Share Pwned: The Information Security Podcast
Share to email
Share to Facebook
Share to X
By Justin Fimlaid
5
1616 ratings
The podcast currently has 202 episodes available.
In this episode of Pwned, Justin and Jack celebrate their milestone 200th episodes the best way they can…with some good old Ransomware Rye. Join the duo offsite at Mad River Distillers tasting room in Burlington, Vermont, as they review podcast excerpts from the last few years and respond with fresh takes, all while guessing who actually said it.
Check out the links below on people we reference in this episode:
Glen Bressner, Co-Founder and Managing Partner, Activate VP
Chris Metinko, Senior Reporter, Crunchbase News
Key moments:
00:00 – Title Sequence
00:20 – Introduction
05:30 – Café Press and Hot, Stinky Soup
10:17 – Punxsutawney Programmer
15:05 – Sometimes You Should Argue the Price of Champagne
21:36 – Parsing Through Cybersecurity Product TUD
26:30 – Meat Market March
31:13 – Beyond the Badness-Ometer
34:57 – Wrap Up
If you have any questions or suggestions, send us an email at [email protected].
For general information, you can reach us at [email protected].
If you like our content, please like, share, and subscribe! We’ll catch you on the next one.
Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.
Website: https://nuharborsecurity.com
Facebook: https://www.facebook.com/nuharbor/
Twitter: https://twitter.com/NuHarbor
LinkedIn: https://www.linkedin.com/company/nuharbor
Instagram: https://www.instagram.com/nuharborsecurity/
In this episode of Pwned, BlackCat rises from the grave for another life full of ransomware attacks; this time targeting a healthcare organization, Change Healthcare, for a whopping $22 million. Join Justin and Jack as they look through the facts and speculate that BlackCat may not be who they say they are.
If you have any questions or suggestions, send us an email at [email protected].
For general information, you can reach us at [email protected].
If you like our content, please like, share, and subscribe! We’ll catch you on the next one.
Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.
Website: https://nuharborsecurity.com
Facebook: https://www.facebook.com/nuharbor/
Twitter: https://twitter.com/NuHarbor
LinkedIn: https://www.linkedin.com/company/nuharbor
Instagram: https://www.instagram.com/nuharborsecurity/
It’s a first, with Jack going solo, and the subject is a set of 8 recent recommendations from senior IT and security leaders at the recent e.Republic/Center for Digital Democracy Beyond the Beltway show. Panels of executives described their experience with successful security and technology communications, and Jack interprets and applies these for our Pwned cybersecurity audience. It’s a rare view into the minds and reactions of the kind of leaders that we know are fundamental to the success of any security strategy.
Check out these links:
e.Republic: https://www.erepublic.com/
Beyond the Beltway: https://events.govtech.com/Beyond-the-Beltway-2024.html#/agenda
Center for Digital Government: https://www.govtech.com/cdg
Key takeaways:
00:00 - Title Sequence
00:25 – Introduction
02:48 – Know the Plan
03:58 – Bring Objective Data
05:02 – Speak to All
06:05 – Find the Baseline
07:45 – Upskill My Team
10:11 - Everything is Relative
11:50 - Bring the Value
13:10 - Prepare for Change
14:27 – Recap
If you have any questions or suggestions, send us an email at [email protected].
For general information, you can reach us at [email protected].
If you like our content, please like, share, and subscribe! We’ll catch you on the next one.
Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.
Website: https://nuharborsecurity.com
Facebook: https://www.facebook.com/nuharbor/
Twitter: https://twitter.com/NuHarbor
LinkedIn: https://www.linkedin.com/company/nuharbor
Instagram: https://www.instagram.com/nuharborsecurity/
Well-known public sector executive advisor, Curt Wood, joins the team to talk about the role of the Cybersecurity and Infrastructure Security Agency (CISA), statewide cybersecurity, and the complex responsibilities of leaders as they understand and integrate multiple communities in their cybersecurity planning. As former executive secretary and CIO for the Commonwealth of Massachusetts and the current executive director for the 2023/2024 SLED Cybersecurity Priorities Report (CPR), Curt is going broad and deep with Justin Fimlaid and Jack Danahy on the changing nature of threat intelligence, interagency communications, and establishing a leadership position for cybersecurity.
View the CISA website
Download the CPR
If you have any questions or suggestions, send us an email at [email protected].
For general information, you can reach us at [email protected].
If you like our content, please like, share, and subscribe! We’ll catch you on the next one.
Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.
Website: https://nuharborsecurity.com
Facebook: https://www.facebook.com/nuharbor/
Twitter: https://twitter.com/NuHarbor
LinkedIn: https://www.linkedin.com/company/nuharbor
Instagram: https://www.instagram.com/nuharborsecurity/
Justin Fimlaid and Jack Danahy are talking about the recent 26.6B records found exposed. While the records are mainly old, the Pwned perspective is always new. Listen in for some history, some discussion of other expert views like Troy Hunt and others, and a perspective on whether this Mother of All Breaches may in fact be more of a news story and less of a new story.
View Troy's article: Troy Hunt: The Data Breach "Personal Stash" Ecosystem
View the original MOAB post: Mother of All Breaches: a Historic Data Leak Reveals 26 Billion Records | Cybernews
Key Takeaways:
00:00 – Title Sequence
00:45 – Introduction to topic: Mother of All Breaches
02:24 – Public Reaction
03:42 – Where Did the Records Come From?
05:28 – Mystery Leads to Uproar
08:25 – Biggest Takeaway From the Breach
10:53 – Making Improvements, But Still a Long Way to Go
13:13 – Complex Passwords and Password Vaults
15:40 – AI-Generated Code
18:00 – Summary
If you have any questions or suggestions, send us an email at [email protected].
For general information, you can reach us at [email protected].
If you like our content, please like, share, and subscribe! We’ll catch you on the next one.
Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.
Website: https://nuharborsecurity.com
Facebook: https://www.facebook.com/nuharbor/
Twitter: https://twitter.com/NuHarbor
LinkedIn: https://www.linkedin.com/company/nuharbor
Instagram: https://www.instagram.com/nuharborsecurity/
In a discussion covering election issues from disinformation to voter access, Justin Fimlaid and Jack Danahy are both dispelling and reinforcing listener concerns about the impact of technology and cyber threats on the upcoming elections. Tune in for an in-depth discussion on disinformation, newly proposed government/social media contact restrictions, and a look into what may come (or that the team think should come) to deliver more secure elections in the future.
Key Takeaways:
00:00 – Title Sequence
00:22 – Introduction
04:16 – Social media and influencing elections
06:50 – Disinformation from the very beginning
10:33 – Can we ever go back to disconnected elections?
13:47 – Trusting election security technology
16:37 – Estonia’s voting technology
18:43 – Voting ID’s and intrusiveness
21:33 – Education and election awareness
24:30 – Wrapping up
If you have any questions or suggestions, send us an email at [email protected].
For general information, you can reach us at [email protected].
If you like our content, please like, share, and subscribe! We’ll catch you on the next one.
Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.
Website: https://nuharborsecurity.com
Facebook: https://www.facebook.com/nuharbor/
Twitter: https://twitter.com/NuHarbor
LinkedIn: https://www.linkedin.com/company/nuharbor
Instagram: https://www.instagram.com/nuharborsecurity/
It’s been over two years since the team examined the overuse and increased malleability of the term “XDR” and were forced to sentence that term to the Pwned terminology dungeon, the “Pit of Despair”. Well, times change, and our intrepid topical explorers are seeing signs that a reexamination is deserved, as XDR is becoming more understood, and Managed XDR (MXDR) is now a reality. Join Justin Fimlaid and Jack Danahy in this episode of Pwned as they carefully pull MXDR out of the "Pit of Despair" by the suspenders. The guys explore and wade through the industry jargon that has complicated views of threat detection and response technology and services, and ultimately, make the rescue.
Check out the original episodes where they were placed into the Pit:
Pwned GigaByte - The pit of despair (nuharborsecurity.com)
Voldemort (XDR) Spawns New Death Eaters (mXDR) (nuharborsecurity.com)
Key Takeaways:
00:00 – Title Sequence
00:30 – Introduction
03:18 – Term reveal
05:28 – Notable changes in the last two years
08:45 – Has XDR manifested itself into reality?
13:49 – The history/origins of XDR
17:00 – Jack’s rebuttal
21:58 – Wrap up
If you have any questions or suggestions, send us an email at [email protected].
For general information, you can reach us at [email protected].
If you like our content, please like, share, and subscribe! We’ll catch you on the next one.
Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.
Website: https://nuharborsecurity.com
Facebook: https://www.facebook.com/nuharbor/
Twitter: https://twitter.com/NuHarbor
LinkedIn: https://www.linkedin.com/company/nuharbor
Instagram: https://www.instagram.com/nuharborsecurity/
In honor of releasing the 2023-2024 SLED CPR, Justin and Jack take a walk down memory lane and discuss their predictions from the 2022 CPR, and how they fared in 2023. Have all 5 predictions panned out the way the duo thought, or did some fall short? Tune in to find out.
Check out our annual SLED CPR.
Key Takeaways:
00:00 – Title sequence
00:27 – Introduction to topic
01:15 – Prediction 1: Back to basics
04:45 – Prediction 2: Teaming up
06:03 – Prediction 3: Staying on top
08:30 – Prediction 4: Election-driven urgency
10:27 – Prediction 5: States Will Lead Private industry to new models of security
If you have any questions or suggestions, send us an email at [email protected].
For general information, you can reach us at [email protected].
If you like our content, please like, share, and subscribe! We’ll catch you on the next one.
Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.
Website: https://nuharborsecurity.com
Facebook: https://www.facebook.com/nuharbor/
Twitter: https://twitter.com/NuHarbor
LinkedIn: https://www.linkedin.com/company/nuharbor
Instagram: https://www.instagram.com/nuharborsecurity/
In this episode, Justin and Jack are giving a sneak preview of this year’s SLED Cybersecurity Priorities Report. It’s all fresh off the presses and the team is giving a birds-eye view of the process, focus, and conclusions that the CPR is bringing to (and from) State, Local, and Higher Education leaders.
If you have any questions or suggestions, send us an email at [email protected].
For general information, you can reach us at [email protected].
If you like our content, please like, share, and subscribe! We’ll catch you on the next one.
Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.
Website: https://nuharborsecurity.com
Facebook: https://www.facebook.com/nuharbor/
Twitter: https://twitter.com/NuHarbor
LinkedIn: https://www.linkedin.com/company/nuharbor
Instagram: https://www.instagram.com/nuharborsecurity/
The Pwned podcast leaps into 2024 with Justin Fimlaid and Jack Danahy talking about what they've were seeing at the end of 2023, some ideas on improving for 2024, and some new ideas around understanding more about predicting breach impact and exposure. The guys are looking at some new ideas like improving attack simulation, increasing visibility, and the potential application of new approaches like synthetic malware and attack campaigns. One of the results of a new Pwned term of art, based in a need to focus on "Defense in Breadth" over the tradition of "Defense in Depth of days gone by. All of this drives a conversation ranging from cyber insurance to the value of the next cybersecurity dollar spent.
It's a great way to wrap up 2023 with Pwned and jump into the hopeful potential for 2024.
Key Takeaways:
00:00 – Title sequence
00:24 – Introduction
01:35 – Recommendations for starting out 2024
02:15 – One small gap can lead to catastrophe
03:56 – New year, new approaches
05:00 – Prediction: Synthetic Testing
08:35 – Potential for better insurability and dollar spend/investment
11:23 – Jack’s JIE: Justin Inspired Epiphany: Defense and Breadth
13:18 – Impacts against the business during and after an attack
16:25 - Summary
If you have any questions or suggestions, send us an email at [email protected].
For general information, you can reach us at [email protected].
If you like our content, please like, share, and subscribe! We’ll catch you on the next one.
Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust.
Website: https://nuharborsecurity.com
Facebook: https://www.facebook.com/nuharbor/
Twitter: https://twitter.com/NuHarbor
LinkedIn: https://www.linkedin.com/company/nuharbor
Instagram: https://www.instagram.com/nuharborsecurity/
The podcast currently has 202 episodes available.