Cyber Security America

The Untold History of Women in Cyber Security. In this new episode, we hear from women who are leading cyber defense teams, developing cutting-edge technology, and driving innovation in the cyber security field. They will share their stories, the challenges they have faced, and how they met them head on. We also discuss how the cyber security industry benefits from diversity. Join us as we contribute to the documentation of women’s impact in the cyber security industry and learn from the experiences of women who are paving the way for the next generation of leaders. This is The Untold History of Women in Cyber Security.” https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg

In the 10th episode of Cyber Security America, we delve into the crucial field of Identity & Access Management (IAM). We discuss how identities, access rights, and permissions all play a crucial role in providing secure access to data and applications across multiple ecosystems. Our guest Rakesh, a cybersecurity leader with over 18 years of experience, highlights the often-overlooked aspect of User Experience and the need for dedicated resources to drive a successful IAM program. He shares insights into how small and mid-sized companies can implement these functions to achieve maximum risk reduction. Don't miss this informative episode to learn more about IAM and its importance in securing your enterprise. Remember to like, subscribe, and turn on notifications for future episodes. Rakesh is a Cybersecurity leader with 18+ years of progressive experience assisting Fortune 500 companies in implementing security and risk management programs. He was previously the Head of IAM for an Insurance company and managed all aspects of IAM incl. governance, strategy & roadmap, engineering, regulatory compliance, and operations. He has worked in a variety of leadership positions running several IAM services. He has been a management consultant at Big-4 organization where he was part of the Cybersecurity consulting group focused on Financial Services. Outside of IAM, Rakesh also has experience across broader areas of Cybersecurity incl. endpoint and data security, network security, vendor risk management and cyber governance. Rakesh has a bachelor's degree in Computer Science Engineering from VTU, India and holds CISSP, CISM and CRISC certifications. He is based out of Charlotte, where he lives with his wife and two kids. In his free time, he enjoys going on treks, training for marathons, playing poker and motorbike rides. #cybersecurity #CISO #infosec #IAM #userexperience #riskreduction

Join us for the 9th episode of Cyber Security America as we explore the journey of a cybersecurity professional who climbed the ranks from junior Cybersecurity consultant to the coveted position of Chief Information Security Officer (CISO). Our guest, Josh, shares his experience of working as a consultant at EY and ultimately leading the cybersecurity efforts at General Atlantic, managing over 84.4 billion in assets under management. Josh discusses how he established and developed a leading cybersecurity function at Pine River Capital Management and led cyber threat management advisory services for financial sector clients during his 10-year tenure at EY. He also shares his insights on the most critical cybersecurity challenges facing organizations today, including threat intelligence, vulnerability identification and remediation, security monitoring and analytics, incident management, and security engineering. In addition, Josh serves as the Chairman of the FS-ISAC Alternative Investors Council and formerly served as a Cybersecurity Advisory Board Member for Pace University’s Seidenberg School of Computer Science and Information Systems. With a bachelor’s and master’s degree in Computer Science from Dartmouth College, he is also a certified CISSP. Join us to gain valuable insights from Josh’s cybersecurity journey and learn from his experience in dealing with the most pressing cybersecurity issues. Don't forget to use the following hashtags for the most popular cybersecurity topics: #cybersecurity #CISO #infosec #threatintelligence #vulnerabilitymanagement #securitymonitoring #incidentmanagement #securityengineering #FSISAC #CISSP #GeneralAtlantic #PineRiverCapital #EY #deepseas #DartmouthCollege #SeidenbergSchool #cybersecurityamerica

Welcome to Cyber Security America, the podcast where we delve deep into the world of cybersecurity and provide insights on past trends, current challenges, and areas for improvement. Our goal is to help you stay informed and prepared for the next cyber threat. In this episode, we have a very special guest, Bruce Schneier, an internationally renowned security technologist, known as a security guru by The Economist. With over a dozen books and hundreds of articles and academic papers under his belt, Bruce is a true legend in the information security field. He's also the author of the latest book, A Hacker's Mind, where he takes hacking out of the world of computing and uses it to analyze the systems that underpin our society. During our conversation, Bruce provides us with valuable insights on the current state of cybersecurity. He discusses the impact of coordinated takedowns by federal forces on ransomware actors, and how less payment transactions on the blockchain related to ransomware actors is a promising sign. He also highlights an emerging threat, Black Lotus, and shares his thoughts on how artificial intelligence thinking like a hacker could be catastrophic. This episode is packed with expert tips and lessons learned. So tune in now to Cyber Security America and join the conversation. Don't forget to check out our website, DeepSeas, for more information on cybersecurity. You can also follow Bruce Schneier on Twitter at @schneierblog for more updates and insights on cybersecurity thought leadership. https://www.linkedin.com/in/joshuanicholson/ https://twitter.com/nicholsonj7111

The landscape of cyber security threats is evolving, and with it, so are the methods of penetration testing and control validation. Sophisticated organizations now use a continuous purple-teaming methodology that combines offensive testers (Red Teamers) with Cyber Defenders (Blue Teamers) to identify blind spots in their Detection & Response (D&R) controls before a breach occurs. This new approach, called Breach Attack Simulation (BAS), is transforming the way security controls are tested and how analytics are developed. In this episode of our Cyber Security America podcast, we discuss best practices and lessons learned from the purple-teaming revolution. We explore the need for vigilance in monitoring desktop telemetry from EDR solutions, the effectiveness of Network Intrusion Detection Systems (NIDS) sensors and supporting log analytics. The days of simple penetration testing are over, and we explore what to look for in a Breach Attack Simulation managed or in-house capability. Join the conversation and don't miss out on this game-changing episode, packed with expert tips and insights. Listen now on and watch on YouTube at https://www.youtube.com/watch?v=3nDjc6RaZ3Q. #DetectionAndResponse #intelligence #threatintelligence #ThreatHunting #informationsecurity #Podcast #VoiceAmerica #deepseas #charlottebusiness #leader #ciso #cybernews #cyberdefense. Available on #spotifypodcasts,

Join us for an engaging and thought-provoking episode of Cyber Security America, as we delve into the crucial topic of The Confusion Between Attack Surface Reduction (ASR) and Vulnerability Management (VM). Our expert guest, Jason Nordquist and Ken Gonzales, share their insights on the current state of cybersecurity and the challenges faced by organizations in this space. Discover the importance of this new paradigm, a critical yet often overlooked aspect of cybersecurity, and how it can help mitigate the risks posed by cyber threats. Don't miss out on this opportunity to gain valuable knowledge and actionable tips from a seasoned cybersecurity professional.

At the center of your cyber security universe is the Security Operations Center (SOC). This is supposed to be part of your 24/7 Managed Detection & Response (MDR) capability. But how do you know if your security operations team is running in a mature and highly capable manner. This is where the rubber meets the road when identifying and respond to security threats within your environment. What are the different delivery models, lessons learned, and best practices for driving improvements? We will also explore the increasingly sophisticated tactics used by threat actors, including their use of IoT devices to evade detection inside your network and pivot around undetected. Join us as we take our defense strategy to the next level of maturity, exploring what's working and what needs to change to stay ahead of the evolving threat landscape.

SEC cybersecurity risk governance rule and its impact on the market. Chris Hetner is the former Cyber Security Advisor to the Chair of the US Securities and Exchange Commission (SEC) and a former Senior Member of the US Department of Treasury Financial Banking Information Infrastructure Committee. He talks about the final process of approving the cybersecurity risk governance guidance, which will bring about a tectonic shift in the way cyber is governed. Don't miss this informative and engaging conversation about the complexities of cybersecurity governance and how the Board will need to adapt.

Protecting what you don't know about is impossible, and detecting unseen threats is equally challenging. In this episode, we delve into Threat Detection & Analytics, discussing the best practices for structuring a program, utilizing effective tools and techniques, and improving an organization's visibility, threat detection, and response capabilities through the use of frameworks and lessons learned.

In the world of Cyber Security, an essential component needed in the fight is a mature Threat Intelligence program tied to a strong Attack Surface Reduction (ASR) function. In this episode. We explore the world of Cyber Intelligence in the enterprise and in small business environments. We will learn from former military, intelligence, and NSA analysts working in the private sector now. What does good look like and what will the new year bring?