The Gate 15 Company is a leader in helping organizations by providing threat-informed, risk-based approaches to analysis, preparedness and operations.
The Cybersecurity Evangelist: EP6 - The ISAC Series, Part 2
This month, The Cybersecurity Evangelist talks with WaterISAC's Director of Preparedness and Response, Chuck Egli. The conversation ran a little longer than I like to aim for, but it's understandable given that Chuck and I work closely together in support of WaterISAC. Plus, with WaterISAC being one of the oldest ISACs, I'm quite certain they've earned the extra spotlight!
After a much longer than normal opening comment (I sense a trend here) running down a list of many of the ISACs - (most of) which you can find on The National Council of ISAC's webpage at https://www.nationalisacs.org/member-isacs - Chuck and I talk about all the ways WaterISAC supports the security and resilience of the water and wastewater sector with an all-hazards approach (not just cyber).
Chuck's parting thoughts: Look into your ISAC community or ISAO…there is one for you!! While many have membership models, so many of them offer information and assistance for the benefit of all toward the greater global good.
For more information about WaterISAC, check out its webpage at https://www.waterisac.org/
The Risk Roundtable: EP 15. Nashville, Solar Winds and more!
The Risk Roundtable gang kicks off 2021 with two events that ended 2020 - the Christmas Day bombing in Nashville and the Solar Winds cyber event. Andy, Jen and Dave go through the incidents and look at the responses in each instance as well as what may come of it moving forward in 2021 though maybe no lizard people (Shoutout to "V"!). Then in the Roundtable Roulette, Dave brings up how to deal with dis/misinformation while Jen reminds everyone that new year doesn't mean that we can forget about our stable of cyber threats, most notably Ransomware which continued to evolve throughout the year. Finally, with it being a new year, the gang looked at personal and professional goals such as Dave's desire to read more, Jen completing her "she-shed" and Andy's desire to be more like Dave.
Andy's reference to Russian Hacking: https://www.nytimes.com/2021/01/02/us/politics/russian-hacking-government.html
The Gate 15 Interview EP 7. A look at 2020, security, and the media with Runa Sandvik and Brad Barkett
In this episode of The Gate 15 Interview, Andy Jabbour enjoys a really fun talk with Runa Sandvik and Brad Barkett, two security veterans both with considerable experience working to secure media at some of America’s most well-known papers. In this podcast we discuss:
2020 and the cyber threat environment
The threats facing media today
The role of media in security
What we might anticipate in the new year
Among other topics!
Runa and Brad share some candid perspective, and a few fun tidbits about themselves in this year-end discussion on the cyber threat environment, security issues, and the media. Please enjoy this episode of The Gate 15 Interview on Anchor, Apple, Spotify, as well as other locations.
Runa Sandvik: Runa is a senior security researcher with years of experience in security and information sharing. Today, Runa works on digital security for journalists and other high-risk people. Her work builds upon experience from her time at The New York Times, Freedom of the Press Foundation, and The Tor Project. She is a board member of the Norwegian Online News Association, and tweets as @runasand.
Brad Barkett: Brad a 20 year security veteran, and has been working as a security architect for the Washington Post since 2015, with a background in telecoms, MSS, IDS, DDOS, firewalls, proxies. Currently , Brad has a preference for social topics like cyber anti-personnel, disinfo, OSINT, threat intel, social psychology, and social engineering. Long standing hobby interests include synthesis and electronic music, and more recently, being a relatively middling 40+ amateur folkstyle wrestler and nogi jiu-jitsu player. Brad has two brothers, Mike and JJ, who are also security professionals.
A few references mentioned in our discussion include:
· Ford Foundation Cybersecurity Assessment Tool.
· Freedom of the Press Foundation
· A new report from the Freedom of the Press Foundation: A record breaking number of journalists arrested in the U.S. this year
· Updating how we think about security, INFILTRATE 2018, by Matt Tait
Nerd Out! Security Panel Discussion: EP 8. Looking back to look forward and holiday goodies!
In this year end Nerd Out Security Panel Discussion podcast, the gang takes a look at the events of 2020 and the impacts they had on individuals and organizations and attempted to pull out lessons to be learned as we get ready to kick off 2021. But before digging into the topics, Bridget shared some personal news related to the impacts of COVID. The group then built upon Bridget's moving account and discussed that while COVID obviously dominated the news, there were other security issues that caused disruptions and may have gone overlooked - or maybe not. The discussion then took a detour and went into some lighter, jovial discussions around food choices around the perfect holiday meal, the team passes out some security resolutions and reminders to focus on in the hope of starting 2021 on a better foot. Thanks to all the listeners and followers - 2020 gave us the opportunity to kick off this podcast channel and we look to keep security at the forefront of these discussions in 2021 and beyond! Happy holidays!
Bridget's article can be found here: https://www.hstoday.us/subject-matter-areas/emergency-preparedness/my-mom-died-of-covid-19-and-disinformation-was-the-virus-accomplice/
Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: firstname.lastname@example.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/
Travis Moran is the Assistant Deputy Director, Critical Infrastructure Protection & Physical Security. Twitter: @dronin_on; email: email@example.com
Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/o/homeland-security-today-30028526516). Twitter: @BridgetCJ
The Risk Roundtable: EP 14. What security incident won the year?
Wrapping up a wild 2020, the Risk Roundtable crew looks at the security event or incident that took home the prize of most impactful. And no, COVID was not allowed! Was it "truth decay", domestic terrorism, ransomware, or any number of other incidents? The only thing that could be determined was that Dave was not getting any points for his submission.
Then the gang played a little Roundtable Roulette and shared some of the areas that they would be looking at moving forward while also recognizing the courage of their teammate Bridget Johnson, who recently wrote about the passing of her mother from COVID (https://www.hstoday.us/subject-matter-areas/emergency-preparedness/my-mom-died-of-covid-19-and-disinformation-was-the-virus-accomplice/). Also discussed were security situations around the vaccine dissemination and holiday shopping scams....fa-la-la-la-oh no!
References brought up in the show:
Coveware: Ransomware Recovery First Responders. Q3 Ransomware Demands rise: Maze Sunsets & Ryuk Returns
My Mom Died of COVID-19, and Disinformation Was the Virus’ Accomplice, December 3, 2020 Bridget Johnson // https://www.hstoday.us/subject-matter-areas/emergency-preparedness/my-mom-died-of-covid-19-and-disinformation-was-the-virus-accomplice/ use a quote.
COVID vaccines… WSJ Your Boss Can Restrict Your Holiday Plans in the Pandemic, https://www.wsj.com/articles/your-boss-can-restrict-your-holiday-plans-in-the-pandemic-11607301504 06 dec.
Shopping scams… Jen’s fa-la-la post… Security Awareness – ’Tis the Season to be Scammy, Fa-la-la-la-la… 20 November 2020, https://faithbased-isao.org/security-awareness-tis-the-season-to-be-scammy-fa-la-la-la-la
Gate 15 SUN: https://paper.li/gate15#/ - cold calls
Thank you all for listening this year and we are excited to continue bringing up security matters and how they may impact organizations in 2021! We hope you all have a happy holidays and enjoy the time however you choose to celebrate. Stay safe!
The Gate 15 Interview EP 6. From Blended Threats to Pandemic Lessons Learned with REN-ISAC’s Kim Milford
In this episode of The Gate 15 Interview, Andy Jabbour talks with Kim Milford, the Executive Director of the Research and Education Network Information Sharing and Analysis Center (REN-ISAC) which is focused on aiding and promoting operational protection and response within the research and higher education (R&E) communities. In this podcast we discuss:
• REN-ISAC, higher education and critical infrastructure
• The higher education threat landscape
• REN-ISAC Blended Threat Workshops
• Higher ed security coordination
• COVID-19 lessons learned
• Emerging concerns for higher ed and critical infrastructure
• And more!
Kim Milford serves as Executive Director of the REN-ISAC, working with research and education institutions, partners, and sponsors to provide services and information that allow member institutions to better defend technical environments from cyberthreats. Ms. Milford oversees administration and operations for the REN-ISAC. Ms. Milford served in several roles leading strategic IT initiatives since 2007 at Indiana University. Read more. Twitter
REN-ISAC: “The Research and Education Networks Information Sharing and Analysis Center (REN-ISAC) serves over 650 member institutions within the higher education and research community by promoting cybersecurity operational protections and response. REN-ISAC member institutions benefit from Security Event System (SES) threat intelligence and other automated data collection and sharing tools to enable informed decisions about threats and events, as well as peer assessment services to improve the institution’s overall security posture.” Read more. Twitter.
Find out more about REN-ISAC, and access some of the items mentioned in our discussion below:
REN-ISAC: Higher Education Enterprise Risk Management Leadership, 06 March 2018
Security Spotlight: An Interview with REN-ISAC Executive Director, Kim Milford, 11 Jun 2018
2019 REN-ISAC Blended Threats Workshops: Read 2019 Report & Read 2019 Report Brief
2018 REN-ISAC Blended Threats Workshops: 2018 Final Findings Report & 2018 Final Findings Report Brief
BT workshop pages, reports.
Gate 15: Webinar Recording: Getting Started Now: Pandemic Preparedness After-Action Reports, 17 April 2020
Gate 15: Pandemic Preparedness: Start Your After-Action Report & Improvement Planning (NOW) 26 May 2020