The Cyber Savvy Cafe

The Cyber Savvy Cafe
  • 0.0 (0)
  • TECHNOLOGY

A visit to the Cyber Savvy Cafe is like a really great coffee break discussing topics relevant to cybersecurity and technology: Business tech, cyber training, remote workstations, IoT, and more. Join us every week.

  1. Ssn 2 Ep 15: Zero Trust, Pt 3

    02/19/2022

    Ssn 2 Ep 15: Zero Trust, Pt 3

    Ssn 2 Ep 15 Zero Trust Pt 3 Beyond the basic, foundational things you should already have in place, what's the next thing you need to do to implement a Zero Trust approach to network security?   1:04: It starts with the regulatory requirements a company must meet, then layer in policies and procedures.   3:07: Every time a user wants to access resources, they are going to need to prove their credentials.   3:16: NIST has developed a standard for Zero Trust, 800-207, which lays out what an enterprise needs to do to meet the zero trust model.   4:58: Access to individual enterprise resources is granted on a per session basis and determined by policies.   5:42: This can be geographically related and can also be determined by the user's normal behaviors.   7:25: Is AI involved in determining a user's normal behavioral patterns?   8:07: What specific changes need to be made to the architecture of your network?   10:01: HR Management system, segmented on its own server.   11:38: Is zero trust accessible to most companies?   14:12: What is the first step in getting started with zero trust?   14:48: A managed services provider is a good first step in starting the documentation process, defining policies, pushing it through to the user community.   15:38: Getting the employees' buy-in is important.   16:57: Begin to expand segmentation out to the workstations.     18:10: What level of importance would you rate this for companies to make this happen?   18:38: If you depend on technology and you have data that you don't want sold on the dark web, you must take a look at zero trust.   18:48: A good service provider will help you with a logical roll-out plan   20:04: Make sure you think this through first, implement your policies, and then start rolling it out in a logical manner.     Zero Trust Architecture: https://www.nist.gov/publications/zero-trust-architecture   Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/   Voiceover Artist: Paul Kadach at www.voices.com

    21 min
  2. Ssn 2 Ep 14: Zero Trust, Pt 2

    02/09/2022

    Ssn 2 Ep 14: Zero Trust, Pt 2

    Ssn 2 Ep 14: Zero Trust, Pt 2 Cybercrime is projected to cost the world 10.5 trillion annually by 2025. Hackers are looking for the easiest targets, make sure you're not one of them. Zero Trust is a layered approach to cybersecurity that structures your network so you can do just that.   Today's episode looks at foundational elements you better already have in place.   Show Notes:   :37: The big business of hacking   1:13: Why and how cybercrime has accelerated since the pandemic   1:42: Some of the reasons home workstations are vulnerable to cyber attacks   2:00: DNS filtering   4:07: The business cost of a cyber breach and some of the recent stats   4:20: Threat actors live on your network for 280 days before they're identified   4:55: What happens when you've been hacked and held for ransom   5:55: EDR—Endpoint Detection Response   7:15: Some indicators of threat actors can have other causes   8:23: Cloud configuration—and how it can pose a risk Business Cost of Cybercrime https://cobalt.io/blog/business-cost-of-cybercrime   9:47: Cyber awareness training   11:05: What happens to the stolen data from random individuals on home networks   12:09: What happens to a company's data   12:30: Encryption   14:25: Backups—a two-fold process for backing up to the cloud   16:07: Zero Trust is a much deeper dive than the foundational things we've talked about today.     Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/   Voiceover Artist: Paul Kadach at www.voices.com

    17 min
  3. Ssn 2 Ep 13: Zero Trust Pt 1

    02/03/2022

    Ssn 2 Ep 13: Zero Trust Pt 1

    Ssn 2 Ep 12: Zero Trust Cybercrime is projected to cost the world 10.5 trillion annually by 2025. Hackers are looking for the easiest targets, make sure you're not one of them. Zero Trust is a way of structuring your network so you can do just that.     Show Notes: :42: An overview of Zero Trust   1:25: What is Zero Trust Network Architecture?   2:15: Make sure you know who is accessing your data and how and when   2:42: What is the normal way companies have their network structured? A look at flat networks   3:13: Bare minimum—segment your network   3:37: On premise servers vs. the cloud   4:13: Flat network example using email in a cloud environment—how is your data accessed and how easy is it to break in?   5:03: How a malicious actor can move easily around your flat network   6:07: Phishing attacks and other ways threat actors can invade your network, and how an individual might be targeted and attacked   7:15: Entry points: smart devices and other devices that are on your network—that may be infected with malware—and other entry points   8:37: What would a Zero Trust environment look like?   12:55: What happens if you don't implement this? You're going to get hacked and held for ransom. It's not about if but when.   14:00: Is it enough to just segment your network?   14:39: But all this time I've never been compromised so what I've been doing must be good enough.   15:25: Hacking is big business-- probably reaching the trillions. Hackers are looking for the easiest targets.   https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/     Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/   Voiceover Artist: Paul Kadach at www.voices.com

    19 min
  4. Ssn 2 Ep 12 What's Up With That?

    01/12/2022

    Ssn 2 Ep 12 What's Up With That?

    Ssn 2 Ep 12 What's Up With the Chip Shortage? You've undoubtedly encountered the shortage of microchip availability, as this has affected nearly every industry. In today's episode we're going to discuss how it happened, how long it's going to last—and what you can do in the meantime.   Show Notes:   1:30: What caused the shortage?   1:57: Some of the issues that factored into the shortage.   3:06: How employee shortages compounded the shortage and how this snowballed through the supply chain.   3:30: How long is the shortage going to last and when can we expect it to start getting better?   4:35: How to make your phone last for another year.   5:15: Black Friday sales—did not extend to phones this year!   7:10: How to be first in line to purchase the few available devices and products   7:53: Purchased refurbished tech.   9:50: Take care of the items you have and repair rather than replace.   11:30: Best practices for taking care of your computers.     Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/   Voiceover Artist: Paul Kadach at www.voices.com

    14 min
  5. Ssn 2 Ep 11: Popular Techy Gadgets for Gift-Giving 2021

    12/10/2021

    Ssn 2 Ep 11: Popular Techy Gadgets for Gift-Giving 2021

    Ssn 2 Ep 11: Popular Techy Gadgets for Gift-Giving 2021 A look at some of the most popular tech-related gadgets, perfect for gift-giving. 23 Hottest Cool Gadgets That Are Going to Sell out This December   Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/   Voiceover Artist: Paul Kadach at www.voices.com

    22 min
  6. Ssn 2 Ep 10: Navigating the Holidays, Cyber-Safely

    12/01/2021

    Ssn 2 Ep 10: Navigating the Holidays, Cyber-Safely

    Ssn 2 Ep 10: Navigating the Holidays, Cyber-Safely Cyberattacks increase during the holiday season--not just online scams and cyber theft but phishing attacks, as well (watch your inbox!). Awareness is the key to avoid becoming a victim.

    17 min
  7. Ssn 2 Ep 9: Guess Who's Accountable

    11/23/2021

    Ssn 2 Ep 9: Guess Who's Accountable

    Ssn 2 Ep 9: Guess Who's Accountable New regulations coming for cybersecurity providers: accountability, liability—and what that means for you.   Show Notes: 1:15: Discussion of new regulations that are coming for the managed services industry 1:40: What is the difference between MSPs and MSSPs? 3:10: How much trouble can you get into if you're overselling your services? 4:30: Up until now, this industry has been without regulations 4:58: Service providers currently may not realize they don't have the skill set required to work in this space 5:45: Other service providers and contractors have to go through continuing education and certification, but this has not been required for the managed services industry 6:48: Self-assessment forms from your cybersecurity insurance broker can help you determine what kind of cyber security measures you need to have in place 9:07: What kind of disclaimer should an MSP/MSSP have in place for clients who are refusing certain services: Signed Denial of Service letter 10:45: The importance for service providers to be aware of changing laws and regulations for their industry—keep breast of services that are no longer optional 12:12: Dept of Justice's new regulations for MSP/MSSPs 13:46: Businesses may no longer be able to pick and choose what services they need 14:18: When filling out the questionnaires, don't check "yes" if you're not doing something 17:35: Special requirements and regulations for public or quasi-public companies 21:31: What's the easiest way to keep your ear to the ground on changing regulations that will affect your business? 22:42: Current administration is pushing zero trust and Amazon's offer of free security training   Links: DOJ Vows to Prosecute Cybersecurity Fraud by MSPs, MSSPs and Government Contractors https://www.msspalert.com/cybersecurity-markets/americas/doj-vows-to-prosecute-cybersecurity-fraud-by-msps-mssps-and-government-contractors/   Acting Assistant Attorney General Brian M. Boynton Delivers Remarks at the Cybersecurity and Infrastructure Security Agency (CISA) Fourth Annual National Cybersecurity Summit Washington, DC Wednesday, October 13, 2021 https://www.justice.gov/opa/speech/acting-assistant-attorney-general-brian-m-boynton-delivers-remarks-cybersecurity-and Deputy Attorney General Lisa O. Monaco Announces New Civil Cyber-Fraud Initiativehttps://www.justice.gov/opa/pr/deputy-attorney-general-lisa-o-monaco-announces-new-civil-cyber-fraud-initiative Amazon Security Training: https://aws.amazon.com/security/amazon-security-initiatives/   Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/   Voiceover Artist: Paul Kadach at www.voices.com

    25 min
  8. Ssn 2 Ep 8: Work From Anywhere

    11/11/2021

    Ssn 2 Ep 8: Work From Anywhere

    Ssn 2 Ep 8: Bring Your Own Environment: Working From Anywhere And The Accompanying Security Risks   Show Notes :30: Top Trends in Technology 1:18: Exciting opportunities for businesses that embrace a work-from-anywhere business model. 1:30: People can leave a larger city and live anywhere they want to 4:55: Bring Your Own Environment: Using a secure client that allows services to be accessed safely by all users 5:30: Blocks phishing attempts 6:05: Zero Trust Environment eliminates your physical space and enables working from anywhere safely 6:35: How can people go about setting up a client or VPN?  8:45: Hackers at the coffee shop can't get in because you're on your own separate server 9:04: Can all employees access shared equipment and/or each other's devices? 11:20: A growing problem with VPN providers—not all are secure. 13:00: Statistics why mobile work environments support business growth 14:08: One challenge with mobile work environments—the loss of "accidental knowledge" 15:50: Coffee pot chatter and building relationships—how to make that happen in a remote work environment 18:42: Other reasons why remote working increases a business' growth opportunities 19:25: Discussion of companies cutting employees' salaries if they choose to work from home, and paying based on where you're working (geographically)   Link: Technology Visions 2021 https://www.accenture.com/us-en/insights/technology/technology-trends-2021?c=acn_us_technologyvisiogoogle_11975584&n=psgs_0221&gclid=CjwKCAjwiY6MBhBqEiwARFSCPgfWPD84sS1hjxcS7HhUU1U8mc9mcaHIjgKlZRfcEHTah7DrxsCbRxoCyC0QAvD_BwE&gclsrc=aw.ds   Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/ Voiceover Artist: Paul Kadach at www.voices.com

    24 min
See All (39)

About

A visit to the Cyber Savvy Cafe is like a really great coffee break discussing topics relevant to cybersecurity and technology: Business tech, cyber training, remote workstations, IoT, and more. Join us every week.

Information

  • Creator
    The Cyber Savvy Cafe
  • Years Active
    2021 - 2022
  • Episodes
    39
  • Rating
    Clean
  • Copyright
    © Copyright 2021 East Atlantic Security, LLC. All rights reserved.
  • Show Website
    The Cyber Savvy Cafe