Cybercast 公开
[search 0]
更多

Download the App!

show episodes
 
The CyberCast is purpose built for MSPs, MSSPs and IT Practitioners.In each episode you will learn about a new security control, how it maps to the different frameworks, the impact it has, building a policy around it, how the threat actors exploit it - via MITRE ATT&CK - what you can do to defend against it - MITRE Shield, common mistakes or oversights made when implementing into their tech stack and trends.Sponsors:Datto - CIS Control 3 - Data ProtectionNetwrix - CIS Control 3 - Data Protec ...
 
The #NowClimbing Cybercast follows 2x Olympian and Run Gum CEO Nick Symmonds up and down the tallest mountains in the world. As a youth, Nick had two goals; become an Olympian and climb to the top of Mt. Everest. After a 10+ year career as a professional runner, he how now shifted his focus as he looks to become the first human to break the 4-minute mile barrier and reach earth's tallest peak. Follow along with daily updates from the mountain. Learn more at rungum.com/nowclimbing
 
Loading …
show series
 
A new Zero Trust Portfolio Management Office is putting the Defense Department on track to improve its overall cybersecurity posture. While this will be a major task for DOD, a zero-trust roadmap will ensure the proper training and workforce are in place for greater interoperability across the entire department. The portfolio management office will…
 
The Cybersecurity and Infrastructure Security Agency promotes a variety of best practices and resources across the cyber space, and the software bill of materials — otherwise known as SBOM — is a rising area of importance. We speak with one of CISA's top promoters of SBOM development at the 2022 RSA Conference to dive into the different components …
 
The Defense Department's Cyber Crime Center (DC3) is a federal cyber center and serves as a center of excellence for digital and multimedia forensics. Its training academy also trains thousands of DOD personnel every year. Acting Executive Director Joshua Black, a longstanding cyber expert, discusses the ransomware trends and threats facing the Def…
 
Army Software Factory CISO Angel Phaneuf discusses how she's working to foster zero trust interoperability and a healthy cyber culture throughout the Defense Department. She also tells the story of how Army Software Factory discovered the Log3j vulnerability and mitigated it in only 24 hours.由GovCIO Media & Research
 
Abstract: Data loss can be a consequence of a variety of factors from malicious ransomware, threat actors using "Double Extortion" and exfiltration, human error and natural disasters like hurricanes. Regardless of the reason for data loss, we need to have a process established (RPO/RTO) to recover our data. Key Takeaways for Control 11 Prioritize y…
 
GovCIO Media & Research returned to in-person events on Thursday with Infrastructure: Cloud Modernization. Our senior researchers are joined by staff writer Adam Patterson to break down top takeaways from the event, including critical approaches to cloud implementation, the role of the user in cybersecurity, data literacy and more. Featured perspec…
 
USSOCOM Networks and Services COO Col. Joe Pishock sits down with GovCIO Media & Research to discuss the importance of commercial cloud-hosted collaboration tools for network modernization and the cybersecurity challenges, such as overclassification, that hinder successful implementation.由GovCIO Media & Research
 
AFCEA TechNet Cyber 2022 marks another return to in-person events, and Senior Researcher Kate Macri is here to discuss top takeaways and themes from the conference. Topics include ICAM solutions, zero trust, cyber operations and what it's like to be in-person again after two years of online panels.由GovCIO Media & Research
 
The U.S. Air Force's BESPIN software factory provides mobile application development as a service to airmen, but mobile technologies are notoriously difficult to secure. BESPIN CISO David Cantrell discusses the cyber challenges he faces and why he has a love-hate relationship with tools like software bills of materials (SBOMs).…
 
U.S. Air Force software factory Kessel Run relies on a unique blend of tech tools to address new cyber threats. This includes DevSecOps, APIs and even something called "chaos engineering." Hear from Kessel Run Chaos and Performance Tech Lead Omar Marrero about how the organization quickly identifies and remediates threats to Air Force weapons syste…
 
Abstract: With the continuing rise of ransomware, malware defenses are more critical than ever before with regard to securing your MSP and clients. Malware defenses must be able to operate in a dynamic environment through automation, timely and rapid updating, and integrate with other processes like vulnerability management and incident response. A…
 
The 16th Air Force is responsible for all Air Force networks for warfighting, and is the combatant command responsible for all of the Air Force’s offensive and defensive cyber operations. Deputy Commander Brig. Gen. Brad Pyburn discusses top cyber concerns and challenges as malicious cyber activity surges, and the "secret sauce" to cybersecure impl…
 
As the U.S. Navy gears up for 5G, a number of pilots are underway to evaluate the risks that come with this faster network capability that unlocks the path to many emerging technologies like AI. The Navy’s first order of business is to modernize its environment for 5G. It is also looking at the best ways to protect its systems and maintain good cyb…
 
Blue Cyber Lead Kelley Kiernan tells the story of how she developed an initiative to support small businesses navigating tricky cyber questions as cyberattacks against the Defense Industrial Base skyrocket. She is now detailed to the Air Force’s CISO office, where she's breaking down cyber roadblocks for small businesses to participate in top oppor…
 
With the ever increasing number of data breaches and hacks, cybersecurity has become a focal point for many federal agencies. Quantum computing could play a major role in helping organizations identify and avert cyberattacks even before they arise. DARPA Program Manager Joe Altepeter from its Defense Sciences Office talks about how DARPA is examini…
 
Abstract: Web browsers and email clients are very common points of entry for attackers because of their direct interaction with users inside an organization. Content can be crafted to entice or spoof users into disclosing credentials, providing sensitive data, or providing an open channel to allow attackers to gain access, thus increasing risk to y…
 
As the cybersecurity and privacy field continues to grow in the health care space, so does the need to better protect patient data. For IT leaders at Penn Medicine, this means tackling deep-rooted challenges in recruiting to remove bias and also implementing careful strategies for safeguarding against ransomware threats of this sensitive data. Penn…
 
It's time to take it up to zero — zero trust, that is. Senior researchers Melissa Harris and Kate Macri return to discuss the outcomes from our latest virtual event, CyberScape ID. Topics include the role of identity in zero trust, data management and identity solutions. Featured perspectives include leadership from OMB, HHS OIG, Fortinet and more.…
 
Abstract: Log collection and analysis is critical for an organization's ability to detect malicious activity quickly. Sometimes audit logs are the only evidence of a successful attack. Attackers know that many organizations keep audit logs for compliance purposes, but rarely analyze them. Due to poor log analysis processes, attackers sometimes cont…
 
National Cyber Director Chris Inglis believes current cyber leaders are uniquely qualified to transform federal cybersecurity and can work together to solve anticipated challenges like workforce shortages. The nation's top cybersecurity chief discusses his cyber priorities for 2022 and what federal agencies can do to strengthen their cyber postures…
 
Note we discuss Log4j as this is a very timely topic to this control. Abstract: Cyber defenders are constantly being challenged from attackers who are looking for vulnerabilities within their infrastructure to exploit and gain access. Defenders must have timely threat information available to them about: software updates, patches, security advisori…
 
Abstract: It is easier for an external or internal threat actor to gain unauthorized access to assets or data through using valid user credentials than through "hacking" the environment. There are many ways to covertly obtain access to user accounts, including: week passwords, accounts still valid after a user leaves the organization, dormant or li…
 
Government agency leaders discussed how their organizations are approaching increasing modernization around artificial intelligence and data management, and key considerations for how these systems ensure strong national security. Issues include cyber warfare, workforce upskilling, high-performance computing and current research and features leader…
 
Abstract: There are many ways to covertly obtain access to user accounts, including: week passwords, accounts still valid after a user leaves the enterprise, dormant or lingering test accounts, shared accounts that have not been changed in months or years, service accounts embedded in applications for scripts, a user having the same password as one…
 
The next generation mobile network is on its way in, but 5G's impact lies in more than cellular connectivity. The technology will be central to digital innovation supporting artificial intelligence, cloud computing and data sharing. NIST IT Specialist Jeff Cichonski unpacks the security implications of this movement and how NIST's center of excelle…
 
Federal agencies are taking charge in implementing zero trust strategies amid a Biden executive order to boost security amid recent incidents. The Department of Health and Human Services' Office of Inspector General's new CIO, Gerald Caron, discusses how zero trust and software supply chain risk management anchor not only his cyber strategy around …
 
Acting CISO Greg Edwards sees identity, credential and access management (ICAM) and zero trust as key strategies for combatting ransomware and other cyberattacks that are afflicting government agencies nationwide. Edwards also discusses the collaboration between FEMA and state, tribal and local governments, as well as lessons learned throughout the…
 
Abstract: Learn why the number one thing organizations can do to defend their networks against top attacks, is to implement secure configurations! Azure Breach (8/26/2021): According To Wiz who found the CosmosDB Vulnerability, they quote: "Database exposures have become alarmingly common in recent years as more companies move to the cloud, and the…
 
Cybersecurity is increasingly becoming synonymous with national security. As we become more connected, integrate technology into our infrastructure, and work to ensure our supply chains are secure, leaders in federal government and industry discuss working toward securing our nation from the Aug. 19 CyberScape event series, kicked off by fireside c…
 
Women make up less than one-third of all STEM-related jobs. Additionally, the Department of Homeland Security estimates there are at least 500,000 unfilled cybersecurity positions, which the agency deems a risk to national security. NIH's Jothi Dugar, NIST's Danielle Santos, and Okta's Michelle Tuggle from the Women Tech Leaders event discuss how t…
 
Abstract: CIS Control 3 is Data Protection and data is pretty much what's at stake for a high percentage of cyber attacks. Data is more valuable than oil and it fuels many organizations. Many of the baseline security recommendations from all of the security frameworks out there now recommend, or REQUIRE if you’re in a regulated industry such as hea…
 
Abstract: CIS Control 3 is Data Protection and data is pretty much what's at stake for a high percentage of cyber attacks. Data is more valuable than oil and it fuels many organizations. Many of the baseline security recommendations from all of the security frameworks out there now recommend, or REQUIRE if you’re in a regulated industry such as hea…
 
CISA COVID-19 Task Force Lead Steve Luczynski, Presidential Innovation Fellow Michelle Holko and CISA Senior Advisor Josh Corman tell the unlikely story of how they created a team with diverse backgrounds to help keep America running, informed and safe during the pandemic. The experts discuss the roles they played in the early approaches to the pan…
 
The COVID-19 pandemic made health IT more vulnerable than ever as cyberattacks on hospitals, public health organizations and research initiatives soared. Featured panelists from the CyberScape: Health Care event highlighted ways federal health IT leaders are securing their networks and sensitive information, and also look back on cyber lessons lear…
 
Jennifer Franks offers a unique outlook on the state of federal cybersecurity thanks to her oversight role at the Government Accountability Office. Franks discusses some of the top cyber issues facing federal agencies and how President Biden's cyber executive order can address them.由GovernmentCIO Media & Research
 
Abstract: There is a cybersecurity saying; “you can’t protect what you don’t know about.” Without visibility into your information assets, their value, where they live, how they relate to each other and who has access to them, any strategy for protection would be inherently incomplete and ineffective. Note sponsors are at the end at minute 28:30 Th…
 
Newly promoted Wanda Jones-Heath talks about her position as principal cyber advisor for the Department of the Air Force and what a holistic approach to cybersecurity looks like. This includes taking hold of data interoperability efforts and ensuring all teams are operating in a cohesive yet still safe and secure infrastructure amid recent concerns…
 
Google reports that Multifactor Authentication (MFA) prevents more than 96% of bulk phishing attempts and more than 76% of targeted attacks that are credential based. In this episode, learn how MFA maps to the different security frameworks, the impact it has, building a policy around it, how the threat actors exploit it - via MITRE ATT&CK - what yo…
 
Amid software hacks like the SolarWinds incident, the FDA works with manufacturers and other agencies to ensure medical devices are secured and personal data is kept safe. Jessica Wilkerson, cyber policy advisor at the FDA, discusses the shared responsibility of cybersecurity and the need to secure the entire supply chain.…
 
Securing the federal supply chain is among government's top priorities right now. Lisa Barr, CISA's cybersecurity supply chain lead whose prior role involved the recently established Federal Acquisition Security Council, discusses the whole-of-government approach to supply-chain security threats and how varying agency missions and needs come into f…
 
The Cybersecurity Maturity Model Certification (CMMC) standards require third-party assessments on security requirements for contractors to bid on DOD contracts. Rocky Thurston of Perspecta and Seth Storie of ArdentMC look at how much CMMC will impact contractors, plus share perspective on ways it could change federal contracting overall.…
 
The Criminal Investigations and Network Analysis Center, a Department of Homeland Security S&T Center of Excellence, supports the agency with research and tools for fighting cybercrime. Jim Jones, CINA's director, details how researchers are working to intercept cybercriminals and educate a new generation of cybersecurity professionals.…
 
Suzanne Spaulding, former DHS undersecretary for cyber and infrastructure, now a member of the Cyberspace Solarium Commission and CSIS, draws on her deep well of knowledge and experience in cyber and the intelligence community to frame our nation's biggest cyber risks — and how to address them.由GovernmentCIO Media & Research
 
Federal leaders gathered to discuss innovations and capabilities of cloud computing during our Nov. 19 Cloud Summit. Catch up on these highlights from leaders at the Department of Homeland Security, Defense Logistics Agency, FedRAMP and learn more about zero trust capabilities and streamlining ATO processes.…
 
Securing IT supply chain means preventing counterfeits, end-user malware and vulnerable components as federal agencies modernize their IT and infrastructure. From our Oct. 7 virtual event, hear from CISA National Risk Management Center Associate Director Daniel Kroese and Dell Technologies' Dan Carroll on how agencies are working together to secure…
 
Loading …

快速参考指南

Google login Twitter login Classic login