Sittadel Podcast Sittadel

Think of the CMMC like HIPAA for companies that work with the Department of Defense. It's a seemingly-endless list of concerns to juggle when planning a CMMC compliance journey, and the guides for getting started are overwhelming.  If you can make it past the Special Publications (like NIST 800-53 and 800-171), there are maturity levels to manage and DFARS requirements, and waiting at the finish line is the promise of legal ramifications if you did the whole thing wrong. 

In this episode, Nate and Joshua find a loophole to bring their Tye Dye Lazer Gun business to market without going through all the hassle that comes along with CMMC.  We're thankful that Joy Beland was there to talk us through our decision making process.

Joy seems to know everything about CMMC, which perfectly suites her as she travels around to meet with MSPs about their compliance concerns and runs the CMMC Boot Camp for Edwards Performance Solutions.  Joy Beland is easy to find on LinkedIn, and you can find more information about her boot camp at https://edwps.com.

For more titilating CMMC content, head over to www.sittadel.com, tweet us @sittadelpodcast, and send your questions to ask[at]sittadel.com.

It's Valentine's Day, and love is in the air in the Sittadel Podcast.  The birds are chirping, the phishers are rhythmically clacking away on their mechanical keyboards, and somewhere in the distance the cryptominers are buzzing away in a misconfigured S3 bucket.  On this very romantic episode of the Sittadel Podcast, Joshua tricks a Board-Certified Behavior Analyst into discussing cybersecurity for a solid hour.  

But this isn't just any run of the mill Security Awareness Training conversation.  This is a hot and heavy discussion between Joshua "Statistically Average in Height" Sitta and Joanna "The Perfect 10" Sitta.  To set the mood, Joanna explains the origins of Applied Behavior Analytics and gives us a crash course in behavior interventions.

The two discuss the fallacies of "Don't Click the Link" training and talk through two examples of pitfalls organizations wander into while dealing with the problem of phishing emails.  Always searching for Joanna's approval, Joshua finishes out the show by laying out his blueprint for effective Security Awareness Training. 

In this episode, we discuss Security Awareness Training, Phishing Emails, The Nigerian Prince scam, Spearphishing emails, the importance of data relevance, Hook Security, simulated phishing campaigns, and tikka masala.  For more Indian food recipes, head over to www.sittadel.com or send an email to Ask[at]Sittadel[dot]com.

With Nate out on assignment for today's episode, Trafenia Flynn Salzman fills the void to kick off the conversation.  We join our heroes as guests on The Community Bank Podcast, hosted by Eric Bagwell and Caleb Stevens from SouthState Bank.  

The Community Bank Podcast on Apple Podcasts is dedicated to helping community bankers grow themselves, their team, and their profits.  Today's clips focus on cybersecurity risk management as applied to banks and their customers, but they're relevant for any business in every vertical.

The views, information, or opinions expressed during this show are solely those of the participants involved and do not necessarily represent those of SouthState Bank and its employees.

In this episode of the Sittadel Podcast, Joshua came prepared with an extreme approach to cybersecurity incident handling.  In May of 2019, Israel Defense Force (IDF) shut down the attacks of Hamas cyber operatives.  Joshua had planned to talk through the implications of moving from a digital series of events to a physical series of events.  His notes on what can be learned about the moments after a cyberattack would have been valuable to hear.

Unfortunately, Joshua wasn't prepared for when Nate brought up the logistics of time travel.  It was all over after that.  Instead of predefined communication channels or incident severity matrices and escalation procedures, the conversation never returned from space.

If only this was covered in his response plan...

We're back from our long holiday break with some exciting news about 2020's most notorious ransomware gang: REvil.  X-Force, IBM's threat intelligence offering, reports that 36% of REvil's victims paid their ransom and at least 12% of victims watched as their sensitive stolen data was auctioned off to the highest bidders on the dark web between 2019 and 2020. 

REvil's back in the headlines, but this time the story is a little different.  After a string of law enforcement activity that pushed the gang further into obscurity, the nations of Russia and the United States have held hands to bring the ransomware group to justice.  It's a story almost too good to be true. 

Listen in as Nate and Joshua discuss the wild variance in numbers reported by differing news outlets, as they put on their tinfoil hats, and hear a word straight from the old timey prospector himself.

The holidays are a time to gather round the yule log with the family, reflecting on the most precious parts of your life.  And when you get sick of all that, we can turn our attention to the Metaverse and build that perfect digital life.  And while many analysts see the Metaverse as a 1 trillion dollar investment opportunity, cybersecurity professionals see more similarities to the Wild West.

In this special holiday episode, Nate and Joshua skim over a few notes on the holidays and discuss the future of social engineering attacks launched in the Metaverse.  The anonymity of blockchain technologies and crypto currencies create hurdles for proving ownership of digital commodities.  What recourse can you have when someone else's avatar is living in your digital house? 

At Sittadel, we believe cybersecurity empowers business.  If you're thinking about working with NFTs or setting up a storefront in the Metaverse, why not plan for your success (before your wallet is falls into someone else's hands!).  Start the conversation by tweeting us @sittadelpodcast or visiting our website at www.sittadel.com