Hashtag Realtalk with Aaron Bregg

A few years ago, the topic for the 3rd episode for the #RealTalk with Aaron Bregg podcast about Diversity

And Inclusion in the Cybersecurity Industry. To this date it is one of the most downloaded episodes. Since that episode was publish a LOT has changed in the world. I felt that it was time to revisit the topic but with a little bit of a twist. The need for a twist comes from the fact that DEI in cybersecurity still where it needs to be.

As luck would have it I had met Angela Hill a few years back when Matt Nelson and I were looking to have her as a keynote speaker. While due to scheduling issues it didn't work out, it did lead to this moment.

Join me as I have a #RealTalk conversation about 'Rethinking DEI' and more specifically focusing on Latinas in Cybersecurity. Angela Hill from Palo Alto Networks, Samantha Bolet. from TikTok, Vanessa Morales. from NBC Universal who are some of the co-founders of Latinas In Cyber challenge me and themselves into taking a different approach to solving this problem.

Talking Points:

• What kind of restrictions do you run into? E.g. Cultural roadblocks, etc.
• What issues do you run into when it comes to showcasing your 'real world' experience?
• The importance of having a security 'brand' - Vanessa
• How do we need to change our approach to DEI?
• The importance of DEI in academia and starting to embrace creativity - Sam

A HUGE thanks to SevCo, Cadre and NetSPI today the podcast donated $500 to support Latinas in Cyber!

In the inaugural episode to the series we take a look back at the state of cybersecurity in 2019. I also talk about different things that these companies could have done differently to avoid issues like this in the future.

*Disclaimer* While this episode deals with an incredibly important topic, there are potential dangers in doing this type of work. PLEASE do your homework and be well prepared should you go down this path, as your life can be impacted with a wrong turn.

In this episode, which is the first of a listener requested one around technical topics.

With cybercrime and threat actor activity on the rise, it is more important than ever to understand the dark web and monitor it for potential risks or signs of a breach. There are several tools and intel providers that can do this, but they’re not cheap. So why don’t we just do it ourselves?

Python can handle simple tasks surrounding dark web scanning and offers more customization for complex tasks. Using strictly free open-source libraries and any system you have available, you can set up an automated scanner and detect threats as they arise.

Scan for IP addresses, potentially compromised emails, crypto addresses, and any regex patterns that you desire. Map your findings to the most relevant onion sites and get an understanding of where your adversaries tend to operate. This is just a start. From here, you can go almost anywhere.

Episode Charity:

Proceeds from this episode's sponsorship will be going towards the Baker-Bonsai Friendship Fund. Bruce Baker was a great bonsai tree artist and along with Deal Bull, helped make the art of bonsai be something wonderful that can be shared for future generations at the Frederik Meijer Gardens.

Episode Sponsor:

Cloud Security Alliance of West Michigan

Talking Points:

• Why is it important that you at least have a basic understanding of the Dark Web is you are in the Small and Medium sized Business (SMB) space.
• Pros and Cons of Build vs Buy
• What safeguards do you want when out in the fringes?
• What are the mental health aspects of doing this type of work? How manage those pressures?
• What are Seed URLs?
• How to use Dark Web templates for scanning.

Description credit to GrrCon

In this special Pre-Cloud Con episode we mix things up a little. Rather than joining me as a co-host, the Cloud Security Alliance of West Michigan's own Anthony Coggins, sits on the other side of the mic. He along with the ever knowledgeable Tim O'Connor, discuss the current state of cybersecurity insurance in 2022.

Anthony is the Senior Manager of the Security Operations Team at Grand Rapid's own rocket ship insurance company, Acrisure. Tim is the Manager of Knowledge Services at Cadre Information Security.

Talking Points:

• What does the industry look like today and why does it look that way?
• What do you need to know when you are filling out the forms?
  • Do customers truly understand the questions being asked
  • Is the form an indicator of the maturity of the insurance carrier? (Tim talks about the differences in the 20+ insurance forms he has on his desk)
• Did you know you can carry supplemental insurance like Home and Auto insurance? (Anthony talks about Ransomware Supplemental Form)
• Is it true insurance carriers lower rates if you have 'X' cybersecurity solution in your ecosystem?

Episode Sponsor:

This episode is sponsored by Cadre Information Security. Cadre is a trust security partner based out of Cincinnati, Ohio and has been a long time supporter of the podcast. As always, parts of the sponsorship fee goes to Michigan charities.

In this the 3rd annual holiday fundraiser podcast episode, I talk with Kam Amir and Brenden Morgenthaler about what enterprise logging will look like in 2023. Kam is the Director of Technical Alliances for Cribl. Brenden is an Enterprise Architect for CDW.

Talking Points:

Kam has developed a formula for getting the most value from your setup using the three 'Vs':

• Variety
• Value
• Velocity

This allows for you to get more freedom to get valuable data into your platform.

Brenden talks to real life uses cases like:

• Grouping Meta Data for things like charge back,
• How do you setup threshold rules to help with crashing clusters
• Auditing Kerberos events issue

Podcast Sponsors:

This holiday event raised funds for 3 great causes:

• Toys for Tots
• STEM Greenhouse
• Grand Rapids Community College Girls STEM Scholarship

Many thanks to Cribl, CDW and Custom Business Solutions for helping us raise over $1,000 for charity!