Security Weekly Productions

The vast majority of the folks working polls and elections are volunteers. This creates a significant training challenge. Not only do they have to learn how to perform a complex and potentially stressful job in a short amount of time (most training is one day or less), cybersecurity-related concerns are usually not included for individual poll locations and election workers. https://bit.ly/3O54wvw Kirsten Davies has a passion project that attempts to solve this, with some concise, accessible, and straightforward training material. It is made available through two PDFs on her new organization's website, https://lnkd.in/dY4K2qjZ Visit https://lnkd.in/eFKJWwZV for all the latest episodes! Show Notes: https://lnkd.in/ePYwJE34

Recall III: the Re-Re-Recalling, Russia, Win 10, Phish n Ships, Midnight Blizzard, Emerald Whale, Rob Allen, and More, on this edition of the Security Weekly News. https://bit.ly/3AOpPOS This segment is sponsored by ThreatLocker. Visit https://lnkd.in/eMvABg2 to learn more about them! Visit https://lnkd.in/eUwRwbwF for all the latest episodes! Show Notes: https://lnkd.in/gX_igGNa

After spending a decade working for #appsec vendors, Grant McKracken wanted to give something back. He saw a gap in the market for free or low-cost services for smaller organizations that have real appsec needs, but not a lot of means to pay for it. He founded DarkHorse, which offers #VDPs and bug bounties to organizations of all sizes for free, or for as low of cost as possible. While not a non-profit, the company's goal is to make these services as cheap as possible to increase accessibility for smaller or more budget-constrained organizations. The company has also introduced the concept of "fractional #pentesting", access to cyber talent when and how you need it, based on what you can afford. This implies services beyond just offensive security, something we'll dive deeper into in the interview. We don't see DarkHorse ever competing with the larger Bug Bounty platforms, but rather providing services to the organizations too small for the larger platforms to sell to. https://bit.ly/4hHt9w8 Visit https://lnkd.in/eZrfEBJY for all the latest episodes! Show Notes: https://lnkd.in/eTzXxHr5

Stewart and Trey join us to talk about driving cybersecurity policies for the nation, what makes a good policy, what makes a bad policy, supply chain research and policies, and overall how we shape policies that benefit cybersecurity. https://bit.ly/4elJFyT This segment is sponsored by Eclypsium, Inc. Visit https://lnkd.in/dUM_WMX to learn more about them! Show Notes: https://lnkd.in/ei4gjbi2

Have you ever had a pen tester own your network? Guessing the answer is yes. Well, let's talk with Julian Austin, vCISO at Thrive, about some of the simple ways you can avoid account compromises by strengthening your identity security through #MFA, least privilege, account reviews, and all the things! https://bit.ly/3YGjRrl This segment is sponsored by CyberArk. Visit https://lnkd.in/evCz-inF to learn more about them! This segment is sponsored by Saviynt. Please visit https://lnkd.in/emyafa5s to learn more and get a free demo! This segment is sponsored by Liminal. Visit https://lnkd.in/ewbptUiH to learn more about them!

The future is here! Imagine if you could get into the office, a data center, or even an apartment building as easily as you unlock your smartphone. Alcatraz AI is doing exactly that with technology that works similarly to how smartphones unlock using your face. It works in the dark, if you shave off your beard, and so quickly you don't even need to slow down for the scan - you can just keep on walking. We don't often cover physical security, so this interview is going to be a treat for us. There are SO many questions to ask here, particularly for our hosts who have done physical #penetrationtests, #socialengineering, and tailgating in the past to get past physical security measures. https://bit.ly/3YEajxe Visit https://lnkd.in/eFKJWwZV for all the latest episodes! Show Notes: https://lnkd.in/ewmfBwDS

Andy Syrewicze from Hornetsecurity drops some Microsoft Windows and 365 knowledge as we discuss the details on how we get to secure by default in our Windows and cloud environments. https://bit.ly/3O1pM5u Visit https://lnkd.in/e5M6R3hc for all the latest episodes! Show Notes: https://lnkd.in/eVepG-Nt

Tariffs, Pygmy Goat, Schneider, SQLite and Dixie Flatline, Deepfakes, Military AI, Josh Marpet, and more on the Security Weekly News. https://bit.ly/3CtAiQd Visit https://lnkd.in/eUwRwbwF for all the latest episodes! Show Notes: https://lnkd.in/ef4cghKs

Merger and acquisition (M&A) activity is finally starting to pick up. Although the allure of financial gains and market expansion drives these deals, the digital age demands a rigorous assessment of #cybersecurity risks accompanying such #mergers. Unanticipated cyber issues, like dormant malware or inconsistent access controls, can transform an ideal transaction into a costly headache for the acquiring company post-merger. So how do you assess the potential cyber risks of the transaction? Craig Davies, Chief Information Security Officer at Gathid | Gathered Identities, joins Business Security Weekly to review the five crucial cyber questions to ask before finalizing any deal. If you're in a merger or acquisition, or plan to merge or acquire another company, don't miss this episode. https://bit.ly/3O23W1I Visit https://lnkd.in/ezmaK2Hj for all the latest episodes! Show Notes: https://lnkd.in/eT5bj72h

In the leadership and communications segment, The CISO Mindset: A Strategic Guide for Aspiring CEOs and The Board Members, The Top Strategy to Earn More Respect at Work: A Leadership Expert’s Proven Method, The Problem with Mandating Office Presence Without Purpose, and more! https://bit.ly/40C7Upe