The Cyber Rants Podcast

This week, the guys reconvene after a mini-hiatus and talk about some topics and tips in the news today such as 

• Goodwill Ransomware Hacking
• Safe Browsing - the hidden dangers people need to know
• A word to the wise about Wordpress (even though they supposedly "don't talk about wordpress")

Is there really such a thing as "offense" in cybersecurity? This week, the guys discuss how it's possible to proactively protect organizations against criminals and how to identify potential attacks so you can stop them before it's too late. They share the realities of offensive cybersecurity and "hacking back."

Think that cybersecurity is all about protecting data and achieving compliance? Think again! This week the guys share real-world examples about cybersecurity ROI and companies using cybersecurity to grow revenue, create a competitive advantage, and become market leaders! Learn how to use your cybersecurity program to create an outstanding return on investment!

This week, the guys continue to walk through the NIST Cybersecurity Framework, by discussing the Detect, Respond, and Recover control categories. They rant about logging, SIEMs, and incident response when you're facing a worst case scenario.

A cybersecurity framework is the foundation of any good cyber risk management program but many people are not familiar with what a framework really is and what they include. This week the guys reveal the importance of following an industry-recognized cybersecurity framework and begin walking through the National Institute of Standards & Technology Cybersecurity Framework (NIST CSF) as an example. You'll understand why cyber risk management is not a mystical "make it up as you go" approach but a series of cybersecurity methods with easy to access, readily available guidance.

This week, the guys discuss healthcare cybersecurity. From medical facilities and laboratories, to MedTech, benefits companies, and healthcare services firms, the medical world faces its own set of challenges. The guys share thoughts and strategies around HIPAA cybersecurity compliance, dealing with deprecated medical technologies, and assessment practices to protect your healthcare company.

This week, the guys discuss physical security controls (and lasers) to ensure that your organization is both secure and compliant! Cybersecurity doesn't stop at technology implementation. If you follow NIST 800-171, CMMC, PCI-DSS, or a number of other compliance requirements, you'll need physical security consulting to help secure your premises to protect systems and data. Hear what the guys have to say about implementing effective physical security controls.

This week, the guys are joined by Eric Adams, experienced CISO and FedRAMP Strategist discuss what precisely is FedRAMP, its relation with cloud security standards, and why should organizations consider it for their structure, as well as the steps to make it happen. 

This week, the guys deviate a little from the usual format and discuss some of the latest Cybersecurity trends, and rant on what's on their minds, no matter how off-topic it may be! Let's get into some of what we're seeing, including the wild and wacky!

It's a wild market for cybersecurity services, often confusing buyers and selling companies less than ideal solutions. The question is, between MSSP, vCISO, and cybersecurity program development, what is the best fit for your organization's needs? This week, the guys discuss the pros and cons of the common services to help you understand the best fit. From Managed Security Services Providers (MSSP) and Virtual Chief Information Security Officers (vCISO), to remote security teams and tailored Cybersecurity Program Development solutions, this episode covers the critical considerations for selecting the right cybersecurity service partner.