Hashtag Realtalk with Aaron Bregg

In this special episode, I finally get a chance to do a virtual fireside chat with my talented and funny CISO Scott Dresen. I actually started working with Scott while he was the Chief Technology Officer for Spectrum Health. It was in this role that Scott down the path to becoming the Chief Information Security Officer for Corewell Health. So you can say he has been here for the entire Information Security program revamp that start...

*Disclaimer* While this episode deals with an incredibly important topic, there are potential dangers in doing this type of work. PLEASE do your homework and be well prepared should you go down this path, as your life can be impacted with a wrong turn.

In this episode, which is the first of a listener requested one around technical topics.

With cybercrime and threat actor activity on the rise, it is more important than ever to unders...

In this episode I talk with Tamer Baker around the not always clear topic of Zero Trust. While the term has been around while, it definitely gets overused by security vendors. However, because of Tamer's role as the Chief Technology Officer in the Healthcare space, he is also to bring several different points of view to the conversation.
 
Several of these are key to solving questions such as:

• Is Zero Trust truly e...

In this episode I talk with Matt Berzinski  about the important of understanding that identity is a journey not a destination. Matt is the Senior Director of Product Management for Ping Identity and has extensive knowledge about identity.

Talking Points:

• Realtime Fraud/Risk
• Orchestration
• Organizations (The importance of offload work that you don't need to do it)
• Single Sign On
• Multi Factor
• Identity Verification (Francis talked ab...

In this special end of summer episode, I sat down with Tyler Adams to talk about being in the trenches during the recent Crowdstrike incident and other interesting stories from the crazy summer. Tyler is an Information Security Analyst for Corewell Health. He works on the Security Business Engagement Team.

Talking Points:

• What was it like being in the trenches during the Crowdstrike incident
  • How having a Business Con...

In this episode I had a chance to have a candid conversation with Charles Henderson. Charles is a global managing partner at IBM and also happens to be the head of the X-Force team. IBM recently released the X-Force Threat Intelligence Index report for 2024.

While the report is delves into many different areas of Threat Intelligence, we concentrated on several key areas focused primarily on artificial intelligence:

• Pronounced inc...

In this episode I had a chance to sit down in person with the always insightful and never dull cybersecurity leader, Jim Kuiphof. Jim is the Deputy Chief Information Security Officer at Corewell Health. The topic for this casual conversation is Understanding Your Personal Risk Tolerance. More specifically, it speaks to understanding the different between your own risk tolerance and the business's risk tolerance.

Jim has talked ...

In this episode I had a chance to speak with Bryan 'Woody' Woodworth around simplifying and securing multi-cloud networking. Bryan is the Director of Solution Strategy for Aviatrix. As we are a few weeks into 2024 and the importance of understanding and utilizing multi-cloud strategies is becoming more and more apparent. 

Talking Points:

• What are the current trends in the industry pertaining to multi-cloud?
• Skills Gaps -...

In this special episode we celebrate the 4th annual holiday fundraiser podcast. It is already a blessing to raise money for great causes all while raising security awareness for small and medium sized businesses. The topic for this episode is one that is super relevant for this day and age of Digital Transformation. However, in keeping with the format of #RealTalk, we are going to explore some 'real world' use cases for u...

Have you ever wondered what it takes to get into the information security field? Have you thought how hard could it be? What about all of the big money I hear people make in this space? Well in this episode I talk with Mattalynn Darden and Esther Muchai about how hard it really is to break in.

If you are wondering how these two talented young women know, here is a little background on what they are currently doing and why it is rele...

*Disclaimer* Thoughts and opinion in this episode are solely myself or my guests and not necessarily reflective of our employers.

In this episode I had a chance to sit down with Matt Nelson and do the podcast from a very cool location.  Matt is a Senior Security Architect for Guidepoint Security. The topic of our rant was centered around all of the things 'wrong' with cybersecurity sales and why it hurts everyone.

Talking P...

In this episode I talk with Lloyd 'Lucky' Guyot and Alex O'Meera about The Center for Internet Security's Critical Security Controls. Lloyd is a Security Advisor for Optiv and President of the Grand Rapids ISSA Chapter. Alex is a Security Analyst for Stack Overflow and Secretary of the Grand Rapids ISSA Chapter.

Talking Points:

• How can the CIS 18 help an SMB build your security program?
• How can the CIS 18 help ...

In this episode I had a chance to speak with Chris Jordan and Al Wissigner about where a small and medium sized business (SMB) should start their security journey. This is especially important in this day and age of the ever expanding cloud infrastructure and Software as a Service (SaaS) models.  Both of these fine gentlemen work for Fluency and have a TON of experience working SMBs.

Talking Points:

• The idea of bridging the gap b...

Despite the recent push by some old school (re: outdated) leaders to force employees to return the office, remote work is here to stay. While we all talk about the importance of making remote work secure, there isn't much talk about how the experience for the end-users. Fortunately, there are some companies out there that are understanding the need to balance security, business and end user needs.

In this episode I talk with Me...

In this episode I head out to The Unicorn Tavern in Grand Haven, Michigan to talk Network Segmentation with Steve Barnes and Tyler Adams. Steve is an Enterprise Security Architect for Fortinet and Tyler is a Information Security Analyst for Corewell Health.

Talking Points:

• How has Network Segmentation changed in 2023?
• Who is responsible? Is that team being supported enough?
• How are you compartmentalizing things?
• Should you separate ...

A few years ago, the topic for the 3rd episode for the #RealTalk with Aaron Bregg podcast about Diversity 

And Inclusion in the Cybersecurity Industry. To this date it is one of the most downloaded episodes. Since that episode was publish a LOT has changed in the world. I felt that it was time to revisit the topic but with a little bit of a twist. The need for a twist comes from the fact that DEI in cybersecurity still where it need...

In this episode I had a chance to dive into a topic that is ripped straight from my day job. Multi Cloud Compliance. My guest for this episode is Mike Roman. Mike is a Senior Security Sales Engineer for Orca Security, which happens to be  the company that just won the 'Best Swag' award at Cloud Con last week!

In all seriousness though, more and more companies are having to rely on multi-cloud environments in order to keep ...

In this episode I break from the norm a little bit in order to delve into the minds of security leadership. These insights come from a recent Grand Valley State University Cybersecurity Masters Graduate, Isaac Beasley.

As part Isaac's Master's project, he interviewed 10 different cybersecurity leaders in the West Michigan area about a variety of different topics. For the sake of time, I concentrated on talking to the follo...

While PenTesting (i.e. hacking) may be the most visible part of Information Security, it is sometimes can lead to a false sense of security. In this episode I had a chance to talk with Nabil Hannan about rethinking your penetration testing strategy and moving towards Attack Surface Management. Nabil is the Field Chief Information Security Officer for NetSPI  and has a ton of useful information to share about starting this journey.

T...