Cyber Security America

Welcome to Episode 23 of Cyber Security America, where we delve deeper into the world of cybersecurity careers in part 2 of our special series, Building a Cybersecurity Career: The Journey to CISO. In this episode, we are honored to host two remarkable guests who have risen to the prestigious position of Chief Information Security Officer (CISO) in the Financial Services industry. Join us as we hear the inspiring stories of Joshua Stabiner and Tom Baxley, two highly skilled and seasoned cybersecurity professionals. Joshua Stabiner is the CISO at General Atlantic in New York City leading the cybersecurity effort, protecting over 84.4 billion in assets under management. He takes us through his incredible journey, starting as a junior Cybersecurity consultant and making his way up to establishing a leading cybersecurity function at Pine River Capital Management. During his impressive 10-year tenure at EY, Josh also led cyber threat management advisory services for esteemed financial sector clients. Now, as the head of cybersecurity efforts at General Atlantic, managing over 84.4 billion in assets, he shares his insights on the critical cybersecurity challenges faced by organizations today. Not only does Josh excel in his role, but he also serves as the Chairman of the FS-ISAC Alternative Investors Council and has been a Cybersecurity Advisory Board Member for Pace University’s Seidenberg School of Computer Science and Information Systems. With a bachelor’s and master’s degree in Computer Science from Dartmouth College and a CISSP certification, his expertise is truly unparalleled (https://www.linkedin.com/in/josh-stabiner/). Our second guest, Tom Baxley, brings his wealth of experience as the Chief Information Security Officer at Balyasny Asset Management (BAM). With a background as the CISO at Pine River Capital Management and as an Information Security Engineer, Tom has a unique perspective on the industry. Before his impressive tenure at Pine River, he honed his skills at Ernst & Young as a Cybersecurity Consultant. Tom holds a Bachelor of Science degree in Information Security and Forensics from Rochester Institute of Technology, adding further credibility to his knowledge (https://www.linkedin.com/in/tbaxley/) Join us as we dive into the minds of these cybersecurity experts and gain invaluable insights for the future. Discover how they tackle some of the most pressing cybersecurity issues in the Financial Services sector and how to prepare yourself for the responsibilities of the role. Whether you're an aspiring CISO or a cybersecurity enthusiast, this episode is packed with invaluable knowledge and tips. And don't forget to engage with us using the following hashtags to join the conversation on the most popular cybersecurity topics: #cybersecurity #CISO #infosec #threatintelligence #vulnerabilitymanagement #securitymonitoring #incidentmanagement #securityengineering #FSISAC #CISSP #GeneralAtlantic #PineRiverCapital #EY #deepseas

Welcome to today's episode! In contrast to our previous discussions on #artificialintelligence, #cloudsecurity, and #burnout, we are taking a different approach today. We have the pleasure of hosting two remarkable CEOs from cybersecurity technology companies. These individuals are at the forefront of driving innovative solutions to tackle the most complex cybersecurity challenges. With their extensive industry knowledge and proven track records, they have successfully developed applications and services that promote innovation, mitigate risks, and enable modern enterprises to thrive in this ever-changing landscape of cyber threats. To add more value, we have invited our esteemed guests to shed light on the top five crucial aspects that the CISO community should be aware of. Their insights will help us gain a deeper understanding of these critical issues. Joining us today are Chris Lehman and Chris Freedman, who will share their expertise and perspectives on this compelling subject. So, let's dive in and explore the valuable insights they bring to the table. Chris Lehman is the Chief Executive Officer (CEO) of SafeGuard Cyber. Chris is a seasoned senior executive with more than 20 years of experience working for some of the highest growth and most successful technology companies in the world. Most recently, Chris was the Chief Revenue Officer (CRO) for ExtraHop, where over four years, he helped lead their transformation into #CyberSecurity's leading Enterprise Network Detection and Response (NDR) company. During Chris' time at ExtraHop, he was responsible for all Go-to-Market functions, and they grew their ARR over 700%, culminating in the successful sale of the business to Bain Capital and Crosspoint Ventures. Prior to ExtraHop, Chris held senior leadership positions at FireEye, Salesforce.com, EMC, and Documentum. Chris holds a BA in Communications with a minor in Business Administration from the Pennsylvania State University. #cybersecurityexpert Chris Freedman is a highly accomplished business leader with a diverse background in diplomacy, business, and philanthropy. Chris began his career serving as a diplomat with the Atlantic Treaty Association and founding a regional real-estate development firm. He continued his career by founding and managing various corporations in the U.S., including MyBenefitsLab, a national online provider of diagnostic testing with the nation's largest laboratories and national physician's network. In 2016, Chris co-founded OnDefend, an international #cybersecurity firm, where he currently serves as the CEO. Civically, Chris has also served several charitable organizations, including Best Buddies Jacksonville and the American Red Cross of Northeast Florida. Chris graduated with the highest honors from the University of Florida. #businessleadership In recent news, the U.S. Cybersecurity and Infrastructure Security Agency has added a batch of six flaws to its Known Exploited Vulnerabilities (KEV) catalog,

Welcome to the Cybersecurity America Podcast! In episode 21, we have an exciting lineup of topics that cover critical insights from the DeepSeas (https://www.deepseas.com/learn/) Cyber Threat Intelligence (CTI) desk and the latest in cybersecurity innovation with Salem Cyber. Prepare for an informative and engaging discussion! #malware #informationsecurity #infosec #windows #cyberattack #ciso Host, Joshua R Nicholson (https://www.linkedin.com/in/joshuanicholson/) YouTube Channel: (https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg) Podcast Home Site: (https://www.voiceamerica.com/show/4125) In the first part of the episode, we bring you crucial insights on the recent MOVEit managed file transfer vulnerability, now identified as CVE-2023-34362. Learn about how threat actors exploited this vulnerability in Progress' MoveIt software as early as May 27th. Taking advantage of the Memorial Day weekend and limited staffing, they conducted scans and extracted files from multiple organizations. We delve into the tactics employed by threat actors, including the targeting of widely-used software and exploiting holidays when staffing is low. Microsoft and Mandiant have identified clap ransomware as the primary threat actor behind these attacks. What sets this incident apart is that clap ransomware instructed affected organizations to reach out and contact them instead of the usual extortion email. This unexpected approach raises questions about their motivations and capacity to handle a large cache of information. The second part of the episode shifts focus to cybersecurity innovation. We're joined by John Bagg, the co-founder and CEO of Salem Cyber, an AI cybersecurity startup. With over a decade of experience, John shares his expertise in implementing cyber technology and threat detection programs for top commercial organizations. He introduces us to their flagship technology, the Virtual Cyber Analyst, which addresses the challenge of alert overload faced by cybersecurity experts. By leveraging AI capabilities, organizations can prioritize alerts and empower their analysts to focus on critical matters. This episode highlights the significance of reducing attack surfaces, implementing robust monitoring systems, and having a well-defined playbook for incident response. We delve into crucial questions you need to ask within your cyber fusion center or IT department to enhance your cybersecurity measures. Join us for this thought-provoking discussion as we navigate the landscape of cybersecurity, starting with the MOVEit vulnerability incident and moving on to the innovative solutions offered by Salem Cyber. Stay tuned for valuable insights and updates on the latest trends in the field. #Cybersecurity #ThreatIntelligence #DataBreach #Ransomware #AttackSurfaceReduction #IncidentResponse #Innovation #AI #Startup #ThreatDetection #AlertFatigue #AnomalyDetection #SalemCyber #CVE-2023-34362

Welcome to our podcast, where we explore the fascinating world of generative AI and its profound impact on various fields. Join us as we delve into the intricate details of different models designed for specific tasks, such as text generation, native speech processing, and image/video generation. We also address the pressing concerns surrounding privacy and security in the realm of AI technologies, including the potential risks of phishing emails and deep fake attacks. #malware #informationsecurity #infosec #windows #cyberattack #ciso (https://www.linkedin.com/in/joshuanicholson/) YouTube Channel: https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg Podcast Home Site: https://www.voiceamerica.com/show/4125 In our discussions on text generation, we thoroughly examine popular models like ChatGPT, Bard, Lama, and Bloom, shedding light on the distinctions between closed-source, open-source, and academic models. Additionally, we emphasize the significance of leveraging open-source models from platforms like Hugging Face, while carefully considering the implications for cybersecurity. Discover how organizations can effectively navigate the use of AI models to protect their data and privacy. In this week's Intelligence report, we highlight notable cyber-attacks, including the insidious Akira ransomware and the successful neutralization of the Snake malware by the FBI. We delve into the details of the recent attack on Bluefield University, ensuring you stay informed on the latest developments in cybersecurity. Follow our insightful discussions on topics like AI, machine learning, and enterprise security, as we unveil the crucial intersections between these fields. The Akira ransomware has ruthlessly targeted and breached the security of 16 companies across diverse industries. Employing an encrypt-and-ransom tactic, they demand exorbitant sums of money from their victims. To intensify the pressure, the gang has created a unique data leaks site with a captivating 1980s retro aesthetic. Visitors to the site must navigate using console commands, adding an intriguing dimension to their illicit activities. The leaked data ranges from sizes as small as 5.9 GB to a staggering 259 gigabytes. Ransom demands vary from $200,000 to multimillion-dollar figures, with provisions for lower amounts if the target companies solely wish to prevent the leak of their stolen data. We also revisit the multinational operations that successfully neutralized the Snake malware, a highly sophisticated cyber espionage tool developed by Russia's Federal Security Service (FSB), known as Turla. This covert P2P network of infected computers spanned across 50 countries and targeted government research networks, research facilities, journalists, small businesses, media organizations, and critical infrastructure segments within the United States. #GenerativeAI #PrivacyConcerns #Cybersecurity #AIModels #Ransomware #Malware #FBI #Snake #Podcast #Tech #CybersecurityAwareness

Welcome to another episode of Cyber Security America with your host, Joshua Nicholson (https://www.linkedin.com/in/joshuanicholson/). In this episode, we delve into the world of cloud computing and its impact on cybersecurity. We explore the major cloud platforms such as AWS, Azure, and GCP, along with their deployment and service models. Discover the benefits of cloud computing, including Infrastructure as a Service (IAAS), Platform as a Service (PAAS), and Software as a Service (SAAS). Podcast Home Site: (https://www.voiceamerica.com/show/4125), YouTube Channel: (https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg) We also tackle the characteristics of cloud computing, including on-demand self-service, broad network access, resource pooling, rapid elasticity, measured service, virtualization, service-oriented architecture (SOA), grid computing, and utility computing. Gain insights into how these characteristics shape the cloud security landscape. This week's Intel briefing covers two critical vulnerabilities: CVE-2023-28771 affecting week's ZyWALL/USG series firmware and CVE-202-2868, a remote command injection vulnerability resulting from incomplete input validation of user-specified dot tar files. Furthermore, we dive into the fascinating topic of conducting Incident Response (IR) in the cloud versus on-premises. Explore the six major differences between these environments and understand the unique challenges and considerations for cloud-based IR. Joining us as our special guest is Martin Brough (Senior Manager of Cyber Defense Operations @ ARM semiconductors). He is a seasoned information security professional with over 20 years of experience. Martin's expertise spans various domains, including secure communications systems, email security, malware analysis, SIEM system logging, and cloud-based threat hunting. He is particularly well-versed in the field of Incident Response, with extensive knowledge in security design, training, and detection and response playbook writing. Martin has shared his insights at renowned conferences such as Def Con, Blackhat, and DerbyCon, and he has contributed to notable security publications like PenTest Magazine and Cyber Defense Magazine. Tune in as we explore the intricate world of cloud computing and its impact on cybersecurity. Stay informed and gain valuable insights on how to secure your cloud infrastructure effectively. This episode is a must-listen for both security professionals and enthusiasts alike. Remember to subscribe to Cyber Security America for more captivating discussions on the latest trends and challenges in the ever-evolving world of cybersecurity. Sponsored by (www.deepseas.com) #CyberSecurity #CloudComputing #AWS #Azure #GCP #IAAS #PAAS #SAAS #CloudSecurity #Virtualization #SOA #GridComputing #UtilityComputing #IncidentResponse #CloudIR #OnPremiseIR #InformationSecurity #Podcast #CyberSecurityAmerica #CybersecurityPodcast #DeepSeasSponsor

There is no doubt that corporate America and our Nation is in desperate need of #cybersecurity analysts and engineers to protect critical infrastructure. For most of the shows on the #CyberSecurityAmerica podcast, we focus on tactical areas of knowledge in order upskill security practitioners in management and executive #leadership. In this episode, we are taking on the sticky subject of mental fatigue and burnout on the job. We have all experienced it at one time or another. We get to a point of mental exhaustion and our well-being and health starts to slip. The stress builds up and we may find external chemical-based mood enhancers such as alcohol or drugs to address the stress, we started fighting with loved ones, friends, and co-workers, which could lead to us making bad employment decisions. In this episode, Chloé talks about what she feels is the greatest stress accelerator which is the number 1 cause of burn-out - poor leadership. Our guest today is Chloé Messdaghi, an accomplished security executive, CEO & Founder of Global Secure Partners, known for advising and developing solutions that have improved security teams and the industry. A sought-after public speaker and trusted source for national and sector reporters, her work has been featured in numerous outlets, and she has been recognized as a Power Player in #Cybersecurity by Business Insider and SC Media. Chloé is also dedicated to various charitable causes, demonstrating her commitment to driving positive change. This week's Intelligence briefing (www.deepseas.com) focusing on Nation State activities related to Operational Technology (OT) and ICS SCADA systems. The first one was a piece of malware that was discovered as Cosmic Energy by Mandiant and an implant from China named Volt Typhoon. Volt is another OT technology implant used primarily for espionage. #malware #informationsecurity #infosec #windows #cyberattack #ciso (https://www.linkedin.com/in/joshuanicholson/) YouTube Channel: https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg Podcast Home Site: https://www.voiceamerica.com/show/4125 Disclaimer: - This podcast is for informational purposes only and should not be considered legal or professional advice. - We are not responsible for any losses, damages, or liabilities that may arise from the use of this podcast. - This podcast is not intended to replace professional technology advice. - The views expressed in this podcast may not be those of the host or the management.

Welcome to the Cyber Security America show, a platform for exploring the dynamic and ever-evolving world of cybersecurity and information technology. In episode 17, we delve deep into the topic of zero trust, a security model that assumes all users, devices, and applications are potentially hostile, and requires strict access controls and verification measures to prevent data breaches. We also discuss the national security situation surrounding Jack Teixeira and its impact on security controls in the future. #cybersecurity #zerotrust #nationalsecurity Our guest for today's episode is Gordon Lawson, CEO of Conceal.io, who brings years of experience and ability in implementing zero trust strategies for some of the largest organizations in the world. Together, we explore the concept of zero trust, its advantages and challenges, and how it differs from traditional security models. We also discuss the future of zero trust and how it's shaping the cybersecurity landscape, including the innovative ConcealBrowse technology that detects, defends, and isolates malicious internet traffic. #zerotrustimplementation Gordon Lawson has over 20 years of experience in the physical and cyber security space, with a focus on SaaS optimization and global enterprise business development. Prior to joining Conceal, he was President at RangeForce, a cyber training platform company, and SVP of Global Sales at Cofense through their $400MM acquisition by BlackRock in 2018. With his background as a U.S. Naval Officer and a graduate of the Air Force Command and Staff College and the Army Airborne School, Gordon offers unique insights into the implementation of zero trust strategies and the future of cybersecurity. #cybersecurityleader #militaryexperience Threat Intel Report: US Intelligence Agencies and international partners from the 5 Eyes alliance have released a report detailing Russia's Snake Malware, a peer-to-peer network that infected multiple devices, including diplomatic missions and NATO areas. The malware was a significant part of the Turla framework used by Russian cyber threat actors and attributed to the Federal Security Service Center 16 and military unit 71330, also known as Berserk bear. The report supplies recommendations for mitigations and scanner technology. Additionally, a cybersecurity firm reported a threat actor trying to extort executives by compromising new hire credentials, showing the need for ongoing monitoring and protection of human elements in cybersecurity. The growing impact of cyberattacks on physical outcomes is also noted. #cybersecuritythreats #malware #5eyesalliance

Welcome to the Cyber Security America Show, where we dive into the sea of complex technologies and provide real-world context to the world of Cyber Security and Information Technology. In episode 16, we explore the various jobs and roles within the industry, including penetration testers, vulnerability managers, detection analysts, threat hunters, Cloud Security Architects/Engineers, Cyber Security mentorship resources, and Incident Response (IR). Our Threat Intelligence briefing covers the Apple Rapid Response situation, where lack of proper and honest communication caused unnecessary mistrust. We also discuss the latest Ransomware attack against the City of Dallas, U.S. Cyber Teams, and the upcoming International Cyber Competition in San Diego later this year. Our guest for this episode is Steve Cobb, CISO for Security Scorecard, who brings over 30 years of leadership and consulting experience involving IT infrastructure, cybersecurity, incident response, and cyber threat intelligence. Steve is passionate about sharing his knowledge and experience with others through mentorship and training and is a coach for the US Cyber Team. Don't miss out on the US Cyber Games, North Carolina Cyber Academy, Black Hills Training, and Chris Saunders Training. Register now and take the next step in your Cyber Security journey. US Cyber Games - https://www.uscybergames.com/ North Carolina Cyber Academy - https://www.myncca.com/ Black Hills Training - https://www.antisyphontraining.com/ Chris Saunders Training - https://www.networkdefense.co/courses/ - Investigation Theory Join us on this informative episode and stay up to date with the latest Cyber Security news and trends. Follow us on social media and use the hashtags #CyberSecurityAmericaShow #CyberSecurity #InformationTechnology #ThreatIntelligence #USCyberGames #NorthCarolinaCyberAcademy #BlackHillsTraining #ciso #ChrisSaundersTraining to stay connected.

In today's hyper-connected world, no organization can tackle computer threats alone using just their own people, processes, and technology. A successful Chief Information Security Officer (CISO) or Director of Security Operations needs to engage and leverage technology vendors, strategic integrators, and consulting partners to accomplish their mission. That's why we're thrilled to have Mike Johnson, Vice President of Partners & Alliances at DeepSeas, as our expert guest in this episode titled Cyber Supply Risk Management: Defense Strategies for maximized outcomes. Mike brings a unique mix of technical and advisory skills, honed through his experience building successful partner networks at SIEM vendors LogRhythm and Securonix, SaaS GRC provider Pathlock, and now DeepSeas. But first, let's take a look at the latest cyber threats. This week's Cyber Threat Intelligence (CTI) report tracks the active exploitation of PaperCut, a remote code execution (RCE) vulnerability impacting all PaperCut MF or NG versions 8.0 or later (CVE-2023-27350). Additionally, an information disclosure flaw has been found in PaperCut MF or NG versions 15.0 or later (CVE-2023-27351). Reports indicate that the primary exploitation is being done by the ransomware operators of Lockbit and Clop. And if that's not enough, there's a new exploit kit on the block - MacOS Stealer or Atomic Mac OS Dealer (Amos) malware - being sold on Telegram for $1,000 per month. This kit can obtain iCloud Keychain passwords, files from the desktop or documents folder, and can also get the Mac OS password. Don't be caught unprepared - stay up to date with the latest cyber threats and defense strategies. And remember, the material and information presented here is for general information purposes only. Stay Secure and don't forget to Like, Subscribe, Comment, and turn on notifications

In the 14th episode of Cyber Security America, we explore one of the most devastating threats that small and large business face today. Ransomware is a form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. In recent years, ransomware incidents have become increasingly prevalent among the Nation’s state, local, tribal, and territorial (SLTT) government entities and critical infrastructure organizations. Ransomware incidents can severely impact business processes and leave organizations without the data they need to operate and deliver mission-critical services. Malicious actors have adjusted their ransomware tactics over time to include pressuring victims for payment by threatening to release stolen data if they refuse to pay and publicly naming and shaming victims as secondary forms of extortion. The monetary value of ransom demands has also increased, with some demands exceeding US $1 million. Ransomware incidents have become more destructive and impactful in nature and scope. Malicious actors engage in lateral movement to target critical data and propagate ransomware across entire networks. These actors also increasingly use tactics, such as deleting system backups, that make restoration and recovery more difficult or infeasible for impacted organizations. The economic and reputational impacts of ransomware incidents, throughout the initial disruption and, at times, extended recovery, have also proven challenging for organizations large and small. From https://www.cisa.gov/stopransomware/ransomware-guide This Ransomware Guide includes two resources: Part 1: Ransomware Prevention Best Practices Part 2: Ransomware Response Checklist • Policy-oriented or technical assessments help organizations understand how they can improve their defenses to avoid ransomware infection: https://www.cisa.gov/cyber-resource-hub Contacts: • SLTT organizations: CyberLiaison_SLTT@cisa.dhs.gov • Private sector organizations: CyberLiaison_Industry@cisa.dhs.gov Ransomware Quick References • Security Primer – Ransomware (MS-ISAC): Outlines opportunistic and strategic ransomware campaigns, common infection vectors, and best practice recommendations: https://www.cisecurity.org/white-papers/security-primer-ransomware/ • Ransomware: Facts, Threats, and Countermeasures (MSISAC): Facts about ransomware, infection vectors, ransomware capabilities, and how to mitigate the risk of ransomware infection: https://www.cisecurity.org/blog/ransomwarefacts- What are the lessons learned on how best to work together to break down the barriers of communications and prioritization. Don't miss this informative episode to learn more about the and its importance in securing your enterprise. Remember to like, subscribe, and turn on notifications for future episodes. Cyber Security America Podcast https://www.voiceamerica.com/show/4125