SecOops Cybersecurity Podcast

Ben, Moiz and Sneh

Join Ben, Moiz, and Sneh as they explore the ever-evolving world of cybersecurity. From phishing scams and hacking stories to emerging threats and defense strategies, they break down complex topics into relatable conversations. Whether you’re a tech pro or just cyber-curious, tune in to learn, laugh, and stay ahead of the latest in security—because in cybersecurity, there’s always an “oops” to uncover.

  1. Practical Cybersecurity Series – Episode 2 – Top 10 Policies Every Business Needs

    Jun 1

    Practical Cybersecurity Series – Episode 2 – Top 10 Policies Every Business Needs

    🎙️ Episode: Top 10 Policies Every Business Needs In this episode of the Practical Cybersecurity Series by Sec Oops, powered by Cyber View Point, we move beyond the tools and technologies to tackle the most overlooked foundation of any security program: policies. We open with an uncomfortable truth — that some of the most damaging breaches in history weren't caused by sophisticated exploits, but simply because nobody wrote down the rules. No policy. No enforcement. No accountability. The team starts by clearing up a confusion that plagues most organizations: the difference between a policy, a standard, a procedure, and a guideline — and why getting this wrong produces documents that are either too vague to enforce or too rigid to follow. From there, we walk through the Top 10 policies every business needs, covering why the CEO's signature on an Information Security Policy changes the entire organizational conversation, why the Acceptable Use Policy is simultaneously the most violated and most legally protective document in any company, and why an Incident Response Policy is only worth the paper it's printed on if you've actually rehearsed it. We also tackle the policies most businesses forget until it's too late — Vendor and Third-Party Risk, Remote Access and BYOD, and Business Continuity — and explain exactly what good looks like for each one, regardless of your company's size or budget. 👉 Tune in to learn why writing the policy is actually the easy part — and walk away with a clear, practical starting point for building a security program that holds up when it matters most.

    59 min
  2. Practical Cybersecurity Series – Episode 1 – Building a Security Roadmap for SMBs

    May 1

    Practical Cybersecurity Series – Episode 1 – Building a Security Roadmap for SMBs

    🎙️ Episode: The SMB Defense Blueprint – From Chaos to Control In the series premiere of the Practical Cybersecurity Series by SecOops, powered by Cyber View Point, we tackle the #1 question for small and medium businesses: "Where do we even begin?" We move beyond the overwhelming list of "things to buy" and focus on building a strategic Roadmap. The team breaks down why SMBs are currently the primary target for cybercriminals and how to shift from a "reactive" fire-fighting mode to a "proactive" defensive posture. We explore the Essential Cyber Hygiene steps that provide the highest return on investment, including phishing-resistant MFA, asset inventory, and the power of immutable backups. Ben, Moiz, and Sneh discuss the "Leadership Mandate"—explaining why a roadmap is a business strategy, not just an IT project—and how to build a "Culture of Readiness" that empowers every employee to be a defender. Finally, we provide a 30-60-90 Day Action Plan designed specifically for organizations with limited budgets and no dedicated security team. 👉 Tune in to learn how to build a roadmap that protects your "Crown Jewels" without breaking the bank.

    1 hr
  3. Deep Dive Series – Episode 7 – Identity Governance and Privileged Access Management: Taking IAM further

    Apr 1

    Deep Dive Series – Episode 7 – Identity Governance and Privileged Access Management: Taking IAM further

    🎙️ Episode: Identity Governance and PAM – From Access to Oversight In this episode of the Deep Dive Series by Sec Oops, powered by Cyber View Point, we move beyond the basic "username and password" to explore Identity as the New Perimeter. We dissect the "Identity Explosion"—the shift from managing a few hundred employees to governing thousands of human and machine identities, from API keys to RPA bots. The team breaks down the IGA Lifecycle (Joiner, Mover, Leaver), explaining how to automate the "digital census" and stop "permission creep" before it turns an internal account into an attacker’s playground. The conversation then shifts to the high-stakes world of Privileged Access Management (PAM). We challenge the dangerous status quo of "Always-On" administrative rights and introduce the "Gold Standard" of modern defense: Zero Standing Privilege (ZSP) and Just-in-Time (JIT) access. Learn why the most secure administrative account is the one that doesn't actually exist until the moment it's needed. Finally, we look at the Identity Attack Surface, discussing the rise of Identity Threat Detection and Response (ITDR). We explore why it is now officially easier for an adversary to "log in" than to "hack in," and how to build a resilient, identity-centric architecture that assumes breach at the credential level. 👉 Tune in to learn how to bridge the gap between "Active Directory" and "Zero Trust," ensuring your organization’s most powerful accounts are never left out in the cold.

    25 min
  4. Deep Dive Series – Episode 6 – Data Loss Prevention & Privacy Engineering: From Design to Operations

    Mar 1

    Deep Dive Series – Episode 6 – Data Loss Prevention & Privacy Engineering: From Design to Operations

    🎙️ Episode: Data Loss Prevention and Privacy Engineering – From Design to Operations  In this episode of the Deep Dive Series by Sec Oops, powered by Cyber View Point, we move beyond the legal "fine print" to explore Privacy as a core Engineering Discipline.  We explore why "Legacy DLP" is failing in the modern cloud and introduce the concept of Data Lineage — the ability to track the story of your data from the moment it’s created. The team breaks down the three technical pillars of privacy: Predictability, Manageability, and Disassociability, explaining how they form the foundation of any dependable system.  We also get into the "math of privacy," discussing the limitations of traditional anonymization and the rise of Differential Privacy and Federated Learning. Finally, we look at the Engineer’s Runbook: practical strategies for automating DSARs and data deletion across complex, distributed architectures.  👉 Tune in to learn how to bridge the gap between "Privacy Policy" and "Privacy Code," ensuring your systems are built for both security and trust.

    29 min
  5. Deep Dive Series – Episode 5 – Container and Kubernetes Security: Securing DevOps Environments

    Feb 1

    Deep Dive Series – Episode 5 – Container and Kubernetes Security: Securing DevOps Environments

    🎙️ Episode: Container and Kubernetes Security – Securing DevOps Environments In this episode of the Deep Dive Series by Sec Oops, powered by Cyber View Point, hosts Ben, Moiz, and Sneh strip away the abstraction layers to expose the engine room of modern infrastructure: Containers and Kubernetes. We debunk the myth of the "secure sandbox" by breaking down the Linux primitives — Namespaces and Cgroups — that actually power containers, revealing why "root in a container is root on the host." This episode dissects the 4C's of Cloud Native Security (Cloud, Cluster, Container, and Code), providing a comprehensive strategy for hardening the Kubernetes API server and killing the dangerous "cluster-admin" default mindset. You’ll also hear insights on securing the software supply chain, solving the "garbage in, garbage out" problem by implementing image scanning and signing within your CI/CD pipelines. We explore the cultural shift of DevSecOps and how to bridge the gap between speed and security. 👉 Tune in to learn how to architect a defense-in-depth strategy for K8s, from implementing Network Policies and RBAC to detecting runtime threats—ensuring your orchestrator is as resilient as the applications it runs.

    38 min
  6. Deep Dive Series – Episode 4 – Cloud Security Maturity: Designing Security Across AWS, Azure, and GCP

    Jan 1

    Deep Dive Series – Episode 4 – Cloud Security Maturity: Designing Security Across AWS, Azure, and GCP

    🎙️ Episode: Cloud Security Maturity – Designing Security Across AWS, Azure, and GCP In this episode of the Deep Dive Series by Sec Oops, powered by Cyber View Point, hosts Ben, Moiz, and Sneh tackle the complexity of building a mature, unified security program in the multi-cloud era. We move beyond basic configurations to focus on secure design and deployment across major providers like AWS, Azure, and GCP. We dissect the critical nuances of the Shared Responsibility Model across IaaS, PaaS, and SaaS, emphasizing where the customer's risk truly lies. The episode dives deep into the pillars of a mature architecture: establishing Identity as the new perimeter (Least Privilege across all clouds), securing data with robust Key Management, and implementing vendor-agnostic network segmentation. 👉 Tune in to learn how to operationalize security with DevSecOps and Infrastructure as Code (IaC), and how to build a unified governance framework that ensures compliance and effective Incident Response in your dynamic, multi-cloud environment.

    45 min
  7. Deep Dive Series – Episode 3 – Advanced Threat Hunting: Tools, Frameworks, and Mindset

    12/01/2025

    Deep Dive Series – Episode 3 – Advanced Threat Hunting: Tools, Frameworks, and Mindset

    🎙️ Episode: Advanced Threat Hunting – Tools, Frameworks, and Mindset In this episode of the Deep Dive Series by Sec Oops, powered by Cyber View Point, hosts Ben, Moiz, and Sneh take you deep into the proactive world of Advanced Threat Hunting. We explore the critical shift from reactive "alert fatigue" to a hypothesis-driven methodology—proactively searching for the sophisticated attackers already lurking past your perimeter defenses. We break down the essential Hunter's Mindset—one of curiosity, skepticism, and thinking like the adversary. You’ll learn how to build a scalable hunt program, justify its value to the business, and most importantly, how to use frameworks like MITRE ATT&CK to structure your searches around durable TTPs (Tactics, Techniques, and Procedures), rather than fleeting IoCs. 👉 Tune in for a technical deep-dive on leveraging the right data sources (endpoint, network, logs), how to move beyond simple rules with statistical analysis, and the practical tools you need to find the "needle in the haystack" before it's too late.

    27 min
  8. Deep Dive Series – Episode 2 – Zero Trust: The Real-World Implementation Guide

    11/01/2025

    Deep Dive Series – Episode 2 – Zero Trust: The Real-World Implementation Guide

    🎙️ Episode: Zero Trust – The Real-World Implementation Guide In this episode of the Deep Dive Series by Sec Oops, powered by Cyber View Point, hosts Ben, Moiz, and Sneh cut through the hype to deliver a practical roadmap for Zero Trust. We explore the core philosophy of "never trust, always verify" and why the traditional "castle-and-moat" security model is obsolete. This episode provides the definitive 5-step implementation methodology: from identifying your "crown jewels" (the Protect Surface) and mapping transaction flows, to building micro-perimeters and writing rich, context-aware policies. You’ll also hear insights on how to scale this strategy for your organization—whether you’re a small business needing a tactical "bottom-up" win or a large enterprise requiring a "top-down" strategic plan. We tackle real-world hurdles, like securing legacy systems and the practical steps to replacing the VPN. 👉 Tune in to learn how to build a modern, resilient security architecture that protects your most critical assets from the inside out—and how to align your strategy with your organization's business goals.

    37 min
See All (18)

About

Join Ben, Moiz, and Sneh as they explore the ever-evolving world of cybersecurity. From phishing scams and hacking stories to emerging threats and defense strategies, they break down complex topics into relatable conversations. Whether you’re a tech pro or just cyber-curious, tune in to learn, laugh, and stay ahead of the latest in security—because in cybersecurity, there’s always an “oops” to uncover.

Information