It's easy to be a Monday morning quarterback, even with cybersecurity. But defending a business, of any size, against cyber threats today is hard. Like, really hard. Defenders have to succeed every single time; attackers only need to succeed once. And then your company makes the headlines. Today we'll delve into the world of the "blue team" - the defenders who are charged with protecting your data and the services you depend on - with cyber expert Oz Jones. Along the way, we'll learn valuable lessons for everyone.

Interview Notes

Oz Jones on LinkedIn: https://www.linkedin.com/in/4f5a/ 

Troy Hunt got pwned: https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mailchimp-mailing-list/ 

CIS Controls: https://www.cisecurity.org/controls 

Marsh’s Top 12 controls: https://www.marsh.com/en-gb/services/cyber-risk/insights/cyber-resilience-twelve-key-controls-to-strengthen-your-security.html 

Further Info

Dragon Coin Promo!! https://fdsd.me/promo425

Generate passphrases with a d20: https://d20key.com/#/ 

My book: https://fdsd.me/book 

My newsletter: https://fdsd.me/newsletter 

Support the mission: https://fdsd.me/support 

Give the gift of privacy and security: https://fdsd.me/coupons 

Recommend news stories: send to news [at] firewallsdontstopdragons.com 

Send me your questions! https://fdsd.me/qna 

Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch 

Table of Contents

0:00:00: Intro

0:00:29: Patron promo is LIVE!

0:01:16: Correction

0:01:49: Interview setup

0:04:44: Jargon definitions

0:06:39: How did you get into cyber incident response?

0:09:56: What does it mean to be on the Blue Team?

0:13:25: What are the most impactful cyber threats to companies today?

0:16:34: Are people or companies most as risk for ransomware attacks?

0:19:57: What impact has cyber insurance had on cyber security?

0:21:02: What are the most common types of attacks on companies?

0:23:59: How should companies educate their employees about cyber threats?

0:30:48: How does working from home or using personal devices impact cyber attacks?

0:35:22: How can you protect your company against supply chain attacks?

0:38:45: What resources are available to help companies prepare?

0:41:07: How can we detect attacks and malware infections?

0:44:22: After an attack, how do you respond?

0:48:05: What are my legal obligations for notifying my customers?

0:50:25: Are table top simulations useful?

0:52:07: Are there incident response consultants you can hire?

0:53:05: Can you recommend some helpful resources?

0:56:11: As consumers, how can we make better choices?

0:58:22: Interview wrap-up

1:01:51: Troy Hunt was pwned

1:03:04: Patron bonus preview

1:04:32: Looking ahead