Cyber Distortion Podcast
Welcome to the Cyber Distortion Podcast. A podcast where we cover all of today's relevant topics related to anything and everything around Cybersecurity. Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MCSE, CCA, ITIL-F and serves as a Information Security Director for a Manufacturing company.
info_outline
S3 – Episode 002 – Un-Bearably Dedicated!
04/03/2024
S3 – Episode 002 – Un-Bearably Dedicated!
EPISODE DESCRIPTION: In this episode, Kevin and Jason sit down to talk shop with Cyber-guru Phillip Wylie. Phillip is a friend and a member of the newly formed Cyber Circus network which includes other podcasters including Chris Glanden of BarCode Security as well as Kevin & Jason from the Cyber Distortion Podcast. Phillip Wylie is a well-known figure in the cybersecurity and ethical hacking community, recognized for his extensive experience and contributions to the field. Background and Expertise: Phillip has a background in penetration testing and ethical hacking. His career spans over two decades, during which he has held various roles in IT and security, including penetration tester, security engineer, and security consultant. His expertise lies in identifying and exploiting vulnerabilities in computer systems and networks to help organizations strengthen their security postures. Education and Advocacy: He is known for his efforts in cybersecurity education and advocacy, working to raise awareness about the importance of cybersecurity and sharing knowledge with aspiring cybersecurity professionals. Wylie often speaks at conferences and seminars, sharing his insights on ethical hacking, penetration testing, and cybersecurity trends. The Pwn School Project: Phillip is the founder of The Pwn School Project, an educational initiative aimed at teaching ethical hacking and cybersecurity skills to a wider audience. The project focuses on providing free or low-cost education to those interested in pursuing a career in cybersecurity, emphasizing hands-on learning and practical skills. Authorship and Thought Leadership: He has contributed to the cybersecurity community as a writer and thought leader, sharing his knowledge through articles, books, and research papers. His work often covers topics related to ethical hacking techniques, career advice for cybersecurity professionals, and the latest trends in cyber threats and defenses. Mentorship: Phillip is also known for his mentorship role in the cybersecurity community, guiding newcomers and helping them navigate the complexities of starting a career in cybersecurity. He advocates for continuous learning and ethical practices within the field. Jason Popillion is a CISSP and former CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MPCS, MCSE, CCA, ITIL-F and serves as the Information Security Director for a Manufacturing company. CITATIONS: Links to find Phillip: Web: LinkedIn: Twitter - X: YouTube: Spotify: DEFCON Meetup Groups: DC940 (Denton Texas):
/episode/index/show/cyberdistortion/id/30659643
info_outline
S3 – Episode 001 – Down the Deepfake Rabbit Hole
03/21/2024
S3 – Episode 001 – Down the Deepfake Rabbit Hole
In this episode, Kevin and Jason kick of what we expect will be our most exciting season to date. We come out of the gate like two savage wildebeests ready to devour anything in our path! Wait, that sounds extreme. Maybe it’s on that intense, but it’s LEGIT intense as we tackle a topic that only the fearless dare unpackage DEEPFAKES! In this octane fueled episode, we delve into the intricate world of deepfakes, a term that has rapidly evolved from obscure tech lingo to a hot-button issue at the intersection of technology, ethics, and reality. We give funny examples and enjoy a light-hearted segment showing how deepfakes are used for laughs, but the light-hearted fun only lasts so long. The episode takes a critical turn as we examine the darker side of deepfakes, highlighting instances where they've been used to spread misinformation, and create non-consensual explicit content. The conversation also covers the psychological and societal impacts of living in a world where seeing is no longer believing, and how our understanding of truth and reality is being challenged. "Down the Deepfake Rabbit Hole" offers a comprehensive and nuanced examination of deepfakes, encouraging listeners to ponder the profound questions they raise about innovation, authenticity, and the fabric of our digital lives. Join us for this thought-provoking journey into one of the most fascinating and controversial topics in today's digital age. Jason Popillion is a CISSP and serves as a former CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MPCS, MCSE, CCA, ITIL-F and serves as the Information Security Director for a Manufacturing company. CITATIONS CTRL_SHIFT_FACE: Their awesome channel can be found out on YouTube. Check out some of the great deepfakes they’re creating out there at AICPA Guidance: AI DEEPFAKE SCAM STORY: AI TEACHER SEX SCANDAL STORIES: TOOLS USED IN THE EPISODE INTRO: Speechify: Swapface: Envato Elements (Images): Audio (Audio):
/episode/index/show/cyberdistortion/id/30468788
info_outline
S2 - Episode 014 - Lone Star Cyber Circus - LIVE @ Hop & Sting Brewery, Grapevine, TX
12/27/2023
S2 - Episode 014 - Lone Star Cyber Circus - LIVE @ Hop & Sting Brewery, Grapevine, TX
Get ready for an electrifying evening as the "Lone Star Cyber Circus" pitches its virtual tent at the renowned Hop & Sting Brewery in Grapevine, Texas! This live podcast event, a harmonious blend of cutting-edge cyber talks and classic Texan hospitality, promises an experience like no other. As you step into the rustic yet modern ambiance of Hop & Sting Brewery, you'll be greeted by the rich aroma of craft beers, a hallmark of this beloved local establishment. The brewery's spacious interior, adorned with hints of Texan charm and cyber-themed décor, sets the perfect stage for an evening of engaging discussions and lively entertainment. The "Lone Star Cyber Circus" is more than just a podcast; it's a celebration of the digital age, wrapped in the warmth of Texan culture. Hosted by charismatic cyber experts, Chris Glanden (Barcode Security), Phillip Wylie (Phillip Wylie Show), and Kevin Pentecost & Jason Popillion (Cyber Distortion Podcast). Their discussions are a riveting blend of expert insights, humorous anecdotes, and lively banter. What makes this event truly unique is its interactive format. The live audience, a diverse mix of tech enthusiasts, local patrons, and visitors, gets to participate in Q&A sessions, offering a dynamic and inclusive experience. As the podcast rolled, guests enjoyed Hop & Sting's exquisite selection of craft beers, each brew telling its own story of local ingredients and brewing artistry. The brewery's friendly staff were more than happy to guide you through their selection, ensuring a perfect pairing for your podcast experience. Throughout the evening, the "Lone Star Cyber Circus" also features special guests - from renowned tech gurus to local cybersecurity heroes - adding depth and diversity to the conversation. These guest appearances are a crowd favorite, often leading to insightful, sometimes heated, but always entertaining discussions. The event featured experts in the area of the DFW Hacking scene: Wirefall (Dallas Hackers Association), Juneau Jones (DC214), and NEURAL PHANTOM (HackFTW), Phillip Wylie himself, represented Denton and (DC940). Following the awesome discussion on the DFW Hacker scene, we shifted into another very hot topic on AI and where it’s headed in the near future. Special guests Justin “Hutch” Hutchins, and Quentin Rhoads-Herrera stole the show with this topic. Please follow our AWESOME SPONSORS: Cyberstrike and Trace3 who made it all happen. We want to extend the most heartfelt THANK YOU to both of them for making this event possible!! As the night draws to a close, the lively atmosphere of Hop & Sting Brewery, combined with the thought-provoking content of "Lone Star Cyber Circus," leaves you with a sense of connection - to the community, the evolving digital world, and the vibrant culture of Texas. It's an experience that goes beyond a typical podcast recording, leaving you enriched, entertained, and eager for the next episode. Whether you were a tech aficionado, a beer enthusiast, or just in search of a unique night out in Grapevine, the "Lone Star Cyber Circus" at Hop & Sting Brewery was an event you didn’t want to miss. If you missed this one, follow us on Twitter for more information about the next live Cyber Circus event! We had so much fun, we can’t wait for the next one!! Join us for an evening where the cyber world and Texas charm collide, creating an unforgettable podcast experience! 🍻🎪 CITATIONS: CyberStrike: Trace3: Barcode Security: Phillip Wylie Show: Cyber Distortion Podcast on Twitter: DFW Hacker Scene: Dallas Hackers Association: DC214: DC940: HackFTW: Thanks to Kiss for the amazing tune “Psycho Circus” which we used as our walk-up song at the event!
/episode/index/show/cyberdistortion/id/29240843
info_outline
S2 - Episode 013 – CISSP Success Stories with Luke Ahmed – Part II
12/21/2023
S2 - Episode 013 – CISSP Success Stories with Luke Ahmed – Part II
Description: 🎙️This is part two of our riveting two-part episode with the extraordinary Luke Ahmed. Luke, a best-selling author, CISSP instructor, and the driving force behind the immensely popular Facebook page "," brings a wealth of knowledge and passion to the table. Discover the keys to success in the realm of cybersecurity as Luke shares insights from his personal journey and experience in the field. As a CISSP (Certified Information Systems Security Professional) instructor, he's not just a teacher; he's a mentor who has personally guided over 3300 aspiring CISSPs to success in their exams. 🔒 What to Expect: Insider Tips for CISSP Success: Uncover the strategies and study techniques that have proven effective for thousands of CISSP candidates. Luke spills the secrets that go beyond the textbooks. Navigating the CISSP Landscape: The CISSP certification is no small feat, and Luke Ahmed breaks down the complexities, offering guidance on how to tackle the exam with confidence. The Evolution of Cybersecurity: Get a front-row seat to the ever-evolving world of cybersecurity. Luke shares his thoughts on emerging trends, threats, and the skills that professionals need to stay ahead in this dynamic field. Luke's Best-Selling Insights: As a best-selling author, Luke brings a unique perspective to the podcast. Explore the pages of his books and gain access to the wisdom that has resonated with cybersecurity enthusiasts worldwide. Get to know that “Mindset” that you MUST unlock to pass the ISC2 exam. LOTS of Fun: We lighten things up a bit towards the end of the episodes to finish on a light-hearted note! 🚀 Why You Should Tune In: Whether you're a seasoned cybersecurity professional or just starting your journey, this episode is a must-listen. Luke Ahmed's expertise and genuine passion for cybersecurity make for a captivating conversation that promises to inspire, educate, and empower. Don't miss out on this opportunity to tap into the mind of a CISSP guru and glean valuable insights that could shape your own path in the world of cybersecurity. Get ready to level up your cybersecurity knowledge and skills with Luke Ahmed on this exciting two-part episode of the Cyber Distortion Podcast! 👉 Connect with Luke: LinkedIn: Facebook: Website: 🎧 Subscribe and Share: 🔗 Twitter: @DistortionCyber 🔗 Blog: cyberdistortion.com 🔗 SWAG Shop: 🔗 Additional Resources: Look for our audio podcasts on all major streaming platforms as well 🎉 Join the Conversation: Share your thoughts, questions, and key takeaways from this episode on social media using the hashtag #CybersecurityMastermind. We can't wait to hear from you! Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MPCS, MCSE, CCA, ITIL-F and serves as a Information Security Director for a Manufacturing company. Citations: KC7 Training for Cybersecurity Professionals - KC7 is a new way to learn cybersecurity that’s hands-on, fun, and engaging. With KC7, you’ll learn key cybersecurity skills while getting practical experience that feels just like the real job. HUD Graphic for CISSP Tips – Credit https://pngtree.com/freepng/futuristic-lower-third-sci-fi-design-template-for-channel-news-information-call-box-bars-and-modern-digital-info-boxes-element-of-hud-interface-callouts-vector-illustration_8186961.html'>png image from pngtree.com
/episode/index/show/cyberdistortion/id/29182458
info_outline
S2 - Episode 012 – CISSP Success Stories with Luke Ahmed – Part I
11/30/2023
S2 - Episode 012 – CISSP Success Stories with Luke Ahmed – Part I
In this riveting two-part episode, join us as we dive deep into the world of cybersecurity with the extraordinary Luke Ahmed. Luke, a best-selling author, CISSP instructor, and the driving force behind the immensely popular Facebook page "," brings a wealth of knowledge and passion to the table. Discover the keys to success in the realm of cybersecurity as Luke shares insights from his personal journey and experience in the field. As a CISSP (Certified Information Systems Security Professional) instructor, he's not just a teacher; he's a mentor who has personally guided over 3300 aspiring CISSPs to success in their exams. 🔒 What to Expect: Insider Tips for CISSP Success: Uncover the strategies and study techniques that have proven effective for thousands of CISSP candidates. Luke spills the secrets that go beyond the textbooks. Navigating the CISSP Landscape: The CISSP certification is no small feat, and Luke Ahmed breaks down the complexities, offering guidance on how to tackle the exam with confidence. The Evolution of Cybersecurity: Get a front-row seat to the ever-evolving world of cybersecurity. Luke shares his thoughts on emerging trends, threats, and the skills that professionals need to stay ahead in this dynamic field. Luke's Best-Selling Insights: As a best-selling author, Luke brings a unique perspective to the podcast. Explore the pages of his books and gain access to the wisdom that has resonated with cybersecurity enthusiasts worldwide. Get to know that “Mindset” that you MUST unlock to pass the ISC2 exam. LOTS of Fun: We lighten things up a bit towards the end of the episodes to finish on a light-hearted note! 🚀 Why You Should Tune In: Whether you're a seasoned cybersecurity professional or just starting your journey, this episode is a must-listen. Luke Ahmed's expertise and genuine passion for cybersecurity make for a captivating conversation that promises to inspire, educate, and empower. Don't miss out on this opportunity to tap into the mind of a CISSP guru and glean valuable insights that could shape your own path in the world of cybersecurity. Get ready to level up your cybersecurity knowledge and skills with Luke Ahmed on this exciting two-part episode of the Cyber Distortion Podcast! 👉 Connect with Luke: LinkedIn: Facebook: Website: 🎧 Subscribe and Share: 🔗 Twitter: @DistortionCyber 🔗 Blog: cyberdistortion.com 🔗 SWAG Shop: 🔗 Additional Resources: Look for our audio podcasts on all major streaming platforms as well 🎉 Join the Conversation: Share your thoughts, questions, and key takeaways from this episode on social media using the hashtag #CybersecurityMastermind. We can't wait to hear from you! Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MPCS, MCSE, CCA, ITIL-F and serves as a Information Security Director for a Manufacturing company. Citations: KC7 Training for Cybersecurity Professionals - KC7 is a new way to learn cybersecurity that’s hands-on, fun, and engaging. With KC7, you’ll learn key cybersecurity skills while getting practical experience that feels just like the real job.
/episode/index/show/cyberdistortion/id/28854848
info_outline
S2 - Episode 011 – “Cybersecurity Happy Hour - with Chris Glanden (BARCODE Security)”
10/11/2023
S2 - Episode 011 – “Cybersecurity Happy Hour - with Chris Glanden (BARCODE Security)”
In this episode, Kevin and Jason shoot the breeze with fellow Cybersecurity podcaster Chris Glanden, a veteran cybersecurity professional passionate about Security Systems, breakthroughs, vulnerabilities, their mitigation and risk management. Chris has interviewed some of the most high-profile influencers and specialists in technology, hacking, and cyberspace. His episodes include guests like Phillip Wylie, Freaky Clown (FC), Jack Rhysider from Darknet Diaries, Alyssa Miller, Gummo, and Magda Chelly to name a few!! Conceptualized in mid-2020 amongst the Covid pandemic, he designed BARCODE to become THE alternative way to continue the social and educational elements of cybersecurity happy hours, technical meet-ups and security conference peer interaction that our industry was so deprived of during that time. Often, this is where new ideas and innovation is spawned, and not confined within 4 conference walls. Enter a no pressure atmosphere where listeners gain knowledge direct from the industry’s elite. Chris is working on an amazing documentary project called INHUMAN and Chris is bootstrapping everything, which is tough. If people want to find out more about what they’re doing, is the website with crowdfunding information and sponsorship opportunities. The documentary will be all about AI and we spill lots of juicy details in this episode. We really hope you like this episode as much as we enjoyed putting it together and spending time with our man, Chris! Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MPCS, MCSE, CCA, ITIL-F and serves as a Information Security Director for a Manufacturing company. CITATIONS THE BARCODE PODCAST: Chris’ Badass Podcast page can be found here: BARCODE at Barcode Episode (Live from Las Vegas) with Special Guest “Freaky Clown:” Chris’ LinkedIn page: Twitter: THE DOCUMENTARY: Information about Chris’ Upcoming Documentary entitled “InHuman”: INHUMAN Trailer: Chris’ Partner Filmmaker and Cybersecurity Guru - MORE ON FREAKY CLOWN (FC): Freaky Clown’s Website: Freaky Clowns Book on Amazon “” CHRIS’ INTERVIEW WITH BLACK HAT HACKER GUMMO: Barcode Podcast Episode 53: MORE ON GUMMO: Black Hat Hacker “Gummo’s” story on Soft White Underbelly on YouTube: Image Credits: Caesars Palace - Photo by on MGM Photo - Photo by on Laptop Image - Photo by on Looking to Start Your Career in IT? Check out CompTIA as a great entry point into an IT career if you’re interested in a certification:
/episode/index/show/cyberdistortion/id/28293068
info_outline
S2 - Episode 010 – Quantum Branding: Turbocharge your Identity with AI
09/07/2023
S2 - Episode 010 – Quantum Branding: Turbocharge your Identity with AI
In this unconventional episode, Kevin and Jason are thrilled to welcome a true branding and growth specialist, Larry Roberts, famously known as the "Red Hat Guy." Larry brings a wealth of experience and knowledge in harnessing the power of AI tools to supercharge brand growth and visibility. 🔴 Meet Larry Roberts - The 'Red Hat Guy' 🔴 Larry Roberts has made a name for himself in the world of branding and marketing with his unique approach to using AI-driven strategies. As a seasoned expert in the field, he has successfully leveraged cutting-edge technology to help businesses and influencers thrive in the digital age. 🧠 Unlocking the Potential of AI 🤖 In this insightful conversation, Larry dives deep into the world of artificial intelligence and its transformative impact on branding. Discover how AI can revolutionize your marketing efforts, streamline your processes, and propel your brand to new heights. While this episode isn’t strictly focused on cybersecurity…Never fear. We do sprinkle in a little cybersecurity flavor for you as well! 🚀 Key Takeaways: 🌟 How AI is reshaping the landscape of brand growth. Practical tips for implementing AI in your branding strategy. Real-world success stories from Larry's experience. Real-world failures that also lead to growth. Karl Childers from Slingblade makes a surprise visit. The future of AI in marketing and brand management. 🎧 Tune In and Stay Informed! 📡 Don't miss this chance to gain invaluable insights from one of the industry's leading experts. Whether you're a seasoned marketer or just starting your branding journey, this episode is packed with actionable advice and inspiration. 👥 Connect with Larry Roberts 👥 Connect with Larry and stay updated on his latest insights: Twitter: @iamlarryroberts LinkedIn: Larry Roberts Instagram: thelarryroberts 🔗 Episode Links and Resources 🔗 🎉 Join the Conversation! 🎉 Share your thoughts and questions in the comments section below. What's your perspective on AI's role in branding and growth? Let's discuss! 🎯 Subscribe to Cyber Distortion Podcast 🎯 Never miss an episode! Subscribe now and stay informed about the latest trends, strategies, and expert insights in the world of cybersecurity and digital transformation. We really hope you like this episode as much as we enjoyed putting it together! Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MPCS, MCSE, CCA, ITIL-F and serves as a Information Security Director for a Manufacturing company. CITATIONS AI Tools to consider: o - AI Chatbot for Humanlike Conversational Dialog o - AI Chatbot for Humanlike Conversational Dialog o - Text to Image Generation o - Generative Voice AI o - Text to Speech Larry’s Favorite Podcasts: o Jocko Podcast o Extreme Ownership Book – Jocko Willink and Leif Babin o o Smartless Podcast (Jason Bateman, Sean Hayes, and Will Arnett) o HBO Max 6-part series o Gary Vee Audio Experience - Podfest Expo: Where to find Larry: @TheLarryRoberts o Instagram o Facebook o LinkedIn Jamie Gravitt Comedy: Jamie Gravitt Image Credit: Sam Brand Photography
/episode/index/show/cyberdistortion/id/27968145
info_outline
S2 - Episode 009 – DEFCON – An Exhaustive Guide to Hacker Summer Camp – (with Dr. Louis DeWeaver)
08/04/2023
S2 - Episode 009 – DEFCON – An Exhaustive Guide to Hacker Summer Camp – (with Dr. Louis DeWeaver)
This very special episode is our contribution to all existing or soon-to-be DEFCON attendees! We go deep under the covers to crack the shell of all things Hacker Summer Camp in this definitive, ALL YOU NEED TO KNOW, and truly exhaustive guide. We join forces with our good friend, who we met at Hacker Summer Camp, Dr. Louis DeWeaver. Louis is a former professor and a seasoned cybersecurity expert who brings years of knowledge and many trips to DEFCON to this conversation. His upbeat personality is one of a kind! We like to say that Louis could definitely sell ice cubes to Eskimos! We start out with a brief history of DEFCON, talk about the basics on venue, cost, and of course the backstory on how founder Jeff Moss (a.k.a. Dark Tangent) started the largest hacker conference on the planet. Then, we round out this information packed episode with a definitive guide of the most important things you’re going to WANT to know if you plant to head to the dessert to join in the fun. We really hope you like this episode as much as we enjoyed putting it together! Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MPCS, MCSE, CCA, ITIL-F and serves as a Information Security Director for a Manufacturing company. DOWNLOADS: The Official DECFON webpage: DEFCON on Twitter: The Official DC Documentary: OTHER CONFERENCES IN VEGAS THE WEEK OF HACKER SUMMER CAMP: BLACKHAT USA CONFERENCE: B-Sides Las Vegas: Squadcon: So, you want to BLOW SOME SHIT UP? Did you say “PARTIES?” – Find all the hopping social events in one spot: Look for their Google Calendar on the Twitter page! OH, you still want MORE?
/episode/index/show/cyberdistortion/id/27655665
info_outline
S2 - Episode 008 – Fighting Acronym Fatigue – Part II with Dr. Aaron Estes (CEO - Ironwood Cyber)
07/22/2023
S2 - Episode 008 – Fighting Acronym Fatigue – Part II with Dr. Aaron Estes (CEO - Ironwood Cyber)
In this follow-up episode, we are honored to continue our spirited discussion with (Dr. Aaron Estes – Ironwood Cyber CEO “Chief Epic Officer”) on with us to talk all about his company Ironwood Cyber, and some of the cool things they’re doing over there. Ever since we met the Ironwood Cyber team based out of Ft. Worth Texas, we knew we had a solid professional passion and connection and we shared MANY similar interests. The Ironwood Cyber team is a strong group of Engineers originally founded by not one, but TWO Lockheed Martin Fellows respected for their incredible skillsets. Aaron Estes and Ethan Puchaty. Lockheed Martin Fellowship represents less than 1% of the best technical Engineers the company has to offer and their backgrounds are quite impressive having worked for a company engineering some of the best technology the US Department of Defense has to offer. After leaving Lockheed Martin to start their own Cybersecurity firm (Ironwood Cyber), the company has continued its tradition of developing amazing technology with such out of the box concepts that their endpoint protection solutions boast 3 patents. Focusing on side-channel analysis, they’re quickly becoming a major player in the world of cybersecurity. This is part two of a two-part podcast episode, where we spend more time talking about their first electronic SWAG badge created in 2022 for DEFCON 30. We’ll be looking at some teasers and talking to Aaron about what fun and interesting things they’re doing for DEFCON 31. There may even be a few hints about the 2023 badge in the second part of this awesome conversation. I guess you’ll just have to wait and see!! The biggest hint of all….THERE IS! Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MPCS, MCSE, CCA, ITIL-F and serves as a Information Security Director for a Manufacturing company. DOWNLOADS: Find out More about IRONWOOD CYBER: CYBER RX: FIRETHORN: Ironwood on Twitter: BLACKHAT USA CONFERENCE: DEFCON HACKER CONFERENCE: The Official DC Documentary:
/episode/index/show/cyberdistortion/id/27537078
info_outline
S2 - Episode 007 – Fighting Acronym Fatigue – Part I with Dr. Aaron Estes (CEO - Ironwood Cyber)
07/13/2023
S2 - Episode 007 – Fighting Acronym Fatigue – Part I with Dr. Aaron Estes (CEO - Ironwood Cyber)
In this episode, we are honored to have one of these amazing gentlemen (Dr. Aaron Estes – Ironwood Cyber CEO “Chief Epic Officer”) on with us to talk all about his company Ironwood Cyber, and some of the cool things they’re doing over there. Ever since we met the Ironwood Cyber team based out of Ft. Worth Texas, we knew we had a solid professional passion and connection and we shared MANY similar interests. The Ironwood Cyber team is a strong group of Engineers originally founded by not one, but TWO Lockheed Martin Fellows respected for their incredible skillsets. Aaron Estes and Ethan Puchaty. Lockheed Martin Fellowship represents less than 1% of the best technical Engineers the company has to offer and their backgrounds are quite impressive having worked for a company engineering some of the best technology the US Department of Defense has to offer. After leaving Lockheed Martin to start their own Cybersecurity firm (Ironwood Cyber), the company has continued its tradition of developing amazing technology with such out of the box concepts that their endpoint protection solutions boast 3 patents. Focusing on side-channel analysis, they’re quickly becoming a major player in the world of cybersecurity. The conversation flowed so well, in fact, that we ended up breaking this awesome episode into two parts. The first focusing on the Ironwood origin story, and their technology and the team. Then, in about a week, we’ll be dropping part two, where we spend more time talking about their first electronic SWAG badge created in 2022 for DEFCON 30. We’ll be looking at some teasers and talking to Aaron about what fun and interesting things they’re doing for DEFCON 31. There may even be a few hints about the 2023 badge in the second part of this awesome conversation. I guess you’ll just have to wait and see!! Jason Popillion is a CISSP and serves as a Director of Automotive Aftermarket of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MPCS, MCSE, CCA, ITIL-F and serves as a Information Security Director for a Manufacturing company. DOWNLOADS: Find out More about IRONWOOD CYBER: CYBER RX: FIRETHORN: Ironwood on Twitter: BLACKHAT USA CONFERENCE: DEFCON HACKER CONFERENCE: The Official DC Documentary:
/episode/index/show/cyberdistortion/id/27458391
info_outline
S2 - Episode 006 – You ARE the Weakest link!
06/07/2023
S2 - Episode 006 – You ARE the Weakest link!
A long time in the making, this episode on the importance of User Awareness may just be the most important episode we’ve released so far. Kevin Pentecost and Jason Popillion are security veterans and Certified Information Systems Security Professionals (CISSPs) who know their way around a good User Awareness Training program having personally trained in classroom led environments as well as fostered and matured their own corporate training programs over their years as Cybersecurity managers. Join us as the duo delve into the critical topic of Cybersecurity User Awareness. With their wealth of experience, they provided invaluable insights and practical advice on how individuals can protect themselves against evolving cyber threats. They emphasize that user awareness plays a pivotal role in defending against cyber threats. They highlight the fact that attackers often exploit human vulnerabilities and trick individuals into compromising their own security. By enhancing user awareness, people can become more proactive in recognizing and responding to potential threats. A key role is understanding that just like every technical control, YOU are a critical layer of defense both in your personal life, and in your corporate environment. We take a look at the prevalence of social engineering attacks, which manipulate human psychology to deceive individuals into divulging sensitive information or performing harmful actions. We explain common tactics such as phishing emails, vishing calls, targeting spear phishing, CEO Spoofing, and many other non-email related social engineering tactics. To counter these threats, they recommend adopting a skeptical mindset, scrutinizing unexpected communications, and verifying the authenticity of requests before taking any action. Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MPCS, MCSE, CCA, ITIL-F and serves as a Information Security Director for a Manufacturing company. DOWNLOADS: PRINT and HANG this on your Wall: CyberDistortion Blog: CyberDistortion Swag Shop:
/episode/index/show/cyberdistortion/id/27071151
info_outline
S2 - Episode 005 – Third Party Risk – It’s not Me, It’s You!
04/27/2023
S2 - Episode 005 – Third Party Risk – It’s not Me, It’s You!
HE’S BAAAAAAACK!! In this episode, we RE-visit with our very first guest, Benjamin Hall. Ben has served as a virtual CISO, and serves as Sr. Information Security Consultant at Heartland Business Systems. With experience in Governance, Risk, and Compliance, Ben has worked in several industries including Banking, Finance, Insurance, and Healthcare. He is a Certified Information Systems Auditor (CISA), a Certified Data Privacy Solutions Engineer (CDPSE), and a HITRUST Certified Common Security Framework Practitioner (CCSFP). He is skilled in DR (Disaster Recovery), BC (Business Continuity), IR (Incident Response), Documentation, Risk Management, Business Development, and Information Security. To say Ben is qualified to tackle this very challenging topic is frankly, an understatement! It was our extreme pleasure to have Ben back to join us as we provide helpful tips on what YOU need to do to address third-party risk for your company. Join Kevin and Jason as they touch on some hard-hitting questions around risk and how to tackle some of the challenges that come with managing your due care and due diligence as it relates to outsourcing, and partnering with companies outside of your own 4 walls. Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MPCS, MCSE, CCA, ITIL-F and serves as a Information Security Director for a Manufacturing company. CITATIONS: Heartland Business Systems: Mark Cuban Interview with Credit-Suisse.com:
/episode/index/show/cyberdistortion/id/26671734
info_outline
S2 - Episode 004 - “AI and ChatGPT is Scary Sh*t! – Part II”
03/30/2023
S2 - Episode 004 - “AI and ChatGPT is Scary Sh*t! – Part II”
In this MUCH anticipated follow-up to our episode 003 on AI an ChatGPT, expect more mind-numbing and terrifying facts about this incredible new technology! Kevin and Jason wrap up their discussion with Justin “Hutch” Hutchins, a true pioneer in the field of AI and it’s social impact in the world of Cybersecurity and beyond. The sole purpose of this episode is to touch the topic of AI and open your mind as to how you need to be thinking about it. How might AI intermingle with the world of Cybersecurity? Is this whole thing just another over-hyped topic that will fade away in a few years, or is it here to stay? Take a seat and ride along with the boys as they delve into this topic with a true subject matter expert in the field of hacking and AI and see what he has to say. We don’t think, we KNOW this one is going to blow your mind! CITATIONS: 10 Wonderful Examples of Using Artificial Intelligence (AI) for Good: Justin’s posts and conference talks can be found here on his “Sociosploit” blog: Interested to find out more about the OpenAI ChatGPT project? Are you more interested in AI Generated Imagery?: Try out… - Midjourney AI Artwork - - Bluewillow AI Artwork - Joe Rogan interviewing Elon Musk on AI: Amazing YouTube Video from Digital Engine on AI today:
/episode/index/show/cyberdistortion/id/26398251
info_outline
S2 - Episode 003 - “AI and ChatGPT is Scary Sh*t! – Part I”
03/20/2023
S2 - Episode 003 - “AI and ChatGPT is Scary Sh*t! – Part I”
What in the world does AI and ChatGPT have to do with Cybersecurity? Well, this episode is going to answer that question for you, and so much more!! In today’s exciting episode, Jason and Kevin discuss the incredible world of AI with special guest and white hat hacker extraordinaire, Justin “Hutch” Hutchins. The sole purpose of this episode is to touch the topic of Ai and open your mind as to how you need to be thinking about it. How might AI intermingle with the world of Cybersecurity? Is this whole thing just another over-hyped topic that will fade away in a few years, or is it here to stay? Take a seat and ride along with the boys as they delve into this topic with a true subject matter expert in the field of hacking and AI and see what he has to say. We think this one might just blow your mind! CITATIONS: Justin’s posts and conference talks can be found here on his “Sociosploit” blog: Interested to find out more about the OpenAI ChatGPT project? Are you more interested in AI Generated Imagery?: Try out… - Midjourney AI Artwork - - Bluewillow AI Artwork - Joe Rogan interviewing Elon Musk on AI: Amazing YouTube Video from Digital Engine on AI today:
/episode/index/show/cyberdistortion/id/26276829
info_outline
S2 - Episode 002 – 2022 Breaches and Some Retrospection
03/03/2023
S2 - Episode 002 – 2022 Breaches and Some Retrospection
In this exciting second episode of the new season, we’re offering up a buffet of delicious options to feast your incessant little cybersecurity appetites on! BREACHES We start by spending time on 5 of the top breaches that took place in 2022, but shift into some real world thoughts and ideas on what concepts could have helped in preventing those types of breaches. FRAMEWORKS Jason and Kevin dig deep into their CISSP bag of tricks to discuss cybersecurity frameworks and do a bit of a shallow dive into NIST, and then migrate into the CIS Top 18 cyber controls for effective cyber defense. GAP ASSESSMENTS and MATURITY ASSESSMENTS The guys hit on two very important aspects of how to leverage a framework for your business, for both analyzing your security overlap and your gaps. Then, they take a look at how you can use that same framework to monitor growth and maturity over time. They use hypothetical company ‘XYZ Company’ to show real-world examples of gap matrices and maturity matrices. These types of critical elements in your security program are items that should be assessed annually or even more frequently. A LOOK AT KPIs The guys move from leveraging the frameworks into looking at KPIs (Key Performance Indicators) and how you can pull KPIs from your controls to determine if you controls are actually working for you! What good is a robust framework if you can’t measure its success? 3RD PARTY RISK Lastly, the guys take a look at the importance of 3rd-party risk and how your partners, customers, vendors, and joint ventures might play a part in your overall security posture. Not only how they play a part, but WHAT you can do to take actionable steps around 3rd party risk. This one is VERY action packed and we cover a lot of ground. Jump on the rollercoaster as we hit ALL the rides in the cyber theme park on this one! CITATIONS: All about the NIST Cyber Framework CIS Top 18 Cyber Controls Training for using the Frameworks offered by SANS YouTube Training Videos on each of the 18 Controls
/episode/index/show/cyberdistortion/id/26120883
info_outline
S2 - Episode 001 – The Dark Web Revisited
02/07/2023
S2 - Episode 001 – The Dark Web Revisited
WE ARE BACK! Happy 2023 friends… In this exciting episode of or BRAND NEW season 2, Kevin and Jason make good a promise from Season 1 where they go back and take a deep dive into the Dark Web. This time, we’re coming with a purpose! We go back to investigate and see what’s really out there and try to separate myth from reality. Have you always wondered what really exists out on the Dark Web? Do you have a curious bone just itching to go check it all out for yourself? Well, you’re in luck! In this episode, you’ll learn all about how to properly prep to take this journey for yourself. Do we actually recommend it? Listen and find out!! Find out more about the original Dark Web marketplace founded by Ross Ulbricht known as the Silk Road and other place you can still visit today. Learn how to browse the Dark Web, how it all started, and how many people actually surf the Dark Web today. Learn facts you probably didn’t know about this mysterious corner of cyberspace. Lastly, find out things you can ACTUALLY purchase on the Dark Web. You might just be surprised at some of these!! It is important to mention that no humans were trafficked, and no organs were harvested in the making of this episode! CITATIONS: How to Safely Browse the Dark Web IDEALLY…Visit the Dark Web via an isolated OS · Here are some of the most popular options: o Whonix - o Tails - (as mentioned on our episode) o Qubes - o Kali Linux - (awesome hacking tools packaged with this OS) o TrueOS - Get the Tor Browser: Use a good VPN – Here are some popular options (some offer free 30 day trials): · NordVPN - · SurfShark - · TorGuard - · Proton VPN - · IP Vanish - · Express VPN - · RusVPN - Learn about Surfing the Dark Web Online Dark Web Stats and Facts Dark Web Usage Stats
/episode/index/show/cyberdistortion/id/25855716
info_outline
S1 - Episode 014 – Women in Cybersecurity - Part II
10/18/2022
S1 - Episode 014 – Women in Cybersecurity - Part II
There is a worldwide shortage of over 3 million in the ranks of cybersecurity professionals, with half a million of that shortage in North America alone. The problem is only expected to get worse as the demand for infosec talent is expected to grow dramatically in the coming months and years. One troubling fact about this shortage of talent is that the gap could be dramatically filled if only one segment of the population were proportionately represented in the cybersecurity industry – women! Join us as Kevin, Jason, and their very special guests, Kristen Twining (Senior VP of Sales) and Madison Beane (Commercial Account Executive) from Illusive Technology as we rip the Band-Aid off the issue and expose it for what it is, a societal travesty! Gender bias is certainly part of the issue, as evidence suggests that young females, often during high school or even before that point in life have already formed preconceptions about their place in the world. Let’s face it, the world of technology is intimidating enough without the additional issues of biases. The good news is that evidence suggests that things are turning around. We have a long, long way to go to eliminate gender biases, however, we are making progress! We must all do our part to encourage the female population to join the exciting field of cybersecurity. Help us fight the good fight. WE NEED YOU! In this exciting two-part episode, join us for some fun and we talk all about how tear down some of these walls and get more women interested in this fantastic field and career path. Join us this Cybersecurity Awareness month, as we hit on many important topics and focus on WOMEN in CYBERSECURITY! CITATIONS: ISC2 Women in Cybersecurity Report Download the report here: https://www.isc2.org/research/women-in-cybersecurity Frost & Sullivan (Agents of Change: Women in the Information Security Profession) https://1c7fab3im83f5gqiow2qqs2k-wpengine.netdna-ssl.com/wp-content/uploads/2019/03/Women-in-the-Information-Security-Profession-GISWS-Subreport.pdf Cybercrime Magazine Women Know Cyber: The Documentary https://www.youtube.com/watch?v=Kpc31WJ6l2M York University School of Continuing Studies What Challenges do Women Face in Cybersecurity https://www.youtube.com/watch?v=0S7kGvug4m4 Other Great Resources: Women in Cybersecurity.org https://www.wicys.org/ Girls Who Code https://girlswhocode.com/ Women in Tech https://women-in-tech.org/ Women’s Society of Cyberjutsu (WSC) https://womenscyberjutsu.org/page/WhoAreWe WoSEC – Women of Security https://twitter.com/WoSECtweets The Diana Initiative https://www.dianainitiative.org/ Code Like a Girl https://code.likeagirl.io/tagged/cybersecurity Women in Technology https://www.womentech.net/
/episode/index/show/cyberdistortion/id/24727848
info_outline
S1 - Episode 013 – Women in Cybersecurity - Part I
10/06/2022
S1 - Episode 013 – Women in Cybersecurity - Part I
There is a worldwide shortage of over 3 million in the ranks of cybersecurity professionals, with half a million of that shortage in North America alone. The problem is only expected to get worse as the demand for infosec talent is expected to grow dramatically in the coming months and years. One troubling fact about this shortage of talent is that the gap could be dramatically filled if only one segment of the population were proportionately represented in the cybersecurity industry – women! Join us as Kevin, Jason, and their very special guests, Kristen Twining (Senior VP of Sales) and Madison Beane (Commercial Account Executive) from Illusive Technology as we rip the Band-Aid off the issue and expose it for what it is, a societal travesty! Gender bias is certainly part of the issue, as evidence suggests that young females, often during high school or even before that point in life have already formed preconceptions about their place in the world. Let’s face it, the world of technology is intimidating enough without the additional issues of biases. The good news is that evidence suggests that things are turning around. We have a long, long way to go to eliminate gender biases, however, we are making progress! We must all do our part to encourage the female population to join the exciting field of cybersecurity. Help us fight the good fight. WE NEED YOU! In this exciting two-part episode, join us for some fun and we talk all about how tear down some of these walls and get more women interested in this fantastic field and career path. Join us this Cybersecurity Awareness month, as we hit on many important topics and focus on WOMEN in CYBERSECURITY! CITATIONS: ISC2 Women in Cybersecurity Report Download the report here: Frost & Sullivan (Agents of Change: Women in the Information Security Profession) Cybercrime Magazine Women Know Cyber: The Documentary York University School of Continuing Studies What Challenges do Women Face in Cybersecurity Other Great Resources: Women in Cybersecurity.org Girls Who Code Women in Tech Women’s Society of Cyberjutsu (WSC) WoSEC – Women of Security The Diana Initiative Code Like a Girl Women in Technology
/episode/index/show/cyberdistortion/id/24610413
info_outline
S1 - Episode 012 – Unraveling the Zero Trust Mystery
08/07/2022
S1 - Episode 012 – Unraveling the Zero Trust Mystery
If you’re like many others in information security, you too may struggle with understanding the concept and basic premise of “zero trust.” Well, we have good news for you! After this episode, you can rest-assured that we intend to clear the fog over this very confusing topic. Join us as Kevin, Jason, and their very special guest, Brad Moldenhauer as they help unravel the mystery of zero trust by bring in one of the resident experts on the topic. Brad is the VP and CISO at Z-Scaler who comes with a lengthy history in many facets of dealing with risk throughout many verticals in IT. Brad is an expert in the field, and his passion for helping others is evident in this fun-filled episode. Brad is an accomplished cybersecurity leader with over 20 years experience in aligning security strategy and delivering security outcomes that balance risk with business value and IT efficiency. Throughout his career he has held roles in cybersecurity auditing, consulting, and operations management in government, healthcare and the legal industries. Prior to joining Z-Scaler, Brad was the Global Director of Information Security for Steptoe & Johnson LLP, an Am Law 100 international law firm where he developed, implemented and managed the information security program that addressed the legal business risk landscape along with geolocation and industry-specific security requirements of the firm’s global clientele. Brad is passionate about solving cybersecurity challenges that CISOs regularly deal with while balancing the impact towards employee productivity, client service, and the bottom line. Get your popcorn ready! It’s time to learn all about ZERO TRUST! This episode MIGHT** contain an easter egg on a Black Hat/DEFCON 30 SWAG drop!! **Definitely does CITATIONS: Z-Scaler Resources: Brad’s LinkedIn Page:
/episode/index/show/cyberdistortion/id/23979861
info_outline
S1 - Episode 011 – The Fine Art of Social Engineering
07/18/2022
S1 - Episode 011 – The Fine Art of Social Engineering
In this exciting episode, we cover the very fascinating topic of “Social Engineering” aka: Human Hacking! Anyone that lives in Cybersecurity knows that the weakest link in any company’s cyber defenses is sitting between the keyboard and the chair. Tonight, we talk all about how malicious actors try to take full advantage of that weakness and exploit it to steal your company or your personal data. Join us as Jason and Kevin converse with a special guest on all facets of this controversial topic. Bridget has several years of experience in the IT industry, working with IT-support before transcending into a career within pentesting. Today, she works as an ethical hacker at Orange Cyberdefense in Norway. Prior to her IT career, “Bridget” educated herself in the field of human psychology and healthcare due to her interest in understanding the human mind. She has always had an interest in cybersecurity and completed her bachelor’s degree in Cybersecurity recently at Noroff University College. Due to her interest in both the human mind and IT security, “Bridget” specializes in social engineering and Open-source investigation (OSINT). In 2020, she won an international social engineering CTF hosted by Temple University. In 2021, “Bridget” became a Certified Social Engineering Pentest Professional (SEPP) and has since dedicated her focus toward social engineering pentesting. Her hands-on experience with social engineering pentesting has prompted her to further research the topics of ethically handling people affected by the tests. It's important to mention that no Princes were harmed during the making of this episode. CITATIONS: Bridget’s DEFCON30 talk “The Aftermath of a Social Engineering Pentest. - Are we Being Ethically Responsible?” Pentest Your Users with the help of a Company Like Orange Cyberdefense: Temple University CTF Contest Links: Interested in Learning Social Engineering and Getting Certified? Social-Engineer Training Website: Black Hat & DEFCON Official Websites:
/episode/index/show/cyberdistortion/id/23771936
info_outline
S1 - Episode 010 – Doomsday Breach Prepping - 101
06/15/2022
S1 - Episode 010 – Doomsday Breach Prepping - 101
When the world comes crumbling down and your entire existence is burning to the ground, will you be prepared to handle it? What am I talking about anyway? The post-breach apocalypse, of course. What else?! You see, we have all heard it said so many times, “It’s not a matter of IF you get breached; it’s a matter of WHEN!” Well, if that is true, do you think you should be making every possible effort to get as prepared as possible ahead of time? We do! That is precisely why have handpicked the special guest for this episode. Stephen Cracknell is an Amazon best-selling author with experience in a very critical area that we know you can improve in by absorbing his wisdom. We know that, because we all can improve in this area. Stephen and his team at USM Technology are passionate about helping business leaders repel cyberattacks. They work with IT leaders across Texas to build out comprehensive incident response plans designed to ensure that the IT team, as well as the company’s leadership, work effectively during the critical first 72 hours after a cyberattack. Their focus is helping IT leaders develop a plan that brings critical business processes back online quickly, so their leadership team is not forced to pay the hacker’s ransom. Your well-designed recovery plan also avoids data loss, business downtime, irate customers as well as injury to your company’s reputation and your career. So, sit back, refill your coffee mugs, and pull up a chair. It’s time to dive into an episode we’ve titled DOOMSDAY BREACH PREPPING 101! Yee-haw! Citations: USM Technology Pentesting Services: Purchase on Amazon Find Stephen on LinkedIn: Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MCSE, CCA, ITIL-F and serves as an Information Security Director for a manufacturing company.
/episode/index/show/cyberdistortion/id/23440529
info_outline
S1 - Episode 009 – #Badgelife ft. AND!XOR
06/07/2022
S1 - Episode 009 – #Badgelife ft. AND!XOR
Electronic Blinky-Bling?!! What the heck is that?! Take a quick walk around the Las Vegas strip around mid-summer at the DEFCON Hacking/Security Conference and you’ll find out pretty darned quick! #BADGELIFE is a sub-culture of creators, hackers, programmers, and like-minded pseudo geniuses that craft some of the coolest electronic gadgetry you’re ever going to see! Imagine a sea of LEDs dancing to the music of a DJs mix, on a PCB designed to look artsy and cool. Oh, also imagine that you can hack that bad boy and play games, and set the LCD screen to your favorite animated GIF. Imagine using the latest programming languages and technologies to link hundreds of badges together on their own network of social awesomeness! That’s a fraction of what Badgelife is really all about. In this light-hearted episode, we talk with our pals Zapp and Hyr0n at AND!XOR about how they continue to set the badgelife world ablaze with their creative masterpieces every single year. It should go without saying that their work is some of the absolute best as they start planning for the next masterpiece over 18 months ahead in many cases. You can rest assured, they always have a virtual line out the door filled with people looking to string an AND!XOR PCB medallion around their necks. Why?! Because their creations are always EPIC A** Kickery! Join Cybersecurity professionals and CISSP brethren, Jason (Redeemer) and Kevin (Sabotage66) as they bring another hard-hitting and action packed episode. This one centers on all of the intricacies of this amazing sub-culture of the awesome DEFCON conference. Strap on your best hacker gear, throw on your black hoodie, or your bucket hat, and if you’ve got it, flip on your coolest blinky-bling and join us as we pick the brains of half of the AND!XOR team! Let’s get DISTORTED (in a full on Cybery kind of way)!! Helpful DEFCON websites: Official DEFCON Website: Official DEFCON SWAG: Registration for DC30: DEFCON Forums: Helpful AND!XOR websites: AND!XOR Twitter: AND!XOR YouTube: Other podcasts featuring AND!XOR: Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MCSE, CCA, ITIL-F and serves as an Information Security Director for a manufacturing company.
/episode/index/show/cyberdistortion/id/23348285
info_outline
S1 - Episode 008 – Cybersecurity Insurance Protecting Your "ASS-ets"
05/22/2022
S1 - Episode 008 – Cybersecurity Insurance Protecting Your "ASS-ets"
In this episode, Jason and Kevin join guest Ross Ingersoll, Executive Risk & Cyber Account Executive at Holmes & Murphy & Associates. We discuss the topic of cyber insurance and how being protected from today’s Cyber risks can better position your company in the event of a major breach event. If you’ve ever wondered about what Cyber Insurance covers, or what types of things you need to be considering before you even think about applying for Cyber Insurance, then this episode will hit home! In today’s Cyber climate, does your company have the risk appetite to go without the added protection of Cyber Insurance to fall back on? Ross shares his valuable insight on why YOU might want to at least consider a policy for your business. We’ll also play the “Cyber Claim Game” where we take a look at how some of today’s larger breaches played out and what other companies have paid out due to lack of preparedness. You will take away some valuable insight around this topic and several key actionable items that you can consider if you want to look into cyber insurance for your company! Lastly, you’ll discover the Key Carrier Provisions that every underwriter looks at before inking a policy. Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MCSE, CCA, ITIL-F and serves as an Information Security Director for a manufacturing company.
/episode/index/show/cyberdistortion/id/23188046
info_outline
S1 Episode 007 – The CISSP “EXPERIENCE”
05/03/2022
S1 Episode 007 – The CISSP “EXPERIENCE”
In this episode, join Jason & Kevin as they discuss the journeys they both took to obtain the coveted CISSP (Certified Information Systems Security Professional) certification from the governing body of (ISC)2. Anyone who knows ANYTHING about Cybersecurity and has aspirations of becoming a manager know that the CISSP is the most sought after certification offered. In this episode, they discuss why that is. We also discuss the various domains covered in the exam, the weightings of each domain, the exam format, and many helpful tips and tricks to help get you over the hump as you traverse your studies. We know the effort required to obtain this certification and we are familiar with the full experience, even the failure of each of our first exams. That’s a painful pill to swallow but we have some sage advice that might just help you to succeed on your next attempt. We hope that this episode is considered just one more tool to add to the virtual tool belt for all aspiring future CISSPs that are embarking on this prestigious and esteemed certification. We KNOW that you’ll find this information valuable. After all, don’t you need a light-hearted break from your books and flash cards anyway?!?! =) Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MCSE, CCA, ITIL-F and serves as an Information Security Director for a manufacturing company. CITATIONS: Matt Elliott Blog Post: A Journey Through Hell. My CISSP Experience. (ISC)2 Official Website The Pathway to Certification How to Think Like a Manager for the CISSP Exam Luke Ahmed Cybrary.IT Video Course by Kelly Handerhan – Certified Information Systems Security Professional (CISSP) Host Unknown – The Very Fine Chaps Host Unknown presents: I'm a C I Double S P (CISSP Parody) LMFAO – Yes Instrumental
/episode/index/show/cyberdistortion/id/22987397
info_outline
S1 - Episode 006 – Surviving Your First Regulatory Audit
04/14/2022
S1 - Episode 006 – Surviving Your First Regulatory Audit
In this episode, Jason & Kevin join special guest Stacie Grimm, Principal at UHY. UHY is one of the Midwest’s leading CPA, business advisory and M&A firms. They deliver a broad range of tax, accounting, consulting and investment banking capabilities to serve businesses as well as individuals. Stacie brings 15 years of experience as a seasoned auditor to the conversation in this episode. In this episode we hit Stacie with questions around all the differences around company assessments, reports, audits, certifications and frameworks! We talk about Internal versus External audits, and we land on anything and everything SOC (System and Organizational Controls) and the SOC Suite of Services, Stacie’s specialty! We learn how SOC is nothing more than a framework through which organizations can communicate relevant useful information about the effectiveness of their cybersecurity risk management program and CPAs can report on such information to meet the cybersecurity information needs to a broad range of stakeholders. By the end of the episode, you’ll know all about the differences between SOC I, SOC 2 (Type 1 and Type 2), and SOC 3 reports. NOT Audits, reports! =) Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MCSE, CCA, ITIL-F and serves as an Information Security Director for a manufacturing company.
/episode/index/show/cyberdistortion/id/22789049
info_outline
S1 - Episode 005 - API Security Land Mines
03/24/2022
S1 - Episode 005 - API Security Land Mines
In this episode, Jason and Kevin join guest Adam Fisher, Principal Security Engineer at Salt Security. We focus on a very common threat vector and component in modern web applications, the topic of API security. API security is the process of protecting APIs from attacks. Because APIs are very commonly used, and because they enable access to sensitive software functions and data, they are becoming a primary target for attackers. In this episode, we’ll look at why API security is at an all-time high on the concerns lists for companies. If it’s not on your top 5 list of concerns, it SHOULD be! APIs connect systems together everywhere and we use them every day. We discuss some of the biggest API breaches you’ve likely heard about. We also cover why we’re vulnerable but more importantly, what you can do about it! Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MCSE, CCA, ITIL-F and serves as an Information Security Director for a manufacturing company.
/episode/index/show/cyberdistortion/id/22552691
info_outline
S1 - Episode 004 - The Deep Dark Web
03/10/2022
S1 - Episode 004 - The Deep Dark Web
What is this mysterious online enigma? Maybe you’ve heard about it and wondered, “What type of craziness would I find out there?” Cybersecurity professionals and CISSP brothers, Jason and Kevin bring a hard-hitting and action packed episode centered on all of the mysteries the Dark Web has to offer. Join them as they navigate the waters of the various internet layers, the world of anonymity via the Onion Router (TOR). Finally, take a trip down the infamous Silk Road and follow it all the way to the illusive Red Room. Who knows? You may even find out the cost to go buy yourself 1000 TikTok, Instagram, or Twitter followers!! Does everything that you’ve heard of on the Dark Web even really exist? Well….maybe…just maybe, one day, they’ll take it upon themselves to go find out. That, my friends is for another episode!! Helpful websites: Citations: Chitty, T (2017, May, 26). What is the Dark Web. CNBC Explains. Nelson, T (2021, February 11). Full Documentary: Dark Web. Janson Media. VICE (2021, July 24). How to Hire a Hitman| The Business of Crime. VICE. Leyden, J (2019, October 29). Cybersecurity news and views. The Daily Swig CYBERCRIME MAGAZINE. Matthieu, C (2020, October 19). Journey from ARPANET to XRPANET. Medium.com.
/episode/index/show/cyberdistortion/id/22400753
info_outline
S1 - Episode 003 - A Manager's Perspective on Cybersecurity
02/28/2022
S1 - Episode 003 - A Manager's Perspective on Cybersecurity
Jason and Kevin join guest Eric Lough, VP of Business Development at FCP Euro to discuss how managers think and make critical decisions around Cybersecurity. Eric brings over 15 years of experience in the Automotive Aftermarket to the table. We spend the majority of the episode picking his brain on several key questions on today's challenging decisions that most managers have to make as it relates to protecting their businesses. As you'll find out in this conversation, not all of these decisions are easy! Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MCSE, CCA, ITIL-F and serves as an Information Security Director for a manufacturing company.
/episode/index/show/cyberdistortion/id/22283378
info_outline
S1 - Episode 002 - Ransomware Part II
02/22/2022
S1 - Episode 002 - Ransomware Part II
Jason and Kevin, both CISSP's and seasoned cybersecurity professionals, join guest David Bonvillain, VP of Sales Engineering for Halcyon.ai. David shares his 20+ years of experience to dive deep into Ransomware. David shares with the audience practical ways to keep yourself safe based on his years of reverse engineering malware and his deep understanding on how they are programmed to behave. He also takes on a historical review of Ransomware, where it started, how it progressed into a major business model and recent new developments discovered in the last 2 weeks on where it is going. We conclude with information you can use to track Ransomware attacks and data breaches. Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MCSE, CCA, ITIL-F and serves as a Information Security Director for a Manufacturing company.
/episode/index/show/cyberdistortion/id/22212128
info_outline
S1 - Episode 001 - Ransomware Part I
02/14/2022
S1 - Episode 001 - Ransomware Part I
Jason and Kevin, both CISSP's and seasoned cybersecurity professionals, join guest Benjamin Hall CISA, CDPSE, a cybersecurity consultant to break down key understandings of Ransomware. They share Ransomware horror stories and participate in a live simple Ransomware awareness quiz game produced by the FTC. They also discuss Senior Management buy-in and provide the audience with simple tools they can implement now so they can protect themselves and their companies. Jason Popillion is a CISSP and serves as a CIO/CTO of a SaaS company and Kevin Pentecost is a CISSP, CISM, CEH, CPT, MCSE, CCA, ITIL-F and serves as a Information Security Director for a Manufacturing company.
/episode/index/show/cyberdistortion/id/22126019