DrZeroTrust

Dr. Chase Cunningham
undefined
May 12, 2022 • 31min

Cyber news and Zero Trust insights for 5/11/2022

Can we find vulnerable ICS and SCADA controls on the internet?  What about the physical doors that are in those facilities?  Have we really learned anything a year after the pipeline hack?  Microsoft has put out it's advise for ransomware defense, is it any good?  What about F5 and it's big new vulnerability, should you be worried?  Why shouldn't we talk about gangs "going down" in cyber, and does that hurt or help as we deal with those threats?  Those points and more on this episode!
undefined
May 5, 2022 • 33min

Cyber news and Zero Trust insights for 5/4/2022

Finding vulnerable passwords with Google dorks, it's super easy (don't do this).  How many VPN's can I find that are possibly misconfigured?  Why does it take a 600 million dollar hack for a company to adjust it's approach to cyber?  New banking legislation and rules on a 36 hour reporting mandate, good or bad?  Those points and more on this episode.
undefined
Apr 28, 2022 • 25min

Helping Small and Mid Sized Businesses in Cyber with Arctic Wolf

What do SMB's care about in cyber?  Where do they need help?  How do they budget for this issue?  Is there value to training or is it better to have a technical control?  What is "security theater for businesses, and what fixes problems?  Those questions and more on this episode!
undefined
Apr 21, 2022 • 32min

Cyber news and Zero Trust insights for 4/21/2022

Why is the government looking at legislation on "quantum security"?  Can I find vulnerable systems for ICS and SCADA that have no authentication on a livestream?  Does a cyber attack have the ability to stop a university from operating and put it out of business for good?  What about T-Mobile's "unstoppable" phish?  Should we be scared?  Those questions and more on this episode.
undefined
Apr 14, 2022 • 28min

Cyber news and Zero Trust insights for 4/14/2022

The dog barks, like always.  What is the Zero Trust market map?  How about Microsoft's new CVE issue, is that something that we should have fixed years ago (the answer is hell yes).  Can I find vulnerable assets with no authentication in real time?  Forrester research published some great data on enterprise breach activity globally, what does it mean and how should we think about it?  What about cyber and nuclear threats, do those relate?  Those questions and more on this episode.
undefined
Apr 11, 2022 • 32min

Cyber Insurance, Truth and Consequences with an Expert

Is cyber insurance worth it?  Do insurers actually know what they are doing, and why are policies not being honored?  Is a strategy useful for better security and helping lower a premium?  What data is being used to validate a policy, or is that even a thing?  Is this a big deal for small business, or is cyber insurance better suited for enterprises?  And am I wrong by saying it's a "rip off"?  Those questions and more on this very cool episode.
undefined
Apr 5, 2022 • 29min

Deploying Zero Trust at the Enterprise Level

Working with big enterprise ZT, how does one engage the leadership effectively?  Is this about more tech?  Who holds the keys to the kingdom on budget?  Where does it make sense to start with a big time roll out?  How hard is it to get ZT in place?  How long is the journey?  Where does one go after they solve their first problem?  And why is Sean Connery on the line for this call?
undefined
Mar 28, 2022 • 22min

The Devil Never Sleeps new book review

"The Devil Never Sleeps" is one of the best books out there that can help us better understand how to deal with today's never ending threats.  Juliette Kayyem has done a great job of helping break down a variety of past historical issues and applied realistic and insightful ways to help her readers think more intelligently about accepting the threats and dealing with them, rather than being fearful of them.  Her book is a must read, go get your copy now!
undefined
Mar 25, 2022 • 23min

Conversations with an Enterprise Architect doing the work to enable ZT!

Is #zerotrust happening in Australia?  What problems do the folks doing the work run into?  How does he deal with the business side of the issues he face?  Where did he start?  How should one go about discussing security strategy with folks that aren't in our space?  And what is a no no for getting things done when collaborating with business leaders?
undefined
Mar 24, 2022 • 34min

Cyber news and Zero Trust insights for 3/23/2022

What should we take from the Okta situation?  More legislation to mandate training for government cyber security, really?  Too many agencies are getting involved in cyber, right?  What about the White House's "guidance" on the Russian threats?  Deepfakes and disinformation can influence actual combat, say what?  More bad hiring practices in cyber and some real issues with state and local cyber practices.  Check it out!

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
App store bannerPlay store banner
Get the app