UA-56961821-1 New Cyber Frontier

NCF-60 Security Information and Event Monitoring 101

January 16, 2018

Guest Joe Bonnell tells us the main problem in the Cyber Security Industry is the same thing we have struggled with for sixteen years. Joe and his company Alchemy Security provide solution for Security Information and Event Monitoring (SIEM) to their customers. If you asked yourself what is SIEM, than you will want to be sure to hear this show. 

Today's talk is not only for novice in SIEM but will be valuable for everyone. You will hear several great candid comments about the state of the CyberSecurity Industry as we discuss some challenges near and dear to the guest. I know we learned several thing in the course of the show as you will hear our host mention several times.

Visit our sponsors:

Cyber Resilience Institute

Internet Broadcasting Network

Logic Central Online

Storage Networking Industry Association

National Cybersecurity Center

 

00:0000:00

NCF-59 Things to do - Before Calling that High Priced Penetration Tester

January 9, 2018

BlackNight Cyber brings us some valuable information on how to avoid some of the high cost of top dollar penetration testers. Some of their competition may not like the free advice they give on todays show, but I think you will enjoy it. Today's guest Josh Stinson and Jeramie Crabtree, tell us to "stop and do these top 10 things" before calling that high priced penetration tester.

1) Know your business risks and identify your information crown jewels

2) Identify basic vulnerabilities using free version of Nessus

3) Identify what regulation is related to your business and how do you stand vs required thresholds.

4) Check that you do not use default Logins on: cameras, printers, routers, wireless networks

5) Determine if you use older Operating systems that are not supported by Microsoft: Vista or older will cause large amounts of time spent making penetration testing reports

6) Check for unknown wireless access points

7) Know your plan for "bring your own device" (BYOD)

8) Have an employee connected, informed, and attending CISO organization events

9) Connect with and attend local ISSA Chapter, ISC2 or NCC events

10) Subscribe to Cyberwire, HackFive, New Cyber Frontier, or other Cyber education series

We thank both of our guest and company BlackNight for the valuable direction on do-it-yourself actions to save us all some valuable resources.

 

Visit our sponsors:

Cyber Resilience Institute

Internet Broadcasting Network

Logic Central Online

Storage Networking Industry Association

National Cybersecurity Center

 

 

00:0000:00

NCF-58 Apozy Anti-Phishing & Anti Malware

January 2, 2018

Welcome to the new year, today...We have an update on Colorado Economic Development and a discussion on Anti-Phishing & Anti Malware with a guest from Apozy.

Make sure to participate in the Cyber Security Economic Development Survey:

http://www.surveygizmo.com/s3/4077063/Colorado-Springs-Cybersecurity-Survey

Our Guest for today's show is Rick Deacon, A self identified hacker of MySpace who was one of the earlier identifiers of web weaknesses which we know as Cross-Site Scripting. Apozy his company has products which work inside your browser to blacklist phishing and web based malware.

Hear about Ricks experience as a young hacker presenting at Defcon and how his experience shaped his approach to protect against phishing attacks.

 

Visit our sponsors:

Cyber Resilience Institute

Internet Broadcasting Network

Logic Central Online

Storage Networking Industry Association

National Cybersecurity Center

 

00:0000:00

NCF-57 Business Application Firewalls the Next Generation of Data Analytics

December 21, 2017

Bernard Harguindeguy CEO of Elastic Beam and the original developer of the Chrome browser purchased by Google is our guest for today's show. Bernard who has founded several startups over the last 30 years has an new venture in his latest startup Elastic Beam. Their technology which he describes as an API Security product monitors a companies data access interfaces known as Application Programing Interfaces (API) to provide security for the company's data.

Elastic Beam API Behavioral Security (ABS) applies AI techniques to API transactions for accurate attack detection, and insightful forensic and compliance reporting. After todays talk my take away is that it appears Artificial Intelligence is taking shape in some concrete applications.

 

Visit our sponsors:

Cyber Resilience Institute

Internet Broadcasting Network

Logic Central Online

Storage Networking Industry Association

National Cybersecurity Center

 

00:0000:00

NCF-56 Security and Privacy for Our Medical Records

December 13, 2017

Today' Guest Tim Hoffman has spent a considerable amount of time pursuing professional certifications, in fact he currently has close to 20 of them. Before we talk about the medical profession where Tim has spent the majority of this career, we want to hear about what inspired him to pursue so many professional certifications. We also ask him which were of the most value and which he would recommend for people at different career levels.

Tim also is a unique guest, as much of his career has been in the security and privacy of medical records. This industry is one we have not had many guest talk about, but it is one of the most important industry in need of cyber security solutions. Security for medical records is something which impacts everyone, while at the same time lacks in many areas. Tim provides some great direction on the balance between visibility of medical records and privacy of patient information.

 

Visit our sponsors:

Cyber Resilience Institute

Internet Broadcasting Network

Logic Central Online

Storage Networking Industry Association

National Cybersecurity Center

 

00:0000:00

NCF-SR9 Legislator Focuses on Using BlockChain for Cutting Edge Governance Programs

December 5, 2017

Todays show is one of my favorites in a long time. We talk about efforts that are near and dear to me in my own research on Blockchain. Colorado State Senator and Vice Chairman of Colorado Joint Budget Committee give us a sneak peak of thing in store for the future of government. Using BlockChain for Governance of social programs is the next sensible step for governments around the world. When systems like state medical care are leaking hundreds of millions of dollars a year, we can definitely see the value of a Cryptocurrency type application which would track accountability for all expenditures.

If we could recover that amount loss from one state program, what could we do if the State implemented all social programs using blockchain. Senator Lambert tells how Colorado is looking to be the first state to lead the way in this new era.

You will not want to miss this show. 

Visit our sponsors:

Cyber Resilience Institute

Internet Broadcasting Network

Logic Central Online

Storage Networking Industry Association

National Cybersecurity Center

 

00:0000:00

NCF-55 Penetration Testing Hear from the NSA Certified Experts at Plex

November 27, 2017

What is penetration testing? This mainstream buzzword in the cyber security industry may not be something that everyone is familiar with. Learn what is meant when you hear this buzzword. Today we speak to the experts at Plex-LLC who claim they are one of only 5 NSA certified Penetrations testing companies.

Our Guest Terry Bradley, talks about things like white teams, blue teams, and red teams, as well as some other terms in his line of work. I am glad to have him explain many of these acronyms which can even be confusing to those of us in the industry.

Thanks for talking about this important topic Terry.

 

Visit our sponsors:

Cyber Resilience Institute

Internet Broadcasting Network

Logic Central Online

Storage Networking Industry Association

National Cybersecurity Center

 

00:0000:00

NCF- CO7 Exploring Cyber Security Across the Community - DOD Office of Economic Adjustment Project

November 14, 2017

On this special Colorado News Update we have a panel discussion with the team from Pikes Peak Community College, Colorado Springs Economic Development, and Global Evaluation Firm Simon and Everett. Gretchen Bliss who leads the project for PPCC share news about this latest effort funded under a grant from the DOD Office of Economic Adjustment. Learn what Economic Adjustment Means to us and what types of involvement they will need from the community. 

We also Introduce the Vincent Persichetti the latest addition to the Colorado Springs EDC in the position of Director of Cyber Security Programs. Vincent has his work cut out for him as he is assisted by Daniel Spector and team with Global Firm Simon and Everett who have prepared similar evaluations for the DOD Office of Economic Adjustment across the country.

You will be interested to hear how we stack up to other regions that have undergone similar projects. 

Colorado Springs EDC

PPCC Cyber Program

Visit our sponsors:

Cyber Resilience Institute

Internet Broadcasting Network

Logic Central Online

Storage Networking Industry Association

National Cybersecurity Center

 

00:0000:00

NCF-54 Securing the Internet of Things

November 8, 2017

Dean Hullings of Forescout joins us today to talk about security for the millions of devices which are becoming internet enabled and used for countless application. This new trend with automated devices has become know as the Internet of things (IOT). For the most part IOT devices are popping up everywhere to add convenience to our lives, but also for example in the medical industry to help save people's lives.

Dean and company Forescout look at this problem of how to provide security for these millions of devices on our networks. If you have been in a hospital lately you will see 20 or more devices in every room all performing some monitoring, recordings, or data access operations for the medical staff to use. However security for these devices has been for the most part an afterthought, listen as we talk about the dangers presented and some solutions being offered by companies like Forescout.

 

Visit our sponsors:

Cyber Resilience Institute

Internet Broadcasting Network

Logic Central Online

Storage Networking Industry Association

National Cybersecurity Center

 

00:0000:00

NCF-53 Proactively Developing New Software with Security Built In

November 1, 2017

Today we talk about a subject that we don't hear often, which is about proactive approaches to security when designing new software. Our Guest Rob Cross is the Vice President of Pro Services Corporation (PSC). Our discussion is a good introduction to everyone to hear what the largest concerns are which face the Software industry. We discuss how many of the common hacks we all hear about could have been stopped with better software coding techniques. Do not worry, though you don't need to be a software developer to get something from today's show.

 

In the industry of security of software the Open Web Application Security Project (OWASP) is the best resource with the most recent software concerns and weaknesses. We reference best practices recommendations of OWASP and several tools that are new in the industry for developers to take control of this problem in the future. If you want to learn more the OWASP site keeps an up to date list of the top concerns in the industry that you can reference at any time.

 

Visit our sponsors:

Cyber Symposium

Cyber Resilience Institute

Internet Broadcasting Network

Logic Central Online

Storage Networking Industry Association

 

00:0000:00