SCWEpisode8

From Paul's Security Weekly
Revision as of 15:44, 26 November 2019 by Jeff (talk | contribs) (Tech Segment: "Security & Compliance at Small/Medium Sized Businesses"; Presented by Russell Mosley, TISTA Science & Technology Corporation and Jim Nitterauer, Zix, AppRiver)
Jump to: navigation, search

Recorded on November 26, 2019, @G-Unit Studios in Rhode Island!

Hosts

  • Jeff Man
    Cryptanalyst,
    infosec analyst, pioneering ex-NSA pen tester, PCI specialist,
    Tribe of Hackers, & InfoSec Curmudgeon.
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Scott Lyons
    CEO at Red Lion
    MISTI Instructor
    Patent Holder
  • Announcements

    • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
    • Attend RSA Conference 2020, February 24-28 in San Francisco, CA! Visit securityweekly.com/rsac2020 to sponsor an interview with us on-site at the conference or register using our code to save $150!
    • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!

    Tech Segment: "Security & Compliance at Small/Medium Sized Businesses"; Presented by Russell Mosley, TISTA Science & Technology Corporation and Jim Nitterauer, Zix, AppRiver

    Russell Mosleyis the Chief Information Security Officer at TISTA Science & Technology Corporation
    Russell has nineteen years' experience in IT and information security operations and management, audit and compliance, and is CISO for a rapidly growing government IT contractor. Russell holds degrees from UMBC, UMUC, and Towson University, as well as CISSP, PMP, ITIL, and several vendor certifications. Russell has presented talks on small-medium size business security topics at BSides Charm, Chicago, Las Vegas, Rochester and at NolaCon and the defcon Blue Team Village. Russell is a member of the board of directors for BSides Charm and volunteers at BSides DC and the defcon Blue Team Village. Russell oversees IT operations and information security, which includes incident response, disaster recovery, and continuity of operations planning. He advises the board of directors, partners, and customers on information security, risk management, and compliance, and ensures the company maintains NIST SP 800-53 system ATO and compliance with FISMA, NIST, SSAE-18 SOC IT operations and security requirements. Russell earned a B.A. in Political Science from UMBC, a B.S. in Information Technology from UMUC, and an M.S. in Applied Information Technology from Towson University. He has also earned a CISSP, PMP, ITIL, and several IT vendor certifications. Russell is a conference organizer with Security BSides and the DEF CON Blue Team Village and frequently presents on information security and compliance topics.

    Jim Nitterauer is currently a Senior Security Engineer at AppRiver, LLC. a Zix company, his team is responsible for global network deployments and manages the SecureSurf global DNS infrastructure and SecureTide global spam & virus filtering infrastructure as well as all internal applications. The team also manages security operations. Jim works directly with the CISO helping to bring the Zix compliance standards to AppRiver's services. He holds the CISSP and CISM certifications in addition to a Bachelor of Science degree with a major in biology from Ursinus College and a Master of Science degree with a major in microbiology from the University of Alabama. He is a 2000 graduate of Leadership Santa Rosa and a 2001 graduate of Leadership Pensacola. He is well-versed in ethical hacking and penetration testing techniques and has been involved in technology for more than 25 years. Jim has presented at NolaCon, ITEN WIRED, BSides Las Vegas, BSides Atlanta, BSides San Francisco, CircleCityCon, DEF CON, DerbyCon, CypherCon, HackerHalted and several smaller conferences. He has presented training classes at CircleCity Con and BSides San Francisco. He is a regular contributor to the Tripwire Blog and Peerlyst. He regularly attends national security conferences and is passionate about conveying the importance of developing, implementing and maintaining security policies for organizations. His talks convey unique and practical techniques that help attendees harden their security in practical and easy-to-deploy ways. Jim is a senior staff member with BSides Las Vegas, a member of the ITEN WIRED Planning Committee and the President of the Florida Panhandle (ISC)2 Chapter. He served as President and CEO of GridSouth Networks, LLC, a joint venture between Creative Data Concepts Limited Inc. and AppRiver, LLC., and founded Creative Data Concepts Limited, Inc. He stays connected with the InfoSec and ethical hacker community and is well-known by his peers. In addition to his work at AppRiver, he devotes his time to advancing IT security awareness and investigating novel ways to implement affordable security controls. When not at the computer, Jim can be found working out, playing guitar, traveling or just relaxing with an adult beverage.

    Segment Topic:
    Small Business Security Programs & Compliance

    Segment Description:
    Russell and Jim will discuss security and compliance specifically for small businesses where they have been involved with audit and compliance including NIST 800-171, 800-53 (FISMA) and SOC, and how to achieve decent security and meet compliance requirements with limited staff and resources.

    Jim Nitteraueris the Senior Security Engineer at Zix, AppRiver


    Segment Two: Discussion and Q/A - 12:30-1:00PM


    Security & Compliance News of the Week

    Jeff's Stories

    Matt's Stories

    Josh's Stories

    Scott's Stories

    https://www.theguardian.com/technology/2019/nov/24/tim-berners-lee-unveils-global-plan-to-save-the-internet