Shows
Cybersecurity ChroniclesRight of Boom: What Happens When Cybersecurity Prevention FailsIf your organization treats cybersecurity as something IT "handles," you're already behind. The regulators know it. The plaintiffs' attorneys know it. And when the breach happens, your board will discover it the expensive way.WHY YOU SHOULD LISTENKrishan Thakker, a seasoned executive legal advisor, delivers the uncomfortable truths that consultants won't tell you and vendors can't sell you:Language Translation: How to speak executive language when technical severity doesn't resonateReverse Engineering Risk: Starting with worst-case scenarios (including criminal liability) to drive urgencyResponsibility vs. Accountability: Why these aren't the same concept and how HR...
2025-11-1738 minCybersecurity ChroniclesFirefighting to Foresight: Rethinking Cyber Risk for the Real WorldStanley Li speaks with veteran security executive Steve Maciejewski (aka “Steve Mack”) to unpack the harsh realities and hopeful opportunities of managing cyber risk in today’s complex digital landscape.Drawing from decades of experience as a CISO across public and private sectors, Steve explains why traditional compliance checklists and siloed toolsets aren’t enough. Together, they explore the cultural and operational shifts needed to move from reactive security to proactive, risk-informed governance.“Everyone has reports and dashboards, but most can’t explain how a breach would truly impact operations,” he said. “You need more than a SOC report or...
2025-07-1830 minCybersecurity ChroniclesForget Your Firewalls: One Shocking Truth About Your Cyber RiskOn the latest episode, hear a discussion about cyber risk management needing to look beyond IT. The hosts, Stanley Lee and Sean Mahoney, explore the complexities of cybersecurity, emphasizing the importance of understanding cyber risks that extend beyond traditional IT frameworks. They highlight the critical role of employee awareness and the need for organizations to adapt their security measures in response to evolving threats.Mentioned in this episode:Podcast Outro Bumper
2025-06-1758 minCybersecurity ChroniclesEnd Compliance Theatre: How Automation Can Save Your BusinessIn this eye-opening episode of Cybersecurity Chronicles, we tackle a critical challenge facing executives today: the devastating impact of cyberattack downtime. Join Netswitch's VP Sean Mahoney, CFO Bernard Mendoza, and cyber resilience expert Steve Piggott as they move beyond "compliance theatre" to discuss why automated disaster recovery (DR) isn't just a good idea – it's essential for your business's survival and future.Drawing on real-world examples of crippling ransomware attacks, they break down the immense financial and operational costs of extended downtime, from lost revenue and unexpected expenses to damaged brand reputation and customer churn. Bernard Mendoza shares th...
2025-05-1130 minCybersecurity ChroniclesWill Quantum Computers Steal Your Job or Save the World an Expert ExplainsIn this episode of Cybersecurity Chronicles, host Sean Mahoney sits down with quantum computing expert John O’Malley to talk about the world of quantum computing. John worked with the NIST Post Quantum Encryption Standards Committee, after having previously led Change Healthcare's Identity and Access Management (before the breach).They delve into the current state of quantum technology, its potential applications in various industries, and the challenges that lie ahead. From cybersecurity advancements to the future integration of quantum computing in everyday business operations, this conversation provides a comprehensive overview of how quantum computing is se...
2024-10-0441 minCybersecurity ChroniclesFeeding the Gators: Why SMBs Get Hacked & Big Guys Get AwaySean Mahoney of Netswitch is joined by Wil Lassalle, of JLS, Tech to talk about a headline story and share some insights about preventing a similar event from occurring for your SMB.The guys explore why small businesses are more susceptible to cyberattacks than larger corporations. They talk about the perception among cybercriminals that small businesses have weaker defenses and are easier targets. Additionally, they discuss the potential unfairness of the current system, where large corporations face lighter consequences (like fines) for data breaches despite causing significant financial losses.Learn WHY:Small businesses are...
2024-06-1834 minCybersecurity ChroniclesAn Insider's Guide to Cracking the Cyber Compliance Code in Latin AmericaIn this episode, Will Lassalle, co-founder of Simplix, a platform designed to assist businesses in complying with cyber regulations in Latin America, discusses the challenges and opportunities surrounding cyber compliance in the region.We then delve into the evolving cyber regulatory landscape in Latin America, highlighting the region's efforts to catch up with global data privacy laws and cyber regulations.We emphasize the pressing need for businesses to enhance their cyber hygiene and mitigate the risks associated with breaches and ransomware attacks, particularly for those working with US or European companies that must adhere to...
2024-06-0739 minCybersecurity ChroniclesCyber Resilience Secrets: A Roadmap for LatAm BusinessesIn this episode, we discuss the importance of cyber resilience and business continuity planning for businesses in Latin America. The key points covered include:Latin companies increasingly targeted as entry points to larger partners/suppliersConducting thorough business impact analysis (BIA) is critical first stepDevelop strategies/plans to maintain core functions during disruptionsRegularly test and update resilience plans as operations changePre-establish agreements with external support services for faster responseUse multi-language documentation for organizational understandingCustomize resilience plans to each business's unique risks/impacts/prioritiesInvesting in resilience enables innovation, efficiency, competitivenessWe share the secrets of how to invest...
2024-05-1531 minCybersecurity ChroniclesSecret Santa: A Modern Day Insider ThreatIn this episode of the Cybersecurity Chronicles, Sean Mahoney with Netswitch, and Tamara Lauterback, Sr. Cybersecurity and GRC Analyst with Guthrie discuss the evolution of cyber risk, focusing on the concept of insider threat. They explore how seemingly innocent actions can pose significant risks in the digital landscape. The conversation also touches on the role of AI and machine learning in shaping modern threats, the importance of continuous cybersecurity education, and the challenges of maintaining security in a rapidly advancing technological environment.Mentioned in this episode:Podcast Outro Bumper
2023-12-2019 minCybersecurity ChroniclesFrom SOC to GRC: Unraveling Cyber Risk ManagementIn this episode of the Cyber Security Chronicles, join Sean Mahoney, Stanley Li, CEO and Founder of Netswitch, and special guest Tamara Lauterbach, a senior Cybersecurity & GRC Analyst at Guthrie. Tamara shares her unique journey from the technical side of cybersecurity to the Governance, Risk Management, and Compliance (GRC) side. She discusses her early career in a Security Operations Center (SOC), where she developed a passion for insider threat analysis. This led her to transition into the GRC field, where she found her skills and experience were highly applicable. The conversation covers the importance of...
2023-12-0834 minCybersecurity ChroniclesSons fo Hope: Critical Insights on the Alarming State of Cybersecurity PracticesSean Mahoney and Will Lassalle catch up on the current state of cybersecurity, recent data breaches, the impact of regulations, and where opportunities for the future seem to be regarding compliance and cyber risk.Mentioned in this episode:Podcast Outro Bumper
2023-11-3034 minCybersecurity ChroniclesArmageddon in Education - Fortifying Your DefensesProactively Defend Against the Onslaught of Cybercrime by Fortifying Your Defenses with Cyber Risk Assessment and InsuranceThe rise of cybercrime poses an increasing challenge for all levels of education. Criminals are constantly adapting their tactics to target faculty, staff, students, and alumni. With the surge in payloadless malware, business email compromise, and various email-based attacks, safeguarding your institution from these threats is now of paramount significance.Cyber Insurance may be the last line of defense for many organizations, but in education, it may be the first line due to the limited resources of educational...
2023-08-1329 minCybersecurity ChroniclesHeadline Making Data Breach of Global Organization Has Lessons for SME's - Learn Before You're the Cause of the Next OneThe various T-Mobile data breaches serve as a stark reminder of the critical importance of supply chain security in today's interconnected business landscape. While the incident primarily affected a global telecommunications company, the lessons derived from this breach can be invaluable for small and medium-sized enterprises (SMEs) as they strive to become secure supply chain partners. By understanding and implementing key lessons, SMEs can strengthen their security measures, safeguard sensitive information, and foster trust among their partners and customers.Will Lassalle and Sean Mahoney share some important insights and offer valuable solutions for...
2023-05-2634 min
Деды Бухтят На Интернет - The Old WTFВсе Люди Хотят Жить Долго, Но Никто Не Хочет Писать На Легаси | Old.WTF | S02E02 (26) #Oldwtf
Привет старички и старушечки! Сегодня вас ждет маскимально эпичный выпуск, в котором вас ждет вал терминов, фамилий и крутости, так что даже с названием нам помогал Джонатан Свифт, а в гости мы позвали мощного гирьевого котлин деда Антона Архипова.
Но в начале, press F to pay respect - к сожалению, эпичные деды к сожалению иногда внезапно уходят из жизни и в этот раз мы вспомним, чем же запомнился нам Боб Ли (Bob Lee). Вот вкратце, что о нем говорит его страница в LinkedIn: создатель платёжного сервиса Cash App, экс-разработчик ОС Android в Google, бывший техдиректор Square (Block) и инвестор технологических стартапов SpaceX, Clubhouse, Tile, Figma, Faire, Orchid, Addressable, Nana, Ticket Fairy, Gowalla, Asha, SiPhox, Netswitch, Found и многих других. Замечательный со всех сторон человек, который много сделал для индустрии.
И раз уж зашла речь про дедов и джаву, то отвечаем на вопрос из чата - Почему средний возраст участников java конференций - 40+. Где молодежь? На чем она пишет? На чем модно нычне вкатываться в айти?
Так же Витя задается двумя вопросоми - станет ли Web Assembly индустрии и как говорить Malmö. Отвечает наш гость - Антон Архипов.
В конце наши деды расскажут, чем занять себя и свои руки в пятницу вечером, чтобы вам не было весело, задорно, но не совсем порно =)
Про Боба Ли
https://www.nytimes.com/article/bob-lee-stabbing-san-francisco.html
https://news.ycombinator.com/item?id=35457341
Популярность языков программирования
https://survey.stackoverflow.co/2022/
Статью, которую редактировал Витя
https://konghq.com/blog/engineering/building-grpc-apis-with-rust
Adrian Cole
https://twitter.com/adrianfcole
Money Shot
https://www.rottentomatoes.com/m/money_shot_the_pornhub_story
Madoff
https://www.imdb.com/title/tt23732458/
00:00 Интро
03:18 Bob Lee - Гибель эпичного деда
21:19 Деды и Java - А где молодежь?
50:00 К серёзным новостям: Money Shot: the PornHub story и другие документалки
2023-04-2057 min
Деды Бухтят На Интернет - The Old WTFВсе Люди Хотят Жить Долго, Но Никто Не Хочет Писать На Легаси | Old.WTF | S02E02 (26) #Oldwtf
Привет старички и старушечки! Сегодня вас ждет маскимально эпичный выпуск, в котором вас ждет вал терминов, фамилий и крутости, так что даже с названием нам помогал Джонатан Свифт, а в гости мы позвали мощного гирьевого котлин деда Антона Архипова.
Но в начале, press F to pay respect - к сожалению, эпичные деды к сожалению иногда внезапно уходят из жизни и в этот раз мы вспомним, чем же запомнился нам Боб Ли (Bob Lee). Вот вкратце, что о нем говорит его страница в LinkedIn: создатель платёжного сервиса Cash App, экс-разработчик ОС Android в Google, бывший техдиректор Square (Block) и инвестор технологических стартапов SpaceX, Clubhouse, Tile, Figma, Faire, Orchid, Addressable, Nana, Ticket Fairy, Gowalla, Asha, SiPhox, Netswitch, Found и многих других. Замечательный со всех сторон человек, который много сделал для индустрии.
И раз уж зашла речь про дедов и джаву, то отвечаем на вопрос из чата - Почему средний возраст участников java конференций - 40+. Где молодежь? На чем она пишет? На чем модно нычне вкатываться в айти?
Так же Витя задается двумя вопросоми - станет ли Web Assembly индустрии и как говорить Malmö. Отвечает наш гость - Антон Архипов.
В конце наши деды расскажут, чем занять себя и свои руки в пятницу вечером, чтобы вам не было весело, задорно, но не совсем порно =)
Про Боба Ли
https://www.nytimes.com/article/bob-lee-stabbing-san-francisco.html
https://news.ycombinator.com/item?id=35457341
Популярность языков программирования
https://survey.stackoverflow.co/2022/
Статью, которую редактировал Витя
https://konghq.com/blog/engineering/building-grpc-apis-with-rust
Adrian Cole
https://twitter.com/adrianfcole
Money Shot
https://www.rottentomatoes.com/m/money_shot_the_pornhub_story
Madoff
https://www.imdb.com/title/tt23732458/
00:00 Интро
03:18 Bob Lee - Гибель эпичного деда
21:19 Деды и Java - А где молодежь?
50:00 К серёзным новостям: Money Shot: the PornHub story и другие документалки
2023-04-2057 minCybersecurity ChroniclesCyber Risks Mitigation & Transfer - Founder to Founder Perspective on Cyber Liability Protections and What You Can Do To Protect YourselfThere's no escaping cyber risks these days. But what can you do to mitigate and transfer them? Listen to this episode for a Founder-to-Founder conversation as they share their perspectives on cyber risk & protecting their small businesses.You'll learn about different types of cyber risks, how to assess and protect against them, and some tips for preparing for cyber liability insurance to prevent a cyber incident from destroying your business.Michael McCarron, Founder & CEO of Lakeside Insurance, and Stanley Li, Founder & CEO of Netswitch Technology Management share their perspectives on the...
2022-12-0526 minCybersecurity ChroniclesStop Guessing About Cyber Liability, What Risks Executives NEED to Know About the Latest ChangesData breaches are becoming more and more common, and they are costly—the average cost of a data breach is now $3.86 million. Regulations and compliance will only increase this cost. Businesses need to take steps to protect themselves, and one way to do this is by purchasing cyber liability insurance. Join Hosts Sean Mahoney and Stanley Li and their guest Jake Charen, Senior Rick Architect of Lakeside Insurance to learn:What is cyber liability insurance?Why should executives consider having a cyber liability? Is it worth the investment?After the Travelers and ICS suit, what is the...
2022-11-0236 minCybersecurity ChroniclesYour Supply Chain Is A Risk, Why? - How To Not Be The Weakest LinkBusiness today faces the great resignation and migration of employees, and that can be a lot of institutional knowledge about your supply chain leaving. The risk from your vendors grows every day and how do you know which ones are cognizant and which ones are unknowing.Pam Hamingson, Director of Compliance with Fortrex joins Sean Mahoney to talk about Third Party Risk Management [TPRM] and the growing level of risk your supply chain brings. The increasing number of regulations expect you to know about your vendors and their security practices.How do you know what data...
2022-07-1437 minCybersecurity ChroniclesThe Only Affordable Risk is the One You Avoided - A Legal Perspective for Compliance and RiskTara Trantham joins Sean Mahoney of Netswitch to talk about steps regulated and non-regulated businesses should be and can be doing to ensure they are more secure. Learn steps you can take as an SMB to reduce cyber risk and secure your business’s future.Tara Trantham is CEO & Founder of TJ44 Consulting, they are compliance, risk management, and creditors rights services experts and with Tara’s background as an attorney and General Counsel in the Financial Service sector, you have that important perspective as well when it comes to dealing with compliance in a regulated industry....
2022-05-2823 minCybersecurity ChroniclesDon’t Let a Disaster Ruin Your BusinessThink about your business and everything that goes into defining who and what you are as that business. Your operations, the people you employ, the people and companies you serve. Your products or services. All the fruits of your labor and the reputation you’ve built.Disasters, like ransomware, wildfires, or pandemics often can’t be predicted but will impact your business and affect your employees and customers. Proper planning can ensure your business is back up and running so it lasts.In this episode, Sean Mahoney talks with Rob Zegarra, Instructor at Disaster Recovery Inst...
2022-05-0522 min
The Data Scientist PodcastData Science, AI & Cybersecurity: Joint episode with Stanley Li and Sean MahoneyWhat does data science have to do with cybersecurity? Is AI the next big thing in cyberdefense? The cybersecurity industry is a $170 billion market, and this market size is only going to increase in the future. AI has largely been seen as a separate field to cybersecurity, but many people believe that it might actually be an integral part of the future of cyberdefense.
On this exciting joint episode, I am joined by Stanley Li and Sean Mahoney from Netswitch , as we get the change to discuss about the future of autonomous systems in cybersecurity.
2022-03-1023 minCybersecurity ChroniclesData Science, AI & Cybersecurity With Special Guest Dr Stylianos KampakisSean Mahoney & Stanley Li of Netswitch are joined by special guest Dr. Stylianos Kampakis, CEO of Tesseract Academy to discuss what is data science & why it's making the greatest impact for small and mid-size businesses. Plus, the growing influence of blockchain for data ownership and integrity. To learn more about Dr. Kampakis, visit http://tesseract.academySponsored by Netswitch Technology Management - netswitch.net
2022-02-2423 minCybersecurity ChroniclesWith Special Guest Doug Kreitzberg, CIPPDoug Kreitzberg is the CEO and Founder of Beehive Cyber and is a Certified Information Privacy Professional / Europe and United States. Doug joins Sean Mahoney of Netswitch to discuss the importance of cyber insurance and how it can help a company survive a ransomware attack, how premiums can be reduced, and what you should do BEFORE you get a cyber insurance quote.Sponsored by Netswitch Technology Management - netswitch.net
2022-01-2026 min
DxTalks CryptoTalks Podcast Hosted by Rudy ShoushanyThe Global Impact of Digital Transformation with CyberTheoryA new year, a new opportunity.happy to share with you a Podcast with CyberTheory with it's managing director Steve King .As we’re all rushing madly toward the fourth industrial revolution, it is putting tremendous pressure on cybersecurity efforts. Rudy Shoushany, an expert in digital transformation strategy weighs in on what digital transformation means and where we stand in terms of progress on the digital transformation journey.Digital transformation is the process of using digital technologies to create new, or even disrupt the current business processes, the culture, customer experience, to meet those ever changing business and market requirements.Ch...
2022-01-0225 minCybersecurity ChroniclesYour Cybersecurity Program Has Started, How Do You Measure or Monitor for ROI?In this episode, Sean Mahoney and Stanley Li of Netswitch interview Mary Siero, who is a CISSP/CISM as well as an Instructor with the MIS Training Institute.On the call Sean, Stanley and Mary ask the question: 'Now you've started the path to improve your security and lower your risk, how do you measure success and ROI of your cybersecurity solutions?'Sponsored by Netswitch Technology Management - netswitch.net
2021-11-2225 minCybersecurity ChroniclesDespite the Money Poured into Cybersecurity, We’re Less Secure Than Ever - With Guest Fred Doyle, CISSPIn this episode, Sean Mahoney and Stanley Li of Netswitch talk with guest expert Fred Doyle, CISSP - CEO & Founder of CubicPrism to discuss why despite the money poured into cybersecurity, we're less secure than ever. Mr. Doyle has been a Senior Security Architect and is regularly being “sold” on the latest and greatest cybersecurity tools with ever-increasing capabilities, but is there a value to them?Sponsored by Netswitch Technology Management - netswitch.net
2021-11-1224 minCybersecurity ChroniclesCMMC Is Not the Silver Bullet for Compliance with Guest Carter Schoenberg, CISSP (PART 2)In this episode, Sean Mahoney and Stanley Li of Netswitch interview Carter Schoenberg, CISSP - Vice President, and Chief Cybersecurity Officer at SoundWay Consulting to discuss why CMMC, although important and a great advancement from where we are today, is not the silver bullet for making a company completely secure and compliant. There are several other aspects to cyber security and compliance that companies of all sizes need to be aware of and consider as part of their overall strategy.PART 2/2Sponsored by Netswitch Technology Management - netswitch.net
2021-10-2923 minCybersecurity ChroniclesCMMC Is Not the Silver Bullet for Compliance with Guest Carter Schoenberg, CISSP (PART 1)In this episode, Sean Mahoney and Stanley Li of Netswitch interview Carter Schoenberg, CISSP - Vice President, and Chief Cybersecurity Officer at SoundWay Consulting to discuss why CMMC, although important and a great advancement from where we are today, is not the silver bullet for making a company completely secure and compliant. There are several other aspects to cyber security and compliance that companies of all sizes need to be aware of and consider as part of their overall strategy. (PART 1)Sponsored by Netswitch Technology Management - netswitch.net
2021-10-2121 minCybersecurity ChroniclesThe One Easy Step To Recover From Ransomware Everyone IgnoresIn this episode, Sean and Stanley discuss the US Senate's latest abysmal cybersecurity report citing "essentially the same failures" as a decade ago and reveals the one easy step to recover from ransomware... Sponsored by Netswitch Technology Management - netswitch.net
2021-08-1021 minCybersecurity ChroniclesCMMC 101 with Guest Expert Amira Armond of CMMCaudit.orgIn this episode Amira Armond, the Chief Editor of CMMCaudit.org, joins Sean and Stanley to discuss all about CMMC - the Cybersecurity Maturity Model Certification - and its importance for the entire DoD supply chain.Sponsored by Netswitch Technology Management - netswitch.net
2021-07-2232 minCybersecurity ChroniclesKaseya - The Ransomware Supply Chain Chaos Causing SaaS Vendors an Ethical NightmareCISO Will Lassalle joins Sean Mahoney to discuss the catastrophic implications of the Kaseya ransomware disaster for 1500 SMBs.Sponsored by Netswitch Technology Management - netswitch.net
2021-07-1321 minCybersecurity ChroniclesThe Great FBI Bitcoin Recovery Heist - With CISO Will LassalleIn this episode CISO Will Lassalle returns with Sean Mahoney to discuss the latest issues, topics and fallout in the world of Cyber Risk, Governance & Compliance... including the mysterious FBI bitcoin recovery 'heist'Sponsored by Netswitch Technology Management - netswitch.net
2021-07-0820 minCybersecurity ChroniclesWith Special Guest CISO Will Lassalle - Cybersecurity and the Death StarIn this episode CISO Will Lassalle returns alongside Sean and Stanley to discuss the latest issues, topics and fallout in the world of Cyber Risk, Governance & Compliance... PLUS what Cybersecurity has in common with the Death Star...Sponsored by Netswitch Technology Management - netswitch.net
2021-06-1018 minCybersecurity ChroniclesRansomware and the Colonial Pipeline AttackSean Mahoney and Stanley Li from Netswitch discuss the Colonial Pipeline ransomware attack as well as the implications for critical infrastructure and the B2C supply chain.
2021-05-1420 minCybersecurity ChroniclesRansomware And Nation State Attacks - What They Mean For Us AllRansomware and nation-state attacks are two of the biggest security threats out there, but what do they mean for you? That's exactly what Stanley Li and Sean Mahoney from Netswitch discuss on this latest episode...
2021-04-1926 minCybersecurity ChroniclesSpecial Guest Don Cox: A CISO's View Why AI & Machine Learning are important for CyberRisk managementIn this episode CISO Don Cox returns alongside Sean and Stanley to discuss why AI and machine learning are so important for CyberRisk management, including: -- Why automation is essential for cybersecurity readiness.-- Why being able to fix problems autonomously is critical.-- The lessons Don's learned from his 25-year background into investigating high-tech crimes.-- Why automation is NOT about replacing employees.Sponsored by Netswitch Technology Management - netswitch.net
2021-03-1830 minCybersecurity ChroniclesMTTD and MTTR - The Only Two Risk Metrics You Need To KnowStanley Li and Sean Mahoney of Netswitch discuss the TWO most important CyberRisk metrics you need to know and measure - MTTD and MTTR. -- What are MTTD and MTTR and why are they so vital?--Why the R in MTTR should be Resolve not Respond--Case Study of the global hotel group with a 91% reduction in MTTD--The #1 cause of all security incidents--The open-source alternatives to expensive proprietary solutionsSponsored by Netswitch Technology Management - netswitch.net
2021-03-0825 minCybersecurity ChroniclesLittle Known SIEM Secrets with Seceon CEO Chandra PandeyStanley and Sean of Netswitch are joined by SECEON CEO and SIEM automation expert Chandra Pandey to discuss:-- Why is dynamic machine learning & AI automation so important to security?-- How to cope with the dynamic threat model.-- Why CyberRisk governance is driving the monitoring and reaction to security events.-- How effective security automation software can be made affordable for SMBs.-- Why Chandra's thousands of clients have not had ONE incident of ransomware being paid out.Sponsored by Netswitch Technology Management - netswitch.n...
2021-02-2230 minCybersecurity ChroniclesBusiness Email Compromise: The Good, The Bad and The UglyOn this episode Stanley Li and Sean Mahoney of Netswitch discuss:-- What is a Business Email Compromise (BEC)?-- The bad & ugly, the bad & fortunate and the right way to handle one.-- The Four steps to take if you think you're a victim of BEC-- Why the supply chain is critical-- what is phishing email simulation-- Plus, Stanley's big confession!Sponsored by Netswitch Technology Management - netswitch.net
2021-02-0822 minCybersecurity ChroniclesCyberRisk Governance & Compliance Starts With The TruthStanley Li and Sean Mahoney from Netswitch are joined by guest expert Jeff Westeman CSPC. Jeff is President of Black Anvil, LLC and is a specialist in CMMC for DoD Contractors. They discuss:-- How to make the business case for CMMC compliance -- How to get IT tech and compliance controls in alignment-- Why compliance is a cross-organizational issue, not just a technology one-- How to prepare for vendor selection-- Why you should never use your MSP to do your compliance gap analysis...
2021-01-2526 minCybersecurity ChroniclesWhy Sunburst Means Its Time To Stop Pretending Your IT Professional Is A CyberRisk ExpertStanley Li and Sean Mahoney discuss what the real implications of the Sunburst attack are for small and mid-size businesses, including:-- How do we get management, risk and tech to collaborate?-- How do you monitor cloud infrastructure and work with multiple third parties?-- How do you integrate different toolsets to monitor the cyber kill chain?-- Why its essential to use behavioral tools like SIEMs and where do you start?-- What exactly is a supply chain attack?-- How 'Are you SOC-2 compliant...
2021-01-1525 minCybersecurity ChroniclesSpecial Guest Blake Strozdas - Automated Penetration Testing ExpertSpecial guest expert Blake Strozdas from Pcysys joins Stanley Li and Sean Mahoney to share real-life insights and lessons-learned from conducting automated pentests, including:-- Why Gartner says only 3-5% of vulnerabilities are actually exploitable.-- Why automated pentesting tools are needed to help identify vulnerabilities that have the highest priority.-- If a high-risk vulnerability is discovered, how best-of-breed automation tools will take action to nullify risk but not take down your live network.Sponsored by Netswitch Technology Management - netswitch.net
2020-12-3022 minCybersecurity ChroniclesFireEye and WannaCry - What Are They And Why Are They A Big Deal?Stanley Li and Sean Mahoney join James Watson to discuss the FireEye hacking incident plus what this means for the average small business in the weeks and months ahead, including:-- What exactly was stolen from FireEye and what does it mean for small business owners?-- Why the FBI has very unusually commented on an ongoing case.-- How simulated testing is on the forefront of cybersecurity.-- What are the typical costs of a cyber protection service?Sponsored by Netswitch Technology Management - netswitch.net
2020-12-1026 minCybersecurity ChroniclesCyber Crime and Data Insurance FAQsSean Mahoney and Stanley Li from Netswitch along with James Watson discuss everything you need to know about cyber insurance, including: -- What does cyber insurance mean-- Why do you need it?-- Why is it different from every other insurance industry?-- What are the 7 different types of cyber insurance?-- How expensive is cyber insurance?Sponsored by Netswitch Technology Management - netswitch.net
2020-12-0721 minCybersecurity ChroniclesThe Return And Rise Of Ryuk RansomwareStanley Li and Sean Mahoney from Netswitch are joined by James Watson to discuss the return and rise of Ryuk ransomware - one of the most dangerous types of targeted enterprise ransomware:-- What exactly is Ryuk ransomware?-- Which types of organizations are being targeted?-- What is the typical value of a Ryuk ransomware demand?-- What are the simple, low-cost ways organizations can protect themselves from Ryuk?Sponsored by Netswitch Technology Management - netswitch.net
2020-11-2320 minCybersecurity ChroniclesTransforming Risk Management and Compliance - The Power of RegTechStanley Li and Sean Mahoney from Netswitch discuss the increasing importance of 'RegTech' - where compliance meets technology:-- What exactly is RegTech and SupTech? -- How to bring visibility of both inside a single dashboard.-- How today's world has multiple regulatory compliance standards, not just 1 or 2.-- Why 'managing by spreadsheet' is no longer an option in this complex world.-- A real-world story of the challenges facing one IT Integration architect manager. -- Why communication with auditors can cause more issues than doing the c...
2020-11-0613 minCybersecurity ChroniclesThe One Million Dollar Deleted EmailSean Mahoney, Stanley Li and James Watson discuss a new case of a construction company that may incur a $1m cost because of a single email deleted by an employee 2 years ago.-- Why Governance Risk and Compliance (GRC) is driving the agenda for security controls, policies and procedures for small and mid-size businesses.-- How automation can be used to manage and mitigate enterprise risk.-- Why managed service providers are evolving to combine support for network administration, security and risk management.Sponsored by Netswitch Technology Management - netswitch.net
2020-10-2618 minCybersecurity ChroniclesRansomware - The Cost Beyond Your PaymentIn this episode, Sean Mahoney, Stanley Li and James Watson discuss the latest US Dept of Treasury advisory on potential sanctions risks for facilitating ransomware payments.Why the OFAC (Office of Foreign Assets Control) is watching.The rumour about why Garmin didn't engage with their ransomware attackers directly.The importance of ESG - Environmental and Social GovernanceCanadian Internet Registration Authority report says 90% of people will avoid companies that have been breached. The ethical dilemma - should hospitals pay ransomware?The 3 things small and mid size businesses n...
2020-10-1919 minCybersecurity ChroniclesManaged Detection and Response or a Managed Security Service Provider?On this episode Don Cox, former CISO at Mednax, Inc joins Stanley Li and Sean Mahoney of Netswitch to discuss the key differences between a Managed Detection and Response (MDR) Service compared to a Managed Security Service Provider (MSSP). Topics include:- What is MDR and what is an MSSP?- How does the MDR model differ from an MSSP?- Why would I use MDR?- Can MSSPs provide MDR?- What types of organizations typically use MDR?- Can I replace my MSSP...
2020-10-0519 minCybersecurity ChroniclesWhy All CIOs & CISOs Will End Up Working For Risk Managers-Why risk management and technology are totally different skill sets.-The #1 problem involving products, vendors, compliance and security. -The 2 top questions CEOs are asking right now about risk.-What Covid-19 means for global security budgets.-Who's becoming the real driver of technology decisions today.-Why risk is a business problem, not an IT one.-Why the roles of CIOs and CFOs are broadening to include risk.-The first question risk managers always ask (hint - its not about tech).Sponsored by Netswitch Technology...
2020-09-2816 minCybersecurity ChroniclesPenetration Testing: A Managed Service Or Only Once Per Year?In this episode Stanley Li and Sean Mahoney from Netswitch are joined by James Watson to discuss exactly what is Penetration Testing as a Service (PTaaS) and the increasing trend for businesses to move away from once-a-year pen tests to more regular, monthly ones instead.Episode highlights:- 15 years ago, when manual vulnerability scanning and assessments were the only options.- Why manual plus automated testing combined is essential to get the highest quality results from pen tests.- The new CVE 2020 1472 vulnerability Microsoft recently announced that won't be patched until 2021...
2020-09-2118 minCybersecurity ChroniclesPenetration Testing FAQsIn this episode Sean Mahoney is joined by Stanley Li and Professor Michael Lassiter from Netswitch to discuss some of the most commonly asked questions about penetration tests, which include:How do I know a pen test is effective? How do we set the goals of the pen test? Will you make recommendations to the business?How can we trust your automated tool? Do I need a black box test for PCI-DSS or HIPAA compliance?When you send the post pen test report to us, what are supposed to do with it? How long should it take to do th...
2020-09-1419 minCybersecurity ChroniclesVulnerability Assessments And Penetration Testing 201Sponsored by Netswitch Technology Management - netswitch.net
2020-08-3122 minCybersecurity ChroniclesVulnerability Assessments And Penetration Testing 101Sponsored by Netswitch Technology Management - netswitch.net
2020-08-2434 minCybersecurity ChroniclesMulti-Layered Defense And Platform As A ServiceSponsored by Netswitch Technology Management - netswitch.net
2020-08-1717 minCybersecurity ChroniclesThe Rising Cost Of Security ToolsSponsored by Netswitch Technology Management - netswitch.net
2020-08-1018 minCybersecurity ChroniclesThe Mouse Of The ProblemSponsored by Netswitch Technology Management - netswitch.net
2020-08-0316 minCybersecurity ChroniclesRansomware In KentuckySponsored by Netswitch Technology Management - netswitch.net
2020-07-2717 min