Dark Rhino Security Podcast

#SecurityConfidential #DarkRhinoSecurity  Jax is a cyber influencer, author, speaker, podcaster, President, and Founder of Outpost Gray. With over 13 years of experience working in IT and cyber, both private and public sectors. Jax spent a significant portion of her life serving in the Special Operations Command, spearheading global Cyber, Electronic Warfare, and Intelligence operations. She is also the co-host of the cybersecurity podcast 2CyberChicks.    00:00 Introduction  00:16 Our Guest  01:52 Being in the Special Forces as a Woman  04:30 Cultural Support Team Program  07:47 Jaxs’ Current Mission  09:29 What is an Entry-Level Job?  11:49 How Jax began her journey into Cybersecurity  16:07 Data Breaches: What’s broken?  18:07 Company Policies and Bringing Awareness  19:38 Compliance isn’t security  23:17 NIST vs CMMC vs ISO  27:03 Who uses CMMC?  30:56 Resources for CMMC   32:12 What should the Federal Government be adopting?

Wendy is a keynote speaker, Principal Cloud Security Architect, and senior security advisor. She has worked for Cisco, PWC, and Deloitte. Has a doctorate from the University of Oxford. She is currently with OneWeb. Prior to joining OneWeb, Wendy was Experian’s DevSecOps Security Managing Adviser and defined the strategy for the organization's global DevSecOps transformation initiative.  Wendy is active in the community, regularly sharing experiences through keynotes, Blogs, and Black Hat.   00:00 Introduction  00:21 Our Guest  01:40 Transitioning from Medical Genetics to Cyber  04:50 The importance of having people from different fields  07:41 Comparisons between Bacterial Virus and Breach  12:09 Low Earth Orbit Constellation  18:18 Hackers are Collaborative   22:01 100% Security  26:30 Understanding the Risk  30:40 Building a Culture of Awareness   35:35 DevSecOps  38:50 Controlling that 3rd party risk  43:15 Connecting with Wendy VkzkH79

Bob Carver CISM, CISSP, M.S. began his security career working in the financial industry. Later, Bob became the first full-time security employee hired to start the dedicated security monitoring and incident response team for Verizon Wireless. He has been involved in cyber risk management, policy, threat intelligence, and analytics. He was recognized by LinkedIn as one of the Top 5 Influencers in the World to follow in Cybersecurity. Most recently, he was on the expert panel for CES (Consumer Electronics Show) in Las Vegas discussing "Focusing on Security in Product Innovation."    00:00 Introduction  00:18 Our Guest  01:47 Bobs Beginning   05:02 How did Bob land his position at Verizon?  08:00 Budget issues  11:02 Why are companies so ineffective with Cybersecurity?  13:38 Cyber professionals not addressing business security implications  18:40 Malvertising  21:31 Not downloading everything off the internet   26:15 Curing your problems with a tool 

Peter Warmka is a Keynote Speaker, Author, Cybersecurity/Insider Threat Consultant, Founder of Counterintelligence Institute, and a retired senior intelligence officer with the U.S. Central Intelligence Agency (CIA) where he specialized in clandestine HUMINT (human intelligence) collection. 00:00 Introduction 00:19 Our Guest 01:39 How do you become a CIA Intelligence Officer? 05:59 Human Intelligence Gathering 08:27 Knowing the risks within the job 13:24 The Counterintelligence Institute 13:53 Statistics and TED talks 19:42 Change the name of Cybersecurity 22:03 Getting into the mind of a Hacker 27:19 Why would anyone target me? 30:11 Panama Papers 32:28 Success with Employee Awareness 34:57 Being cautious on the Social Media 40:45 Fake Profiles on Social Media 42:32 Advanced AI technology/ ChatGPT 43:20 The Dangers of Linkedin 49:43 Peters Book: Confessions of a CIA Spy 53:10 Contact Peter  ----------------------------------------------------------------------   More About Peter: https://www.count

Eric is an entrepreneur and the CTO of SOOS, a software technology company. He has 15+ years of experience in leadership, business strategy, and software team transformation with a broad set of skills. On top of that, Eric has formal training as a software and mechanical engineer.     00:00 Introduction  00:19 Our Guest  01:20 Software Engineering out of College  04:23 Being a Stay-at-Home-Dad  05:57 Entrepreneurship to Corporate   07:33 Everybody has a boss  08:53 Giving Interview Feedback   11:25 Opinionated Questions in an Interview  13:30 What is SOOS?  16:33 Minimum Viable Product (MVP)  24:27 Software tools: What works and what doesn’t?  29:18 People should become more aware  36:12 Compliance  41:03 SOOS tools  46:10 More news from Eric  ----------------------------------------------------------------------  Articles Mentioned:   https://soos.io/news/soos-launches-free-community-edition-sca-tool  ht

Dallas is a US Army Veteran and Cyber Professional. He has worked for many companies including PerimeterX, Blue Shield, PayPal, and HUMAN where he is currently the Threat Intelligence Analyst. He is skilled in Python, SQL, Information Security, JavaScript, Networking, and recently obtained a new certification in Cyber Threat Management    00:00 Introduction  00:16 Our Guest  00:45 What’s new from Dallas  02:34 HUMAN + Perimeter X  03:51 Cyber is not secure!  05:34 Phishing Emails  09:25 2 Human behaviors that cause breaches  13:24 Analyst Fatigue  15:56 Having Humans perform Automation is not proper automation  20:07 Realtor, Angel Investor, and more projects from Dallas  24:23 HBO Documentary with Dallas  35:32 More news from Dallas  38:14 Connecting with Dallas   Article Mentioned:  https://www.businesswire.com/news/home/20210330005240/en/White-Ops-Reintroduces-Itself-as-HUMAN-Signaling-Cybersecurity-Company%E2%80%99s-Dedicati

#SecurityConfidential #DarkRhinoSecurity  00:00 Introduction  00:20 Our Guest  02:15 Philippe’s Origin Story  07:42 Becoming a Leader  14:51 The Captain America Approach  18:20 Approaching Unknown Unknowns  22:34 How to monetize an open-source platform  26:19 Free Users  27:15 Where is Open source going?  28:34 CrowdSecs big announcement  32:01 Malevolent IP addresses Growing  33:25 Ensuring Accuracy  37:32 More about Philippe   Article Mentioned:  https://health.clevelandclinic.org/barometric-pressure-headache/  To learn more about Philippe visit https://www.linkedin.com/in/philippehumeau/  To learn more about Dark Rhino Security visit https://www.darkrhinosecurity.com ----------------------------------------------------------------------   SOCIAL MEDIA: Stay connected with us on our social media pages where we'll give you snippets, alerts for new podcasts, and even behind the scenes of our studio!   Instagram: @s

#SecurityConfidential #DarkRhinoSecurity  John Shegerian (pronounced "SHUH-GARE-EE-UHN") is the co-founder and Chairman/CEO of ERI, the largest fully integrated IT and electronics asset disposition provider and cybersecurity-focused hardware destruction company in the United States. He is also the co-author of the #1 best-selling book "The Insecurity of Everything: How Hardware Data Security is Becoming the Most Important Topic in the World” and the host of the IMPACT podcast.   00:00 Introduction  00:10 Our Guest   01:34 Johns Origin Story  05:34 The secret to success: Doing good for others  07:56 Advice for Future Entrepreneurs  11:00 ERI: SOC2 Compliance  12:05 What are the steps for recycling electronics?  15:33 Gold, Copper, Precious Metals  18:30 Is there a recycling issue forming with EV cars? How JB Straubel is involved  25:21 Hardware Hacking  30:55 What to do before throwing electronics away  38:07 Anything you can’t recycle?  42

Brian started his career as a systems analyst for the United States Army then became a Senior Systems Analyst for the United States Airforce. From then on, Brian grew extensive experience with a background in managing risk, security, compliance, business continuity, and governance for SaaS providers. He is currently a Security Test Manager for Adobe.    00:00 Introduction  01:05 The Army or the Airforce? Is one better than the other?  01:40 Brians Background  03:07 Pivoting into a new role  07:14 Credentials: What is important to get?  12:17 Is cybersecurity about a mindset or skill?  13:12 Communicating the Mindset  19:00 Risk Assessment process  24:30 100% Compliance   31:00 Getting pushback  33:47 Risk Quantification  36:36 Third-party risk  47:39 News for Brian  ----------------------------------------------------------------------   To learn more about Brian visit https://www.linkedin.com/in/briandavisit/  To learn more

Kenneth is a Senior Cyber Security Consultant at EY where he specializes in SIEM and SOAR technologies. He is also the Founder and owner of Ellington Cyber Academy, an E-Learning platform that teaches and trains people on how to use various SIEM and SOAR technologies so that they can transition or upskill themselves in their careers. On top of all that, Kenneth is also a part-time Associate cybersecurity instructor at the University of Houston and a Cybersecurity trainer at Blacks In Cybersecurity.    00:00 Introduction  03:08 The Chicken Tender Sub  04:13 How important are ingredients?  05:24 Passion for educating others  06:30 Leaving an impression with teaching  07:40 Being a good student  09:34 Tips you won’t get in College  11:06 Explaining in business terms  12:38 Why Cybersecurity?  14:35 An opportunity at Publix  15:30 Cyber Bootcamp  18:55 Why choose an analyst role?  20:45 SIEM vs Log Management System  23:10 What do you nee

#SecurityConfidential #darkrhinosecurity   Justin is a corporate M&A attorney, Author, Tedx and keynote speaker, and business advisor, with a deep background in cybersecurity. He uses a unique skill set to collaborate with executives to create and implement multi-layered strategies to better manage cybersecurity and data protection.  He co-hosts the “She Said Privacy/ He said Security” Podcast with his wife Jodi.     00:00 Introduction  01:52 Origin Story  03:19 Remote work: How attackers are successful  07:57 Cyber Proctology Exam  10:00 The Digital Seatbelt of the 21st Century  13:17 Cyber being an afterthought: How to change the mindset  14:20 Where does our Data go?  17:57 Can you have privacy?  19:10 Credibility Gap  27:00 Privacy Laws in Tech (Samsung, Tesla, Healthcare)  35:10 Data Reimagined: Building Trust  39:52 Bad Actors  42:48 Defense in Depth  48:38 A Message from Justin   ------------------

#SecurityConfidential #DarkRhinoSecurity  Brian is the Vice President of Worldwide Channels and Alliances at DTEX Systems. Brian has extensive experience in MSSP, Channel, Strategic Alliances, and OEM for high-growth security solution providers. Brian has a long history with cybersecurity OEMs starting with CA where I first met him. Brian has been with McAfee, Fireeye, Cylance, Stellar Cyber, and is now with DTEX Systems.    00:00 Introduction  01:18 Technology trends  02:30 Is the industry overcrowded?  05:49 DTEX: who are they and what do they do?  08:45 Compromised Machines  9:26 Endpoint detection  13:48 Where is DTEX Classified?  15:32 Managing Vulnerabilities on the endpoint 18:19 Working with Sectors  20:39 Customer Profile: How small is too small?  24:05 DTEX Cloud  25:23 Trends with Investors  28:00 Remote work: Can you trust your employees?  30:00 Remote work: Fake Linkedin Profiles  33:53 More about Brian  --------

#SecurityConfidential #DarkRhinoSecurity Greg Tomchick is a former professional athlete. He played in the minor league for three seasons for the St. Louis Cardinals. He is the author of the book Growing into you. He is driven by a passion for cybersecurity from an experience he had with a former company. He is currently the Partner and CEO of Valorr. They focused on identifying and mitigating cyber threats upfront and when necessary,  countering cyber attacks with targeted and strategic responses.   00:00 Introduction  01:36 Gregs Origin Story  04:15 Incubation Technologies 05:42 The right mindset  10:26 Cyberattack  15:12 Cybersecurity is a business problem  15:56 100% Cyber security?  16:56 Stimulation Output  17:50 How much cybersecurity is enough?  19:17 The process at Valor  22:38 Communicating with the Department of No  24:50 Advise for CEOs when talking about digital risk  27:16 Talking to the executive team  30:02 The Proactive side

#SecurityConfidential #DarkRhinoSecurity  Kevin is the director of cybersecurity data and application protection for Cleveland Clinic. He has over two decades of experience in software development and cybersecurity.  He has done work in embedded systems and attack surface reduction and has a couple of patents related to this. He is the president-elect for the Northern Ohio HIMSS Chapter. In his spare time, he supports Velosano in fundraising for cancer research.    00:00 Introduction  02:12 From Rockwell to Cybersecurity  04:53 Nation-state actors  07:32  FedEx and Merck Cyber insurance lawsuit  09:04 Cybersecurity awareness for healthcare. Is it discussed?  13:08 Getting the Executive's attention  18:19 Healthcare Data  21:55 Purple Team/Red Team: What is their role?  27:40 Getting the word out about Cyber  33:03 Embedded Systems: How big of a threat are they and how do we manage it?  37:22 Compromised Chips  38:16 Open source co

Ted Harrington is the #1 best-selling author of Hackable: How to Do Application Security Right. He’s also the Executive Partner at Independent Security Evaluators (ISE), the company of ethical hackers famous for hacking cars, medical devices, and password managers. He’s helped companies like Google, Amazon, Microsoft, Netflix, and more fix thousands of security vulnerabilities. Ted has been featured in more than 100 media outlets, including The Wall Street Journal, Financial Times, and Forbes   00:00 Introduction  01:04 More than a checklist  06:19 Investing in the wrong thing  12:51 Story #1 Why would Grandma care?  13:58 Story #2 Grain of Sand  15:48 Psychology security  17:56 Different types of Hackers  22:59 Changing the mindset  32:49 Embedding  34:31 Defense in Depth  40:26 Automation  43:51 Pen Test vs Vulnerability Scan vs Vulnerability assessment  49:47 More about Ted  50:58 Win a SIGNED copy of Teds Book   -------------

Derek is a military veteran. He has over 10 years of experience in infosec and IT. Derek is the Founder, Content Creator, and Podcast Host of Cyber Warrior Studios LLC, and a Senior Security Consultant at Seiso.   00:00 Introduction  01:25 Dereks Origin Story  04:20 Dereks Military Cyber background  09:13 Dereks Origin Story (cont.)  12:15 Why “Cyber Warrior”  14:50 Strategy  18:50 Defense in Depth  21:50 Prevention Paradox  22:49 100% Secure  26:30 What makes a good target?  30:34 How many companies are compromised and don’t know it?  33:05 What can we do?   35:07 Sony attack  38:46 Hackers & Malware  43:30 More About Derek   To learn more about Derek visit   https://www.linkedin.com/in/dschellerjr/ Visit Cyberwarriorstudios.com   Follow Derek on his Social Media Channels:  https://www.instagram.com/cyberwarriorstudios/  https://www.youtube.com/cyberwarriorstudios  https://www.facebook.com/Cybe

Zinet is a cloud security engineer at Best Buy, an award-winning children's book author, and speaker, and is working on her master's degree in Cybersecurity at Georgia Tech. She is the director of community outreach at Black Girls In Cyber.   00:00 Introduction  01:25 Why the United States?  03:55 Transitioning from Law to Cybersecurity  05:27 Why Cyber security?  07:00 What do you want to be when you grow up?  08:38 How did you learn about cybersecurity?  13:40 Culture, Diversity, and Heritage  16:10 Our Special Sauce  18:55 “Oh no…Hacked again!”  22:51 Online Gaming: What can parents/guardians do to help?  30:55 Cloud Security: What do businesses miss?  35:18 Blue Team vs Red Team  36:20 Repeating defenses   37:20 CISA Auditor: What should companies prep for?  39:20 Has the government gained more knowledge of Cybersecurity?  41:39 Advice for anyone changing careers?  46:13 Upcoming news for Zinet  47:13 Finding Zinets

Finishing off the Cyber Horror Story train is our Tech team..some of them.   These three brave souls WANTED to try the Lil Nitro Gummy Bear Challenge.   Some information:  -The Lil Nitro Gummy bear has 9 million Scoville units!  -The instructions are to chew the gummy bear for 30 seconds and then swallow.  -We ate right before starting this challenge... -After swallowing the gummy bear, the challenge begins; who can withstand the heat for 5 minutes?  -It is 900 times hotter than a jalapeno

#SecurityConfidential #DarkRhinoSecurity  Eddie is a Regional Sales Manager at DataLocker,  a bestselling author, and entrepreneur who has been featured on ABC, CBS, & FOX news affiliates. Eddie has worked with multiple Fortune 500 companies to improve their revenue and was named one of the top business professionals by the Chamber of Commerce. Eddie hosts the popular “Leaders in Cyber security” where he talks to cyber professionals about #InfoSec.    00:00 Introduction  01:50 “People have to be people”  05:30 U.N.L.O.C.K. Yourself  11:56 Humility   15:14 Who you want to be  16:30 Negativity  24:15 Twitter CISO News  29:27 Who owns the risk in the company?  31:30 Why CISOs don’t stay more than 2 years  35:58 vCISO or CISO?   40:30 What’s new for Eddie   Books Mentioned:  "The Compound Effect" By Darren Hardy   "THE ENERGY BUS: 10 RULES TO FUEL YOUR LIFE, WORK, AND TEAM WITH POSITIVE ENERGY" By Jon Gordon   "Unl

Hacker Valley Media's own Ron Eddings shares his personal horror story and how his past came back to haunt his future This October we wanted to do something different. So we came up with Cyber Horror Stories. These are 2-10 minute scary stories from your favorite guests. Now hold on, You'll still have new episodes of Security Confidential every Friday at 8 am. But now, you'll also have new Cyber Horror Stories every Monday, Wednesday, and Friday. To learn more about Dark Rhino Security visit https://www.darkrhinosecurity.com SOCIAL MEDIA: Stay connected with us on our social media pages where we'll give you snippets, alerts for new podcasts, and even behind the scenes of our studio! Instagram: @SecurityConfidential Facebook: @DarkRhinoSecurity Inc Twitter: @Darkrhinosec LinkedIn: @DarkRhinoSecurity Youtube: @DarkRhinoSecurity