loader from loading.io

Cloud Security Part 2

CISO Dojo Podcast

Release Date: 05/04/2021

Harshil Parikh of Tromzo Discusses Application Security show art Harshil Parikh of Tromzo Discusses Application Security

CISO Dojo Podcast

 Harshil Parikh, CEO of Tromzo, discusses application and how to eliminate developer/security friction by using context to sort through the noise and empower developers to fix what matters. Find Harshil online at:  

info_outline
Being a One Person Football Team and Breaking into Security show art Being a One Person Football Team and Breaking into Security

CISO Dojo Podcast

Tanner James started his career in IT after graduating with an MIS degree from OU in 2016. Since then, Tanner has worked for a telecommunications consulting firm and is currently employed as the IT manager for LuGreg Trucking. At this point in his career, he is wanting to develop his security skillset to take on a role in information security. When he isn’t working with technology, he enjoys lots of time outdoors with his family.     You can find Tanner James online at:      This episode is sponsored by AntiCrysys When you need post breach crisis management...

info_outline
From Factory Work to CISO show art From Factory Work to CISO

CISO Dojo Podcast

Russell Eubanks started shares his story about transitioning from factory work, breaking into information security, becoming a CISO, and starting his own consulting practice. Russell shares some good advice, guidance, and tips for others looking to further their career, lead teams, and personal development in your information security career. You can find Russell Eubanks online at: https://securityeverafter.com/ SANS: LinkedIn: Twitter: https://twitter.com/russelleubanks

info_outline
Cobalt Strike, Ransomware, Supply Chain Attacks, and RiskIQ show art Cobalt Strike, Ransomware, Supply Chain Attacks, and RiskIQ

CISO Dojo Podcast

Steve Ginty Director of Threat Intelligence at RiskIQ joins us on this episode to discuss detecting risks your organization might not be aware of. Steve also talks about how RiskIQ contributes to the detection of Cobalt Strike, ransomware actor activity, supply chain attacks, and how RiskIQ can help with vendor management. Website: LinkedIn:  

info_outline
Meet Jerich Beason Chief Information SVP and Security Officer for Epiq show art Meet Jerich Beason Chief Information SVP and Security Officer for Epiq

CISO Dojo Podcast

Jerich Beason is a cyber security hobbyist turned professional who holds Bachelors and Masters degrees in Cyber Security. He has served in progressive roles at some of the most respected companies within the cyber security industry including Lockheed Martin, RSA and Deloitte where he was a trusted advisor to executives within the federal government and fortune 500 organizations. Jerich advised these companies on cyber security strategy, architecture and program development. In his most role as Deputy CISO at AECOM, he was responsible for security architecture, risk management, compliance, and...

info_outline
Meet AJ Yawn CEO and Co Founder of Bytechek show art Meet AJ Yawn CEO and Co Founder of Bytechek

CISO Dojo Podcast

AJ Yawn joins us for this episode of the CISO Dojo Podcast. AJ Yawn is a seasoned cloud security professional that possesses over a decade of senior information security experience with extensive experience managing a wide range of cybersecurity compliance assessments (SOC 2, ISO 27001, HIPAA, etc.) for a variety of SaaS, IaaS, and PaaS providers. AJ advises startups on cloud security and serves on the Board of Directors of the ISC2 Miami chapter as the Education Chair, he is also a Founding Board member of the National Association of Black Compliance and Risk Management professions, regularly...

info_outline
Risk Appetite Statements show art Risk Appetite Statements

CISO Dojo Podcast

In this episode Joe Sullivan and Stacy Dunn discuss approaches for developing a risk appetite statement and how to implement security based on the stated risk appetite.

info_outline
Fraudulent Job Applicants show art Fraudulent Job Applicants

CISO Dojo Podcast

What's the strangest thing you've encountered with a new hire? In this episode we talk about the time an evil twin with no experience managed to get an IT position and how scammers with no experience are landing multiple work from home tech jobs just to collect a paycheck until they get terminated. The rabbit hole goes even deeper with fake sites being set up as past employers and answering services attempting to make them look legitimate. We also talk about how to combat these attempts and weed out the scammers from the legitimate applicants.

info_outline
Who's Responsible for Breaches Anyways? show art Who's Responsible for Breaches Anyways?

CISO Dojo Podcast

In this episode Joe Sullivan and Stacy Dunn talk about who should be held responsible for breaches and what needs to be done to reduce consecutive breaches in an organization.

info_outline
Can I look at your iPhone Pictures? show art Can I look at your iPhone Pictures?

CISO Dojo Podcast

There's a been a lot of discussion around Apple scanning for CSAM images. Joe Sullivan and Stacy Dunn talk about the pros and cons of this and how it affects privacy of iPhone users.  

info_outline
 
More Episodes

In this episode we discuss concerns with security in the cloud that organizations need to be aware of. Moving to the cloud doesn't automatically mean it's more secure.

We'll take a look at the CIS Controls and how you can implement them in a cloud environment to better secure your networks and data.

The topics discussed in this episode are:

  1. Malware Defenses in the Cloud
  2. Limiting Network Protocol Ports and Services
  3. Cloud Security Data Recovery Capabilities
  4. Cloud Security Configurations