Hashtag Realtalk with Aaron Bregg

Hashtag Realtalk with Aaron Bregg

Welcome to my little corner of the Internet! In this channel I give 'real talk' about information security and technologies that impact both your business and personal lives. I try and focus on issues and items that can help you become more 'security curious'. The ultimate goal of help protect your personal and professional well being. Legal Disclaimer - All of the security advice that I give is 'as is' and does not constitute real paid professional advice. As with everything security related, please seek second opinions from paid professionals. Photo by Jonathan Farber on Unsplash

Episodes

July 20, 2022 39 min

In this special Pre-Cloud Con episode we mix things up a little. Rather than joining me as a co-host, the Cloud Security Alliance of West Michigan's own Anthony Coggins, sits on the other side of the mic.  He along with the ever knowledgeable Tim O'Connor, discuss the current state of cybersecurity insurance in 2022. 

Anthony is the Senior Manager of the Security Operations Team at Grand Rapid's own rocket ship insurance...

Share
Mark as Played

In this episode I get a chance to talk to Kevin Peterson about Network Observability in a Hybrid Cloud World.  Kevin is great information security evangelist who works for Arista. One of the many challenges that I face in the healthcare industry is handling devices that live On-Prem and send data to multiple cloud environments.

Kevin and I talk about some very common use cases and the challenges that come along with it.  We also tag...

Share
Mark as Played

In this special episode I speak with Peter HJ van Eijk about the CCSK and  CCAK cloud security certifications from the Cloud Security Alliance.  Peter is the owner of Club Cloud Computing and an authorized CCSK and CCAK trainer.

I have personally taken his training course and thought it was one of the best ones out there.  He also offers free refresher courses and online focus sessions.  If you want to learn more about CSA certifica...

Share
Mark as Played

In this episode I had the pleasure of talking with Jonathan Jesse about medical device security.  Jonathan is a Senior Systems Engineer for Forescout.  In fact, he has been working for the same information security company for over 6 years!  That is pretty unheard of nowadays in the security vendor space.

What prompted this interesting discussion you say? Well Forescout recently acquired CyberMDX.  They are company that specializes ...

Share
Mark as Played

In this episode I talk with Richard Melick about mobile security. Richard is the Director of Threat Reporting for Zimperium, so he knows a thing or two about what is happening out in the mobile world right now.

We definitely took a deeper look at the current state of mobile security and the talking points cover a bunch of key areas.

Talking Points:

  • What is more important and more secure to have, your wallet or your phone?
  • Mobile threat...
  • Share
    Mark as Played

    In this episode I had a chance to talk with Rebecca Harvey about Cloud Identity. Rebecca does regional sales for SailPoint and she is also a co-founder of the Women's Security Alliance (WomSA).

    Her and I talked about why companies are still getting Cloud Identity wrong.  We also did a deeper dive into cutting edge items like Robot Identity and Robotic Process Automation.

    Episode Sponsor:

    This episode was sponsored by SailPoint.  S...

    Share
    Mark as Played
    March 16, 2022 44 min

    In this episode I had a chance to talk with Brian Philips about 5G security.  Brian is the Chief Solutions Architect for NetScout.  We had a chance to dive into various parts of 5G and what does it mean for the future of the 'Mobile Office'. We also talked about future use cases that are not as far as away as you think.

  • How is 5G going to impact security?
  • 5G Internet to home isn't 'private' yet
  • Cellular security is...
  • Share
    Mark as Played

    In this episode I had a chance to talk with Brian Schneble, Claudio Catti and Chuck Chessor about mobile security and rethinking 'trust' in the new Digital Transformation age. This was a more detailed discussion from the holiday fundraiser episode and has some great real world examples.

    Talking Points:

  • As WFH becomes permanent, do we need to rethink 'trust' in the digital transformation age?
  • How many companies are well...
  • Share
    Mark as Played

    In this first episode of 2022 I am reaching into my distance security past and invited a former colleague, Mike Ahrendt, to join Natasha Young and myself to take a close look at digital forensics.

    Mike has worn many security hats, including recent leadership roles, but his heart lies in the SOC.  Mike shares some insightful stories and answers from tough questions from Natasha!

    Talking Points:

  • What is the difference between Public Sec...
  • Share
    Mark as Played
    December 29, 2021 11 min

    In this brief end of the year episode I talk about a recent phishing attack on a 3rd party vendor that was compromised via email in a very unique way. I reveal how it happened and why defense in depth in so important.

    Talking Points:

  • What is a lookalike domain?
  • The importance of having a defensive domain strategy
  • How bad guys used an operating system and email applications default behavior against the user
  • Share
    Mark as Played

    In this episode I had a chance to talk with Israel Barak about a listener submitting topic, 'How do I prepare for a ransomware attack?'. Israel is the CISO for Cybereason and has intricate knowledge of ransomware and cybersecurity dating back to his days in the Israeli Defense Force.

    Using his extensive knowledge we talked through his concept of having different security 'pillars' to help navigate the lifecycle of ra...

    Share
    Mark as Played

    In this special holiday fundraising episode I have not one but two special guests joining a small panel to discuss the current state of mobile security and the pitfalls of social engineering. Mike Jones is a former Anonymous hacker and founder of the Haunted Hacker security podcast and magazine. Jonathan Scott is a Mobile Security Researcher and the author of the Pegasus ID software.

     I was also joined by Jim Kuiphof, Director of In...

    Share
    Mark as Played

    In this episode I sit down with Lloyd GuyotMike Peterson and Steve Barnes to discuss the state of cybersecurity in 2021. Lloyd is a Client Solutions Advisor for Optiv, Mike is a Cybersecurity Consultant for Cadre and Steve is a Systems Engineer for Fortinet.

    Talking Points:

  • How do we secure the new hybrid workforce?
  • Is SASE where is needs to be going into 2022?
  • Do you think there is ransomware fatigue?
  • How is Social Engineering just ...
  • Share
    Mark as Played

    In this episode I have a special guest joining me to talk about a 'Passwordless Future'.  Jorel VanOs is the Chief Information Security Officer for the insurance company that is taking off like a rocket ship, Acrisure.  This is continuing a great conversation that was discussed in the Security Leadership panel at this year's C3 Tech Advisors IT Summit.

    Talking Points:

  • What are companies not understanding about Multi Facto...
  • Share
    Mark as Played

    In this episode we are going to do things a little different. I am very to have Rebecca Harvey take over the hosting duties.  She will be interviewing myself and my awesome mentee, Natasha Young, about the last 6 months of our participation in WomSA mentorship program.

    If you are interested in becoming either a mentor or a mentee, I highly encourage you to set aside sometime to listen to this episodes.  Kudos to Rebecca for being a ...

    Share
    Mark as Played

    In this episode I talked with Dave Golding about Security Posture Management as a Service.  What the heck is it? Are misconfigurations just FUD from vendor marketing teams?  Dave is a Sales Executive for AppOmni.

    Talking Points:

  • What the heck is Security Posture Management anyways?
  • What is your CASB not doing (not in a bad way)?
  • What is the biggest problem with default configuration that you are seeing with customers?
  • What is one of the...
  • Share
    Mark as Played

    In this episode I sit down with Corwin Tobias, to take a deeper dive into maturing a Security Awareness program.  Corwin is the Information Security Awareness Ambassador for Blue Yonder.  I had the pleasure of working with Corwin when he was working on the Information Security Training Team for Spectrum Health.

    Talking Points:

  • How to quip your staff to identify key risks
  • Does an employee know what to do when they make a mistake?
  • A Huma...
  • Share
    Mark as Played

    In this episode I talk with Tim O'Connor about what companies don't understand about Security Awareness programs. Tim is the Manager of Knowledge Services for Cadre Information Security.

    Talking Points:

  • Security Awareness is  more than just Phishing awareness training
  • What doesn't the business get about Security Education?
  • Risk Assessments and Vulnerability Assessments are two different things
  • The importance of Table Top exe...
  • Share
    Mark as Played

    In this episode I have a special co-host, Alex O'Meera to help me interview my guest, Jim Jakary about Security Operation Center (SOC) as a Service. Alex is a newly minted Senior Security Engineer for Spectrum Health (congrats!) and Jim is an Account Executive for Expel. This was the first remote broadcast in a long time and definitely contained lots of #RealTalk!

    Talking Points:

  • We already have a security program, what can SOCaa...
  • Share
    Mark as Played

    In this special milestone episode I talked with Ryan Dengate and Tim Vandermel about setting up a SIEM and SOC program before you try and tackle implementing SOAR.  Ryan is a Technical Engineer Lead and Tim is a Global Account Executive.  They both work for a great West Michigan company called C3 Tech Advisors

    Talking Points:

  • What are they seeing/hearing from customers right now
  • Do SMBs understand the importance of cyber liability i...
  • Share
    Mark as Played

    Popular Podcasts

      Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations.

      Crime Junkie

      If you can never get enough true crime... Congratulations, you’ve found your people.

      Stuff You Should Know

      If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks then look no further. Josh and Chuck have you covered.

      The Daily

      This is what the news should sound like. The biggest stories of our time, told by the best journalists in the world. Hosted by Michael Barbaro. Twenty minutes a day, five days a week, ready by 6 a.m.

      The Bobby Bones Show

      Listen to 'The Bobby Bones Show' by downloading the daily full replay.

    Advertise With Us

    For You

      Music, radio and podcasts, all free. Listen online or download the iHeart App.

      Connect

      © 2022 iHeartMedia, Inc.