National Cybersecurity Awareness Month (NCSAM) is October! In this special week 4 of 4 (the finish line!)  of  NCSAM episode we are speaking to consumers and individuals about social media security. A lot of security professionals have zero social media presence, but that's not the reality for most people. You can engage without undertaking high risk.  And being respectful of the privacy and security others in your posts and feeds.  Listen in and join us!

National Cybersecurity Awareness Month (NCSAM) is October! In this special week 3 of 4 of  NCSAM episode we are speaking to consumers and individuals about passwords - those security things we all love to hate. But still, we have to protect them. Greg and Bill talk about some ways to make them easier to manage, and how to choose them. We also say the word entropy a lot, because it makes us sound more serious. 

National Cybersecurity Awareness Month (NCSAM) is October! In this special week 2 of 4 of  NCSAM episode we are speaking to consumers and individuals about device security. All your phones, TVs, and routers and such. protect yourself, and not just this month.

National Cybersecurity Awareness Month (NCSAM) is October! In this special week 1 of 4 of  NCSAM episode we are speaking to consumers and individuals about surfing (the web) safely.

Some reality about security startups, the fool's gold and FOMO-stress of fame in social media and conferences for cybersecurity, some career advice, Bill has some great advice about what makes a good organization and some criteria for buying companies, and Greg points out that the difference in cybersecurity companies who have  stock market success vs those whose target is making the best cybersecurity matters when you are buying stock vs buying products.

Greg and Bill talk some cybersecurity history about the Orange Book, and how fundamentally the approach to what we put security into has changed.  Big IT vendors have trouble with security because it isn't their core business.

Bill and Greg cover the history of app security testing,  why it is neglected, web application firewalls, code scanners, and how the devsecops loop is still mostly aspirational. Some thoughts on Zero Trust, and ... The Zachman Framework! DEFCON is here, trade show giveaways, and the most memorable celebrity keynotes.

Greg and Bill discuss, if in charge for a day, what they would change in cybersecurity to break the cycle we are in.

Greg has big issues about that meeting of CEOs concerning cybersecurity at the White House. Bill talks defect analysis. How challenging the CISO job is in government, and we salute you. AI and security clearances!

We start out with a few presentation tips, and do a status check on these unprecedented pajama-bottom wearing times. How the cybsersecurity culture in companies will be different in 2022. Complexity in the new hybrid telework/in-person will be exploited. SASE as a good tool to accommodate new business processes. What the near term of Ransomware as a service is. The biggest impact on Ransomware would be interrupting payments. We talk about our big current topics - XDR, Zero Trust, Resilience, Supply Chain, and SASE.

Balancing security education with security technology. Real risk: livestock are a bigger threat than sharks, and what about self-driving cars. The role of federal governments in tamping down ransomware activity. Small and Midsize Organization security. The dark arts of the Common Criteria and Formal Methods. Bill drives the Trolley Car in the Trolley Car Problem.