In this episode of the CYBER24 podcast, presented by VLCM, we discuss application security with Laura Bell Main, the founder and CEO of SafeStack. We discuss incentivizing security in software design and her belief that secure software is more than just the code developers write.

Panelists

Laura Bell Main, CEO of Safestack

In this episode of the CYBER24 podcast, we sit down with Patrick Hynds and Duane Laflotte from Pulsar Security to discuss cybersecurity and their podcast "Security This Week." As experienced cybersecurity professionals and educators, they share their insights on teaching cybersecurity to their audience and what businesses can do to protect themselves against cyber threats. Tune in to learn from their expertise and experience.

Panelists

Patrick Hynds, CEO

Duane Laflotte, CTO

In this episode of the CYBER24 podcast, presented by VLCM, we sit down with Jon Murchison, founder and CEO of Blackpoint Cyber. Jon is a fromer NSA computer operations expert and we cover everything from how he recruits the best cyber talent in a high-demand market to how the ongoing war in Ukraine has impacted the types of cyber attacks his team is fighting. 

In this episode of the CYBER24 podcast, presented by VLCM, we continue our look cyber frameworks and certifications. We take a deep dive into the popular SOC 2. We learn more about SOC 2, to whom it applies, why some organizations need it, and how they get it. 

In this episode of the CYBER24 podcast, presented by VLCM, we take a closer look nation-state hackers trying to get access to COVID vaccine research in the U.S. Because the work is being done at universities and private companies, the federal government can’t provide the level of security many say we need. 

Panelists
Anthony Booyse, SOPHOS
Dan Schuyler, VLCM

In this episode of the CYBER24 podcast, presented by VLCM, we take a closer look at effective cyber frameworks and maturity assessments. Our discussion covers the top reasons frameworks are important and what frameworks apply to which businesses. 

Panelists
Greg Johnson, CEO Webcheck
Mike Hussey, Executive Director, Utah Dept. of Technology Services

You likely know that cybercriminals will never waste an opportunity to get access to your personal for company financial data. And disruptions to our everyday routines make it easier to slip one past us. But you might be surprised at just how much of a spike in pandemic-related cybercrime attacks there have been. One report shows an increase of 30,000 percent. In this episode of the CYBER24 podcast, presented by VLCM, we discuss the factors at play to make you and your organization more vulnerable when your routine is interrupted. 

Panelists
Matt Sorensen, Formidify
Dan Schuyler, VLCM
Phillip Kemp, VLCM

After a remarkable scramble, generally speaking, by businesses across the country to transition to a remote workforce, smart businesses are looking at what they can accomplish while workers are out of the office. Think of it as a state that takes advantage of fewer cars on the road to get some big road construction projects done. On this episode of the CYBER24 podcast, presented by VLCM, we ask our experts what your business should be up to while the office is empty. To quote Uncle Rico from Napoleon Dynamite, “You might as well do somethin’ while you’re doing nothin’.”

When society’s regular routine is thrown out off-kilter, cybercriminals get right to work. Whether they are stealing your video conferencing credentials to interrupt a meeting, using those credentials to access other accounts or launching websites to phish your employees, you need your defenses up now more than ever. In this episode of CYBER24, presented by VLCM, we discuss the various attack vectors hackers are utilizing to cause you financial pain. 

Some of us are old enough to remember the Cola Wars between Coke and Pepsi. The pandemic, work-from-home version of that is a Video Conference War. Zoom has become so widely adopted that it has become a verb but Google has now banned its use on company computers, citing security concerns. 

In this episode of the CYBER24 podcast, presented by VLCM, we take a look at the efforts by Zoom competitors to push back against the new big kid on the block. We also discuss warnings from the Department of Justice for those who are trying to hack into video conferencing platforms. 

Panelists
Dan Schuyler, VLCM
Anthony Booyse, Sophos
Paul Whittier, Sophos

Links

Google bans its employees from using Zoom over security concerns - The Verge

Federal, state and local law enforcement warn against teleconferencing hacking - DOJ

With remote work, these cyber threats are on the rise - Technical.ly

Over the past few weeks, businesses have had to shift the way they work. As COVID-19 has forced offices to shift to remote work, many companies are just now starting to understand the security risks related to their online meetings. In this week’s episode of CYBER24, presented by VLCM, we take a look at the various platforms available, how Zoom jumped out to a quick leed and what you should be thinking about to keep meetings secure. 

Panel: 
Dan Schuyler, VLCM
Matt Sorensen, Formidify

Ransomware is a growing problem for American businesses — particularly small and medium-sized businesses. In just the first nine months of 2019, there were nearly 152 million ransomware attacks. They are getting more sophisticated. Most efforts to thwart hackers rely on better training and better identifying malware. But there are larger forces at play that no single business or coalition of businesses can adequately address. In this episode of CYBERR24, presented by VLCM, we are joined by Matt Sorensen of Formidify as we take a look at three elements driving the rapid growth of ransomware. 

Element #1: Socio-economic conditions for STEM Educated Citizens of Eastern European Countries 

Element #2: Mainstream Development of the Cryptocurrency Ecosystem

Element #3: Mass Availability of cheap Malware and Free Hacking Tools

Over the past couple of weeks, a large portion of the workforce has faced a quick transition from office life to working remotely. Some organizations were well prepared to make that change, many employees had already been working remotely, but some faced significant challenges. 

In this episode of CYBER24, presented by VLCM, we connect remotely with Dan Schuyler to get his expert insight on what business leaders should consider to keep their employees productive and their data and systems secure. 

In this week’s episode of CYBER24, presented by VLCM, we discuss digital extortion with Michael Orozco of MorganFranklin Cybersecurity. He gives his insight on why are cybercriminals stealing personal and business information for future use and digital extortion and how they target differnet types of people, sectors or organizations. We also cover what should organizations do once they have been attacked or information is compromised and what steps can people or organizations take to mitigate these risks in the future.

Over the past week, national leaders have asked businesses to allow employees to work from home and Utah added a big earthquake to the mix. 

For leaders in the Utah Dept. of Technology Services, this meant putting plans into action to allow workers to connect while away from the office. In this episode of CYBER24, presented by VLCM, we sit down (uh, make that, connect remotely) with Mike Hussey, the state’s CIO and Phil Bates, the state’s CISO, to discuss the challenges of transitioning to an online workforce and the security measures that had to be in place. 

Plus, we talk about online scams and how quickly hackers swoop in to take advantage of a disruption in our normal routines. 

For all the talk about the importance of cybersecurity, despite an increase in the number of businesses and other organizations being targeted by hackers, for all the new regulations aimed at protecting consumers while forcing businesses to take data protection seriously, there are still far too many businesses that hesitate to put proper protections in place. Many fail to properly train their employees on security basics and it is still far too common for the C-suite to make cybersecurity the IT guy’s problem. 

In this episode of CYBER24, presented by VLCM, we sit down with Matt Sorensen of Formidify to take a closer look at the common excuses businesses give for not taking the issue seriously and ways the security industry may not be speaking the language of its most important potential customers. 

Detecting increasingly sophisticated malware attacks requires complex defenses. Security companies are using more and more advanced types of machine and deep learning to blacklist malware and prevent it from ever getting to your employees or your computer systems. We take a closer look at how they do it and how your business can benefit from smarter defenses on this week’s episode of the CYBER24 podcast, presented by VLCM. 

Anthony Booyse
Paul Whittier

In this week’s episode of the CYBER24 podcast, presented by VLCM, we discuss how a leading security company educates your employees to help them keep your data safe online. We also discuss the sophisticated technology they use to keep malicious links from getting to your employees in the first place. 

Anthony Booyse, Sophos
Paul Whittier, Sophos

The state of Utah is exploring the possibility of using blockchain technology to make voting more secure and more convenient. In this episode of CYBERR24, presented by VLCM, we sit down with Utah’s top technology official to learn more about the technology that might make voting from your phone a possibility, how they will accommodate non-tech voters and how tests of the tech have gone so far. 

Panel 

Anthony Booyse, Sophos

Mike Hussey, Utah Dept. of Technology Services

We know internet users love to click on links, often with too little regard for how trustworthy the source may be. And that can have bad results for everyone. Some experts say we need to do more than just try and train users to be smarter about their web security practices. In this episode of CYBER24, presented by VLCM, we sit down with Anthony Booyse of Sophos to learn more about his company’s approach to preventing malicious links from causing you problems. 

We also look at Google’s recent announcement that it wants to phase out third-party cookies. What will this mean for how businesses serve ads to potential customers online? We break it down. 

The internet of things (IoT) has been steadily creeping into our lives. From smart appliances to smart light bulbs, there are more and more devices that make our lives more convenient. But these devices operate on our personal and business networks. Any vulnerability on any one of those devices is a potential security risk for you, your family or your business. 

In this episode of CYBER24 presented by VLCM, our expert panel takes a deep dive into IoT, the security vulnerabilities it presents and what network segregation can do to keep you secure. 

Panelists
Anthony Booyse, Sophos
Paul Whittier, Sophos
Dan Schuyler, VLCM

Many considered 2019 to be the year of ransomware as the number of incidents shot up significantly. High profile targets — big cities like Atlanta and Baltimore — were targets. So were softer targets like school districts right before school resumed in the fall. So were small towns and smaller businesses with less sophisticated defenses. 

But as businesses get better at having backup, they become less likely to pay. So the bad guys have evolved their attacks. 

A new trend shows more hackers not only hitting targets with ransomware, but they have begun to steal the data and release small amounts of it to turn up the heat on victims and make sure they pay. 

On this episode of CYBER24, we look at this new trend and discuss whether it will become the new norm. 

We also take a look at a cyber attack on the head of Amazon and discuss how CEOs are becoming potential targets for cybercriminals.

If you are in business in the year 2020, you almost certainly collect, stores and use data. At the beginning of 2020, new regulations went into place that likely pertain to your day-to-day operations. In this episode of the CYBER24 podcast, presented by VLCM, we discuss the differences between privacy and security; new regulations like the California Consumer Privacy Act (CCPA) or internationally, the General Data Protection Regulation (GDPR); and a new approach to getting and staying compliant, developed by a company right here in Utah.

On this episode of CYBER24, we sit down with Greg Johnson, CEO of Webcheck, a company that specializes in penetration testing. We discuss the difference between penetration tests and vulnerability scans, what you can learn from each and how to determine the frequency with which you should perform these types of tests. 

In this week’s episode of CYBER24, we sit down with Dr. Danny Rittman to discuss Overlooked Security Vulnerabilities. Dr. Rittman is an R&D expert and CTO of GBT Technologies. We discuss everyIn this week’s episode of CYBER24, we sit down with Dr. Danny Rittman to discuss Overlooked Security Vulnerabilities. Dr. Rittman is an R&D expert and CTO of GBT Technologies. We discuss everything from a new type of chip he’s working on that will greatly increase storage capacity. We also talk about radio cybersecurity and authentication methods, inlcuidng how machine learning plays into cybersecurity. thing from a new type of chip he’s working on that will greatly increase storage capacity. We also talk about radio cybersecurity and authentication methods, inlcuidng how machine learning plays into cybersecurity. 

The U.S. takes military action against Iran and suddenly cybersecurity advocates don’t seem like they’re crying wolf. 

Experts and advocates have been saying for years that the time has come for the U.S. in both the private and public sectors to take their cybersecurity measures seriously and, suddenly, at the beginning of 2020, everyone seemed to begin to understand why. 

So, what does the potential of a cyberattack from Iran mean to your business? What about your state or local government? We dig in on that question on this episode of CYBER24, presented by VLCM. 

We also look back at 2019, which is now being called “the year of ransomware.”  A new report puts a hefty price tag on U.S. businesses that found themselves locked out of critical systems last year. We discuss why it’s a trend that will only accelerate this year. 

Utah is home to a tech boom of its own with top-names tech companies finding the Silicon Slopes a great place to do business and military and defense companies growing around Hill Air Force Base in Davis County. For policymakers, finding ways to encourage more Utah students to explore careers in those fields has been an ongoing challenge. This month, the Beehive State made two big announcements to show it is ready to do everything it can to ensure a steady pipeline of talent for decades to come. 

First, Gov. Gary Herbert announced he was including $10.2 million in his budget proposal to ensure every Utah student from K-12 has access to computer science education. That money is in addition to the private sector money pledged by the heads of some of Utah’s top tech companies - a total of $4 million to this point. 

That announcement came just a few days after the state had announced it would actively participate in the Girls Go CyberStart initiative, a program to encourage high school girls to explore their interest in and aptitude for careers in cybersecurity. 

Registration for Girls Go CyberStart opened this week, with online gaming commencing on January 13, 2020. Additional details and pre-registration can be found at www.girlsgocyberstart.org. 

Teacher information and student practice programs are available by clicking here. To see the types of challenges the students will face in the games, click here. 

On this week’s episode of CYBER24 presented by VLCM, we talk with the head of the Utah Dept. of Technology Services and the state’s chief information security officer about why these efforts are so important to the state and why finding talent to fill these jobs can be difficult. 

It’s a safe bet that over the past few weeks you have made an online purchase or two. You add your items to the cart and then check out. But just how secure is that shopping cart? Thousands of online vendors use a similar type of base-code for that shopping cart and hackers were recently able to access the systems at Macy’s, add a few small lines of code to the shopping cart and for a week they had access to data from every customer. 

On this week’s episode of CYBER24, presented by VLCM, we dive into what happened with Macy’s,learn more about the Megacart attack and how it is a concern for every website with a shopping cart.

Also, hundreds of millions of people may have had their text messages exposed online. If that’s not a headline that will catch your attention, I’m not sure what will. You may have become accustomed to data breaches or email compromise but text messages have become a primary source for information. We send a lot. We read a lot. And we generally trust that those texts are private. 

Cybercrime isn’t a uniquely American phenomenon. Recent high-profile attacks on Pemex, Mexico’s state-owned oil monopoly was hit with ransomware demanding $5 million comes just months after a similar attack on Norwegian aluminum producer Norsk Hydro. The former was offered a discount by hackers if they paid right away (which they did not) while the later refused to pay at all and has spent a reported $71 million to clean up the mess. 

On this week’s episode of CYBER24, we discuss these high-profile foreign attacks and outline some of the steps you can take to protect your business. 

Black Friday, Small Business Saturday and Cyber Monday are all coming up this week. Besides needing to carefully develop a strategy to handle all the cardboard boxes about to hit your doorstep, it is also the right time to take some important steps to protect yourself from cybercriminals looking to make their holiday season brighter at your expense. 

With the biggest online shopping days of the year starting this week, today’s CYBER24 podcast topic is online shopping and the steps you can take to protect yourself.

Our expert panel includes: 

• Anthony Booyse, Sophos
• Paul Whittier, Sophos
• Dan Schuyler, VLCM

A recent study shows that businesses that have a cybersecurity policy in place - and are willing to talk about it - are more valuable to investors. 

Having policies in place for protecting your business against cybercriminals and to protect the data you collect is critical, but so is having an incident response plan including a communication plan. That much has become a more commonly accepted position. But calibrating just how much you should say publicly can be tricky. Businesses have to balance their interests between sharing with customers and potential investors that they value a culture of cybersecurity without drawing unwanted attention from hackers looking for a challenge. 

In this week’s episode of CYBER24, we discuss the pros and cons of talking about your commitment to cybersecurity with our expert panel (Mike Hussey, executive director of the Utah Dept. of Technology Services; Phil Bates, Utah Chief Information Security Officer; and Dan Schuyler, VLCM Cybersecurity Solutions Architect). Plus, we look at the recent adventures of the President’s top cybersecurity advisor and what you should know before you take your devices in for repair. 

Over the past 10 or 15 years, something really remarkable has happened: the face of business has transformed. 

I’m not talking about the way business is done, though technology has had an impact there. I’m talking about the way most people interact with companies everyday. Two decades ago, some businesses had some kind of a website but today, many if not all customers interact with a business primarily through its website. 

We buy clothes, household supplies and even groceries online. Just recently, Amazon began to offer grocery delivery within two hours, as a matter of fact. The idea (dream?) of never having to leave the house is becoming very real. 

With so much of a business’ success depending on its website, you can bet the good guys aren't the only ones who have noticed. 

Website security is the topic for today’s episode of CYBER24.

Poor cybersecurity leads to breaches and breaches cost your business time and money. But buying the right technology to keep the hackers at bay can only be so helpful if you don’t take the time to craft the right cybersecurity strategy. 

On this week’s pod, we look at a study showing two out of every five businesses have lost money thanks to lackluster cybersecurity practices and we talk you through the questions you should ask to ensure you have the right plan in place. 

We also look at one of the easiest and least expensive things you can do to improve your cybersecurity without breaking the bank. 

Panelist
Dan Schuyler, VLCM

As data breaches and other cybersecurity incidents continue to grab headlines, it’s worth wondering whether or not the American public is growing numb to the news. 

Marriott says up to 500 million people may have been affected by a security vulnerability that may have been exploited for four years. Facebook fell victim to a sophisticated hack that exposed 50 million people. The numbers are staggering – and those are just the ones that rise to the attention of the mainstream media. 

But those flashy headlines rarely come with advice for those impacted. Other than the Equifax breach, can you recall the last time the news included steps potential victims should take to find out if they had been one of the millions of people who were impacted? Have you taken any steps to look into any of the recently reported breaches yourself?

Maybe it’s just because the impact is so often delayed. Your personal data is breached somewhere; bad guys may or may not have it; if they have it they may or may not use it; if they use it you may or may not find out about it. 

There’s a general feeling of helplessness and hopelessness. 

In this week’s episode of CYBER24, we take a look at why that may be. We also conclude our discussion with our panel of experts as we ask them what advice they would have for anyone considering a career in cybersecurity.

The post Episode 39 – Hacks at Facebook, Marriott raise eyebrows appeared first on Cyber24.

The world of cybersecurity faces some significant challenges over the next several years. In this week’s episode of CYBER24, we bring you the second part of a two-part series from the panel discussion we led at a recent cybersecurity summit hosted by VLCM. 

Our panel of experts includes: 

Matt Sorensen, Secuvant CISO
Kevin Howard, Secuvant Chief Security Architect
Trent Bond, Pluralsight CISO
Dan Schuyler, VLCM Cybersecurity Systems Architect

In this episode, we discuss the impact Artificial Intelligence (AI) could have on the cybersecurity world and if it will help the good guys or the bad guys be more effective. We also discuss the challenges associated with the Internet of Things (Iot)

If you missed part one of our discussion, you can find it in Episode 37, wherein we focus on whether businesses are getting better at cybersecurity or if, despite their efforts, the cybercriminals are evolving so fast that businesses are falling behind. We also ask the panel what they think the impact of cybersecurity regulation at the state and federal level would have on businesses and consumers.

The post Episode 38: Cybersecurity Expert Panel – Part II appeared first on Cyber24.

Businesses spend significant time building their digital defenses - and with good reason. But there’s a type of attack many overlook and it’s a combination of a physical and digital attack. Wr discuss phygital attacks with Will Plummer, chief security officer of RaySecur. 

One of those unwritten rules of cybersecurity is that you don’t brag about how good your security is. It’s more than just bad karma, it’s the type of chest thumping that can awaken the sleeping hacker giants looking for a challenge.  But last week, Jack Ma, the founder and former executive chairman of Alibaba (if […]

The post Episode 58: Never lost one cent appeared first on Cyber24.

When the legendary Green Bay Packers football coach, Vince Lombardi, opened training camp each season, he started with the basics.  “Gentlemen, this is a football.” Even with a squad full of professional football players, Lombardi knew the importance of focusing on the fundamentals.  As October is National Cybersecurity Awareness month, there’s no better time than […]

The post Episode 57: Focus on the fundamentals of cybersecurity appeared first on Cyber24.

Another week, another big hack. It may come as no surprise that millions of people play video games on their phones. Whether they are attacking pigs with chickens, rolling some old school Nintendo games or playing electronic versions of classic board games, video games are big business.  And now more than 200 million people who […]

The post Episode 56: If you played Words with Friends, you’ve been hacked appeared first on Cyber24.

Cyber warfare is at the heart of a potential U.S. response to incidents in the Middle East, according to published reports. While attacks and responses to attacks have traditionally been held on the battlefield, that battlefield is increasingly moving to the cyber world.  In this week’s podcast we discuss how the U.S. uses cyber attacks, […]

The post Episode 55: Cyber attacks as part of military responses appeared first on Cyber24.

One thing you should never underestimate? The astounding creativity of cybercriminals. As security services and our overall cybersecurity posture continue to improve, the bad guys need to come up with more and more innovative ways to get access to the data they want.  In this week’s episode of CYBER24, we take a look at a […]

The post Episode 54: Shocking hacker creativity and how your mood impacts your security appeared first on Cyber24.

Sometimes you read something and just can’t believe it. Sometimes the numbers involved in cyber breaches are just overwhelming. And then there’s this one.  The entire country of Ecuador got hacked. Not it’s biggest bank. Not its largest company. Nope. A database that had staggering amounts of data on, essentially, everyone in the entire country.  […]

The post Episode 53: An entire country gets hacked appeared first on Cyber24.

Cybercriminals have found small cities and towns to be easy targets for ransomware. In fact, 45 percent of attacks on municipalities have been aimed at cities with populations under 50,000 and a quarter of all attacks on those smaller than 10,000 residents.  One reason these smaller towns make great targets is that they hold important […]

The post Episode 52: How state government is helping Utah cities protect themselves from hackers appeared first on Cyber24.

One topic has dominated our podcast the past few weeks, and for good reason. Ransomware attacks have more than doubled this year and the majority of them have been targeted at state and local government.  According to a study by Barracuda Networks, 55 ransomware attacks targeted state and local governments from January to July of […]

The post Episode 51: Ransomware attacks double, cities frequent, soft targets appeared first on Cyber24.

As the federal and state governments have worked to enhance their cybersecurity infrastructure, cyber criminals have now seemingly set their sights on a new and, evidently, far more vulnerable target: cities and towns.  Texas learned this the hard way earlier this month when more than 20 smaller local government entities were targeted in what authorities […]

The post Episode 49: Ransomware breakout in Texas appeared first on Cyber24.

Last month, Utah Lt. Gov. Spencer Cox announced a pilot program testing the benefits of state employees teleworking showed increased productivity, reduced carbon output by eliminating the commute to an office and allows for more efficient use of state office space.  But with more employees working from home – many handling sensitive data – the […]

The post Episode 48: Protecting data when employees work remotely appeared first on Cyber24.

Cybersecurity has been a male-dominated field and that’s a problem - especially when there’s incredible demand for talent right now. In today’s episode, we discuss women in cybersecurity, mentoring and more with Lynne Doherty of Sumo Logic.

Guest
Lynne Doherty
Linkedin
Twitter

Sumo Logic

Across the country, parents are busy with back-to-school shopping while kids are squeezing every minute of rest and relaxation they can out of the final weeks of summer vacation. As schools prepare to welcome students back, many are becoming targets of hackers.  In this week’s episode of CYBER24, our panel of cybersecurity experts discusses the […]

The post Episode 47: Cyber hacks on schools lead to a state of emergency appeared first on Cyber24.

Sometimes the numbers are so big you can’t ignore them. And when two business giants are involved it gets even harder to miss. The latest headline-grabbing cyber breach involves Capitol One, a former employee of Amazon Web Services (AWS) and a breach impacting 106 million people.  On this week’s episode of CYBER24, our panel of […]

The post Episode 46: What (or who)’s in your wallet? appeared first on Cyber24.

If there’s one thing we’ve learned through two seasons of the CYBER24 podcast (besides you need to do better managing your passwords) it’s that the bad guys are always going to be a step ahead of the good guys. It’s the nature of playing defense. Just when you stop the current attack, they are already […]

The post Episode 45: Trends to watch in cybersecurity this year appeared first on Cyber24.