Social Media Security with Proofpoint’s Dan Nadir (Podcast)

ProofpointPreston and I had the opportunity to speak with Proofpoint‘s Vice President of Digital Risk on the hot topic of social media security. I say it’s a hot topic because it’s a hot topic for me because I’m not really a fan of most social media sites. I generally only use LinkedIn and Twitter. But there’s more to social media than Facebook, Twitter, and LinkedIn. There’s Instagram, Snapchat, and others. And security for all them is a big concern–or should be. In this podcast, we discuss the problems with social media security and some possible solutions.

Listen in and tell us what you think.

Podcast details:

Length: 19:59 minutes. Format: MP3. Rating: G for all audiences.

Copyright 2017 SecurityNOW  Licensing: CCBY

Introducing True Digital Security and CEO and Founder Dr. Jerald Dawkins (Podcast and Video)

True Digital SecurityPreston and I had the pleasure of speaking with, Dr. Jerald “Jerry” Dawkins, the CEO and founder of True Digital Security, the premier local security company here in Tulsa, Oklahoma. For this one, I stayed behind the scenes (literally) and Preston took the solo spotlight for this rare interview with Dr. Dawkins. This podcast is actually the audio extract from the video (Coming soon) we captured during the interview. True Digital Security is headquartered in Tulsa but has offices in Tulsa and Oklahoma City and cover clients globally.

Jerry and Preston discuss passwords, compliance issues, security pain points, and how to engage True Digital Security for your corporate security needs. This is a special focus on a growing company of security experts who are ready to help you navigate HIPAA, PCI, FFIEC, NERC CIP, and your other corporate security requirements and needs.

I think you’ll agree that after listening to this interview that Dr. Dawkins and his team knows security. You’ll also agree that this discussion is far too short. We hope to have Jerry and other True Digital Security folks on the show in the future so that you can get to know the whole team.

Podcast details:

Length: 22:12 minutes. Format: MP3. Rating: G for all audiences.

Our video interview is up and ready and available above. You can meet some of the True Digital Security team in their spotlight video.

Copyright 2017 SecurityNOW. Licensed CC BY.

IoT and Mobile Security with Zimperium CPO John Michelsen (Podcast)

ZimperiumIn this podcast, Preston, our guest John Michelsen, CPO of Zimperium, and I discuss mobile security and extrapolate what’s happening in that space to what’s happening, and about to happen, with IoT security. We touch on monitoring, general security, costs, and the bigger problem of security implementation on devices that until recently were used based on an “air of trust.”

April is our “Month of Preventing Surprises” and this podcast kicks off that topic for The SecurityNOW Show. How awkward would it be to move headlong into a large IoT implementation only to realize that someone has easily hacked your devices and siphoned off your data? Surprise!

Mobile security has come a long way in the past two years with the adoption of higher security measures from vendors and third parties, such as per-app VPN, two-factor authentication, and containerization. IoT vendors will have to step up and enable encryption, use multi-factor authentication, and wipe or brick devices that have been compromised or moved. The Internet of Things may very well be security’s biggest challenge yet, not only because of the sheer numbers of devices but also because of device diversity.

Preston, John, and I just touch the surface of these topics in this podcast but stay tuned for more from all three of us on IoT security.

Podcast details:

Length: 20:45 minutes. Format: MP3. Rating: G for all audiences.

Licensed CC BY (2017)

SecurityNOW’s Cybersecurity Tips of the Week – March 31, 2017

TipsPasswords, they used to say, are like toothbrushes–don’t share them and change them often. Indeed that rule is still true but security is more than just changing your passwords often and keeping them to yourself. Passwords, unfortunately, are our first line of defense in protecting our online accounts, our identities, and our transactions. Passwords should be as long and as complex as possible, which is why you should use a password manager such as LastPass. LastPass will generate a random, long, and complex password that you don’t have to remember because it remembers them for you. There’s only two things you have to remember when you use LastPass: logoff of LastPass before you leave your computer and the LastPass master password.

And since passwords aren’t your only defense in this cyber-connected and unsafe world, I’m providing a list of tips to help keep you safe and secure during your online excursions. Read and heed.

  1. Use the screen lock feature of your phones, tablets, and computers.
  2. Use a random non-guessable passcode for unlocking screens.
  3. Use a password manager.
  4. Use different passwords for each online account (saved in your password manager)
  5. Install all hardware and software updates as they’re presented.
  6. Only install apps from the app store and only those that have many good reviews.
  7. Turn off tracking from your apps.
  8. Use a VPN or your cellular network in public places.
  9. Keep phone conversations private.
  10. Perform online banking in private.
  11. Use two-factor authentication on social media and financial sites.
  12. Cover your device when entering passwords.

I know these are tips that you read and hear all the time but you need to remember them at all times. There is no trusted public environment and a secured WiFi connection is no guarantee of security. Anyone can setup a WiFi connection and supply a common password to it.

If you ever have questions about cybersecurity, use our contact page to ask your questions. We will reply.

Enterprise Security Trends with Absolute’s Richard Henderson (Podcast)

AbsolutePreston and I discussed security trends with Absolute‘s Global Security Strategist, Richard Henderson (@richsentme) on St. Patrick’s Day eve. Unfortunately, the whole thing took place via Skype rather than at Doolin’s. Hey, some people work for a living and can’t always get to the fun right away or even on the day after. 

Some of the topics covered by our broad swipe at enterprise security trends were two-factor authentication, advanced persistent threats, SSO, and insider threats. We also touched on Absolute’s strategy for protecting you, your applications, and your entire enterprise from security threats.

Richard is one of the best guests we’ve ever had on the show and we hope that he’ll return to discuss Absolute’s products in more depth and to discuss other timely security topics.

Podcast details:

Length: 23:46 minutes. Format: MP3. Rating: G for all audiences.

Remember, our podcasts are licensed CC BY.

March 2017 Week 1 in Review (Podcast)

CybersecurityPreston and I got together to talk about March 1-5 2017. It wasn’t a full week but it was the first week of March, so we’re calling it good on that front. We discussed our podcast with Morey Haber of BeyondTrust and the worst breaches of 2016; current scams including the malware package that you can purchase for $400, well, the equivalent of $400 in Bitcoin that is; the current lack of fidelity in our awesome Oklahoma state’s cybersecurity website; the cybersecurity crisis as described by Symantec CEO Greg Clark; the fact that 39 percent of North Americans have been affected by cybersecurity breaches, and a few other topics of interest.

We also included some practical takeaways for you to use in meeting your own cybersecurity needs. Keeping yourself safe is more than just having a fancy password; it also means that you need to be vigilant in checking your surroundings when typing PINs, entering passwords into your phone or personal computer, and protecting your credit card information.

Complacency and negligence are the two biggest vulnerabilities in security. There’s this “air of trust” and there really shouldn’t be. You don’t have to be fully paranoid but a little paranoia and a lot of vigilance will help keep you safe–not only in the online world but also in the real world. For physical security, you should always be aware of your surroundings. Lock your doors, lock your windows, and have your key ready when you get to your door.

Podcast details:

Length: 17:36 minutes. Format: MP3. Rating: G for all audiences.

Thanks for reading and for listening. Please give us feedback and any topics of interest or companies you’d like to hear about.

Week of February 20 – Current CyberSecurity Events Discussion

SHA1Preston and I cover the current cybersecurity threats, news, and issues from the week of February 20. We’re at the very cool and accommodating RoseRock Cafe here in Tulsa, where we enjoy a delicious lunch in a relaxed atmosphere surrounded by good books and lively background conversation.

Today’s show was fueled by chicken nuggets, fried pickles, and Diet Dr. Pepper. The lunch of champion podcasters everywhere.

We cover Google’s recent unraveling of the SHA1 hash, the CloudFlare compromise, Facebook impersonation, Skype hacks, Steam hacks, two-factor authentication, and the Google Chrome font malware attack.

Podcast Details:

Length: 18:02 minutes. Format: MP3. Rating: G for all audiences.

We produce all of our podcasts in a format and style that’s very safe for work, safe for school, and safe for younger listeners. You’ll never have to fear that something inappropriate is going to pop out of us or our guests. Have confidence that our podcasts are 100 percent safe, foul language free, innuendo free, and are perfect for the classroom or for other public consumption. All of our content is CC BY licensed.