Brilliance Security Magazine Podcast

In Episode S4E13, our guest is Tom Reilly, the President of Commend Americas. This discussion focuses on Unified Communications Solutions. We talk about what they are, how organizations use them, and what providers of these solutions should be doing to protect the networks they reside on and the data they have a stewardship to protect. The host, Steve Bowcut, asks Tom to explain the cybersecurity protocols solution providers should use to protect infrastructure and data. Tom elaborates on Commend America's "privacy and security by design" process and the international compliance standards companies should adhere to. About our Guest As the President of Commend Americas, Tom leads a team focused on reinventing the use of unified communications solutions for safety, security, and operational efficiencies. Tom is a seasoned executive leader with more than 14 years of business development, operational strategy, and sales expertise. Prior to Commend, Tom spent ten years at Ernst & Young in increasingly senior strategy and management positions, providing insights and direction on modern technology and business transformations to help global organizations achieve sustained business results and ongoing innovation. He holds a Bachelor of Science in Management from Binghamton University. Listen to this week’s episode to learn more about Unified Communications Solutions.

In Episode S4E12, our guest is Jim Nitterauer, Director of Information Security at Graylog. In a fun and informative conversation, BSM's Steve Bowcut and Jim discuss how organizations can move cybersecurity from a cost center to a revenue enabler.  Steve asks Jim to: Discuss some of the costs organizations face trying to protect their systems, infrastructure, and data. Explain why security isn't typically viewed as a revenue enabler like other software costs often are. Tell us why and how security can increase revenue. Talk specifically about the costs that log management can reduce or eliminate. About our Guest Jim Nitterauer and his teams are responsible for IT Services, Security, and Compliance across the Graylog organization. He holds CISSP and CISM certifications in addition to a Bachelor of Science degree with a major in biology from Ursinus College and a Master of Science degree with a major in microbiology from the University of Alabama. He is well-versed in ethical hacking and penetration testing techniques and has been involved in technology for more than 25 years. Listen to this week's episode to learn more about how security can enable revenue.

In Episode S4E11, our guest is Ray Steen, Chief Strategy Officer of the IT managed services firm, MainSpring. In a fascinating and informative discussion, BSM's Steve Bowcut and Ray talk about: The common vulnerabilities threat actors exploit to launch a ransomware attack. The relationship between the size of a business and the likelihood it will be a victim of Ransomware. What small businesses and SMBs can do to protect against a ransomware attack, and what should they do if they are victimized. How MSSPs can assist their clients before and after an attack. About our Guest Ray Steen is the CSO of DC-Metro-based IT managed security services firm, MainSpring. Ray has more than 20 years of experience in strategy, consulting, and communications. At MainSpring, he oversees high-level consulting with new and existing clients, professional services engagements, and strategic partnerships. Don't miss this informative discussion about Ransomware.

In Episode S4E10, our guest is Paul Nicholson, Senior Director of Product Marketing for A10 Networks. Paul gives us insight into the new 2022 A10 Networks DDoS Threat Report. We talk about what you can expect to learn from the report, the methodology used, and critical findings. Paul explains A10’s ability to precisely track the origins of DDoS weapons activity as we discuss some of the activities A10 discovered leading up to the war in Ukraine.  About our Guest Paul Nicholson brings 25 years of experience working with Internet and security companies in the U.S. and U.K. In his current position, Paul is responsible for global product marketing, technical marketing, and analyst relations at San Jose, Calif.-based security, cloud, and application services leader A10 Networks. Don't miss this informative look into what the 2022 A10 Networks DDoS Threat Report offers.

In Episode S4E9, our guest is Ben Rowe, Cloud & Security Architect for Arcules. We discuss System and Organization Controls (SOC) level 2 type 2 certification in video-as-a-service (VaaS) and other cloud-based security systems providers. Ben gives us a high-level overview of what the SOC audit covers, and we dive into why physical security SaaS providers need to pursue SOC 2 attestation. He explains the process for achieving SOC 2 Type 2.  About our Guest Ben Rowe serves as the Cloud & Security Architect for Arcules, where he is instrumental in guiding the design and security of the Arcules suite of services. He has a vast amount of experience with a wide range of systems within entertainment, industrial automation, and IT. This is an important topic, so don't miss this discussion about System and Organization Controls for cloud-based security platforms. 

In Episode S4E8 Steve Bowcut, Editor at Brilliance Security Magazine, and John Rezzonico, CEO at Edge 360, discuss what it means to build a Video Management System using modern IT processes and solutions. They examine why VMS solutions have historically been slow to adopt advanced IT practices. John provides an explanation of the benefits of containerization and why physical security video system users should look for a fully containerized VMS. About our Guest As CEO at Edge360, John is responsible for the global operations of the company. He brings more than 30 years of security innovation and mission-critical military leadership to the organization, and his experience and leadership are focused on developing and delivering technology-driven business services and solutions, providing outstanding client service, and driving profitable revenue growth.  A Marine Corps Veteran, John served as an Intelligence Chief. He supervised, trained, and managed a diverse group of Intelligence Marines and produced various intelligence products for combat operations during Operation Iraqi Freedom. He served as the Battalion surveillance and reconnaissance asset manager, successfully implementing multiple surveillance systems in a combat environment. To better understand how a modern VMS can provide improved security and a better user experience, don't miss this episode of the Brilliance Security Magazine Podcast. 

Our topic for Episode S4E7 is Understanding and Communicating Cyber Risk. Our guest is Greg Spicer, CRO and Co-Founder of Ostrich Cyber-Risk.  BSM's editor, Steve Bowcut, asks Greg to: Discuss the importance of prioritizing mitigation and remediation efforts. Explain some crucial elements of risk scoring; what should be considered in the scoring process? Explain how the concept of “proximity-blindness” impacts risk analysis. Discuss some of the challenges security teams face when communicating with organizational leaders, and how can they be overcome? And more. About our Guest Greg Spicer has several years of experience in cybersecurity, working with organizations to provide solutions to their cybersecurity challenges.  He has worked in many sectors, including Legal, Finance, Insurance, Manufacturing, and Healthcare.  He was most recently CRO of Braintrace, a Salt Lake City MDR provider, before their successful sale to Sophos in July 2021.   Greg is now the CRO and Co-Founder of Ostrich Cyber-Risk, a leading Cybersecurity Performance Management Provider that offers organizations a simple-to-use but comprehensive cybersecurity risk assessment and reporting application that allows you to manage a security program within a single view.  Their methodology drives action and communication among the critical stakeholders to quickly identify and address cyber business risk within an organization. Don't miss this informative discussion about how to understand and communicate cyber risk.

The topic for Episode S4E6 is supply chain security and what to expect in the next year. Our guest is Farshad Abasi, Founder and Chief Security Officer of Forward Security. In a fun and interesting conversation, Farshad and Steve Bowcut cover: What supply chain attacks are and how they happen, including some examples Why supply chain attacks are such a serious threat What the industry can expect regarding supply chain attacks in the next year What preventative measures organizations should take to protect against supply chain attacks And more About our guest: Farshad Abasi is an innovative technologist with over twenty-four years of experience in software design and development, network and system architecture, cybersecurity, management, and technical instruction. With a keen interest in security from the start, he has become an expert in that aspect of computing and communication over the last twenty years. He started Forward Security in 2018, with a mission to provide world-class information security services, particularly in the Application and Cloud security domains. Don't miss this fascinating conversation about an important topic: Supply chain security.

In Episode S4E5, we have as our guests two individuals who are distinguished by their work with the Industry IoT Consortium (IIC). Bassam Zarkout—Executive Vice President IGnPower Inc. and the Chief Editor of the Industrial IoT Artificial Intelligence Framework (IIAIF). Wael Diab—Chair IIC Industrial AI Task Group and Secretary IIC Steering Committee. About the IIC Since its founding in 2014, the IIC has helped build a technical foundation for the Industrial IoT. They work to help organizations take advantage of IoT technology and achieve positive outcomes. They are focused on driving technology innovation that fosters business transformation. Their services are targeted toward helping members drive business value in the core verticals of IT, Networks, Academia & Research, Manufacturing, Energy & Utilities, and Healthcare. They provide best-practice frameworks and liaisons with Standards Development Organizations. Topics we cover: The purpose of the  Industrial IoT Artificial Intelligence Framework Examples of some applications for AI in IIoT The value proposition AI can enable in next-generation industrial IoT (IIoT) systems Perceptions regarding ethics, confidence, trustworthiness of AI About our guests: Bassam Zarkout is the Chair of the Digital Transformation working group at the Industry IoT Consortium. He is an Ottawa-based technology executive with 30+ years of experience in technology organizations in Canada, the US, and Europe, including 8 years in executive C-positions, mainly as CTO. Bassam is the founder of IGnPower, an IIoT and AI strategy consulting practice. He has authored and contributed to multiple peer-reviewed papers and frameworks covering Digital Transformation, Industrial AI, Trustworthiness, Data Protection, and IoT Security. He is also a veteran of the Information Assets Governance space, including Electronic Records Management, RegTech, Content Management, and Electronic Discovery, and has led research with US DoD in the area of assisted security and privacy classifications of content. Wael Diab is a business and technology strategist with over 885 patents to his name in the fields of networking and ICT. Wael has BS and MS degrees in EE and BA in Economics from Stanford, and an MBA with honors from Wharton. He is a published author, having authored the book Ethernet in the First Mile: Access for Everyone. In 2011, Wael was recognized by the David Packard Medal of Achievement and Innovator Award for his leadership in Green Technology. He has been active in standardization and related activities for two decades. He chairs ISO/IEC JTC 1/SC 42, the international standardization committee on artificial intelligence (AI). Wael is also chairing the AI track of the 22nd Global Standards Collaboration meeting (GSC-22). Don't miss this opportunity to learn more about AI in security and IIoT applications.

In Episode S4E4, we have two guests. We talk with Jonatan Altszul, CEO at BitTrap and Ariel Futoransky, BitTrap’s CTO. Our topic is A Novel Approach to Security Bug Bounties. BitTrap helps companies find breaches faster by installing wallets with risk-adjusted bounties. When an attacker cashes a wallet, they notify the company of the breach so they can take remediation actions to patch it. Some of the topics we cover include: Why bug bounties are necessary What works and what can be improved BitTrap's novel approach to bug bounties A little about our guests: Jonatan Altszul has been building companies in the Cybersecurity Industry for over 30 years. In the past, as a founder of Core Security Technologies, Jony developed the first automated penetration testing software product, earning the loyalty of clients such as Apple, Cisco, Department of Homeland Security, NSA, NASA, Lockheed Martin, and DARPA. As a founder of Disarmista, Jony developed some of the most popular cybersecurity products for the largest companies in the Industry. As co-founder and CEO, Jony now leads BitTrap, where he combines his many years of experience in Cybersecurity, leveraging his expertise in Attacker Behavior with his passion for building companies and defining product new categories. Ariel Futoransky is curious about science & technology, its future, and how it will continue to impact society. A founder of Core Security Technologies, Disarmista, and BitTrap. He is a researcher, programmer, entrepreneur and has made contributions to cryptography, Cybersecurity, and blockchain. Don't miss this opportunity to learn more about a new way to use security bug bounties.