Silent Sector LLC public
[search 0]

Download the App!

show episodes
 
Join three longtime cybersecurity professionals and their guests as they rant, rave, and tell you the nitty-gritty of cybersecurity that nobody else talks about in their fancy marketing materials and trade show giveaways, all so you can protect your organization from cyber criminals. This cybersecurity podcast even pairs well with the international best-selling book "Cyber Rants: Forbidden Secrets and Slightly Embellished Truths About Corporate Cybersecurity Programs, Frameworks, and Best Pr ...
 
Loading …
show series
 
Is there really such a thing as "offense" in cybersecurity? This week, the guys discuss how it's possible to proactively protect organizations against criminals and how to identify potential attacks so you can stop them before it's too late. They share the realities of offensive cybersecurity and "hacking back." Pick up your copy of Cyber Rants on …
 
Think that cybersecurity is all about protecting data and achieving compliance? Think again! This week the guys share real-world examples about companies using cybersecurity to grow revenue, create a competitive advantage, and become market leaders! Learn how to use your cybersecurity program to create an outstanding return on investment! Pick up y…
 
This week, the guys continue to walk through the NIST Cybersecurity Framework, by discussing the Detect, Respond, and Recover control categories. They rant about logging, SIEMs, and incident response when you're facing a worst case scenario. Pick up your copy of Cyber Rants on Amazon. Looking to take your Cyber Security to the next level? Visit us …
 
A cybersecurity framework is the foundation of any good cyber risk management program but many people are not familiar with what a framework really is and what they include. This week the guys reveal the importance of following an industry-recognized cybersecurity framework and begin walking through the National Institute of Standards & Technology …
 
This week, the guys discuss cybersecurity for healthcare companies. From medical facilities and laboratories, to MedTech, benefits companies, and healthcare services firms, the medical world faces its own set of challenges. The guys share thoughts and strategies around HIPAA compliance, dealing with deprecated medical technologies, and assessment p…
 
This week the guys discuss physical security controls (and lasers) to ensure that your organization is both secure and compliant! Cybersecurity doesn't stop at technology implementation. If you follow NIST 800-171, CMMC, PCI-DSS, or a number of other compliance requirements, you'll need to physically secure your premises to protect systems and data…
 
This week, the guys are joined by Eric Adams, experienced CISO and FedRAMP Strategist discuss what precisely is FedRAMP, why should organizations consider it for their structure, and the steps to make it happen. Follow Eric on LinkedIn Here - https://www.linkedin.com/in/eadams2/ Pick up your copy of Cyber Rants on Amazon. Looking to take your Cyber…
 
This week, the guys deviate a little from the usual format and discuss some of the latest trends in Cybersecurity, and rant on what's on their minds, no matter how off-topic it may be! Pick up your copy of Cyber Rants on Amazon. Looking to take your Cyber Security to the next level? Visit us at www.silentsector.com. Be sure to rate the podcast, lea…
 
It's a wild market for cybersecurity services, often confusing buyers and selling companies less than ideal solutions. The question is, what cybersecurity services are the best fit for your organization's needs? This week, the guys discuss the pros and cons of the common services to help you understand the best fit. From Managed Security Services P…
 
It is important to know what you're getting into when you invest in a cybersecurity services firm to help with security and compliance! There are critical considerations and points you must know in order to get the most from your cybersecurity services company. This week, the guys discuss how to properly engage your cybersecurity firm to make sure …
 
What do you think of when you hear "Red Team vs. Blue Team"? Board or video games, military exercises, or cybersecurity terms? This week the guys discuss Red Teaming as it relates to cybersecurity and penetration tests, when Red Team Testing is an appropriate method and when other colors are better, plus the critical considerations you need to thin…
 
In today's Cybersecurity Gold Rush, we see so many new technology products claiming to solve the world's problems and companies promoting the newest trend of the week. However, are the new tools and products really measuring up? What can technologies really do for you and when do you need the human element? This week, the guys discuss where tools p…
 
The transition to a remote workforce has left many companies wondering how they'll achieve compliance with various requirements like CMMC, ISO 27001, and SOC 2. Meanwhile, remote workers have made it easier than ever for cyber criminals to attack. This week, the guys discuss securing a remote workforce and meeting compliance requirements, sharing p…
 
This week the guys discuss some of the bigger cybersecurity struggles for mid-market and emerging companies. Developing an effective incident response plan is a major challenge and when done incorrectly, can cause a lot of damage. The guys also share struggles SaaS companies face when they're inundated with cybersecurity questionnaires that are hol…
 
This week the guys reunite for the first episode of 2022 by taking a look into the future. With their crystal ball of predictions, the guys look into the future of cybersecurity, ranting about potential trends, exploits, and tips for you to stay ahead in the new year! Plus, they share some housekeeping tips and how to "tidy up" your cyber risk mana…
 
Cyber insurance is a critical part of any risk management program and something that every company must have. Finding the right policy with the proper coverage can be tricky and the major insurance companies are not always the best fit. This week the guys talk with cyber insurance expert, Tony Robbins, about the fundamentals you must know to proper…
 
Cyber criminals can learn more about you than you ever realized. Open Source Intelligence (OSINT) often exposes information that you didn't realize was available to the public. Cyber criminals use OSINT to find weak spots in cybersecurity and exploit employees through social engineering. This week, the guys unwrap the fact that while Open Source In…
 
If your organization is growing and is getting ready to build its own InfoSec team, this week's episode is for you. The guys discuss the "Who's Who" of cybersecurity, explaining the key players that growing organizations need when maturing their cybersecurity programs. From Chief Information Security Officers to Architects, Engineers, and Project M…
 
Is being compliant the same as being secure? If you're meeting all the requirements, are you adequately protected? This week, the guys discuss the differences, nuances and overlaps between cybersecurity and compliance, plus how you can simplify alignment to multiple compliance requirements. Pick up your copy of Cyber Rants on Amazon. Looking to tak…
 
Are your executives and board members struggling to understand cyber risk? This week, the guys are joined by David Moon of Arx Nimbus, a company that turns cyber risk into the language that all business leaders understand. David shares how they translate cybersecurity into financial metrics that allow organizations to make better risk management de…
 
This week the guys discuss the good steps forward that are making the cybersecurity industry strong, from awareness to technologies, education to growing the workforce. They share the silver linings in the turmoil, plus some areas for improvement in the industry. Pick up your copy of Cyber Rants on Amazon. Looking to take your Cyber Security to the…
 
This week, the guys welcome a new member to the team, longtime technology professional, David Baker! They discuss his experience in helping small businesses with IT and security, plus the challenges SMBs are facing with new cybersecurity and compliance requirements. This episode is perfect for any businesses struggling with stepping into today's IT…
 
This week, the guys discuss wireless penetration testing and explain many of the common findings that are revealed through the testing process. They provide an indepth look at how wireless penetration testing works and why certain organizations should make it a part of their annual cyber risk assessment process. If you're wondering about the risks …
 
There is a lot of news about cyber attacks but the big question is, "Do people actually care?" This week the guys rant about cyber crime and how it affects people and companies who often don't care until it's too late. Through real-life examples, horror stories, and tips to help you stay protected, this episode is not one to miss! Pick up your copy…
 
This week the guys share what Silent Sector is all about, from the origins of the company to what makes the services and methodologies stand apart. The guys share their "why" behind what they do and what they are working to change in the world of cybersecurity. This episode is perfect for anyone wanting to know about Silent Sector at a deeper level…
 
This week, the guys share simple tips that individuals and very small businesses can use to protect themselves and their data from cyber criminals, even without any technical background or experience! These are the basic cybersecurity measures that everyone should follow. Pick up your copy of Cyber Rants on Amazon. Looking to take your Cyber Securi…
 
This week the guys share what they saw in the cybersecurity and IT industries from the start of COVID to the current day. They share what went poorly as well as lessons learned and why our Nation's cybersecurity will come out stronger than pre-COVID. Pick up your copy of Cyber Rants on Amazon. Looking to take your Cyber Security to the next level? …
 
For some organizations, vendor vetting for cyber risk management is a process that runs like a well-oiled machine. For most, it's a tedious and challenging nightmare. This week, the guys discuss the vendor vetting process from both sides, vetting your vendors and navigating the vetting process of your prospects. They share how organizations of all …
 
This week, the guys discuss technical controls to protect your employees and protect your company from its own employees. From honest mistakes to gross negligence and malicious activity, proper protections minimize employee related cyber risk. The guys also share tips for configuring and issuing devices to your team members, which is especially cri…
 
This week, the guys welcome Heather Monthie, PhD, who's illustrious career has blended her passions for cybersecurity, aviation, and education. She has been an integral part of K-12 and university education systems, developing STEM programs that build a stronger technology workforce. Heather shares her insight about the world of cybersecurity educa…
 
Nobody loves cybersecurity governance documentation like we do! This week, the guys discuss cybersecurity policies and why the proper policies make all the difference for security, compliance, and audits. Plus, learn what documents are most important, why the "one size fits all" cybersecurity policy templates don't work, and how to build documentat…
 
From PII and PHI to intellectual property and sensitive business information, the guys talk about how to keep your sensitive data from leaking to the outside world. While there is no single answer, they cover both technology and governance tips to keep your data where it belongs. Plus they rant to everyone, "Don't be a data hoarder!" Pick up your c…
 
What's the difference between having an Incident Response Plan and just "winging it"? This week the guys talk about their real world cybersecurity incidents and share their knowledge about proper planning and preparation. Learn what goes into incident response planning, who should be involved, and how to ensure everyone is on the same page for quic…
 
This week, the guys take a deep dive into the intricate world of Cyber Risk Assessments. They cover best practices from choosing an industry recognized cybersecurity framework, to scoping and preparing for your cyber risk assessment, plus how to make cybersecurity standards like NIST, CSF, and CIS Controls work for your company. They discuss how th…
 
Cybersecurity is critical for financial services organizations but many mid-market and emerging companies struggle tremendously with their cyber risk management programs. This week, the guys talk about cybersecurity programs for financial institutions, sharing specific considerations for the industry including staffing, risk assessment, penetration…
 
This week, the guys talk about a topic that everyone loves, PCI (Payment Card Industry) Compliance! They rant about PCI-DSS compliance levels and standards, plus what first timers need to consider when preparing for a PCI audit. They share tips about how to make your PCI compliance process simpler throughout the year and how to deal with the QSA (a…
 
This week, the guys discuss cybersecurity for healthcare organizations. They dispel the myth that healthcare cybersecurity is completely unique while also sharing the healthcare nuances that don't apply as frequently in other industries. From healthcare risk assessment to policies, HIPAA compliance, and even physical intrusion testing, the guys sha…
 
There's no "right way" to get started in cybersecurity but there are a lot of different paths. This week, the guys talk about their career paths starting from the ancient IT world and moving into modern day cybersecurity disciplines. They share some of the most important skill sets that you rarely hear about, plus tips and tricks to succeed. Pick u…
 
Zach and Lauro discuss 10 common cybersecurity myths that are causing business leaders to make poor decisions and making companies an easy target for cyber criminals. They clear up these myths and share how you can be better informed if you hear something that doesn't sound quite right. Pick up your copy of Cyber Rants on Amazon. Looking to take yo…
 
This week, the guys discuss Social Engineering - the most common way cyber criminals get access to their targets. They discuss the controls smart companies are implementing to prevent their staff from falling for cyber criminal scams and how to minimize exposure resulting from human error. Pick up your copy of Cyber Rants on Amazon. Looking to take…
 
This week, the guys welcome back Ed Escobedo, former Head of Technology Risk Management for PayPal, CIO of Apollo Education Group, VP for DHL and Charles Schwab, and currently Silent Sector's Chief Strategy Officer. They share how to bust through the growth roadblocks that CISOs hit when improving their organizations' cybersecurity programs. They a…
 
This week, the guys dive into the rapidly growing topic of SOC 2 Audits. The SOC 2 Audit is widely becoming a requirement for B2B technology companies serving large enterprise clients. As both SOC 2 auditors and the guys who help companies prepare for audits, they cover common misconceptions such as the SOC 2 being all about IT security. They talk …
 
This week, the guys dive into all the "fun" requirements that U.S. Government defense contractors are facing when working with Controlled Unclassified Information (CUI), including the NIST 800-171 Self-Assessment and getting CMMC certificatied. They share their insights and experience about how organizations align to these requirements and what's i…
 
Companies are turning to Virtual CISO and CISO as a Service providers for help as cybersecurity requirements continue to grow. Is hiring a vCISO always the right option? What are the pros and cons? How do you find a good one? This week the guys answer these common vCISO questions and more. Pick up your copy of Cyber Rants on Amazon. Looking to take…
 
The "cloud" is arguably one of the most common topics of discussion in technology today, primarily for its cost savings and accessibility benefits. However, it's also a hot topic for cybersecurity professionals and not always for the best reasons. This week, the guys discuss cloud considerations for organizations of all sizes, providing recommendat…
 
This week in the final part of our Penetration Test Mini-Series, the guys discuss the realities of automated vs. manual penetration tests and what those terms actually mean. They also talk about timeframes, approaches, and situations that seem to cause some confusion for companies undergoing their first penetration test. Pick up your copy of Cyber …
 
This week, the guys continue their penetration testing discussion, covering the following common questions: How often should your organization conduct a penetration test? What's the right approach, red team or purple team? What should you see in your penetration test reports? Pick up your copy of Cyber Rants on Amazon. Looking to take your Cyber Se…
 
This week we take a deeper dive into penetration testing. The guys discuss why it's important to consider the reason behind a penetration test and some different methods of testing to consider. In addition, they cover options that companies can take in their testing initiatives, along with providing best practices for companies getting their first …
 
Penetration tests are vital for nearly every organization to see how secure they really can be. While the demand for them is higher than ever, it can be a bit tricky on deciding what test which penetration test provider is best for you, along with figuring out if a penetration test is right for you. This week, the guys answer these questions and gi…
 
This week the guys discuss why it's vital for an organization to have Network Architecture Diagrams, discuss best practices for building them (scotch can help), and explain why a little effort now will make your work life so much better. Pick up your copy of Cyber Rants on Amazon. Looking to take your Cyber Security to the next level? Visit us at w…
 
Loading …

Quick Reference Guide

Copyright 2022 | Sitemap | Privacy Policy | Terms of Service
Google login Twitter login Classic login