EP 92: Password Managers

In this short episode, our hosts Jason Dion and Kip Boyle discuss the critically important topic of password managers.

In the beginning, Jason quickly describes password managers, their use cases, and how they work highlighting both the security and convenience aspects of using a password manager.

Listen Now »

EP 91: Mobile Device Security with Haseeb Awan

In this episode, our host Kip Boyle interviews Haseeb Awan, CEO of Efani Secure Mobile, to discuss the latest risk in mobile security and look at how Haseeb got into the cyber world.

In the beginning, Haseeb tells the story of how his phone number was compromised not once, not twice, but three times, with basically the same type of attack and how that forced him into cybersecurity.

Listen Now »

EP 89: Getting My First Job in Cybersecurity with Ayub Yusuf

In this episode, our host Jason interviews Ayub Yusuf (@WhiteCyberDuck) about how he got into the cybersecurity industry.

This time, we go over a very common case where people tend to study something in college that does not relate to cybersecurity and then shift over to the Cyber world after graduation.

Ayub mentions that you are going to have to deal with a lot of silence and rejections when applying for your first job and that it took him 134 applications to get only 5 interviews.

Listen Now »

EP 88: The CIA Triad – The Basis of Cybersecurity (Authentication)

In this episode we arrive at the end of our five-part series talking about the CIA NA Pentagram, this time discussing the last pillar, Authentication.

Authentication is always associated with passwords and how you can prove that you are who you say you are.

When you hear Authentication, always have things like tokens, digital certificates, multi factor authentication or two factor authentication in mind but remember that Authentication will keep changing and evolving over the years and new ways, techniques or protocols could be introduced to the field.

Listen Now »

EP 87: The CIA Triad – The Basis of Cybersecurity (Nonrepudiation)

In the fourth video of this five-part series discussing the CIA-NA pentagram, Kips and Jason talk about nonrepudiation.

In simple terms, nonrepudiation means you can’t say you didn’t do the thing that you did.

Jason and Kip go over some examples of nonrepudiation in both the physical realm and the digital world highlighting that you should always use some type of example when you’re asked about a specific term like nonrepudiation.

Listen Now »

EP 86: The CIA Triad – The Basis of Cybersecurity (Availability)

In this episode, Kip and Jason discuss everything that makes the A in the CIA Triad, Availability.

Availability is when you like to use a system and it’s there ready for you to use, because no matter how secure a system is, if you cannot access it when you need to, it serves no purpose.

Kip explains how the way you think about availability is also going to change depending on the industry you’re in and the niche you interact with the most.

Edward Skipka, a vulnerability management analyst, goes over his experience and how he managed to double his pay in just over two and a half years. He highlights that doing your best and solving problems can take you to another level within your company.

Listen Now »

EP 85: The CIA Triad – The Basis of Cybersecurity (Integrity)

In this episode Kip and Jason discuss the second pillar of the CIA pentagram, Integrity.
The whole idea of integrity is making sure any entity that you interact with has not been modified after creation and exists where it needs to be.
Jason mentions how it’s not always a perfect balance between all the pillars of the pentagram but depending on the real-world situation, the solution tends to lean towards one or more of the pillars.
Kip explains how digital signatures work and what are the best use cases for them, while Jason dives in deep explaining how hashes work and how to best utilize them.

Listen Now »

EP 84: The CIA Triad – The Basis of Cybersecurity (Confidentiality)

In this short episode, Jason and Kip discuss the first aspect of the CIA Triad which is Confidentiality.

They break down the critically important confidentiality point and how it works in the real world, highlighting that it’s not about the information itself but more likely about where that information is in the flow.

They also mention how confidentiality is brought up in certification exams and how it’s always connected to encryption.

Listen Now »

EP 83: Automating NIST Risk Management Framework with Rebecca Onuskanich

In this episode, we go more in depth with the NIST RMF, answering extremely important questions about the different steps of the process and the checklist mentality that can be developed when implementing RMF.

Rebecca Onuskanich, CEO of International Cyber Institute, is here to share with us some of her knowledge gained throughout 20 years of experience with security compliance and how eMASS is used to implement RMF and its real-world adaptation.

Listen Now »