SCWEpisode8

From Paul's Security Weekly
Revision as of 15:20, 26 November 2019 by Jeff (talk | contribs)
Jump to: navigation, search

Recorded on November 26, 2019, @G-Unit Studios in Rhode Island!

Hosts

  • Jeff Man
    Cryptanalyst,
    infosec analyst, pioneering ex-NSA pen tester, PCI specialist,
    Tribe of Hackers, & InfoSec Curmudgeon.
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Scott Lyons
    CEO at Red Lion
    MISTI Instructor
    Patent Holder
  • Announcements

    • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
    • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
    • We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting securityweekly.com/subscribe and clicking the button to join the list! You can also submit your suggestions for guests by going to securityweekly.com/guests and submitting the form! We'll review them monthly and reach out if they are a good fit!
    • Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.

    Tech Segment: "Security & Compliance at Small/Medium Sized Businesses"; Presented by Russell Mosley, TISTA Science & Technology Corporation and Jim Nitterauer, Zix, AppRiver

    Russell Mosleyis the Chief Information Security Officer at TISTA Science & Technology Corporation
    Russell has nineteen years' experience in IT and information security operations and management, audit and compliance, and is CISO for a rapidly growing government IT contractor. Russell holds degrees from UMBC, UMUC, and Towson University, as well as CISSP, PMP, ITIL, and several vendor certifications. Russell has presented talks on small-medium size business security topics at BSides Charm, Chicago, Las Vegas, Rochester and at NolaCon and the defcon Blue Team Village. Russell is a member of the board of directors for BSides Charm and volunteers at BSides DC and the defcon Blue Team Village.

    Jim Nitterauer is currently a Senior Security Engineer at AppRiver, LLC. a Zix company, his team is responsible for global network deployments and manages the SecureSurf global DNS infrastructure and SecureTide global spam & virus filtering infrastructure as well as all internal applications.Jim has presented at NolaCon, ITEN WIRED, BSides Las Vegas, BSides Atlanta, BSides San Francisco, CircleCityCon, DEF CON, DerbyCon, CypherCon, HackerHalted and several smaller conferences. He has presented training classes at CircleCity Con and BSides San Francisco. He is a regular contributor to the Tripwire Blog and Peerlyst. He regularly attends national security conferences and is passionate about conveying the importance of developing, implementing and maintaining security policies for organizations. His talks convey unique and practical techniques that help attendees harden their security in practical and easy-to-deploy ways.

    Segment Topic:
    Small Business Security Programs & Compliance

    Segment Description:
    Russell and the team will discuss security and compliance specifically for small businesses where Russell has been responsible for audit and compliance including NIST 800-171, 800-53 (FISMA) and SOC, and how to achieve decent security and meet compliance requirements with limited staff and resources.

    Jim Nitteraueris the Senior Security Engineer at Zix, AppRiver
    The team also manages security operations. Jim works directly with the CISO helping to bring the Zix compliance standards to AppRiver's services. He holds the CISSP and CISM certifications in addition to a Bachelor of Science degree with a major in biology from Ursinus College and a Master of Science degree with a major in microbiology from the University of Alabama. He is a 2000 graduate of Leadership Santa Rosa and a 2001 graduate of Leadership Pensacola. He is well-versed in ethical hacking and penetration testing techniques and has been involved in technology for more than 25 years.

    Jim is a senior staff member with BSides Las Vegas, a member of the ITEN WIRED Planning Committee and the President of the Florida Panhandle (ISC)2 Chapter. He served as President and CEO of GridSouth Networks, LLC, a joint venture between Creative Data Concepts Limited Inc. and AppRiver, LLC., and founded Creative Data Concepts Limited, Inc.

    He stays connected with the InfoSec and ethical hacker community and is well-known by his peers. In addition to his work at AppRiver, he devotes his time to advancing IT security awareness and investigating novel ways to implement affordable security controls. When not at the computer, Jim can be found working out, playing guitar, traveling or just relaxing with an adult beverage.

    Segment Two: Discussion and Q/A - 12:30-1:00PM


    Security & Compliance News of the Week

    Jeff's Stories

    Matt's Stories

    Josh's Stories

    Scott's Stories

    https://www.theguardian.com/technology/2019/nov/24/tim-berners-lee-unveils-global-plan-to-save-the-internet