Cyber Security & Cloud Podcast

Chris Hadnagy is the Cheif Human Hacker of social-engineer.com, an author, Ted Talker, top social engineer, and a sponsor of Innocent Lives Foundation. Chris shares how he is helping to lock up child abusers and the human history of hacking and scams. He urges young people to consider a career in cybersecurity so that companies can remain safe. The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience.  1:00 Introducing Chris Hadnagy 3:30 Innocent Life Foundation 14:43 Reporting security vulnerabilities in companies 18:25 Human history of scams and hacking 24:52 Increase in phishing, vishing, and smishing 37:44 “I told you so” learning moment 42:20 Starting a career in social enginnering 46:42 Final Positive Message 50:24 Closing Links Chris Hadnagy Twitter @humanhacker https://www.social-engineer.com https://en.wikipedia.org/wiki/Christopher_J._Hadnagy https://www.innocentlivesfoundation.org Cyber Security and Cloud Podcast #CSCP #cybermentoringmonday HTTP://cybercloudpodcast.com 

In this episode, Francesco and Adam Shostack discuss application security and threat modelling. Adam is the author of Threat Modeling: Designing for Security. He helped create CVE (Common Vulnerabilities and Exposure) and is on the review board for Black Hat. He encourages coders and computer engineers to work smarter, not harder. The podcast is brought to you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience.    1:00 Introducing Adam Shostack 6:00 CVE (Common Vulnerabilities and Exposure) 9:46 Finding satisfaction in a job in security 15:00 Frameworks and static analysis 21:22 Threat Modeling 24:50 Work smarter, not harder 29:12 Documentation in DevOps 34:08 4 questions in Threat Modeling 41:32 Positive Message Links Adam Shostack https://adam.shostack.org Twitter @adamshostack https://threatmodelingbook.com https://www.blackhat.com Cyber Security and Cloud Podcast #CSCP http://cybercloudpodcast.com #cybermentoringmonday

In this episode, we have the pleasure to speak with Geoffrey Hill an experience and fellow devsecops expert, inventor of Tuamantic and the rapid threat modelling methodology. In this episode, we discuss the path of Geoffrey from financial, to dev, to security. Geoffrey and Francesco have an in-depth conversation about threat modelling and the “application security mafia.”   The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience.    1:00 Introducing Geoffrey Hill 9:33 Rapid threat modelling 13:53 Kill chain 16:06 Probability vector 17:09 Black-Scholes model 23:44 Benefits and values of threat modelling 29:44 Application Security is sexy now 30:30 Shift to the cloud 37:30 Positive Message 41:30 Closing Links Geoffrey Hill Twitter @GHill_security http://www.artis-secure.com/about.html https://www.linkedin.com/in/geoffrey-hill-61b7bb/ Cyber Security and Cloud Podcast #CSCP #AskInfoSec cybercloudpodcast.com #cybermentoringmonday

Jenny Radcliffe AKA the “People Hacker,” is the Queen of Social Engineering, and host of Human Factor Security Podcast joins Francesco for an in-depth discussion on her career path in Social Engineering. The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience.  1:00 Introducing Jenny Radcliffe 2:38 State of the Industry 4:56 What makes a Social Engineers 10:46 Starting a career in Social Engineering 16:45 Childhood memories 26:34 Teaching Social Engineering 29:21 Body Language and NLP 35:00 Connecting with Jenny 37:08 Final Positive Message Links Jenny Radcliffe Twitter @Jenny_Radcliffe https://humanfactorsecurity.co.uk Cyber Security and Cloud Podcast #CSCP cybercloudpodcast.com #cybermentoringmonday

This episode was long overdue, Stuart the master of wall sticker, the OSINT champion, an icon, a community pillar and a well renown meme is here with us to enlighten us with OSINT The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience.    Stuart Peck, AKA CyberStu, is the Director of Cyber Security Strategy at Zero Day Lab and the founder of The Many Hats Club. In this episode, Stuart shares how he got into the exciting and sneaky career of Social Engineering and the psychological tricks that scammers and hackers use to breach security. 1:00 Introducing Stuart Peck 4:48 Background in Social Engineering 10:05 Confidence in key 12:23 Defending yourself again social engineers 15:09 Phishing emails 18:15 Physical vs digital cyber attacks 21:10 Psychological tricks of social engineering 27:12 Urgency 29:18 Career path of a social engineer 34:53 Positive Message 35:48 Closing Links Stuart Peck Twitter: @cybersecstu Twitter: @TheManyHatsClub https://www.twitch.tv/themanyhatsclub https://www.linkedin.com/in/itsecurity/?originalSubdomain=uk     Cyber Security and Cloud Podcast #CSCP cybercloudpodcast.com #cybermentoringmonday  

Ray Redacted is an InfoSec Researcher and Technologist at a global firm that does connectivity and cybersecurity services. He’s also the host of Tribe of Hackers Podcast. He shares how he started his career in cybersecurity and his own security recommendations.   The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience.    Notes: 1:00 Introducing Ray and Tribe of Hackers Podcast 15:46 Origin story Ray Redacted 24:12 Ray’s professional career and “machine learning” 28:38 Started a career in cybersecurity 30:20 Shifts in the industry causing security concerns 33:00 Phishing 43:46 Security recommendation and pie hole 46:19 Facebook is evil 49:58 PCI 55:57 Migration to cloud 10:8:23 Positive Message 10:09:30 Closing Links Ray [Redacted] rayredacted.com @RayRedacted Cyber Security and Cloud Podcast #CSCP #AskInfoSec http://www.cybercloudpodcast.com #cybermentoringmonday

Francesco had the honour to be joined by Matt Stamper an early riser, inspiration and published author as well as cybersecurity personality. Matt was so kind to get Francesco a signed copy of the Books and when he was stranded in LA due to covid he had them shipped, he was a hero! Matt Stamper is a CISO (Certified Information Systems Auditor) and Executive Advisor at EVOTEK and one of the authors of CISO Desk Reference Guide, A Practical guide to CISO. Francesco and Matt discuss the difference in privacy laws in Europe and the US. They also discuss the factors a CISO should consider when weighing a risk decision.   The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience.    1:00 Introducing Matt Stamper 3:36 Current state of the cybersecurity industry 6:23 Role of the CISO 10:22 Rise in ransomeware 13:00 Avoiding distractions 16:46 Risk Decisions 19:16 Integrity and transparency 23:34 European vs US Privacy laws 31:40 Barrier for entry, compliance concerns 35:11 Social Engineering 29:24 Postive message 42:13 747 Enterprise 46:40 Closing Links Matt Stamper Twitter @mattstamperCISO https://hmgstrategy.com/network/people/matt-stamper Cyber Security and Cloud Podcast #CSCP http://cybercloudpodcast.com  #cybermentoringmonday  

Francesco had the honour to be joined by Gary an inspiration and published author as well as cybersecurity personality. Gary Hayslip is the Chief Information Security Officer at Investment living in San Diego and part of the San Diego cybersecurity community. Gary is a gamer extremely discipled learner and loves technology, sharing his insights from his long and accomplished career in cybersecurity. Gary shares in this episode how business has changed since COVID and what a wartime CISO does in peacetime and how to return to normality   The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience.  1:00 Introducing Gary Hayslip 3:50 Giving back and riding work/life balance 7:17 COVID effects on business 11:30 Security concerns working from home 15:40 Preventing hacks and breaches 20:26 Adjusting to working from home 31:49 Stories of application security 34:15 Advice to a new executive 36:29 Advice to students and young professionals 41:32 Mentorship 44:48 Final positive thought on cybersecurity Links Gary Hayslip Twitter @ghayslip https://www.linkedin.com/in/ghayslip/ Cyber Security and Cloud Podcast #CSCP http://www.cybercloudpodcast.com 

In this Episode of the CSCP i have the pleasure to have back one of the amazing guest Allan Alford. Allan Alford is a veteran CISO, author, speaker, and co-host of the Defense in Depth Podcast in Texas. Francesco and Allan discuss the many changes companies are facing during COVID. The companies with the most prepared BCP and IT teams have adjusted the smoothest into remote working, but there are still security concerns and challenges being out of the office.   Podcast Breakdown 1:00 Introducing Allan Alford 4:05 State of the Cybersecurity Industry 8:47 Telehealth 11:05 Zoom 16:34 Need for perimeters 23:37 Preparedness for COVID 31:36 Predictions about companies going back, going back to work, working remote 42:45 Positive Message on cybersecurity 46:08 Closing Links Allan Alford https://allanalford.com Twitter @AllanAlfordinTX https://www.linkedin.com/in/allanalford/ https://cisoseries.com Cyber Security and Cloud Podcast #CSCP cybercloudpodcast.com #cybermentoringmonday  

This episode of Cyber Security and Cloud Podcast features GitHub Star, Eddie Jaoude. Francesco and Eddie talk about the importance of clear and direct communication between clients and developers and the importance of updating code. There are many complexities in coding to ensure security and prevent hacking down the line. 1:52 Eddie’s background 5:32 Background in Open Source and GitHub 10:25 More than just good code 12:20 Eddie’s coding horror story 22:28 Cost of bad communication 29:37 Issues and opportunities of Open Source 32:10 Two factor authentication 39:48 T-shaped learning 43:46 Final positive message Links Eddie Jaoude Twitter @eddiejaoude https://github.com/eddiejaoude https://www.youtube.com/eddiejaoude?sub_confirmation=1 https://www.linkedin.com/in/eddiejaoude/?originalSubdomain=uk   Cyber Security and Cloud Podcast #CSCP cybercloudpodcast.com #cybermentoringmonday