Reduce Cyber Risk Podcast - Cyber Security Made Simple
Shon Gerber, vCISO, CISSP, Cyber Security Consultant, Author and Entrepreneur
189 episodes
3 months ago
The digital landscape for financial institutions has forever changed with the rapid advancement of artificial intelligence and machine learning technologies. What started as simple robotic process automation has evolved into sophisticated AI systems capable of transforming everything from fraud detection to customer service - but at what security cost? Sean Gerber draws on his 20+ years of cybersecurity experience across military, corporate, and consulting roles to deliver a crucial message:...
All content for Reduce Cyber Risk Podcast - Cyber Security Made Simple is the property of Shon Gerber, vCISO, CISSP, Cyber Security Consultant, Author and Entrepreneur and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
The digital landscape for financial institutions has forever changed with the rapid advancement of artificial intelligence and machine learning technologies. What started as simple robotic process automation has evolved into sophisticated AI systems capable of transforming everything from fraud detection to customer service - but at what security cost? Sean Gerber draws on his 20+ years of cybersecurity experience across military, corporate, and consulting roles to deliver a crucial message:...
The digital landscape for financial institutions has forever changed with the rapid advancement of artificial intelligence and machine learning technologies. What started as simple robotic process automation has evolved into sophisticated AI systems capable of transforming everything from fraud detection to customer service - but at what security cost? Sean Gerber draws on his 20+ years of cybersecurity experience across military, corporate, and consulting roles to deliver a crucial message:...
The boundary between physical and cybersecurity is rapidly disappearing, creating both challenges and opportunities for security professionals across domains. This eye-opening conversation with Casey Rash from Secure Passage explores how modern physical security devices have evolved into sophisticated IoT endpoints generating valuable security data that traditional teams often lack the expertise to fully leverage. Drawing from his diverse background spanning military intelligence, fintech, l...
Unlock the secrets to safeguarding your business in today's volatile supply chain landscape. On this episode of the Reduce Cyber Risk Podcast, hosted by Shon Gerber, we take you on a journey through the intricacies of cybersecurity in supply chains. With rapid technological advancements and the rise of AI models like DeepSeek, businesses must navigate data security challenges like never before. You'll discover why countries such as Italy are limiting these AI tools and learn how to balance in...
Is your business ready to tackle the hidden vulnerabilities lurking within your software supply chains? Discover the profound impact of President Biden's recent cybersecurity executive orders and learn why third-party software is a crucial focal point for safeguarding your organization. From real-world examples to actionable insights, I navigate the complex realm of cybersecurity, especially for small and medium-sized companies operating under the CMMC framework, while addressing the looming ...
Uncover the secrets to mastering cybersecurity amidst a booming demand for IT professionals. Join me, Shon Gerber, as we tackle the thrilling landscape of tech opportunities, where U.S. tech unemployment has reached a two-year low. Discover how certifications like CompTIA can launch your career in this high-stakes field, and learn why experience is becoming more critical than formal degrees in certain roles. We also spotlight hiring trends at industry giants like Amazon and Deloitte, showing ...
From the cockpit of a B-1 bomber to the nerve centers of global cybersecurity, I, Shon Gerber, invite you to explore the thrilling transition that shaped my career and mission. Discover the unexpected parallels between flying high-stakes missions and safeguarding billion-dollar enterprises from cyber threats. This episode offers a personal narrative of my journey, highlighting my experiences on the US Air Force Red Team and the critical role these played in forging a path into the world of cy...
Ever get tangled up in the complexities of identity and access management? Tired of letting confusion rob you of effective cybersecurity strategies? Well, it's time to tune in and simplify it all! As your resident cybersecurity expert, Sean Gerber, I'll be taking the reins in this exciting journey into the heart of identity and access management. We'll tackle the big three – identity management, federated identity management, and credential management systems. Believe me when I say, by the en...
Ever wondered how to ace the CISSP Cyber exam's domain four? Or, perhaps, you're merely intrigued by the intricate world of Voiceover IP (VOIP)? Either way, this episode is packed with the insights you've been seeking! Join me, Sean Gerber, as we dissect the key protocols that VOIP uses for multimedia transmissions. Together, we'll unravel the complex intricacies of Session Initiation Protocol (SIP) messages and how sessions kick off in a VOIP implementation. You'll also gain an understanding...
Ever wish you could decrypt the mysteries of cybersecurity and ace your CISSP exam? This episode is your treasure map to success, guiding you through the labyrinthine layers of the OSI model, starting with the physical transmission of data and the crucial role of physical access controls. We also enlighten you about MAC address filtering and how it fortifies network security. As we move deeper, we unlock the secrets of encryption, digital signatures, and secure coding practices. We del...
Ready to conquer the CISSP exam? Join me, Sean Gerber, as I break down complex concepts and guide you through an in-depth exploration of threat models, including their components and the crucial role they play in identifying and mitigating potential threats. You'll not only get an understanding of the TRITE methodology and when to use STRIDE or DREAD, but also learn to pinpoint which threats in STRIDE refer to an act that modifies data or system configurations. We'll unravel the secrets of s...
Are you prepared to defend your organization from cybersecurity threats? I'm Sean Gerber, and this week I'm unraveling the intimidating world of threat modeling. Get ready to supercharge your cybersecurity knowledge as we dissect threat identification, risk assessment, and mitigation strategies. This isn't just for acing your CISSP exam, it's for becoming an indispensable security professional who can effectively safeguard your organization. We'll embark on a journey through the labyrinth of...
Are you ready to unlock the secrets of data classification and pass your CISSP exam in one go? That's right! Your host, Sean Gerber, is here to guide you through an insightful exploration into the world of data classification. From the intricacies of content-based and context-based data classification to the various stages of the information life cycle, this episode promises to be a goldmine of information. We'll dissect the appropriate levels of data classification suitable for different typ...
Are you ready to make your digital assets and information impenetrable? Well, we're here to navigate you through the maze of understanding and protecting your most valued digital treasures. This episode is packed with a wealth of knowledge, as we discuss the intricacies of information and asset protection. We highlight the vitality of data classification, and the importance of effectively training your team to attach the right labels. Your senior team needs to be on the same page with ...
Are you charged with navigating the precarious terrain of supply chain risk management? Then, prepare to sharpen your skills in this action-packed episode! I'm Sean Gerber, and I'll be guiding you through the labyrinth of supplier audits and evaluations, discussing the delicate balance between the two. We'll also delve into strategies for mitigating risk, including the benefits of outsourcing to multiple vendors and having redundant suppliers for those all-important components. But tha...
Prepare to unravel the complexities of supply chain risk management (SCRM) and gain invaluable insights that could safeguard your business from massive disruptions. We're diving into the nerve-wracking challenges of SCRM, emphasizing just how crucial it is for every business in our hyper-connected age. Learn about the nuances of this formidable task as we explore real-life scenarios that underline the dire need for security professionals to lend their expertise to those who find themselves in...
Ready to conquer the CISSP exam with confidence? Join me, Shon Gerber, in this week's CISSP Cyber Training Podcast as we tackle questions from all eight domains to give you the insights and knowledge you need for success. From understanding the purpose of a risk register to exploring the primary security concerns in a microservices architecture, this episode covers a wide range of topics to sharpen your cybersecurity prowess. We'll dive into essential concepts like data classification, state...
Ready to level up your cybersecurity career? Wondering which certifications are worth your time and investment? We've got you covered in today's episode, where we break down everything from the entry-level CompTIA A+ certification to the more advanced CISSP. Get an insider's look at the costs, study time, and areas of concentration for each of these valuable certifications. We don't just stop at CompTIA A+ - we also dive into the Networks Plus and Security Plus certifications, as well as the...
Ready to elevate your cybersecurity knowledge and pass the CISSP exam? This episode is packed with insights on software development, diving into the crucial phase of integrating security into the software development lifecycle (SDLC). We uncover the secrets of design and architecture, as well as static and dynamic application security testing (SAST and DAST) to help you identify vulnerabilities and ensure compliance with coding guidelines and policies. Plus, we explore the open-source OWASP p...
Are you ready to elevate your cybersecurity knowledge and ace that CISSP exam? Join me, Shon Gerber, as we delve deep into the often-overlooked realm of software development lifecycle and the essential security controls within the development ecosystem. We'll unpack the three key secure design principles: least privilege, fail-safe defaults, and defense in depth, helping you build a solid foundation for your cybersecurity expertise. As we continue our journey, we'll explore the critical impo...
Do you know the differences between security events and security incidents? Are you confident in your ability to protect log files from unauthorized access? Join me, your host Sean Gerber, in this week's episode of the CISSP Cyber Training Podcast as we explore domain 7 of the CISSP exam and tackle these important questions. Remember, it's all about understanding the concepts, not just memorizing the questions. I'm also excited to introduce my CISSP blueprint, a product designed to guide you...
Reduce Cyber Risk Podcast - Cyber Security Made Simple
The digital landscape for financial institutions has forever changed with the rapid advancement of artificial intelligence and machine learning technologies. What started as simple robotic process automation has evolved into sophisticated AI systems capable of transforming everything from fraud detection to customer service - but at what security cost? Sean Gerber draws on his 20+ years of cybersecurity experience across military, corporate, and consulting roles to deliver a crucial message:...
