Interview with Preston Smith (Podcast)

PasswordFebruary 1st is a special day for Preston and me, here at SecurityNOW. I interviewed Preston! That’s right. We returned to the very cool Rose Rock Cafe over on Mingo Road to have the famous Baconator burger and to record Preston’s first SecurityNOW interview, where he’s the interviewee. Find out about Preston’s background and what he thinks the biggest security issues are. Preston also gives you some tips on how to protect yourself in this world of growing cybersecurity threats.

The interview is short and sweet, just like Preston, but you’ll learn a lot from it. Preston discusses good passwords, bad passwords, LastPass, two-factor authentication, and some physical security tips as well. There’s a lot packed into this 15-minutes, so take good notes, there will be a test at the end.*

February is a very special month too. February is SecurityNOW’s month of best practices. We’re going to produce several podcasts that give you real-world advice on how to protect yourself from the bad guys without having to change your entire life. We try to help you make security easy yet effective.

Podcast details:

Length: 15:22 minutes. Format: MP3. Rating: G for all audiences. Background soundtrack: Rose Rock Cafe.

*Not really.

 

2017 Cybersecurity Resolutions (Podcast)

ResolutionsAs promised on our 2017 Topics List, January is for cybersecurity resolutions. This podcast features Preston and me discussing a short list of cybersecurity awareness topics for personal and for business use. Staying secure in everything you do is very important. We can’t stress too much the importance of using very strong passwords, doing some regular housekeeping, being smart about opening email attachments, and protecting yourself from cyberstalkers who want to compromise your accounts and your identities.

RoseRock Cafe & BakeryWe decided to try something different today and record our podcast at a little cafe that’s inside our favorite bookstore; The RoseRock Cafe* on South Mingo Road. The recommended choice is the Reuben sandwich on marbled rye bread, which is excellent, by the way.

The only problem with recording in public is that you’re subjected to random sounds, like the phone in the background that seems to ring and ring and ring. I know that the bookstore is staffed well enough that someone could have picked up. But that’s why we chose the cafe setting because we wanted those ambient sounds. Plus, there’s something ironic about discussing a security topic in a public place.

Podcast details:

Length: 10:29 minutes. Format: MP3. Rating: G for all audiences.

This short podcast has a lot of good information in it about how to protect yourself. Over the coming weeks and months, Preston and I will return to public places to discuss cybersecurity and maybe even conduct a few impromptu interviews along the way.

#SecurityNOW #SecurityResolutions2017

*RoseRock Cafe & Bakery is not a SecurityNOW show sponsor, but they were kind enough to allow us to record our show there.

Interview with Cybersecurity Forensic Expert Simon Smith (Podcast)

eVestigator Simon SmithIt’s not often you get to talk to a real cybersecurity expert. Simon is an expert programmer, cyberforensics expert, and a security maven. Recently he exposed a criminal who used a VPN (Secure, private connection to the Internet) who thought he’d gotten away. Simon’s investigative abilities proved otherwise. Simon owns eVestigator, a company that specializes in helping victims of hacks, breaches, and other cybercrimes. He’s the real deal and has the track record to prove it. Just look at the list of his certifications and diplomas. He also has solved more than 350 cybersecurity and cybercrime cases.

During this podcast, we discussed the role of artificial intelligence in cybersecurity and the human element, its removal, and its requirement.

Preston and I were glad to speak to Simon and hope to have him back on the show to discuss other hot security topics.

Podcast details:

Length: 23:31 minutes. Format: MP3. Rating: G for all audiences.

Preston and I want to remind you to stay secure.

#SecurityNOW

The State of NoSQL Database Hacks with Cryptzone’s Jason Garbis (Podcast)

CryptzoneOn January 6, I received a notice that over 10,000 MongoDB databases have been deleted by various groups of hackers over the last few days, confirming today’s security models are broken. I was shocked and wanted to investigate further, so I connected with Cryptzone for comment and scheduled a podcast interview with Jason Garbis, CISSP and VP of Products at Cryptzone.

By the time we connected for the podcast, more than 30,000 NoSQL databases had been compromised, had their data deleted or stolen, and in many cases, ransoms demanded.

To combat this, Cryptzone has rolled out the latest version of its Software Defined Perimeter offering, AppGate. AppGate transforms network security, employing an “authenticate first, connect second” approach.

Jason’s notes about the MongoDB and other NoSQL database attacks:

“Attacks – such as those against NoSQL databases, are exceptionally damaging but frustratingly they’re also preventable.”

“Exposing any system to the ‘Internet Cesspit’ is fundamentally a bad idea. All systems have weaknesses – whether it’s a vulnerability, poor configuration or inadequate controls. It’s far too easy for an attacker to use Shodan (a powerful search engine) to discover and then violate them.”

“Rather than putting all of their systems in the shop window, particularly one that doesn’t even have any glass to protect it, companies must wake up to the realization that a new approach to network security is required. Taking an identity-centric approach, so one that only permits authorized users to access resources, would effectively brick up the window to anyone that doesn’t know its there, locking the attackers out and rendering their malware impotent.”

Preston and I interviewed Jason about these recent exploits and found that the solution to the problem is very simple, but obviously overlooked.

Podcast details: Length: 17:59 minutes. Format: MP3. Rating: G for all audiences.

Think about the security of any data that’s exposed directly to the Internet or that’s exposed via web application. Setup two-factor authentication as an added measure against data exploitation.

The Cloud and the Myth of Data Protection: Podcast with CTERA’s Jim Crook

CTERAIf you presume that your cloud solution protects you from data loss, you’d better think again and listen to this podcast about cloud data protection. CTERA‘s Senior Product Marketing Manager, Jim Crook, discusses cloud data protection survey results, mentions a free ebook, and gives an overview of cloud data protection, ransomware, and keeping your business operational through it all.

Preston, Jim, and I want to enlighten everyone to the fact that just because you have your data in the cloud, it’s not necessarily protected from loss. Accidental deletion, disasters, malware, and service failure can lead to data loss and outages for your business. Get the scoop on making some good decisions about protecting your data in this podcast.

Podcast Details:

Format: MP3. Length: 23:08 mins. Rating: G.

CTERA was founded by IT security veterans, who in 2008 identified the transformation that cloud computing would bring to enterprise IT, and the challenges this transformation presented for infrastructure management, data governance, privacy and security.