Log in

goodpods headphones icon

To access all our features

Open the Goodpods app
Close icon
headphones
Unmasked

Unmasked

Assura, Inc.

A bi-monthly show focusing on cybersecurity, hacker news with a lighter side. Unmasked is a look behind the cyber professionals and will spotlight teammates, community advocators and businesses to give insight to how cybersecurity affects everyone.
Brought to you by Assura. Where the superheroes of cybersecurity provide a clearer understanding of the threats we face in our digital world.
With Host:
Paul Blacker
Web:
https://www.assurainc.com/

bookmark
Share icon

All episodes

Best episodes

Seasons

Top 10 Unmasked Episodes

Goodpods has curated a list of the 10 best Unmasked episodes, ranked by the number of listens and likes each episode have garnered from our listeners. If you are listening to Unmasked for the first time, there's no better place to start than with one of these standout episodes. If you are a fan of the show, vote for your favorite Unmasked episode by adding your comments to the episode page.

Curious about how a 23-year Air Force veteran transitions into a leading role in network security? Join us as we chat with Dave Mizell, the Managing Director of Defensive Cybersecurity at Assura, Inc. Cybersecurity. Dave opens up about his initial experiences in a Security Operations Center (SOC) and the rapid learning curve he faced. You'll hear firsthand about the day-to-day operations and challenges his lean, yet highly effective team encounters while ensuring 24/7 security coverage. Plus, get the inside scoop on how advancements in Security Incident and Event Monitoring (SIEM) systems have transformed threat detection and analysis.
Ever wondered how sophisticated phishing attacks have become and the best strategies to combat them? Dave breaks it down, revealing how AI tools like ChatGPT are making fraudulent emails harder to spot and why multi-factor authentication is more crucial than ever. We also discuss the role of human awareness and training in cybersecurity, while acknowledging the limitations posed by human error. Dave offers practical advice on what to do if your organization gets hacked, stressing the importance of network segmentation, protecting critical assets both on-premises and in the cloud, and the immediate steps to take post-breach.
For those looking to enter the cybersecurity field or enhance their skills, this episode is packed with invaluable insights. Dave shares effective training models, emphasizing hands-on exercises like tabletop and disaster recovery training for real-world readiness. He also offers career advice, highlighting the significance of curiosity and investigative skills over mere experience. To wrap things up, we take a nostalgic trip back to the early days of computer gaming, discussing how those experiences can ignite a passion for technology and cybersecurity. Plus, we pay tribute to the amazing skill of Navy pilots and the challenges they face, rounding off with a heartfelt thank you to Dave for his incredible insights and time.

bookmark
plus icon
share episode

Unlock the secrets to revolutionizing your cybersecurity strategy with insights from Bill McInnis of Nucleus Security. Journey through Bill’s extensive career, spanning over two decades and multiple sectors including email security and threat intelligence, and learn how he spearheaded groundbreaking changes since joining Nucleus in 2021. Discover the innovative model Nucleus employs to shift vulnerability management focus from triage to fixing issues, and get acquainted with Bill’s triangle model—"What do you got? What do you know? How do you touch it?"—which emphasizes a deep understanding of one's environment for effective mitigation.
Navigate through the complexities of cybersecurity challenges and solutions with us as we dissect the 1-4-95 rule that categorizes teams based on their cybersecurity readiness. Bill shares his invaluable advice on fostering a functionally inquisitive mindset that can drastically improve how vulnerabilities are identified and addressed. Hear firsthand how Nucleus integrates various data sets and automates processes to save time and make up for the lack of manpower, and gain insights into addressing the unique vulnerabilities faced by educational institutions.
Finally, explore the strategic growth of Nucleus Security, a company that emerged from the Department of Defense intelligence community. Bill delves into how Nucleus helps organizations manage vulnerabilities efficiently during critical events like the Log4J vulnerability and underscores the significance of building strong customer relationships. From fostering practical solutions to creating efficiencies, this episode provides a comprehensive look at how Nucleus is setting industry standards with its Fed-ramped, multi-tenant solution, and how it continues to evolve while maintaining a focus on competency and customer engagement.

bookmark
plus icon
share episode

In the latest Unmasked episode, we're taking a deep dive into August headlines, unpacking all the threats and vulnerabilities that lurk in our digital realm. We're covering some major ground, from the Burger King data breach to unsettling cyber attacks on hospital EMR systems.

Join us as we also get into the nitty-gritty of credential-stuffing attacks, exploring the quirky world of threat group naming, and delving into the intriguing realm of side channel attacks – it's like something out of a spy movie!

Cybersecurity is like a never-ending puzzle, always evolving. So, keep your eyes peeled, stay informed, and remember that things are rarely straightforward in the world of cybersecurity!

You can subscribe to Unmasked wherever you get your podcasts.

Show notes

Headlines for beginning of August

New 'Deep Learning Attack' Deciphers Laptop Keystrokes with 95% Accuracy (thehackernews.com)

bookmark
plus icon
share episode
Unmasked - Breaches, Scams, and Countdown to DEFCON
play

08/04/23 • 40 min

Welcome to the latest episode of Unmasked. In this episode, we dive into the end of July headlines, covering a class action lawsuit against John Hopkins following a major data breach, emphasizing the need for better data handling and security practices. We also explore the complexities of IoT device regulation, questioning the absence of tech giants like Apple and Microsoft in this area. The episode educates listeners on online scams and provides essential tips to avoid falling victim to phishing tactics. Additionally, it stresses the importance of timely software updates and informed decision-making to enhance cybersecurity in the digital realm. All this and the building anticipation of the upcoming DEFCON.
Episode 3 show notes:
Headlines for the end of July

  • John Hopkins- Hit with Class Action Lawsuit connected to data breach
    • Filed by the patient named Pamela Hunter, alleges that Hopkins "failed to properly secure and safeguard" patients' personal and medical information.
    • If based on original MoveIT breach- not their fault/ hard to prove
    • If plaintiff can prove negligence, then potential cancelation of cybersecurity insurance policy etc.
  • Biden Administration is tackling smart devices with a new label
    • US Cyber Trust Mark- would require smart products to meet certain thresholds, including ongoing software security support, to qualify for the program
    • FCC says the mark will signify that the devices meet/ and maintain certain standards
    • Main devices would be smart home appliances, TV's, climate controllers, but also list smart fitness tracker
    • Mark would be a shield – indicating that that device is meeting the standards
    • Participating manufactures and retailers are: Amazon, Google, Samsung, Logitech, Best Buy
  • Back to School Scams- Amazon Releases Scam warning email to all customers
    • Unexpected calls, texts, emails that refer to costly membership fees going up if you do not act now...
    • Issues with your membership- asking for bank account/ payment info
    • Amazon issues warnings:
      • Trust Amazon –owned channels
      • Beware of false urgency
      • Never pay over the phone
      • Verify links first
  • Apple fixes new Zero Day threat
    • Apple is aware of a report that this issue may have been actively exploited," the company said in an advisory describing a WebKit flaw tracked as CVE-2023-37450 that was addressed in a new round of Rapid Security Response (RSR) updates earlier this month.
    • The other zero-day patched today is a new Kernel flaw tracked as CVE-2023-38606 that was exploited in attacks targeting devices running older iOS releases.
    • exploited against versions of iOS released before iOS 15.7.1
  • DEFCON – Mark to interview industry folks while out in Las Vegas this week
bookmark
plus icon
share episode

Discover the ins and outs of cybersecurity compliance as Bryan Carnahan joins me, Paul Blacker, to dissect the transition to Virginia's SEC 530 standard, a critical move for state agencies and their vendors. As the March 31st deadline approaches, we reveal how falling behind can result in more than just cyber vulnerabilities; it could lead to nightmarish audits and shaky cyber insurance. With Bryan's expertise in governance, risk, and compliance, we shine a light on the alignment of SEC 530 with NIST's security controls, offering an insider's perspective on creating fortresses out of digital infrastructures.
Get ready to rewrite your approach to cybersecurity preparedness. You'll understand why assuming "it's not a matter of if, but when" isn't just cautious—it's crucial. Our conversation pivots to the invaluable role of fractional CISOs, those strategic maestros who guide organizations through the maze of regulatory demands, balancing security with business growth. Whether it's crafting an incident response plan or aligning with regulations like HIPAA and PCI DSS, we cover how these experts ensure your cybersecurity measures are not just up to date, but are paving the way forward.
Lastly, the unique cybersecurity tangles of higher education take center stage. Whether it's tackling public state or private university challenges, we emphasize the need for comprehensive assessments and robust defenses, from multi-factor authentication to shoring up against social engineering. We stress the importance of continuous improvement, from routine vulnerability scans to advanced penetration tests, ensuring every organization can leapfrog from basic protocols to cutting-edge security measures. With our guidance, say goodbye to burying your head in the sand and hello to informed compliance and ironclad risk mitigation strategies.

bookmark
plus icon
share episode

Ever wondered how a young entrepreneur juggles the fast-paced world of tech sales and the demands of higher education? Meet Will Melton, the dynamic CEO of Exponent 21, who shares his fascinating journey from childhood ventures to helming a thriving company by the age of 20. Will's knack for marketing and creativity shines through as he discusses his early business endeavors, the challenges he faced while living in Connecticut, and how he managed to keep his client relationships intact amid life's twists and turns. His story is one of resilience and continuous learning, providing a treasure trove of insights for aspiring entrepreneurs.
The digital marketing landscape has transformed dramatically from 2011 to 2024, and Will provides a detailed chronicle of this evolution. Remember the days when businesses could thrive effortlessly with Google Ads? That’s ancient history now. Will discusses how the field has grown fiercely competitive and heavily automated, with AI playing a crucial role. Yet, amidst this technological advancement, he emphasizes the enduring importance of a robust brand presence and human ingenuity in campaign management. This segment is a must-listen for anyone navigating the complexities of modern marketing.
Tackling sustainability head-on, we explore Will's ambitious project of creating a sustainable water brand in Richmond. From pioneering refillable aluminum bottles to installing interactive outdoor refill stations, this venture aims to redefine how we think about consumption and waste. Will also dives into the broader implications of AI in marketing strategies, the psychological aspects of user experience, and Exponent 21's future goals, including video production and franchising Richmond Water. This episode is packed with innovative ideas and practical solutions for those passionate about sustainability and cutting-edge marketing practices. Engage with us on LinkedIn for more insights!

bookmark
plus icon
share episode

Ever wondered what it takes to transition from a routine job to leading a successful company? Join us for a compelling conversation with Greg Samuels, CEO of Salveria, as he shares his extraordinary journey from an application developer at Circuit City to founding his own thriving business. Greg opens up about the hurdles of frequent travel, the balance between career and family, and the serendipitous moments that guided him towards entrepreneurship. You'll hear firsthand how a pivotal layoff turned into an opportunity that redefined his professional life, leading to the creation of Salveria.
Curious about the rising importance of information security in today’s business landscape? This episode covers the critical necessity of integrating security from the get-go. Businesses have been increasingly aware of the need for dedicated information security roles and thorough security audits since 2015. Greg discusses the often reactive approach companies take towards security and shares real-world scenarios that underline the importance of proactive measures. Learn practical strategies for advocating for security investments, especially in sectors where regulatory pressures might be light, and how these investments can build lasting customer trust.
Budgeting for cybersecurity isn't just an IT concern—it’s a business imperative. We dig deep into the financial aspects of securing sensitive data, from the staggering costs of data breaches to the evolving nuances of cybersecurity insurance. Greg offers invaluable advice for CIOs on securing budget allocations and effectively communicating these needs to top leadership. We also explore the transition from IT management to executive roles, emphasizing the importance of understanding core business operations. Hear stories that highlight the outdated technology landscape in sectors like healthcare and the crucial role of aligning technology with business processes. This episode is a treasure trove of insights for anyone looking to bridge the gap between IT and executive leadership.

bookmark
plus icon
share episode

Ever wondered how safe your digital life really is? Prepare to open your eyes to the unseen dangers lurking in your inbox and online transactions. Welcome to our latest episode of Unmasked, where the superheroes of cybersecurity provide a clearer understanding of the threats we face in our digital world.
In this compelling episode, we dive deep into the ever-present threats of phishing attacks, remote work risks, and take a closer look at the MOVEit platform data breach and its implications for organizations beyond just MOVEit. In addition, we have a very special event on our show. Join us as we welcome our first guest, Assura's Offensive Security Operations Technical Director, Nick Berrie. We sit down with Nick and discuss the highly anticipated DEFCON 2023 hacker conference. We share our excitement about this unique networking opportunity and the wealth of insights from industry experts. Beyond the business side, we also dish on the fun aspects of DEFCON, from the diverse food scene to the overall Las Vegas experience.
This is your chance to dive into the deep end of cybersecurity. Come hang out with us!

bookmark
plus icon
share episode

Discover the thrill of victory and the fascinating challenges faced in the world of cybersecurity competitions with the Lovely Ladies, an all-female champion team from the University of Richmond. Maggie and Leah join us to share their journey through the Capture the Flag event, providing rare insights into what drives a team to success in this high-stakes arena. They shed light on the camaraderie and the strategic thinking that powered them through tasks like cryptography and SQL injection, and how tools like Wireshark became their allies. Their story is not just about winning; it's a testament to how cybersecurity contests like CTF can be a playground for education, team dynamics, and, above all, fun.
Then, we switch gears and discuss the rising interest in cybersecurity, sparked by real-world events like data breaches that resonate with many of us, including one of our guests affected by the AT&T incident. The conversation takes a turn into the educational trenches, highlighting the hands-on learning that takes place in computer security classes—from reverse engineering to understanding password security best practices. We also peek behind the curtain at the administrative effort that goes into making such events a reality at the University of Richmond, and the impact they have on fostering a culture of cybersecurity awareness. The episode wraps up with a reflection on past successes, and the excitement building up for the next CTF event, promising even greater challenges and triumphs.

bookmark
plus icon
share episode

Unlock the secrets to navigating the ever-evolving world of cybersecurity and commercial insurance with expert insights from Alan Delahunty of McGriff Insurance. Discover how the complexity of cyber threats is reshaping insurance policies and learn why multi-factor authentication and other security measures are now industry standards. We promise you'll walk away with a deeper understanding of data breaches, identity theft, and the critical need for continuous risk assessment in today's digital landscape.
Peek behind the curtain of cyber insurance policies and uncover the customizable solutions tailored to your industry's specific vulnerabilities. Alan breaks down the nuanced differences between cyber insurance and more straightforward policies like workers' compensation, shedding light on the importance of proactive cyber hygiene and the storytelling required to secure favorable terms from insurance companies. Learn the initial steps businesses should take to ensure they are adequately covered, and why understanding your unique challenges and future outlooks is crucial.
Finally, explore the practical steps involved in implementing robust cybersecurity policies within your organization. From the evolution of multi-factor authentication to the financial considerations of proactive measures versus the staggering costs of ransomware attacks, we cover it all. Alan shares his expertise on balancing costs and security needs, emphasizing the necessity of ongoing education and vigilance against ever-changing cyber threats like QR code manipulation and sophisticated phishing scams. Don't miss this essential guide to staying ahead in the relentless battle against cybercrime.

bookmark
plus icon
share episode

Show more best episodes

Toggle view more icon

FAQ

How many episodes does Unmasked have?

Unmasked currently has 21 episodes available.

What topics does Unmasked cover?

The podcast is about Podcasts, Technology, Cyber, Business, Hacker and Cybersecurity.

What is the most popular episode on Unmasked?

The episode title 'Special Guest: Bryan Carnahan, Director of Governance, Risk and Compliance' is the most popular.

What is the average episode length on Unmasked?

The average episode length on Unmasked is 37 minutes.

How often are episodes of Unmasked released?

Episodes of Unmasked are typically released every 18 days, 7 hours.

When was the first episode of Unmasked?

The first episode of Unmasked was released on Jul 12, 2023.

Show more FAQ

Toggle view more icon

Comments