Natural events certainly have their effect on security, and this week Jesse tells us how in the aftermath of Hurricane Ida. The two most pressing components that natural events effect? Connectivity and business continuity. Jesse breaks down the importance of the two in regards to your security needs. In the news: Microsoft Azure Cloud’s security soft spot exposed, Shinyhunter Treat Group on the prowl, some new AWS security training coming in the fall, and more! Tune in for the rest!

In the age of Zoom, Google Meet, and all the other various offenders—why do our conference calls still suck? Well, this week Jesse has some insight into how even now, in 2021, sometimes our meetings can feel like an overseas Skype call in 2010. Tune in for his take! In the news: top five security issues to watch out for, attackers laucnhing assualts agains Linux in the cloud, the three biggest inovations tha thave transformed cloud security, and more!

How do you understand attacks? This week Jesse tells us. The function of software languages, and how hardware memory works are places to start. Join Jesse as he takes a look at the attacks that often result in security breaches and offers some advice on how to alleviate them. In the news: re:Inforce canceled in Houston, cue Marty Robbin’s for IBM’s Big Iron, how small healthcare is under threat from cyberattacks, and more!

Man the perimeter! This week Jesse divulges some of the latest on perimeter defense, to include recent news thats changed how its done! There is no large perimeter anymore. These days everything thats on a network is subject to security risks. Be it a phone, computer, or any other device. Tune in for how to keep your guard up! In the news: cloud security basics for CIOs and CTOs, simplify that private cloud, ransomware gangs on the prowl, and more!

for a chance to form those foundational security memories! Jesse keeps us up to date on your summer security needs as cloud-native micro services become even more complex. The key, Cloud Security Posture Management or CSPM. In the news: four factors you certainly should include in your cybersecurity strategy, 1 TB data breach cuases leaks in the world of oil, the future of FedRAMP, and more!

Building new things in the cloud can be fun! But it comes with its own difficulties. Tune in this week as Jesse discusses the different migrations strategies for moving legacy infrastructures and the forms those strategies take. In the news: What does it take to use containers? Kubernetes Cloud Clusters are under cyberattack! GitHub steps it up for Go modules, and more!

Compliance, privacy, ransomware, and DevSecOps are common topics in the realm of cybersecurity. You may notice that these themes emerge from the topics covered each week. Join Jesse as he elaborates on each topic using common definitions. In the News: Malware is being used to spy on journalists, politicians and human rights activists! How does the new Colorado Privacy Bill stack up against California and Virginia? Detecting brand impersonation is becoming easier, yet more complex. Tune in for more in this week’s episode of Meanwhile in Security.

Join Jesse as he talks about learning FOOLS, which is an entire AWS functional objection orientation language suite of tools and APIs services. The first public rollout of AWS FOOLS set the stage for AWS Infinidash, which exploded onto the internet last week. Will the AWS infinimarathon see the light of day? In the News: The Pentagon cancels JEDI contract with Microsoft, fake Amazon cloud service AWS InfiniDash quickly goes viral - tune in for more in this week’s episode of Meanwhile in Security.

Don’t get held ransom by ransomware! Remember to balance your production and your security. This week there are ways to keep it all secure across the systems. Ransomware isn’t a joke folks! Tune in to see useful ways to keep yourself secure. In the news: is cybersecurity insurances worth it? More useless laws for cybersecurity, NSA rings the warning bells on Russia, and more from security and the cloud!

In an age of fail themed YouTube compilations and memes, do we even fail gracefully anymore? If we do, or ever did, what does it mean to do so? Join Jesse this week as he ponders pontifically on the possibilities of how to do just that. Jesse asks why do we let the old systems crash and burn, instead of a gentle bow as they leave the stage? Turn in to a success compilation on the how's and why's to do so. Following on with the latest in security news: how is the world of cyber security reacting to John McAfee’s death, avoid the dangers of cloud migration, Zoom’s onslaught of security challenges in lieu of the pandemic, and much more.

The magic weaver himself, Jesse Trucks, is back at it again and this time he is going after Hollywierd and all its misinformation. Unlike in the movies (password: pencil, you’re in the clear) real hacking risks are something to be taken with a heap of salt. Its safe to say that real APTs aren’t out to get you, but if you leave your data out in the wild then you’re asking for it. Take those extra steps towards securing your information! Following on with some news: via Amazon Sidewalk Mesh Network remember, don’t confuse privacy with security. Cognyte, CVS, and Wegman’s sprout some leaks! Find some useful tips for traveling and cybersecurity in our brave new world as it begins to open up. This and more here at Meanwhile in Security! Stay tuned for more ways to keep spunky high school hackers from changing your grades!

Join Jesse as he talks about Advanced Persistent Threats, otherwise known as APTs. He touches upon the easiest way to stop worrying about APTs, why you need to secure your IAM credentials, how proper security is the balance between the needs of service delivery and data availability, how you can’t track what you don’t know you have, the rise of cloud security posture management and why you might want to experiment with it, how confidential computing is essentially encryption of data via hardware, whether you can guess Jesse’s favorite part to Biden’s executive order on cybersecurity, and more.

Join Jesse as he talks about the two types of security mindsets and why both are wrong, why you should embrace the principle of least privilege, why you’re going to get owned sooner or later if you don’t secure your credentials, why we should teach kids about cybersecurity so they don’t make dumb decisions when they’re adults, how only 17 percent of organizations are encrypting at least half of their data in the cloud, why zero trust is a horrible name for the concept of dynamic contextual authorization, and more.

Join Jesse as he talks about the critical role automation plays in security, why you need to be cautious when automating tasks, why you need to patch your Pulse Secure VPN, the M&A extravaganza going on in the cybersecurity space, why you should just let out a big sign and deploy into a zero-trust architecture today, how it’s important to know wrong behavior but even more useful to know what’s right, how cloud security breaches have officially surpassed on-prem breaches for the first time, why you should enable multi-factor authentication for cloud account access, and more.

Join Jesse as he explains why you should stop using passwords and use a password vault instead, why you should use passphrases when you have to memorize one and what those passphrases should look like, how password vaults are life-changing in remote environments, yet another reason why security teams should shift left, how cybersecurity is an arms race and why teams should implement algorithmic analysis of environments to find suspicious behavior, how there are 193 billion credential stuffing attempts each year, why you should encrypt all data in transit, and more.

Join Jesse as he explores the ins and outs of shifting left and what it means for software development, why you should begin writing code with security top of mind, why you need to check your basic permissions on things like storage and services, how things are changing and security needs to get with the times, how we all struggle to secure all the things and also to secure any of the things, how virtual keyboards can protect you against ransomware attacks, why you should make security training funny, and more.

Join Jesse as he examines the importance of infrastructure security and touches upon why it’ll take months or years before it catches up to mainstream cybersecurity, why you should never put keys or passwords into your apps in ways that expose your sensitive data, why your team should be practicing DevSecOps if you aren’t already, why you should always assume your systems are flawed and breakable, the future of nation-state hacking and cracking, how there’s a talent shortage in the security space, why it’s important to understand the way government thinks about cybersecurity and tech, and more.

Cloud security is a minefield of news that assumes the word "Security" is lurking somewhere in your job description. It doesn't have to be this way. Weekly cloud security news for people with other jobs to do. Cloud Security For Humans.

Join Jesse as he talks about how quick fixes often become de facto supported production implementations, how all changes are permanent until replaced, why you should implement hard controls if you don’t want temporary changes happening in your environment, how Jesse met Duckbill Group CEO Mike Julian, how three of the biggest companies my market capitalization are U.S. tech giants that happen to also be cloud giants, the challenge of securing non-person identities, why you should turn off instances, containers, and cloud services you’re not using, and more.

Join Jesse as he explores the wonderful world of compliance requirements and talks about why you don’t necessarily need to know the intricate details of every law and framework, some of the best security training and certifications you can get, the NIST cybersecurity framework, why password managers are great as long as you do two things, five objectives for establishing an API-first security strategy, why you need to have your critical services and all of your data in multiple availability zones and spread across multiple regions if possible, why you should always assign permissions to AWS IAM user groups, and more.