CyberSunday

EXPLORE

Society & Culture

Health & Fitness

© 2024 PodJoint

https://is1-ssl.mzstatic.com/image/thumb/Podcasts221/v4/3e/65/39/3e65396f-3887-af22-3144-ffaaf10af157/mza_12377075261566817309.jpg/600x600bb.jpg

CyberSunday

Michael Farnum

53 episodes

3 months ago

CISOs are typically not the owner of their organization's most critical (or even non-critical) assets and data. There are usually business unit leaders assigned to that, and the CISO's role is to help reduce the risk to those assets. If the CISO does have direct access to those assets, it's a bad architectural design. That's today's #CyberSunday topic. Want to reach out to the host? Email us at podcast@houstonseccon.com Hosted By: Michael Farnum Editing By: Lauren Lynch Keep up with HOU.SEC....

Show more...

All content for CyberSunday is the property of Michael Farnum and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

CISOs are typically not the owner of their organization's most critical (or even non-critical) assets and data. There are usually business unit leaders assigned to that, and the CISO's role is to help reduce the risk to those assets. If the CISO does have direct access to those assets, it's a bad architectural design. That's today's #CyberSunday topic. Want to reach out to the host? Email us at podcast@houstonseccon.com Hosted By: Michael Farnum Editing By: Lauren Lynch Keep up with HOU.SEC....

Show more...

Episodes (20/53)

CyberSunday

CISOs and Data Access

CISOs are typically not the owner of their organization's most critical (or even non-critical) assets and data. There are usually business unit leaders assigned to that, and the CISO's role is to help reduce the risk to those assets. If the CISO does have direct access to those assets, it's a bad architectural design. That's today's #CyberSunday topic. Want to reach out to the host? Email us at podcast@houstonseccon.com Hosted By: Michael Farnum Editing By: Lauren Lynch Keep up with HOU.SEC....

1 year ago

5 minutes

CyberSunday

Security conferences and events are often built with a certain audience in mind. Some are for a a general audience, and others are focused on the CISO. But if an event has a focus on the CISO, it should be for a good reason. I discuss some of those reasons in today's #CyberSunday. Things Mentioned: https://www.linkedin.com/posts/kane-n_its-sad-to-see-many-security-events-these-activity-7209360322237800448-eiiE?utm_source=share&utm_medium=member_desktophttps://www.execseccon.com/Wan...

1 year ago

5 minutes

CyberSunday

Practicing Tabletop Exercises

Does practice make perfect? Probably not perfect, but it does make you better. That also applies when performing tabletop exercises. But is it feasible to practice as much as you SHOULD when everyone has other jobs to do? That's what Michael is talking about in today's #CyberSunday. Things Mentioned: · Peter Sacawaker’s LinkedIn Post - https://www.linkedin.com/feed/update/urn:li:activity:7207171692832432128/ · Clint Bodungen’s tabletop company - https:/...

1 year ago

5 minutes

CyberSunday

Cybersecurity Mentorship

In mentorship, it's often thought that the mentor is doing the teaching and the mentee is doing the learning. But mentors should also be open to and seek out lessons that they can take from the mentee. In this #CyberSunday, I talk about how tenured #cybersecurity professionals can learn about new tech and new concepts from those who are newer to the field but have other experiences. Things Mentioned: HSC User Group - https://www.hscusergroup.com/Want to reach out to the host? Email us at podc...

1 year ago

5 minutes

CyberSunday

The 2024 RSA Security Conference is here. While I am not going this year, I do want to give a few professional networking pointers for folks who are going, especially if you are a new conference attendee. These conference habits have helped me in my professional career, and I hope they help you as well. #CyberSunday #RSA2024 #securityconference #cybersecurity A quick note... I am talking about "professional networking" advice in this video, but I mentioned Jennifer Leggio's article in Secur...

1 year ago

5 minutes

CyberSunday

Cyclical Attack Methods

Attack vectors and methods tend to by cyclical, meaning attackers will come back to see if old tricks will yield new results. I talk about one such attack vector that might be coming back in style... with a slight twist. Want to reach out to the host? Email us at podcast@houstonseccon.com Hosted By: Michael Farnum Editing By: Lauren Lynch Keep up with HOU.SEC.CON · LinkedIn · Twitter · Facebook · Instagram Check o...

1 year ago

5 minutes

CyberSunday

SIEM (Security Incident and Event Management) has been a round a long time. But there are some recent trends and new vendors that are creating fresh ways to implement and operationalize SIEM. I'm discussing a couple of the larger SIEM and security operations trends on today's #CyberSunday. Want to reach out to the host? Email us at podcast@houstonseccon.com Hosted By: Michael Farnum Editing By: Lauren Lynch Keep up with HOU.SEC.CON · LinkedIn · Tw...

1 year ago

5 minutes

CyberSunday

Cybersecurity Trends

How can you tell if a new #cybersecurity concept (think Zero Trust) in cybersecurity is a just a flash in the pan or a valuable idea that can be utilized in your program? In this #CyberSunday, I talk about an unusual method for being able to potentially tell the difference. Want to reach out to the host? Email us at podcast@houstonseccon.com Hosted By: Michael Farnum Editing By: Lauren Lynch Keep up with HOU.SEC.CON · LinkedIn · Twi...

1 year ago

5 minutes

CyberSunday

New Tools and Tech

There is a lot of fear of the security implications about AI and other new and/or improved technologies. And while some fear is healthy, we also can't let it keep us from thinking about uses for that same tech to improve security. Let's talk about it in this #CyberSunday. Want to reach out to the host? Email us at podcast@houstonseccon.com Hosted By: Michael Farnum Editing By: Lauren Lynch Keep up with HOU.SEC.CON · LinkedIn · Twitter · &nb...

1 year ago

5 minutes

CyberSunday

Configuration Management

Michael talked about security control monitoring a few weeks ago. In this #CyberSunday, he is digging in a bit around an essential part of control monitoring: configuration management/monitoring. What is config management/monitoring, what do you need to do before you can even start monitoring and managing configs, etc. Want to reach out to the host? Email us at podcast@houstonseccon.com Hosted By: Michael Farnum Editing By: Lauren Lynch Keep up with HOU.SEC.CON ·&nbs...

1 year ago

5 minutes

CyberSunday

There is a lot of talk and advice on social media, blogs, etc. about the Cybersecurity job market. There's no doubt it's a tough market right now, but does that mean you should stay away? Here's my opinion on the topic and some quick advice of my own for experienced cyber folks who are having trouble getting interviews. Things Mentioned: https://www.linkedin.com/feed/update/urn:li:activity:7174160450119467008/?updateEntityUrn=urn%3Ali%3Afs_feedUpdate%3A%28V2%2Curn%3Ali%3Aactivity%3A7174160450...

1 year ago

5 minutes

CyberSunday

Communication vs. Technology

An X/Twitter thread about technology vs communication in #cybersecurity inspired today's video. Which one do you think is more important or more difficult? Watch today's #CyberSunday to get Michael's opinion. Things Mentioned: https://x.com/mikepsecuritee/status/1760299590337622309?s=20 Want to reach out to the host? Email us at podcast@houstonseccon.com Hosted By: Michael Farnum Editing By: Lauren Lynch Keep up with HOU.SEC.CON · LinkedIn · Twitter ·&n...

1 year ago

5 minutes

CyberSunday

Control Monitoring

Today's #CyberSunday is about monitoring controls regularly (as opposed to a point-in-time assessment). Michael gets into some methods of monitoring and what you should monitor them against (hint: monitoring is NOT just technical). Want to reach out to the host? Email us at podcast@houstonseccon.com Hosted By: Michael Farnum Editing By: Lauren Lynch Keep up with HOU.SEC.CON · LinkedIn · Twitter · Facebook · Instag...

1 year ago

4 minutes

CyberSunday

Many of us were affected by the cell carrier outage last week. Some initial explanations have come out, but are those explanations plausible? And is a #cyberattack just - or more - plausible than the explanation that AT&T gave? On today's #cybersunday, Michael talks about the outage, the explanations both given and imagined, and some ideas on what lessons we should learn from the outage. Want to reach out to the host? Email us at podcast@houstonseccon.com Hosted By: Michael Farnum E...

1 year ago

5 minutes

CyberSunday

Indecision and apathy from alert fatigue are big issues in #cybersecurity. But have you thought about how FUD marketing can cause some of the same problems? And it's not just vendors throwing the FUD. In today's cybersunday, Michael talks about the issues with FUD and how you need to watch out for it from some unusual sources. Things Mentioned: https://www.securityweek.com/beyond-the-hype-questioning-fud-in-cybersecurity-marketing/https://brothke.medium.com/the-big-lie-of-millions-of-in...

1 year ago

6 minutes

CyberSunday

It's #cybersunday, and it's also time for the Big Game (can't use the real name because reasons). Michael is a big American Football fan, so he's getting into #cybersecurity football analogies. But he's also trying to dig a little deeper and staying away from some obvious analogies. Let us know what you think about them! Want to reach out to the host? Email us at podcast@houstonseccon.com Hosted By: Michael Farnum Editing By: Lauren Lynch Keep up with HOU.SEC.CON · LinkedI...

1 year ago

5 minutes

CyberSunday

Coverage Analogy

Michael is in the snow in Michigan to record today's Cyber Sunday. The cold weather and road conditions inspire a cybersecurity analogy around making decisions and determining priorities for your security program. Want to reach out to the host? Email us at podcast@houstonseccon.com Hosted By: Michael Farnum Editing By: Lauren Lynch Keep up with HOU.SEC.CON · LinkedIn · Twitter · Facebook · Instagram Check out our ...

1 year ago

5 minutes

CyberSunday

Michael is wrapping up his Risk Management/Assessment series on today's #CyberSunday. His two points today are around risk assessment frameworks and a caution about GRC tools. We hope you enjoyed the series! If there's anything you'd like to see Michael cover in future videos, let us know! Want to reach out to the host? Email us at podcast@houstonseccon.com Hosted By: Michael Farnum Editing By: Lauren Lynch Keep up with HOU.SEC.CON · LinkedIn · Tw...

1 year ago

5 minutes

CyberSunday

Risk Avoidance vs. Risk Mitigation

Michael tells a story from his professional past explaining some of the differences between Risk Mitigation and Risk Avoidance. The scenario on today's #CyberSunday runs through some of the reasons and calculations that went into the decision leadership made between fixing the risk or avoiding it. Want to reach out to the host? Email us at podcast@houstonseccon.com Hosted By: Michael Farnum Editing By: Lauren Lynch Keep up with HOU.SEC.CON · Houstonsecco...

1 year ago

5 minutes

CyberSunday

Last #CyberSunday of 2023!

2024 is almost here, and that means a special end-of-year CyberSunday to close out the year. Today, Michael is talking about three topics that warrant special consideration for enterprise security programs in the new year. Listen in and tell us what you think! Want to reach out to the host? Email us at podcast@houstonseccon.com Hosted By: Michael Farnum Editing By: Lauren Lynch Keep up with HOU.SEC.CON · Houstonseccon.com · Li...

1 year ago

5 minutes