The Cyber Rants Podcast

Penetration tests are vital for nearly every organization to see how secure they really can be. While the demand for them is higher than ever, it can be a bit tricky on deciding whether manual penetration testing or automated penetration testing is best for you. This week, the guys answer questions and give their own advice on how to guide yourself through the world of Penetration Tests.

This week the guys discuss why it's vital for an organization to have a Network Architecture Diagrams, Network Configuration Diagrams, discuss best practices for building them (scotch can help), and explain why a little effort now will make your work life so much better.

There is a lot of talk about "proactive cybersecurity against threats" but what does that really mean and is it better than reactive? On this week's show, the guys discuss proactive versus reactive cybersecurity considerations and where to focus.

The guys talk with Haidon Storro, who brings a different point of view to corporate cyber education. Haidon is an exceptionally motivated cybersecurity professional who recently graduated college and started her career. She shares her journey from finding a passion in technology, to getting educated and finding her first full time role in the industry. It's a highly competitive market for recruiting cybersecurity professionals and Haidon’s insights are critical for employers to understand when trying to recruit junior team members.

Compliance. Internet security in business. These topics aren’t the most attractive topic to discuss but for most organizations, it's a necessity. This week, the guys discuss compliance obstacles and pitfalls, how to overcome them, plus the investment that provide the biggest returns when it comes to cybersecurity compliance. They also help you with understanding cybersecurity laws. Whether you're faced with PCI, CMMC, SOC 2 audits, GDPR, CCPA, or any other set of requirements, the fundamentals are the same and this episode is for you.

Are we losing the cybersecurity war? What does winning look like? Where does the U.S. stand on a global spectrum of cybercrime prevention? This week the guys discuss these alarming yet valid concerns.

How do you find the right cybersecurity talent when other companies can pay them more? How do you retain your cybersecurity team once you find those rockstars? Does it make sense to hire a Senior VP of IT when they will also be handling the help desk function? What about entry-level staff running critical functions?

This week, the guys discuss one of their favorite topics the comes up frequently in the Cybersecurity World: The difference between companies reaching out to meet cybersecurity compliance, rather than aligning to a secure Cybersecurity Framework, and how being compliant does not always mean being secure. The latest cybersecurity infrastructure information can give you the latest tips and tricks on which framework would be best for your company, along with their own experience on the struggles in this topic.

This week, the guys discuss a disconnect between employees working remotely and their corporate IT departments hindering productivity for both parties, along with how the debate between IT providers leaning towards a self-service model for IT help. The newest cybersecurity team models are discussed along with tips for company-wide cybersecurity.

Zach, Lauro, and Mike welcome 2021 by diving into one of their favorite topics, Cybersecurity Implementation Models. They discuss the different ways companies build cybersecurity programs and considerations to find right method for your organization. Whether you're considering a DIY approach, hiring a cybersecurity firm, or getting a vCISO, this episode rants about the types of cybersecurity along with the pros and cons of each.