In this episode, Kip Boyle and Jason Dion delve into the concept of the separation of privilege as a vital component of their series on security architecture and design principles.
Jason and Kip talk about how the separation of privilege illustrates its significance through real-world examples. They also help showcase its application in technologies, military operations, and financial transactions.
In this episode, Kip Boyle and Jason Dion discuss the importance of cybersecurity in the current digital landscape and focus on comparing two different standards: The NIST Cybersecurity Framework and the CIS Top 18.
The NIST Framework was created to assist organizations in becoming cyber resilient and offers an adaptable and comprehensive approach to cyber risks. The CIS Top 18, on the other hand, provides an actionable and practical checklist of controls that is prioritized and sequenced.
In this episode, Kip and Jason cover the Security Design Principle of “Least Common Mechanism”.
The Lease Common Mechanism is the ninth security design principle and focuses on how you can best protect older, legacy systems in large organizations and within the government.
Security Design Principle #9 is a crucial concept in the field of cybersecurity. It advocates for minimizing the amount of mechanisms shared by different users or processes, thereby reducing the chances of a security breach. This principle is rooted in the idea that shared resources or functionalities can become potential vulnerabilities, especially if they are used by multiple entities with varying levels of trustworthiness.
In this episode, Kip and Jason jump into answer questions directly from our listeners!
We share valuable advice and insights into starting and advancing in the cybersecurity field by addressing ways to overcome some common challenges such as imposter syndrome, applying skills from diverse industries, and filling employment history gaps.
Further, you will get some guidance on gaining relevant experience, understanding job roles, tackling age bias, and displaying self-confidence to potential employers.
In this episode, Kip and Jason delve into the specific security design principle of Open Design.
Open Design does not equate to open-source software but refers to transparency in revealing the mechanisms and inner workings of security controls.
The hosts discuss the misconceptions surrounding Open Design, emphasizing that it does not require disclosing source code but rather the transparency of security mechanisms. They also stress that Open Design encourages outsiders to review and provide feedback, ultimately enhancing the security of the system.
In this episode, hosts Kip Boyle and Jason Dion discuss the topic of ageism in cybersecurity careers. They address a listener’s question about whether it is too late for a career change into cybersecurity at the age of 60-65. The hosts acknowledge that ageism does exist in the industry, but they provide tips and strategies for older individuals to overcome this challenge.
In this episode, we are returning to the Security Design Principles series, this time with Complete Mediation.
Complete mediation means the system checks the user trying to access a file or perform an action is authorized to access this file or perform this action.
In this episode, we discuss a critically important topic which is Selfcare.
Cybersecurity is a great career, however it is not 100% stress free, burning out and working yourself into oblivion is very common. In this episode our hosts Jason and Kip give you some tips to make sure you have your selfcare in check.