Dark Rhino Security Podcast

Founder, CEO of Prevailion. He is the host of the podcast the introverted iconoclast. He has been in infosec since the 90s.  He was the former director of intelligence at Mandiant. He is a serial entrepreneur. In 2011, his second company, Unveillance’s, success resulted in disrupting the malicious operations of the hacker collective, Anonymous. He has been featured in news outlets throughout the country.    00:00 Introduction  01:40 Why entrepreneurship? What’s your driver? Advice?  09:10 The Introverted Iconoclast  16:20 Keeping Cyber Interesting  18:47 Unveillance   21:44 Anonymous  26:01 The minds of Bad Actors 32:14 Sea Cucumbers and Armadillos   35:22 Reducing the dwelling time  37:03 How do I know I’m a target?  42:00 Do you get threatened?  43:54 How is Prevailion doing this?  49:00 Polymorphism of Malware  52:20 Artificial Intelligence   54:50 Connecting with Karim   To learn more about Karim visit https://www.

#SecurityConfidential #DarkRhinoSecurity  Paul is an experienced Cybersecurity executive with many skills, including being an expert on Cloud Computing. He has worked as an information security leader for Truist, Head of Cloud Security for SunTrust, and Security Architecture for Capital One. He is also a contributor to CIO Review and most recently in IDGs CIO Think Tank Roadmap report on Setting the Multi-Cloud Agenda.     00:00 Introduction  01:58 Pauls Background  13:24 Learning to take risks with your job  17:31 Advice for your career  19:00 More about Paul's background   26:00 Clear Program  28:04 Malware and Bad Actors  37:20 True Stories  42:05 Microsoft, Google, Amazon  45:10 The Cloud  47:00 Top 5 tips for Companies to look at when mobilizing  49:50 Asset managers   51:45 Connecting with Paul   To learn more about Paul visit https://www.linkedin.com/in/paulhamman/  To learn more about Dark Rhino Security visit h

Dallas is a US Army Veteran and Cyber Professional. He has worked for many companies including PerimeterX, Blue Shield, and PayPal. He is skilled in Python, SQL, Information Security, JavaScript, Networking, and more.      00:00 Introduction  01:10 Did you get your skills from the military?  08:41 Transitioning to civilian life   14:25 Rules of thumb when designing a website so you’re less prone to getting hacked  21:45 Credit Card frauds  26:35 Analyze, Understand, and Influence  29:48 Ransomware Attacks  31:05 Raising employee awareness about Phishing   34:39 Making Cyber interesting  39:11 HUMAN Security  47:06 How many companies have it right?  49:20 Tips for Small Businesses  56:40 Upcoming events for Dallas   To learn more about Dallas visit https://www.linkedin.com/in/dallascbaker/    To learn more about Dark Rhino Security visit https://www.darkrhinosecurity.com SOCIAL MEDIA: Stay connected with us o

#SecurityConfidential #DarkRhinoSecurity  Joshua is the CISO at H&R Block. He has deep experience in designing and building information security programs. He is an expert on Zero Trust. His approach to information security is to transparently support and drive business initiatives, leveraging security capabilities to differentiate companies from their competition. Josh has spoken at InfoSec World, InfraGard, and ISSA and he is a SANS mentor. In short, he is a master of helping companies reduce risk.    00:00 Introduction  01:14 Joshuas Background  05:18 Why having different backgrounds in cyber is so important  15:06 Using Cybersecurity as a competitive advantage  17:04 Brand Loyalty program  23:35 How do you measure and monitor risk?  30:30 Establishing a culture in Cybersecurity  33:10 Getting the Cyber sec people to understand the business   36:00 Understanding the WHY 37:36 Amazon, Microsoft, Google myth  40:40 Zero Trust vs SASE 45:00 Preve

Josh Harrington is a CISSP, CCSP certified Director of IT and Security at Wattpad. He has a degree in Information Technology with a specialization in Networking and IT Security and a minor in operations management. With nearly a decade of cyber and IT-related experience, Josh has utilized his knowledge of industry threats and emerging technologies to guide businesses in advisory roles from implementation to leadership development both internationally and in the Greater Toronto Area. 00:00 Introduction 01:22 Josh’s story 03:10 The challenge of a Cybersecurity career 04:00 How has your previous experience helped prepare you for your position today? 05:55 Hands-on Experience: required or not? 07:42 Wattpad 08:22 Security Challenges for open-source platforms 11:50 Top 3 areas of Security 15:10 Must have Security tools 16:20 The Future of Cyber: Where is it going? 21:13 3rd party risk 23:40 Key points for employees regarding security 27:32 Message for young cyber professionals 33:37 What has helped you grow in IT?

#SecurityConfidential #DarkRhinoSecurity  Kicking off Season 7 with Ron Eddings. Ron is a Cybersecurity Advocate, Creative Director, and Podcast Executive Producer. Ron has been a cybersecurity practitioner. He has worked as an architect at Palo Alto Networks and Demisto. He is currently the Creative Director for Axonius and is also the Co-founder & Executive Producer of Hacker Valley Studios.     00:00 Introduction  01:20 How did you start in Cyber?  06:13 Marcus Careys Guide to Success  07:55 Your spiritual guide to pursuing your passion  12:03 The Mind, the Body, and the Spirit  15:50 Maintaining your Sense of Wonder  19:40 Your Superpower 23:15 Learning and Teaching  28:20 Making Cyber entertaining  35:12 What is the value of Cybersecurity?  39:20 Vulnerability management  42:00 OKTA and Passwords  43:00 Infosec programs that worked and ones that didn’t  48:15 The Department of “no”  49:25 News with Ron   To learn mo

Jake is the SR. Director of Security Strategy at VillageMD. He has over 20 years of IT and Security experience building, operating, and enhancing: Risk Management, Security Awareness, and governance. He has worked with many "C-suite" executives and boards of directors. He is a graduate of the University of Pittsburgh Katz School of Business   00:00 Introduction  02:04 VillageMD  03:28 Walgreens and the Minute Clinic  05:01 How has Cyber security changed the Healthcare business?  07:50 Why is patient healthcare data worth more money than credit card information?   10:30 Making the data less valuable  16:50 What are some policy positions we could take?  18:57 What is motivating bad actors to get healthcare data?    22:50 Cyber insurance  26:40 3rd party risk  30:05 Doctors and mobile devices vs HIPAA?   39:10 More on Jake    To learn more about Jake Belcher visit https://www.linkedin.com/in/jakebelcher/  To learn mor

#SecurityConfidential #DarkRhinoSecurity Greg Schaffer joins us on this episode of Security Confidential. Greg founded vCISO services in 2017 to help SMBs. He has over 33 years of experience in IT and security including over 15 years at the CISO level. Greg is the host of the virtual CISO moment podcast and authored information security for small and mid-sized businesses. 00:00 introduction 01:37 How did you get into Cyber? 04:40 What brought you to SMB? 07:00 Equifax Breach 10:30 Defense in Depth 13:05 Doing more than just checking the boxes 19:40 Cyber insurance 24:00 Some ways SMBs get breached 28:00 Ransomware 30:40 SMB: What to do if you don’t have the resources? 36:44 How much money should SMBs spend on cybersecurity? 38:24 Should the CISO work for the CIO? 42:17 Metrics for decision-makers 45:20 Russians and the Chinese 49:00 Meeting Greg   CU Intersect conference is July 18-20. Link https://cuintersect.com/  RETR3AT Link: https://www.montreat.edu/about/events/retr3at/   Greg's podcast:

#SecurityConfidential #DarkRhinoSecurity  Eddie Thomason joins us for this week's episode of Security Confidential. Eddie is a Regional Sales Manager at DataLocker,  a bestselling author, and entrepreneur who has been featured on ABC, CBS, & FOX news affiliates. Eddie has worked with multiple Fortune 500 companies to improve their revenue and was named one of the top business professionals by the Chamber of Commerce. Eddie hosts the popular “Simply Secure Podcast” where he talks to cyber professionals about #InfoSec. When he is not talking or working in cyber, he can also be found creating cutting boards and wood furniture with his passion project ET Woodworks.    00:00  Introduction  04:07 How did you establish credibility with C-suite without trying to sell them anything?  09:02 Referring clients to other companies. Has that gotten you into trouble?   11:17 How SMBs should navigate through the sea of Cybersecurity?  15:40 Questions to ask MSSPs   19:22 F

Rory Meikle hosts this episode of Security Confidential with Erika Carrara. Erika is an influential, strategic, business-focused, and highly accomplished C-Suite executive. She has accomplished many things such as being a CISO, Director of Information Technology, Penetration Tester, an IT Security Specialist, and many more. Erika is also a Veteran of the United States Army and Mentor. She is currently the CISO of Wabtec Corporation.   00:00 Introduction  00:49 How did you start your career in cybersecurity? Was it something you did while in the military?   03:03 Advice for younger individuals stepping into cyber  04:27 Advice for Veterans transitioning into Cyber  06:29 Due diligence process when looking at an acquisition?   13:40 ISO 27,001  17:04 Security Frameworks for Small Businesses   22:00 What motivates bad actors?   26:40 Are there policies that you think the government should adopt that would better deter bad actors?   34:18 Can you s

#SecurityConfidential #Darkrhinosecurity   Endre Jarraux Walls is the EVP and CISO for Customers Bancorp and Customers Bank. He provides leadership to the Bank’s technology risk, digital compliance, security operations, governance, resilience, physical security, and cyber fraud departments of Customers Bank. He has held all 3 C-level roles in the technology industry, as an award-winning CIO, CTO, and now CISO. Prior to joining the Bank, he served as an executive in Healthcare, Telecom, and more. He was recently recognized as one of the top 40 under 40 leaders in the greater Philadelphia region, is a 2021 Top 100 CISO, was recognized as a top 10 global CISO in 2020, and received an American Cyber Awards honor in 2020.  He attended both Capella University in Minnesota for his BS in Information Technology and Yale University’s School of Management for Executive Education.   00:00 Introduction  01:17 How did you start your career in cybersecurity?  03:05 Is (General Electric, Nuclear Indu

#SecurityConfidential #DarkRhinoSecurity  00:00 Introduction  01:20 Penetration testing  05:50 Walking through Risk Analysis   08:07 SQL injections   09:50 3rd Party Risk. What does it mean?  11:30 How to protect yourself when using open sourced code  15:33 Google, Amazon, and Microsoft  16:30 Being on the Cloud and in the Cloud  18:40 Communicating to the executives  20:10 Cybersecurity as a Revenue Service  25:55 MFA issues and vulnerability   29:52 Smart Phones  37:56 Penetration tests on Mobile Devices  41:37 More about Nat   To learn more about Nat Shere visit  https://www.linkedin.com/in/nathaniel-shere  Links to Nat's blogs as mentioned in the video:  https://www.craftcompliance.com/post/7-steps-to-website-security-worth-bragging-about  https://www.craftcompliance.com/post/penetration-testing-the-what-the-why-the-how  https://www.craftcompliance.com/post/getting-the-most-out-of-penetration-testing 

#SecurityConfidential #darkrhinosecurity   Brian Haugli joins host Manoj Tandon on this week's episode of Security Confidential. Brian is a Managing Partner and Chief Executive Officer at SideChannel. Brian has been driving security programs for two decades and brings a true practitioner’s approach to the industry. He has led programs for the DoD, Pentagon, Intelligence Community, Fortune 500, and many others. Brian is a renowned speaker and expert on NIST guidance, threat intelligence implementations, and strategic organizational initiatives. He is also a contributing author for the latest book from Wiley, “Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework“. Lastly, he is a professor at Boston College, in the Woods College of Advancing Studies, Master’s Program in Cybersecurity.   00:00 Introduction  01:50 How do you see the threat landscape changing in cybersecurity?  05:00 Do you think the mid-market understands that cybersecurity is not an

#SecurityConfidential #DarkRhinoSecurity  Tim Chase joins host Manoj Tandon on this episode of Security Confidential. Tim Chase is a Field CISO, Professional Speaker, Author, Ethical Hacker, Certified Application Security Engineer, etc. He is also a LinkedIn Learning Instructor who writes training modules about DevOps and DevSecOp. Tim is an expert at resolving challenging security incidents with a short turnaround time. He is a graduate of Tennessee Tech and the University of Phoenix.   00:00 Introduction 01:13 The problem of Ransomware, how do you see it evolving over in the near future? 05:17 Third-Party Risk 06:21 Applications built on open source code and how to ensure their security? 11:45 What do you see as the Top 3 root causes of security incidents? 14:40 Deep Provisioning 22:22 Step-by-step on how to build a cybersecurity program for SMB 32:05 How to make Cybersecurity logical when coaching a young cybersecurity team. What foundational elements do you emphasize? 37:30 Companies use Cyberse

#SecurityConfidential #DarkRhinoSecurity  Dr. Joseph J. Burt-Miller Jr talked with host Manoj Tandon on this episode of Security Confidential. Dr. Joseph is a Veteran, Father, Husband, and GRC-Focused Cybersecurity Professional among many other things. Dr. Joseph J Burt-Miller Jr. is a product of Mt. Vernon, NY. He is an Air Force Veteran and a Capella University graduate with a myriad of experience within IT, cybersecurity, cloud-based applications, and biometric identity management for the United States government.    To learn more about Dr. Joseph J. Burt-Miller Jr visit https://www.linkedin.com/in/drjjbmj/  To learn more about Dark Rhino Security visit https://www.darkrhinosecurity.com

#SecurityConfidential #DarkRhinoSecurity  Articles mentioned:  https://www.kaspersky.com/resource-center/threats/ransomware-attacks-and-types  https://www.backblaze.com/blog/complete-guide-ransomware/  https://www.tomsguide.com/us/ransomware-what-to-do-next,news-25107.html    To learn more about Ransomware, listen to our podcast video with Ransomware expert Dennis Underwood here  https://www.youtube.com/watch?v=DJoVdcMGzE0    To learn more about Dark Rhino Security visit https://www.darkrhinosecurity.com

#SecurityConfidential #DarkRhinoSecurity Brian Stoner joins us today on Security Confidential. Brian has a long history with cybersecurity OEMs starting with CA where I first met him. Brian has been with McAfee, Fireeye, Cylance, and is now with Stellar Cyber. Brian has been in the business of helping companies build their channels.   00:00 Introduction  02:04 What are the elements of a successful cybersecurity channel program? 06:10 Is there an inherent conflict with having a salesperson be managing a partner?   08:12 Where do the programs have mismatched expectations between the OEM and reseller?  13:20 Is the pure Var model the way forward? Are clients in cybersecurity not locking more for a total solution for defense in depth vs a pure technology play.  16:11 What market sectors in cybersecurity do you see doing well in the coming year?  20:17 Explain what is XDR?  31:28 How have you been able to avoid the pitfalls of storage and compute power as it relates to the cloud?

For individuals to get hacked is very common. Getting hacked is regardless of an individual's demographic. Even well-protected personalities like Donald Trump have been hacked. The sad reality is much could have been done by the individual to prevent it. Dark Rhino Security shares some very simple and basic information security knowledge for individuals to take control of their online accounts.  Research from the video:  https://www.washingtonpost.com/world/...  https://www.nytimes.com/2021/09/13/te...  To learn more about Dark Rhino Security visit https://www.darkrhinosecurity.com

Manoj Tandon and Tyler Smith talk about Incident Response in this episode of Dark Rhino Security's Security Confidential

Confidence Staveley joins host Manoj Tandon in this week's episode of Security Confidential. Confidence joins us from Lagos, Nigeria, where she talks to us about her career in Cyber and how she is helping young women break the stereotypes. She is a Cyber Security Professional, Author, and Entrepreneur. She is the founder and executive director of CyberSafe and NoGoFallMaga. Confidence was also the winner of the Cyber Security Woman of the Year 2021 award. 00:00 Introduction 01:25 How Confidence started in Cyber 06:07 Cyber Security in Nigeria 10:24 Cyber Security Woman of the Year 15:56 CyberSafe Foundation 17:46 Biggest Challenges 19:58 Women in the role of Cyber 24:42 Stereotypes for Women 31:28 Cybersafe for businesses 35:55 CyberSafe success stories 42:43 Cyber advice from Confidence 46:33 Closing