MEDIA: Stay co

Eric is an entrepreneur and the CTO of SOOS, a software technology company. He has 15+ years of experience in leadership, business strategy, and software team transformation with a broad set of skills. On top of that, Eric has formal training as a software and mechanical engineer 00:00 Introduction 00:16 Our Guest 02:11 Open Source is Everywhere. Even Healthcare 04:45 Legal Risk using Open Source 06:05 Reading the Terms and Conditions 07:55 Would development time increase if you don’t use Open Source? 09:16 26,448 New CVEs Reported in 2022 11:03 Equifax Attack affected 143 Million 13:01 Therac-25 Medical Device Tragedy 14:53 What is a SBOM? 18:53 You need an FBOM 20:21 Knowing your “ingredients” 21:53 Is this a blockchain problem? 23:42 How does an SBOM help me? 31:48 Embedded Systems 40:28 Forking a project 43:10 How is SOOS staying up to date 47:40 Holding companies responsible 53:15 News from Eric

Robert Black is a Lecturer in Information Activities at Cranfield University on behalf of the UK Defence Academy. He is also the former Deputy Director of the UK’s National Cyber Deception Laboratory. At the Defence Academy, he helps educate senior military leaders about Warfare in the Information Age. His interests are several interests one of them being the role of influence and deception in cyber. 00:00 Introduction 00:19 Our Guest: Robert Black 01:28 Rob's Journey into Cyber 06:20 The weakest link is designing systems that don’t appreciate humans are integrated as a part of the system 09:17 Taking an insurance mindset 10:36 Does the Lock and Key model for Cyber work on bad actors? 16:12 Legality and Kinetic Response (Hack back, WannaCry attack, Liam Neeson, Crowdstrike report, U.S. Military) 22:30 Striking Fear into the Hackers 28:00 Does that help the SOC team? 29:45 Arguing with Attorneys and Hackers 33:19 Use of Deception in Tech 35:32 The psychology of the adversary 41:41 Who is responsible for