There’s a robust malware economy with an active market for exploits, brokered access to compromised systems, ransomware, bots-as-a-service, and more. And this malware economy is targeted at you. On today’s Packet Protector we talk with Jake Williams, a security researcher, consultant, and instructor, about the malware economy, how it operates, and the most effective strategies... Read more »

Rich Mogul, an expert in cloud security and educator at Black Hat and DEF CON, discusses the Cloud Security Maturity Model (CSMM). He explains how this practical framework offers tailored guidance for enhancing cloud security. Topics include the importance of measurable KPIs, the role of SMART objectives in governance, and building collaborative security frameworks. Rich emphasizes continuous assessment, self-assessment tools, and the need for clear communication between teams to strengthen security practices across organizations.

JJ and Drew catch you up on cybersecurity news including new research that uncovers a host of 5G/LTE vulnerabilities, the chain of breaches in a BeyondTrust attack that led to infiltration of the US Treasury Dept., and a lawsuit against LinkedIn alleging that data from paying customers was used to train AI models. Researchers unpack... Read more »

Don’t underestimate the value of packet analysis in your security strategy. And if you’re analyzing packets, the open-source Wireshark software is a go-to tool. On today’s episode, we talk with Chris Greer, a Wireshark trainer and consultant specializing in packet analysis. Chris explains the critical role of packet analysis in cybersecurity, particularly in threat hunting... Read more »

You asked for more IPv6 and we listened. In today’s episode, we talk with Ed Horley, co-host of the IPv6 Buzz podcast about IPv6 security, migration, and adoption. We talk about how your general security strategy doesn’t change with v4 or v6, but the trouble starts with a lack of v6 knowledge. We talk about... Read more »

Transport Layer Security (TLS) relies on certificates to authenticate Web sites and enable encryption. On today’s Packet Protector we look at mechanisms that domain owners can take to ensure the validity of their digital certificates. More specifically, we cover Certification Authority Authorization (CAA) and Certificate Transparency (CT). Our guest is Ed Harmoush. Ed is a... Read more »

Autonomous Digital Experience Management, or ADEM, measures network and application performance from the user perspective and gives network and IT teams visibility into the entire data path—including the home user network, first mile and last mile, and the WAN. On today’s Packet Protector, we learn how ADEM can complement your network and security efforts with... Read more »

A Chief Information Security Officer (CISO) helps to architect and drive an organization’s security strategy. The role requires technical chops and business acumen. You also need strong communication skills to help executives understand risk and response, choose the right metrics to measure infosec effectiveness, and provide guidance to the technical teams actually running security operations.... Read more »

Our monthly news roundup discusses liability insurance for CISOs (if you are one, you should get it), serious intrusions of US telecom companies by Chinese state actors (according to the FBI), and a novel attack that leapt across multiple Wi-Fi networks. We also discuss significant vulnerabilities affecting Palo Alto Networks’ Expedition migration product, how fake... Read more »

Cyber insurance provides compensation if a company suffers financial loss due to a security incident such as a ransonware payment, costs of data recovery, legal expenses or fines, or damage to a company’s reputation. Today on the Packet Protector podcast, we discuss the ins and outs of cyber insurance with a policy holder. Joe Stern... Read more »