This podcast episode explains DMARC, a crucial email authentication protocol that protects domains from unauthorized use.

It describes how DMARC works by aligning sender domains with recipient addresses and allowing domain owners to control how unauthenticated emails are handled (accepted, quarantined, or rejected).

The episode also covers related protocols, SPF and DKIM, which verify sender legitimacy and email integrity, respectively.

Finally, it provides practical steps for implementing DMARC, emphasizing its importance for enhancing email security and protecting brand reputation.

Intro: (0:00)

What is DMARC?: (0:52)

ow Does It Work?: (1:30)

What is SPF?: (3:25)

What is DKIM?: (4:20)

Why Do We Need DMARC?: (5:25)

SPF - A Deeper Dive: (6:10)

DKIM - A Deeper Dive: (6:57)

DMARC - A Deeper Dive: (8:50)

Real World Example: (10:00)

Quarantine, Monitoring, Rejecting: (11:00)

Reporting: (12:40)

Challenges: (13:30)

Enforcement Policies: (14:33)

Resources: (17:30)

LoRa is a long-range, low-power wireless communication technology, while LoRaWAN is a network protocol built on top of LoRa that manages data transmission between devices and a central server.

Together, they offer significant advantages for Internet of Things (IoT) applications, including low cost, energy efficiency, scalability, and global reach.

The podcast explores their key differences, benefits, and expanding applications in various sectors, highlighting their potential to create a more connected world. Future advancements involve integration with 5G and hybrid solutions, further broadening their capabilities.

What is LoRa?: (1:18)

What is LoRaWAN?: (1:55)

How Does It Work: (2:49)

Cost Effective - No Data Plans: (3:30)

Security - Authentication - Encryption: (3:45)

Uses of LoRaWAN: (4:45)

Smart City Uses: (5:35)

Street Lights Data: (6:45)

Waste Management Uses: (7:00)

Safe Guards: (7:25)

Unlicensed Spectrum Interference: (8:00)

Asset Tracking: (8:30)

The Future of LoRaWAN: (9:25)

AI Integration: (9:40)

Block Chain: (10:15)

Challenges: (11:20)

5G Wireless Integration: (12:09)

Shared Spectrum: (12:34)

LoRaWAN Open Standard: (13:15)

Key Takeaways: (13:50)

Wavelength services, offered by carriers, provide dedicated point-to-point connections using fiber optic cabling and DWDM technology for high-bandwidth data transmission.

Two main types exist: non-protected, offering a single connection with potential for service disruption, and protected, providing automatic failover to a backup connection for higher reliability.

Protected wavelengths offer various protection schemes (revertive or non-revertive) to manage traffic routing during and after outages. The increasing demand for secure and reliable data transmission makes wavelength services crucial for businesses and government agencies, especially with the rise of technologies like Edge Computing and 5G.

Intro: (0:00)

What is Fiber Optics?: (0:44)

What is Wavelength Services: (2:15)

Security - Protected Wavelengths: (3:00)

Revertive and Non-Revertive Options: (3:25)

Edge Computing: (5:20)

Encrypted Wavelength Services: (7:00)

Current Business Uses: (10:10)

Cybersecurity threat hunting is a proactive approach to identifying and mitigating cyber threats that traditional security measures often miss. The process involves creating hypotheses, investigating system data using advanced tools, and analyzing findings to neutralize threats.

Organizations benefit from enhanced detection, faster response times, and a strengthened security posture. Outsourcing threat-hunting services provides access to 24/7 monitoring and expert analysis.

The future of threat hunting will leverage AI, automation, and predictive analysis to combat increasingly sophisticated cyberattacks across emerging technologies.

Intro: (0:00)

What is Threat Hunting?: (0:20)

First Step - Hypothesis Creation: (0:50)

Investigation Phase: (1:30)

Behavioral Analytics: (2:25)

Analysis And Detection: (2:50)

Neutralization Stage: (3:08)

What Happens When A Threat Is Detected: (3:55)

Post Incident Analysis: (4:40)

Benefits of Threat Hunting: (5:45)

THaaS - Threat Hunting As A Service: (7:15)

AI and Machine Learning: (8:55)

Inhouse and 3rd Party Support: (13:35)

Thinking Like An Adversary: (13:55)

Qualities of a good Threat Hunter: (15:40)

Humans and AI Working Together: (17:40)

This podcast episode explains Privileged Access Management (PAM) and its related concept, Privileged Identity Management (PIM), highlighting their crucial roles in cybersecurity.

It details how PAM works by identifying, monitoring, and controlling access to high-privilege accounts, emphasizing its benefits in reducing security risks and improving compliance.

The episode differentiates PAM from PIM, explaining that PIM focuses on temporary, role-based access, while PAM manages the broader access environment.

Finally, it discusses future trends in PAM, including its expanding application in cloud, DevOps, and IoT contexts.

What is PAM?: (1:10)

How Does PAM work: (1:40)

Access Control: (2:30)

Detailed Reporting: (3:00)

Who are Privileged Users?: (3:20)

Other Privileged Users: (4:00)

PIM - Privileged Identity Management: (5:25)

Best Practices: (7:35)

Continuous Session Monitoring: (8:50)

Emerging PAM Trends: (9:50)

Automation: (10:45)

Major Challenges: (11:20)

Part Two: (12:20)

Resources: (14:10)

Risk of Privileged Accounts: (16:00)

Service Accounts: (19:00)

Real World Examples: (22:40)

Healthcare: (23:05)

Financial Institutes: (25:00)

Government Agencies: (26:49)

The podcast episode explains the Government Emergency Telecommunications Service (GETS), a program managed by CISA that provides priority access to phone networks during emergencies for essential personnel.

GETS uses a special dialing sequence and PIN to prioritize calls, bypassing congested lines without interrupting existing calls. The service is crucial for national security and public safety, enabling reliable communication for government leaders, first responders, and others involved in critical infrastructure.

Registration requires organizational affiliation and approval, after which users receive a GETS card with a unique PIN. The service supports voice, data, and fax transmissions, offering nationwide coverage and redundancy across multiple carriers.

CISA - https://www.cisa.gov/resources-tools/services/government-emergency-telecommunications-service-gets

What is GETS: (0:55)

Who Are GETS users: (2:06)

What Makes GETS so Reliable: (3:00)

How To Obtain GETS: (4:15)

Other Supported Communications: (5:00)

Key Features of GETS: (5:30)

Real World Examples: (6:00)

The Power of Voice Calls During an Emergency: (11:33)

Future of GETS: (12:30)

CISA Available Training: (14:35)

CISA.gov/GETS: (16:00)

Spear phishing is a targeted cyberattack where criminals impersonate trusted individuals to trick victims into revealing sensitive information. These attacks leverage publicly available data to build credibility and often involve emails, websites, or other communication methods containing malicious links or attachments.

What is Spear Phishing?: (0:35)

How are criminals getting information on their targets?: (1:50)

What can we do to protect ourselves?: (2:20)

Sophisticated Emails: (3:05)

What else should we look for?: (4:05)

Report Fraud and Useful Resources:

Federal Trade Commission (FTC) www.IdentityTheft.gov or 877-438-4338 https://www.bbb.org/scamtrackerhttps://www.bbb.org/article/news-releases/16951-bbb-tip-identity-theft

ITRC - Identity Theft Resource Center: https://www.idtheftcenter.org/

National Cybersecurity Alliance: https://www.staysafeonline.org/

The Hackers News: https://thehackernews.com/

NIST: https://www.nist.gov/

Cisa: https://www.cisa.gov/topics/cybersecurity-best-practices

FTC Free Annual Credit Report: https://www.annualcreditreport.com/gettingReports.action

FIDO2: https://fidoalliance.org/fido2/

Anti-Phishing Working Group: www.apwg.org

Three Credit Agencies: Equifax, Experian, and TransUnion

DOCSIS, or Data Over Cable Service Interface Specification, is a standard for high-speed internet transmission over coaxial cables.

DOCSIS 4.0, the latest version, offers significantly improved speeds (up to 10 Gbps downstream and 6 Gbps upstream), enhanced security, and full-duplex communication. It achieves this through technologies like channel bonding, OFDM, and ESD, leveraging existing HFC infrastructure.

While GPON offers symmetrical speeds and greater scalability, it requires more costly infrastructure upgrades. DOCSIS 4.0's backward compatibility and scalability make it a key technology for meeting the demands of modern broadband internet services.

What is DOCSIS 4.0?: (1:17)

Upload - Downloads Symmetrical: (2:00)

How Does DOCSIS 4.0 Work: (2:45)

What is Channel Bonding?: (2:59)

What is OFDM?: (3:25)

What About GPON?: (4:30)

Comparing Extended Spectrum and Full Duplex: (5:45)

The Telecommunications Service Priority (TSP) program, a joint FCC and CISA initiative, prioritizes telecommunications services for national security and emergency preparedness.

Key features include expedited service provisioning and restoration for eligible entities, which range from government agencies to critical infrastructure providers.

Eligibility requires federal sponsorship for non-federal entities, and services are categorized into five priority levels based on importance. Ongoing maintenance involves periodic code revalidation, with minimal fees charged at the state level.

The program ultimately aims to enhance the resilience of national communications during emergencies.

What is TSP?: (0:43)

Available for Government and Non-profit: (1:10)

5 Different Levels of TSP: (1:40)

Who and How to Get in: (2:40)

What Does TSP Cost?: (3:15)

This podcast episode compares and contrasts call centers and contact centers. Call centers primarily use telephones for inbound and outbound communication, offering personalized service.

Contact centers, however, incorporate multiple communication channels—including email, social media, and chat—providing a more flexible and data-rich customer experience.

Key differences highlighted include communication methods, data collection capabilities, self-service options, and required agent skills. Ultimately, the choice between the two depends on a business's specific needs and customer preferences.

What is a Call Center?: (0:40)

What is a Contact Center?: (1:30)

What are the differences?: (2:40)

Collecting Data Contact Center: (3:00)

Tools: (3:35)

Skill Levels: (4:10)

Data and Analytics: (5:00)

The Future of Customer Service: (6:15)

Human and AI Agents: (6:55)

Key Takeaways: (7:30)