Welcome to my little corner of the Internet! In this channel I give 'real talk' about information security and technologies that impact both your business and personal lives. I try and focus on issues and items that can help you become more 'security curious'. The ultimate goal of help protect your personal and professional well being. Legal Disclaimer - All of the security advice that I give is 'as is' and does not constitute real paid professional advice. As with everything security related, please seek second opinions from paid professionals. Photo by Jonathan Farber on Unsplash
Have you ever wondered what it takes to get into the information security field? Have you thought how hard could it be? What about all of the big money I hear people make in this space? Well in this episode I talk with Mattalynn Darden and Esther Muchai about how hard it really is to break in.
If you are wondering how these two talented young women know, here is a little background on what they are currently doing and why it is rele...
*Disclaimer* Thoughts and opinion in this episode are solely myself or my guests and not necessarily reflective of our employers.
In this episode I had a chance to sit down with Matt Nelson and do the podcast from a very cool location. Matt is a Senior Security Architect for Guidepoint Security. The topic of our rant was centered around all of the things 'wrong' with cybersecurity sales and why it hurts everyone.
In this episode I talk with Lloyd 'Lucky' Guyot and Alex O'Meera about The Center for Internet Security's Critical Security Controls. Lloyd is a Security Advisor for Optiv and President of the Grand Rapids ISSA Chapter. Alex is a Security Analyst for Stack Overflow and Secretary of the Grand Rapids ISSA Chapter.
In this episode I had a chance to speak with Chris Jordan and Al Wissigner about where a small and medium sized business (SMB) should start their security journey. This is especially important in this day and age of the ever expanding cloud infrastructure and Software as a Service (SaaS) models. Both of these fine gentlemen work for Fluency and have a TON of experience working SMBs.
Despite the recent push by some old school (re: outdated) leaders to force employees to return the office, remote work is here to stay. While we all talk about the importance of making remote work secure, there isn't much talk about how the experience for the end-users. Fortunately, there are some companies out there that are understanding the need to balance security, business and end user needs.
In this episode I talk with Me...
In this episode I head out to The Unicorn Tavern in Grand Haven, Michigan to talk Network Segmentation with Steve Barnes and Tyler Adams. Steve is an Enterprise Security Architect for Fortinet and Tyler is a Information Security Analyst for Corewell Health.
A few years ago, the topic for the 3rd episode for the #RealTalk with Aaron Bregg podcast about Diversity
And Inclusion in the Cybersecurity Industry. To this date it is one of the most downloaded episodes. Since that episode was publish a LOT has changed in the world. I felt that it was time to revisit the topic but with a little bit of a twist. The need for a twist comes from the fact that DEI in cybersecurity still where it need...
In this episode I had a chance to dive into a topic that is ripped straight from my day job. Multi Cloud Compliance. My guest for this episode is Mike Roman. Mike is a Senior Security Sales Engineer for Orca Security, which happens to be the company that just won the 'Best Swag' award at Cloud Con last week!
In all seriousness though, more and more companies are having to rely on multi-cloud environments in order to keep ...
In this episode I break from the norm a little bit in order to delve into the minds of security leadership. These insights come from a recent Grand Valley State University Cybersecurity Masters Graduate, Isaac Beasley.
As part Isaac's Master's project, he interviewed 10 different cybersecurity leaders in the West Michigan area about a variety of different topics. For the sake of time, I concentrated on talking to the follo...
While PenTesting (i.e. hacking) may be the most visible part of Information Security, it is sometimes can lead to a false sense of security. In this episode I had a chance to talk with Nabil Hannan about rethinking your penetration testing strategy and moving towards Attack Surface Management. Nabil is the Field Chief Information Security Officer for NetSPI and has a ton of useful information to share about starting this journey.
Earlier this year Cloud Security Alliance covered the big debate around should you buy or build for your Cyber Asset Attack Surface Management (CAASM) solution. As luck would have it, Ken Liao recently reached out to me regarding the new company that he works for who handles this very topic.
I know some of you are thinking, "Ugh another podcast on artificial intelligence!", to which I say, "Nope". Originally this was supposed to be a two-part series with the first episode focusing on high level AI talk. The second episode that drills down into how to actually come up with AI/ML policies and standards.
In this episode I go outside of the topics and talk about one that I think is definitely underrated, Protecting Your Executives. I sometime forget how lucky my healthcare organization is very forward thinking when it comes to security. However, not all companies have the luxury of having a full team to protect VIPs.
I had a chance to have an in-depth conversation with Daniel Floyd around this very subject. Daniel is the Chief Inform...
In a recent episode Matt Nelson from Guidepoint was talking about how he is seeing a trend with medium-sized companies moving away from the idea of building out or building up a security team. There were several reasons including budget constraints and an experienced talent shortage. So I reached out to Bill Bernard about having a deeper discussion on how revisiting the topic of using a #managedsecurityoperations company.
In this episode I had a chance to talk with Todd Brockdorf and Chris Lawrence about Zero Trust. Todd is a Senior Sales Engineer and Chris is a Customer Success Engineer. Nowadays it is hard to sift through all of the security vendor marketing chaff to get #RealTalk about Zero Trust.
If you had downloaded this file before 6pm on April 6th you received the wrong episode. This error has been fixed and you have my sincerest apologies for the mess up!
*Disclaimer* While there was no physical harming of bad security vendors in this episode, there is a lot of honest #RealTalk. Opinions in this episode are my own and do not necessarily reflect the views of my leadership or my employer....
In this episode I had a chance to talk with Derek Smith about the importance of securing your hybrid cloud environments. Derek is the Director of Cloud Strategic Alliances and Brand for Trace3. We took the time to break down several different issues that are happening right now across multiple industries.
In the episode I had a chance to talk to not one, not two but THREE talented gents about the future of medical and IoT device security. Nathanael Dick, Russ Ramsay and Dan Rittersdorf all work for a great, and local, embedded systems engineering company called DornerWorks.
I was fortunate enough to do the podcast prep meeting in person and was able to tour their very cool West Michigan offices. Obviously, medical device security is ...
In this episode I get a chance to talk with Liav Caspi about rethinking how you do your Secure Software Development Lifecycle. Liav is one of the co-founders of Legit Security and got his start in the Israel Intelligence (Unit 800) scene many years ago. He and his other co-founders worked for a well known Static Application Security Testing (SAST) company I know very well. They then branched off a few years back to form what is now...
In this episode I not only have a great guest but have a great co-host as well. I had a chance to talk with Kassandra Murphy and Rich Worth about advancing your Security Information and Event Manager. Kassie talks to the importance of standardizing your data sets to increase your searchability (e.g. especially useful when sending data to your managed security operations partner). Rich will be talking to 'real world' use c...
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations.
If you can never get enough true crime... Congratulations, you’ve found your people.
He’s a former Secret Service Agent, former NYPD officer, and New York Times best-selling author. Join Dan Bongino each weekday as he tackles the hottest political issues, debunking both liberal and Republican establishment rhetoric.
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Listen to 'The Bobby Bones Show' by downloading the daily full replay.