Welcome to Episode 32 of our podcast, where we explore the evolving landscape of cybersecurity in the Middle East. In this installment, we delve into the complexities of implementing Zero Trust in the region, focusing on the challenges and opportunities foreign companies face while adopting this vital framework. Zero Trust is more than a buzzword—it's a multi-faceted journey that requires a deep dive into the five core pillars: identity, network, application, device, and data. These pillars form the foundation of the Zero Trust maturity model, and every organization looking to implement this framework must evaluate its maturity across these domains.

Our guest, Kamel Tamimi, a visionary cybersecurity professional with over two decades of experience, joins us to discuss how the Middle East is embracing Zero Trust as a strategic defense against growing threats. Kamel explains that achieving Zero Trust maturity isn’t a single-department project or a one-time task—it’s a continuous improvement process that involves both technology and practices. As technologies like multi-factor authentication (MFA) become more accessible and affordable, organizations can integrate them into their Zero Trust models to better protect their data and assets. Kamel also highlights how AI and machine learning are revolutionizing Zero Trust, enabling dynamic, risk-based decisions based on a wealth of real-time data.

AI’s role in Zero Trust is pivotal—processing vast amounts of data quickly to assess the risk of every request. With machine learning, Zero Trust systems can not only verify identities but also detect anomalies such as unusual login times or unfamiliar devices. This dynamic, data-driven approach helps companies better secure their networks, with the flexibility to take actions beyond simply allowing or blocking access. For instance, AI can divert suspicious traffic to deception systems or apply more rigorous security controls based on the risk profile of a user or device.

Kamel also touches on the practical side of implementing Zero Trust in the Middle East. It’s not about ripping and replacing your infrastructure; it’s about re-architecting your security framework to align with the Zero Trust principles. The journey begins with evaluating your identity management system and ensuring it can support advanced features like MFA and single sign-on. The other pillars—network, application, device, and data—must also be addressed in a comprehensive strategy that evolves over time.

As we explore these themes, we also discuss broader regional trends, such as the expansion of hyperscale data centers by global tech giants like Google, Oracle, Azure, and Alibaba in Saudi Arabia, UAE, and Qatar. The drive for data sovereignty, regulatory compliance, and job creation is reshaping the cybersecurity landscape in the region, making Zero Trust even more relevant.

Join us for an insightful conversation with Kamel Tamimi as we unpack the complexities of adopting Zero Trust in the Middle East and explore the intersection of technology, strategy, and cybersecurity.

Stay updated with the latest episodes of Cyber Security America by visiting our YouTube Channel Cyber Security America and subscribing on Apple Podcasts. Connect with Joshua Nicholson on LinkedIn here.

#Cybersecurity #MiddleEast #ZeroTrust #AI #MachineLearning #ThreatIntelligence #DataSovereignty #TechAdvancements #DigitalTransformation #Podcast #CybersecurityChallenges #ForeignOperations

Episode 31, Welcome to season two of the Cyber Security America podcast.  In this episode, we explore the evolving landscape of cloud security, focusing on critical considerations for organizations migrating to Office 365 and Azure AD. Stay tuned as we unravel essential strategies and insights to bolster your security posture in the cloud.

 

In traditional on-prem environments, users authenticate to domain controllers within a network. However, replicating this infrastructure to Azure Cloud introduces significant changes. Now, users can authenticate from anywhere globally, leading to numerous failed authentications and increased MFA prompts. This new setup can cause account lockouts that do not synchronize back to the on-prem domain controller. Therefore, when moving to Office 365, it's crucial to consider Microsoft's Defender for Identity for enhanced security posture, compliance, threat detection, and vulnerability assessments.

 

One of the most significant security concerns is PowerShell. It's frequently used in legitimate administrative actions and by malicious actors. Hardening PowerShell is essential, and this includes enabling transcription, which captures input and output of commands, and script block logging, which ensures Base64 encoded commands are logged and can be decoded for analysis. This helps to detect and respond to malicious activities without relying on external tools like CyberChef.

 

Furthermore, enforcing script execution policies (restricted, bypass, remote signed, all signed) helps manage which scripts can run, though these policies are not foolproof security controls. The key is to use them as intended to prevent unintended script execution.

 

Constrained language mode is another vital hardening measure, restricting access to commands that can invoke Windows APIs, which are often exploited to download malware. For example, commands like `Add-Type` can load arbitrary C# code and are frequently used in attacks.

 

Additionally, integrating the Anti-Malware Scanning Interface (AMSI) into applications can help detect and prevent script-based threats by scanning unobfuscated scripts before execution. This is particularly useful in environments where PowerShell is heavily used, as it adds an extra layer of security.

 

Effective cybersecurity requires technical depth and business alignment. Start by understanding your industry's regulations and standards. Align your cybersecurity strategy with business risks and integrate threat intelligence, incident response management, and continuous attack surface management. This strategic approach ensures a comprehensive security posture.

 

Finally, as organizations migrate to Azure AD and other cloud services, several key security considerations must be addressed. This includes understanding architecture changes, monitoring data flow, and ensuring tool rationalization. Critical components often overlooked include proper deployment of MFA and firewall management. PowerShell security remains a top priority, requiring logging configurations that decode Base64 and using digital signatures to verify scripts.

 

Emerging technology threats, such as AI model poisoning and DNS over HTTPS, also need attention. Monitoring DNS logs for threat hunting is crucial, but the shift to DNS over HTTPS complicates this. Additionally, remote access solutions like RDP should be used in just-in-time mode to prevent continuous exposure.

 

In summary, moving to the cloud and adopting new technologies necessitates a robust cybersecurity framework that integrates traditional security measures with advanced threat detection and response capabilities.

 

#Cybersecurity #PowerShell #AzureAD #CloudSecurity #Office365 #DefenderForIdentity #MFA #ThreatDetection #ITSecurity #CyberThreats #CloudMigration #PowerShellSecurity #DNSOverHTTPS #AIThreats #RemoteAccess #ITCompliance #SecurityBestPractices #IncidentResponse #ThreatIntelligence

Join us for an illuminating journey into the world of cybersecurity and governance as we sit down with former Governor Pat McCrory, the 74th Governor of North Carolina. In this captivating episode, Governor McCrory offers his invaluable leadership insights on the pressing issue of cybersecurity, particularly within the context of state and local government. #informationsecurity #government #governor #northcarolina #charlotte #asheville #greensboronc #raleigh

Discover how the decentralized nature of government at various levels is adapting to the ever-evolving digital landscape. Governor McCrory's extensive experience in public service provides a unique perspective on the challenges and opportunities in safeguarding our digital assets. Explore the real-world implications of cyber threats, with a particular focus on potential threats to the Department of Transportation (DOT). Gain a deeper understanding of how government agencies like DOT are addressing and mitigating these emerging challenges. We'll also delve into the recent Government Accountability Office (GAO) Report on Cyber, analyzing its key findings and recommendations. This report is a must-read for policymakers and cybersecurity professionals, and our discussion will provide valuable insights into our nation's cybersecurity readiness. But that's not all! Governor McCrory has an exciting announcement to share. He will provide insights into a potential Presidential candidacy from the No-Labels political group, offering a unique perspective on the evolving political landscape and the role of cybersecurity in national politics.

Tune in to this exclusive episode and engage with Governor Pat McCrory's insights, questions, and the dynamic discussion surrounding critical issues at the intersection of cybersecurity, governance, and national politics. Don't miss this opportunity to gain a deeper understanding of the challenges and opportunities facing our digital world. Patrick Lloyd McCrory (born October 17, 1956) is an American politician, businessman, and radio host who served as the 74th governor of North Carolina from 2013 to 2017. A member of the Republican Party, he previously served as the 53rd Mayor of Charlotte from 1995 to 2009. While serving as mayor of Charlotte, McCrory served on the U.S. Homeland Security Advisory Council from 2002 to 2006 under President George W. Bush. He was the Republican nominee for governor of North Carolina in the 2008 general election. McCrory was again the Republican nominee in the 2012 gubernatorial election and won with 55 percent of the vote. McCrory became the first Mayor of Charlotte to win the state's highest office, as well as the first Republican to win the governorship of North Carolina since 1988. 

 

Welcome to the Cyber Security America show, a platform for exploring the dynamic and ever-evolving world of cybersecurity and information technology.

Welcome to our podcast, where we explore the fascinating world of generative AI and its profound impact on various fields.

Welcome to another episode of Cyber Security America with your host, Joshua Nicholson (https://www.linkedin.com/in/joshuanicholson/). In this episode, we delve into the world of cloud computing and its impact on cybersecurity.

In episode 29, host Joshua Nicholson welcomes Dennis Kraft, a Penn State graduate and former United States Army Captain who served with the 101st Airborne Division Air Assault in Afghanistan from 2010 to 2011. After his military service, Dennis transitioned to a career in cybersecurity, working for the Department of Veterans Affairs, the Department of Homeland Security, and private companies. He later founded Cyberkraft in 2019 with the mission of bridging the cybersecurity skills gap through elite training courses. Dennis discusses his mission at Cyberkraft, which is to help individuals obtain cybersecurity certifications to advance their careers and fill the growing cyber skills gap. He emphasizes the importance of hands-on training and mentorship, drawing parallels between military training and cybersecurity education. The conversation touches on open source tools versus commercial products, the need for foundational networking knowledge, and the challenges faced by those entering the cybersecurity field. The episode highlights the importance of investing in cybersecurity training and mentorship to prepare professionals for the ever-evolving field of cybersecurity. Dennis also mentions Cyberkraft's competitive pricing, financing options, and veteran discounts for their training programs, emphasizing their commitment to making quality training accessible. The podcast offers insights into the challenges and opportunities in the cybersecurity industry and the value of continuous learning and mentorship. The text discusses the challenges faced by a student in a self-paced entry-level course and suggests that instructor-led training might have been more suitable. The conversation highlights the importance of tailoring teaching methods to individual learning styles and mentions the incorporation of the VARC model (Visual, Audio, Reading, Writing, Kinesthetic) into courses to accommodate different learning preferences. The company, founded in 2019, specializes in cybersecurity training and emphasizes both passing certifications and gaining practical, real-world skills. The text also touches on the use of live labs and hands-on exercises, as well as the importance of understanding the thinking behind complex exam questions. Finally, it briefly discusses cloud certifications like CompTIA Cloud+ and CASP+ as well as the potential alignment of certifications with specific job roles

Welcome to episode 28 of the Cyber Security America podcast with your host Joshua R. Nicholson (https://www.linkedin.com/in/joshuanicholson/). He is excited to welcome Dayle Alsbury (https://www.linkedin.com/in/daylealsbury/), a distinguished cybersecurity expert with over two decades of experience in information security. Dayle has led diverse global teams, delivering innovative security solutions across highly regulated industries like education, healthcare, finance, banking, and energy. Currently serving as the CISO at Litmos, he plays a pivotal role in securely providing eLearning solutions and integrated Learning Management services to more than 20 million individuals in 150 countries. Before joining Litmos, Dayle spearheaded the cybersecurity program at Stride Learning, implementing an exceptional cybersecurity recovery and transformation roadmap that resulted in a remarkable 90% increase in NIST maturity within just 24 months. Prior to that, he held instrumental roles at Blue Cross Blue Shield of Louisiana, driving security innovation, risk reduction, cloud and mobile adoption, and cost-effective cybersecurity management. Dayle's expertise extends beyond a single organization; he also serves as a virtual or fractional CISO and strategy advisor to numerous organizations facing unique cybersecurity challenges. Over the past two decades, he has made substantial contributions to cybersecurity and IT leadership in small organizations and startups spanning various sectors. Beyond his corporate roles, Dayle is an IT regulatory compliance expert and mentor, offering valuable guidance to innovative organizations and professionals. He has also served as an Executive Member of the Blue Cross Information Security Advisory Committee, providing national-level thought leadership to Blue Cross organizations. His expertise further extends to collaborating on cyber skills training and competitions projects and sharing insights with renowned organizations such as CNN, NBC, Time Magazine, Gartner, Radio America, WWL Radio, and many others. In this podcast episode, Dayle and Josh delve into several critical cybersecurity challenges and captivating stories from the trenches: - Deep Fakes: We'll discuss the growing concern of deep fakes and their potential consequences, including incidents like the Ukraine war deep fake video of Putin. - Security Tool Pollution in the SOC: We'll explore the challenges associated with security tool proliferation in Security Operations Centers (SOCs) and strategies to maintain efficiency. - Spoilage & Deep Fakes: Dayle will share stories related to spoilage and deep fakes, highlighting real-world examples and their impact on security. Join us in this insightful audio podcast episode as we navigate the evolving landscape of cybersecurity, Cyber Security America video podcast located (https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg)

Welcome to our latest podcast episode (Episode 27), where Joshua R. Nicholson (https://www.linkedin.com/in/joshuanicholson/) embarks on an insightful journey through the dynamic world of #cybersecurity. Our distinguished guest, Joshua Copeland, brings his battle-tested expertise and extensive experience to the forefront. As the Director of Cyber at AT&T, Joshua plays a pivotal role in shaping security solutions for State, Local, Tribal, and Territory (SLTT) entities. In this episode, our two Josh's delve into the critical role of Governance, Risk, & Compliance (GRC) in navigating the cyber landscape. Joshua Copeland provides valuable insights into how GRC serves as a compass, guiding organizations to make informed decisions about where to invest their resources. GRC helps identify vulnerabilities, weaknesses, and risks, providing a roadmap for strategic investments in cybersecurity. Youtube video podcast (https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg) As Joshua Copeland aptly puts it, GRC helps quantify and understand the true nature of risks. Without this understanding, organizations may find themselves merely throwing money at the latest cybersecurity tools and gadgets. While cool toys and cutting-edge technology are appealing, they must align with an organization's unique risk profile and vulnerabilities. To effectively mitigate risks, organizations need to intrinsically comprehend their risks, their potential impacts, and the available mitigation strategies. This understanding enables them to select the right cybersecurity solutions tailored to their specific requirements. It's not always about having the most expensive Ferrari; it's about having the right tool for the right job, efficiently addressing the identified risks. But our episode doesn't stop there. Before we delve into Joshua's invaluable insights, we dissect the events of August 2023's Patch Tuesday from Microsoft. This episode explores the two zero-day vulnerabilities and a staggering 87 flaws addressed during that release. As we eagerly anticipate September's Patch Tuesday, we reflect on Microsoft's handling of these vulnerabilities, including the intriguing fact that only six were rated as critical. Our discussion extends to major updates from other industry players, including Adobe's security updates for Microsoft Acrobat Reader, AMD's security enhancements for new hardware, and Cisco's necessary security updates for their VPNs due to ongoing vulnerabilities exploitation. Join us for a thought-provoking discussion with Joshua Copeland, touching on cybersecurity insights, hiring practices, leadership, and pathways into the field. Discover how Joshua, an adjunct professor at Tulane University, teaches cybercrime and cyber leadership. #cybersecurity #grc #informationsecurity

Welcome to the 26th episode of How do you managed an operational threat intelligence program? In this installment, Joshua Nicholson (https://www.linkedin.com/in/joshuanicholson/) traverses the realms of business, technology, and those often-unnoticed opportunities that slip through the cracks. Today, our spotlight turns towards a paramount facet that frequently resides in the shadows: Threat Intelligence management. While the realm of Business Intelligence has flourished over decades, employing cutting-edge tools to unveil hidden insights within data, Threat Intelligence has seldom basked in the limelight of decision-making. But why does this crucial component remain relegated to the background? Join us on a journey to unearth the untapped potential and overlooked dimensions of Threat Intelligence. Our host engages in an intriguing dialogue with the distinguished Mr. Brian Mohr, an industry expert who illuminates the striking parallels between Business Intelligence and Threat Intelligence. Despite the availability of advanced technologies, Threat Intelligence remains an underrecognized powerhouse, yearning for its rightful acknowledgment. This episode (https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg). imparts the understanding that tools and technology wield great power, yet their impact rests on those who wield them. The conversation underscores the vital role of a Threat Intelligence analyst—a counterpart to a Business Analyst in the realm of threats. Just as a Business Analyst deciphers intricate data for informed decisions, a Threat Intelligence analyst decrypts threats and vulnerabilities, propelling proactive strategies. Our esteemed guest regales us with captivating anecdotes from workshops, where Intelligence teams dissect a corporation's 10-K statement—a goldmine of insights into a company's risks and pursuits. This reveals that Threat Intelligence isn't a distant relation; it's a sibling with its own unique challenges. Join us in dispelling the misconceptions around Threat Intelligence and discovering its potential to revolutionize decision-making. The time has come to honor a discipline that, like Business Intelligence, holds the key to well-informed choices. Tune in to episode 26, as overlooking Threat Intelligence is a regrettable oversight. Our guest today is Brian (https://www.linkedin.com/in/brianvmohr/), co-founder of Reqfast (www.reqfast.com), a program management platform tailored for intelligence and investigative teams. With over two decades in intelligence and security, Brian's journey began in the Marines, specializing in Counterintelligence/Human Intelligence. Transitioning to a financial services company, he implemented threat intelligence workflows. Brian ventured into an intelligence provider, creating workshops and understanding both sides of the threat intelligence relationship. Holding an MS in Cybersecurity, an MBA, and even an Associate of Arts in Chinese Mandari