1
00:00:00,000 --> 00:00:06,560
Well, speaking of podcasts, if you had a podcast, who would you interview and why?

2
00:00:07,440 --> 00:00:13,600
I know we were discussing before we turned it on. I don't have an answer right now,

3
00:00:13,600 --> 00:00:14,880
so somebody else has to go.

4
00:00:18,000 --> 00:00:19,040
John, I think you want to go?

5
00:00:19,760 --> 00:00:21,040
Yeah, I'll go first.

6
00:00:21,040 --> 00:00:22,080
I think you have a fun one.

7
00:00:22,080 --> 00:00:32,880
Yeah, so I would definitely want to bring on my podcast Kevin Mitnick, because he has a lot of

8
00:00:32,880 --> 00:00:40,160
fun stories. He has gone to jail before and now is like a security consultant, which different

9
00:00:40,160 --> 00:00:49,520
companies are doing business with him, bringing him on different shows to talk about how to

10
00:00:49,520 --> 00:00:55,520
get themselves secured and how to secure the organization, things like that.

11
00:00:55,520 --> 00:01:02,080
So I just want to know how he started being a hacker and how he ended up in jail and something like

12
00:01:02,080 --> 00:01:11,040
that. That's awesome. Yeah, Kevin Mitnick, he writes a lot of books and John, the book that I

13
00:01:11,040 --> 00:01:16,800
was trying to find earlier is Ghost in the Wire. So that's one that I actually do own. I just

14
00:01:16,800 --> 00:01:29,680
can't find it at the moment. But I would love to interview some type of spy that's done the

15
00:01:29,680 --> 00:01:36,880
clandestine work, although I know that they can't share anything. So it would be probably a really

16
00:01:36,880 --> 00:01:44,720
boring podcast. So there is a podcast that I listened to called Layer 8 Security, or I think

17
00:01:44,720 --> 00:01:51,520
that's right, Layer 8, sorry, Eight Layer Insights, and it's all about kind of spies and that kind

18
00:01:51,520 --> 00:02:01,280
of stuff. So I really enjoy that one. I would love to do that. Otherwise, probably just some of my

19
00:02:01,280 --> 00:02:07,760
friends, right? That friends that are in the industry doing their security work and just being

20
00:02:07,760 --> 00:02:13,920
able to bounce ideas off of each other. So I've got a buddy that I was literally just texting this

21
00:02:13,920 --> 00:02:18,240
morning saying, hey, by the way, here's some Azure security stuff that you should be aware of.

22
00:02:19,040 --> 00:02:24,000
So I know he listens to this. So maybe we'll invite him on next time. So.

23
00:02:25,680 --> 00:02:31,040
Nate's like, shout out, you should definitely get on the podcast. Yeah. Or just come work for us.

24
00:02:31,040 --> 00:02:37,760
I'd rather have you work for us than just join a podcast. How about both? Yeah, both. Yeah.

25
00:02:37,760 --> 00:02:42,960
He can be on all the podcasts he wants. Exactly. You're like, you can just be one of the

26
00:02:42,960 --> 00:02:46,880
regulars now. 100%. Come work for CIT. You can be a regular on the podcast.

27
00:02:47,600 --> 00:02:57,200
CIT slash careers. Yeah. So I sorry to, I didn't remember to include this, that Kevin

28
00:02:57,200 --> 00:03:06,240
Mithnick also influenced my book. When I read his book, The Art of Invisibility. So then that

29
00:03:06,240 --> 00:03:12,480
influenced the book I wrote that is on Amazon. So I just started like gathering some ideas,

30
00:03:12,480 --> 00:03:17,760
like, okay, let me write something to help the people. It was during pandemic that I wrote

31
00:03:17,760 --> 00:03:22,640
my book and a lot of people were falling victim of cyber attack and all that.

32
00:03:24,160 --> 00:03:30,400
Yeah. So I guess maybe I could summarize both John and Isis, interview those that have inspired

33
00:03:30,400 --> 00:03:37,280
you. So if you're saying Kevin's inspired you, my friend was actually an old boss and everything

34
00:03:37,280 --> 00:03:43,280
like that who inspired me. Right. So, but again, continue just learning from those that inspire

35
00:03:43,280 --> 00:03:50,720
and helped you grow. 100%. Kelsey, did you have anyone? Did I have anyone? Well, I felt like it

36
00:03:50,720 --> 00:03:54,160
was such a wide range of like, I'd like to talk to this person, this person, I'm like, I don't even

37
00:03:54,160 --> 00:03:58,720
know if I'd be comfortable enough talking to these people or what I would ask them. But I think if

38
00:03:58,720 --> 00:04:03,680
I kept it broad, A, I want to call it a little bit of chaos. I'm just saying I already have a name

39
00:04:03,680 --> 00:04:07,840
for it. I don't know what we're talking about, but I got a name for it. But I think I'd really

40
00:04:07,840 --> 00:04:12,560
like to just talk to different creatives regardless of the field. I think that that would be so

41
00:04:12,560 --> 00:04:16,320
interesting to just talk to somebody completely different every single day. Because those are

42
00:04:16,320 --> 00:04:21,120
the type of podcasts I like to listen to as I was like, this doesn't have to do with my day to day

43
00:04:21,120 --> 00:04:26,320
necessarily. But it does cause me to look at things differently and go, oh, hey, there's no

44
00:04:26,320 --> 00:04:30,000
reason why I have to be doing it that way. Or, you know, you get those really interesting life

45
00:04:30,000 --> 00:04:34,160
stories of them going, this is the moment when I decided this is what was important to me. So

46
00:04:34,160 --> 00:04:39,840
that's my kind of North Star. I was like, oh, interesting. I'm like, you have such a life

47
00:04:39,840 --> 00:04:44,480
purpose that I don't always feel like I have. So I'm like, that would be essentially the like

48
00:04:44,480 --> 00:04:49,520
chaos of it all of being like, hey, this is our excuse to talk about anything within the realm

49
00:04:49,520 --> 00:04:55,040
of do you feel like you're creative because everybody is. So. Interesting. That's so interesting

50
00:04:55,040 --> 00:05:02,640
because I kind of went the same route. It's just so funny. I thought the first thing I thought of,

51
00:05:02,640 --> 00:05:07,760
I have an old professor who just started a podcast that is kind of that where she's like

52
00:05:07,760 --> 00:05:12,960
talking to creatives and talking to like her students or her coworkers. And I'm like,

53
00:05:13,840 --> 00:05:18,960
I would love to just sit down and talk to her again, you know, just an excuse to go back to

54
00:05:18,960 --> 00:05:25,120
those people who influenced me and just kind of see where they're at now and how they've grown and

55
00:05:25,120 --> 00:05:30,240
how they've changed. So yeah, very similar to Kelsey, just those creatives in the world.

56
00:05:31,040 --> 00:05:36,800
So interesting. We'll be co hosts. This is fine. Who's gonna be? Yes. Oh my gosh, we've got a whole

57
00:05:36,800 --> 00:05:44,160
new podcast. Awesome. I love it. Well, today on our tech for business podcast, we're talking Kelsey

58
00:05:44,160 --> 00:05:50,880
and I are joined by Nate, our director of cybersecurity and John, our sock technician.

59
00:05:50,880 --> 00:05:56,160
We're talking about learning, we're talking about growing, we're talking about specifically

60
00:05:56,160 --> 00:06:03,920
staying up to date in cybersecurity. And I want to start with me just really broad as to,

61
00:06:03,920 --> 00:06:10,000
it seems like an obvious answer, but why this topic is important and why it's so important,

62
00:06:10,000 --> 00:06:19,360
especially in cybersecurity to stay up to date. Yeah. So with cybersecurity, one of the main

63
00:06:19,360 --> 00:06:25,360
things there is it is rapidly changing, right? You know, the tech that was here last year

64
00:06:26,160 --> 00:06:33,520
is already different, right? The vulnerabilities that were there yesterday, there's already new

65
00:06:33,520 --> 00:06:39,360
ones, right? And there's items such as zero day vulnerabilities, right? These are ones that are

66
00:06:39,360 --> 00:06:45,680
actively being exploited by a threat actor, and there's no patch available for it. So how do you

67
00:06:45,680 --> 00:06:52,720
start protecting networks, right? There's the market, especially in cybersecurity is shifting

68
00:06:52,720 --> 00:06:58,800
so rapidly, right? We see a vendor that's here today and they get acquired and absorbed into the

69
00:06:58,800 --> 00:07:04,320
next vendor tomorrow. And we see this all the time, even with solutions that we use today.

70
00:07:04,320 --> 00:07:14,480
So it's just rapidly changing. And so that's one of the reasons why I love it is it is not a

71
00:07:15,600 --> 00:07:21,760
stale or stagnant environment. There's always something to learn. And then again,

72
00:07:22,880 --> 00:07:27,840
what was here yesterday, it's already old news, got to learn the next thing. Or, you know,

73
00:07:29,040 --> 00:07:34,160
reading items at predictions for the next year that you find out or either completely

74
00:07:34,160 --> 00:07:40,320
wrong because the entire industry has shifted or again, just thought provoking items to start

75
00:07:40,320 --> 00:07:48,640
getting us into the right mindset. I'd say that's the biggest reasons why. Now, how do you do it?

76
00:07:48,640 --> 00:07:56,240
That's a whole different topic that we're going to get into. I'll just say it's not something you

77
00:07:56,240 --> 00:08:07,280
can do alone. So I rely heavily on my teams as well here. John, maybe you want to start just

78
00:08:07,280 --> 00:08:12,640
some of the basic things that you're doing today to try and keep yourself up to date? And I can

79
00:08:12,640 --> 00:08:18,800
talk a little bit about what I'm doing. And I think what we'll find out is everyone has a

80
00:08:18,800 --> 00:08:24,480
slightly different approach that works for them. Yeah, definitely. But I would just like to

81
00:08:24,480 --> 00:08:31,600
circle back a bit to the introduction you gave about why it is important to stay up to date.

82
00:08:31,600 --> 00:08:37,360
It is very, very crucial to stay up to date because just like you mentioned, the cybersecurity

83
00:08:37,360 --> 00:08:43,840
landscape changes all the time. And that is why what I tell my friends that want to come into

84
00:08:43,840 --> 00:08:49,440
cybersecurity, I always tell them, hey, if you are lazy, you can't get into cybersecurity because

85
00:08:49,440 --> 00:08:54,880
everything changes all the time. So you need to do a lot of reading, you need to attend seminar

86
00:08:54,880 --> 00:09:00,800
podcasts, belong to different organizations. Like here in Kansas City, actually belong to

87
00:09:02,240 --> 00:09:09,360
an organization, information system security association. So I listen to, they bring

88
00:09:10,160 --> 00:09:18,000
different speakers every month. So I joined the virtual conference, I joined the web

89
00:09:18,000 --> 00:09:24,960
manner and things like that. So it is very, very crucial to stay up to date because the

90
00:09:24,960 --> 00:09:32,880
goal of cybersecurity in the first instance is to have confidentiality, integrity and availability

91
00:09:32,880 --> 00:09:38,640
of data. And it is not possible if you are not trying to stay up to date, there's no way you

92
00:09:38,640 --> 00:09:49,200
can comply with the goal of cybersecurity. So talking about how do I stay up to date?

93
00:09:49,200 --> 00:09:56,480
So part of the way I stay up to date is training. Training, security, awareness, here in CIT,

94
00:09:56,480 --> 00:10:03,280
we are meant to do no before training. No before training, we actually expose you to staying up

95
00:10:03,280 --> 00:10:14,880
to date, consigning how people can come up with different fishing attack. So no before

96
00:10:15,760 --> 00:10:21,520
is like a simulation of these type of attack. You see it in your email all the time. So that is

97
00:10:21,520 --> 00:10:26,560
an aspect of how we stay up to date. And apart from that, we also have like video training

98
00:10:26,560 --> 00:10:33,600
from no before on how to protect password authentication and stuff like that. Then apart

99
00:10:33,600 --> 00:10:43,360
from that, apart from the fact that it mimics the real security fishing scenario, it also

100
00:10:43,360 --> 00:10:48,080
makes you understand a lot of things that is going on within the organization.

101
00:10:48,080 --> 00:10:54,080
So an instance of that is I was reading something yesterday how somebody tricked

102
00:10:54,080 --> 00:11:02,640
a company into clicking a link by changing the top level domain. The domain of that organization

103
00:11:02,640 --> 00:11:11,360
is actually.org. And this person cooked up an account and the account says.net and they sent

104
00:11:11,360 --> 00:11:16,400
an email to this person working for an organization to send an invoice and the person fell for it.

105
00:11:16,400 --> 00:11:28,880
So if this person has already witnessed some kind of no before training, I think something like that

106
00:11:28,880 --> 00:11:35,760
shouldn't have happened. Yeah, I guess you helped think of a two different idea or bring up two

107
00:11:35,760 --> 00:11:42,080
different ideas for me is security training is incredibly important for any organization.

108
00:11:42,080 --> 00:11:50,640
So if you take a look at the global metrics or United States or so, I should say, is on average

109
00:11:50,640 --> 00:11:57,520
an organization, depending on the industry, for example, technologies tends to be a little bit

110
00:11:57,520 --> 00:12:03,760
lower, manufacturing tends to be a little bit higher on the percentage of people that fall for

111
00:12:03,760 --> 00:12:10,400
fishing emails. And we see this across all of our different customers. We have different industries

112
00:12:10,400 --> 00:12:20,240
metrics, all that fun stuff. But typically it's between, I'm going to say just 15 to 35 percent,

113
00:12:21,360 --> 00:12:28,480
percent of people that fail when you first start a security training initiative. And then after about

114
00:12:28,480 --> 00:12:35,440
a year, we tend to see that drop below 10 percent down into the threes, the fives. So the regular

115
00:12:35,440 --> 00:12:44,160
testing is incredibly important. Here at CIT, we test employees all the time. They probably get

116
00:12:44,160 --> 00:12:51,680
annoyed at it. But rather than doing the compliance checkbox saying, did you do this annually, here

117
00:12:51,680 --> 00:12:59,200
at CIT, we do it at a minimum of weekly. And we do see the fruit that comes from those initiatives.

118
00:12:59,200 --> 00:13:05,680
Our scores are dramatically low, which is phenomenal here. We put a lot of trading in,

119
00:13:06,480 --> 00:13:13,360
and it does pay off. And then the other thing that John was talking about as well, and specifically

120
00:13:13,360 --> 00:13:19,440
just coming from a little bit of my incident response background is experience, right? As

121
00:13:20,080 --> 00:13:25,200
John was talking about someone spinning up a domain similar to it and falling for it, we see it all

122
00:13:25,200 --> 00:13:30,160
the time, especially with things like fraudulent wire transfers, right? Someone impersonates you.

123
00:13:31,520 --> 00:13:40,960
And we see that. So experience obviously is incredibly crucial. The security training

124
00:13:40,960 --> 00:13:47,120
that's being provided by some of these tools are incredibly useful. One of the other things that

125
00:13:48,000 --> 00:13:53,680
John had mentioned was continual training and doing that kind of stuff. There's a lot of great

126
00:13:53,680 --> 00:14:01,120
online resources completely for free as well. So I've used Hack the Box, right? So if you're into

127
00:14:01,760 --> 00:14:08,960
more of a offensive security, which is more of the attacking, not just offensive because it's

128
00:14:08,960 --> 00:14:15,280
mean or anything like that. But Hack the Box is a website that you can go to to practice hacking,

129
00:14:16,400 --> 00:14:22,800
right? And then John, you flagged our security tool on your lab that you're just playing with.

130
00:14:22,800 --> 00:14:31,520
Which one were you just playing with? So I was playing with Blue Team Labs. It has a lot of attack

131
00:14:31,520 --> 00:14:38,400
scenarios that you can come up with. Just do the investigation and being able to write a report

132
00:14:38,400 --> 00:14:45,920
about it. Then there's also Over the Wire game. So that is actually a game that teaches the

133
00:14:45,920 --> 00:14:54,080
leading operating system and the bunch of commands under the leading operating system. So if you get

134
00:14:54,080 --> 00:15:00,960
to a certain level, it will tell you to look for a password, to crack a password, to enter the next

135
00:15:00,960 --> 00:15:08,080
level. So that teaches a lot of hacking skills and how to protect people and organizations.

136
00:15:08,080 --> 00:15:16,960
Yeah. So there you go. There's a red team or offensive or attacking lab. We also have that

137
00:15:16,960 --> 00:15:24,000
Blue Team Defensive Lab that we also mentioned there. So there's two different routes if you're

138
00:15:24,000 --> 00:15:32,240
interested there. Certifications. Here at CIT, we put heavy, heavy emphasis on continual education

139
00:15:32,240 --> 00:15:38,240
and wanting to push employees to get the next certification, training, whatever it is. So

140
00:15:39,360 --> 00:15:45,040
we have people doing the A plus, net plus, security plus, server plus, Certified Ethical

141
00:15:45,040 --> 00:15:50,160
Hacker, CISM, CISP, you name it. There's all these different certifications. Azure, John,

142
00:15:50,160 --> 00:15:57,520
I think you're working on an Azure at the moment as well. But it's all of them.

143
00:15:57,520 --> 00:16:03,440
Thanks, Nate. Yeah. So and thank you, Nate, for the mentorship program you introduced us to.

144
00:16:04,480 --> 00:16:11,680
The CISP mentorship program, the FRCQ. So I'm also on that one. So probably when I finish writing

145
00:16:11,680 --> 00:16:19,040
my Azure certification, then I will jump on to that one. So in CIT, we are encouraged all the

146
00:16:19,040 --> 00:16:24,720
time to take all this certification because we need to stay updated all the time because

147
00:16:24,720 --> 00:16:31,760
if you are out of date, there's no way we can help our customers to help them fix their security

148
00:16:31,760 --> 00:16:38,880
issue. So we need to be up to date. We need to constantly do a lot of training, do a lot of

149
00:16:38,880 --> 00:16:44,000
certification so that we can catch up with the current trend in the world of cyber security.

150
00:16:44,000 --> 00:16:55,120
So I was going to ask, I know you're talking very, very much in the work environment,

151
00:16:55,120 --> 00:17:01,520
like with certifications and stuff. I'm curious as to what you both do outside of the work

152
00:17:01,520 --> 00:17:06,800
environment to stay up to date. I know there's some like blogs and books and things that you'd

153
00:17:06,800 --> 00:17:12,560
kind of mentioned. What are you doing in your free time to continue your education?

154
00:17:12,560 --> 00:17:22,480
I think Kelsey already knows my answer to this. So this is one that I'll preface is I tell my team

155
00:17:22,480 --> 00:17:29,440
all the time, do as I say, not as I do because the next thing I'll say is what free time?

156
00:17:32,160 --> 00:17:39,280
So I try not to have my team work long hours or over the weekends or anything like that.

157
00:17:39,280 --> 00:17:45,280
Do as I say, not as I do because I'm the worst example of that. But for those that are listening,

158
00:17:45,280 --> 00:17:55,760
if you have free time, I, so personally, I don't watch a lot of these labs. I'll join them from

159
00:17:55,760 --> 00:18:04,480
time to time. I consider those going like deep into a particular topic. For me, on the daily

160
00:18:04,480 --> 00:18:10,480
basis, I don't have my phone on me at the moment, but I use a lot of RSS feeds. So if you're not

161
00:18:10,480 --> 00:18:18,480
familiar with RSS feeds, you subscribe to basically a website and then as the website posts new

162
00:18:18,480 --> 00:18:24,880
articles, it gets delivered to whatever you're using. So I use an app called Feedly, you know,

163
00:18:24,880 --> 00:18:30,960
not a sponsor. It's completely free if you want to use it. The free plan is somewhat limited on

164
00:18:30,960 --> 00:18:38,320
what you can do, but for my needs, it's completely sufficient. Within there, I break it into three

165
00:18:38,320 --> 00:18:44,000
different categories. I have an alerts section. So what are some of the critical alerts that are

166
00:18:44,000 --> 00:18:51,280
coming in? So items such as CISA, they are a government entity that puts out new alerts saying

167
00:18:51,280 --> 00:18:56,320
new vulnerable, you know, systems, everything, or the ones that are known to be exploitable,

168
00:18:56,320 --> 00:19:05,280
have a whole section called blogs. And so just as people are writing different blog posts,

169
00:19:05,280 --> 00:19:12,320
you know, less newsy, then I have a whole section to that. I have, I took a picture of it earlier,

170
00:19:12,320 --> 00:19:19,200
but, you know, things like CSO online, dark reading, health IT security, Krebs on security,

171
00:19:19,200 --> 00:19:27,440
Schneier on security, and all of them have security, I guess, the cyber wire, right? And then I have a

172
00:19:27,440 --> 00:19:35,360
whole section regarding news. And so things like bleeping computers, one of them, but I probably

173
00:19:35,360 --> 00:19:43,040
have 40 or 50 different news sources that are all coming in. And, you know, if I have two minutes,

174
00:19:43,040 --> 00:19:48,320
three minutes, whatever, I'll just open up my Feedly app, take a look at the top trending

175
00:19:48,320 --> 00:19:54,560
things, you know, and because I have coverage on so many different websites, oftentimes, if something

176
00:19:54,560 --> 00:20:00,800
is critical or emerging, you'll see that there's, you know, four articles about the similar thing.

177
00:20:00,800 --> 00:20:07,840
So it quickly bubbles up to the top. So I can do that. And then after I start getting through all the,

178
00:20:09,520 --> 00:20:14,560
you know, most critical or kind of a trending stuff, then I can flip over to all and look at

179
00:20:14,560 --> 00:20:20,720
all the posts that have come through. That's probably the best way that I know of. And then as I'm just,

180
00:20:20,720 --> 00:20:26,080
you know, mowing the lawn or whatever it is, shoveling, because it seems like we just continually

181
00:20:26,080 --> 00:20:32,320
get snow here in Minnesota. I listen to a lot of podcasts as well. So a couple of the big ones

182
00:20:32,320 --> 00:20:37,120
that I listened to, I already talked about the eighth layer insights, more on the spy kind of

183
00:20:37,120 --> 00:20:43,200
side. But there's a CSO podcast. There's Dark Net Diaries, which is more of a storytelling,

184
00:20:43,200 --> 00:20:50,320
phenomenal podcast, if you haven't listened to it. Cyber Wire Daily, that's a podcast that's just

185
00:20:50,320 --> 00:20:57,120
dedicated to yesterday's cybersecurity news, right? So if you're hopping in the shower, brushing your

186
00:20:57,120 --> 00:21:01,600
teeth, whatever it is, throw on that podcast, listen to that yesterday's news. If you miss

187
00:21:01,600 --> 00:21:08,880
something, they'll cover it. I touch on a lot of stuff there, but that's my regiment is,

188
00:21:08,880 --> 00:21:14,800
you know, mornings or when I'm busy doing something driving, I listen to a podcast. If I have a couple

189
00:21:14,800 --> 00:21:18,880
minutes to look at my phone, then I'll do the more of the RSS feeds.

190
00:21:20,880 --> 00:21:23,920
John, do you have free time? Oh, yes, I do.

191
00:21:27,600 --> 00:21:33,600
Yeah. So part of my free time, I also use it to listen to like some podcasts. And

192
00:21:33,600 --> 00:21:40,160
apart from that, I subscribe to different, you know, YouTube channel. So I'm always on

193
00:21:40,160 --> 00:21:46,960
CK Award security weekly. The Hacker News and just like Nate also mentioned,

194
00:21:47,680 --> 00:21:54,320
also do Blueprint, Cyber Wire Daily, Dark Net Diaries. So then apart from those, I also like

195
00:21:54,320 --> 00:21:59,840
listening to this guy, I subscribe to his YouTube channel. I don't know if Nate knows him, Network

196
00:21:59,840 --> 00:22:06,800
Chuck. His name is Nick. His name is Nick. Yeah, I will send you. We're learning together here.

197
00:22:06,800 --> 00:22:12,960
Yeah, I will send you his link. I mean, he's really good. He talks about the new trend

198
00:22:12,960 --> 00:22:18,800
in the world of cybersecurity and, you know, like he knows a lot about networking. So because I

199
00:22:19,840 --> 00:22:25,520
want to be learning more about networking as well. So I like following him, you know, so that

200
00:22:25,520 --> 00:22:32,720
that when I have my free time, that is where I go to learn stuff. Yeah. So yeah, one thing that I

201
00:22:32,720 --> 00:22:38,880
was going to touch on earlier that I did was utilizing our own teams and staff here at CIT,

202
00:22:39,520 --> 00:22:46,240
right? So we've got a lot of really, really smart security people here. And even just smart

203
00:22:46,240 --> 00:22:49,920
texts in general that, you know, I happen to read the news while I'm eating lunch and

204
00:22:49,920 --> 00:22:56,240
send me an article or something, right, to help continue educating me. I know that I don't know

205
00:22:57,120 --> 00:23:00,960
everything and I know that I'm not going to be able to read everything at any given point.

206
00:23:00,960 --> 00:23:06,480
So if there is something really important, like again, John mentioning some of his favorite YouTube

207
00:23:06,480 --> 00:23:12,960
channels is sharing it, right? You know, he just mentioned one that I've never heard of before. So

208
00:23:13,920 --> 00:23:18,480
one that I'm sure a lot of people have heard of, at least if you're in the security industry,

209
00:23:18,480 --> 00:23:26,800
again, continuing the YouTube topic is John Hammond. I try and watch a lot of John Hammond.

210
00:23:28,320 --> 00:23:35,600
He is one of the smartest offensive security guys that is public that I know of. You know,

211
00:23:35,600 --> 00:23:41,440
he's always posting new things. I think I literally just had one pulled up right before this as I was

212
00:23:41,440 --> 00:23:49,600
getting ready to eat lunch. It was all about how to test your EDR solutions with third party

213
00:23:49,600 --> 00:23:53,920
testing essentially, right? How do you ensure that the investments that you put in place

214
00:23:53,920 --> 00:23:58,720
are successful? And so that's something that, you know, CIT has done, but it's also something

215
00:23:58,720 --> 00:24:05,120
that he's trying to educate others on as well. So and then I guess one other one YouTube channel

216
00:24:05,120 --> 00:24:12,400
while I'm on the topic is 13 cubed. So it's a far less known YouTube channel, but it's heavy,

217
00:24:12,400 --> 00:24:21,280
heavy, heavy on forensics. So, you know, what are the inner workings of Windows file system and

218
00:24:21,280 --> 00:24:29,120
how it keeps track of time and updates, you know, the updated, right, or date modified or date

219
00:24:29,120 --> 00:24:34,480
created fields, because there's nuances between all that. That YouTube channel digs into that.

220
00:24:34,480 --> 00:24:39,920
So if anyone's looking for some good nighttime listening, put you to sleep. That's probably

221
00:24:39,920 --> 00:24:44,720
one of them for you. New bedtime stories, which I really quickly want to go. You just a, we got a

222
00:24:44,720 --> 00:24:49,040
huge laundry list of going, all this is great. So for anybody listening, we will get the links

223
00:24:49,040 --> 00:24:53,600
from these two and put them into the podcast. So if you were trying to go, Hey, wait, go back,

224
00:24:53,600 --> 00:24:57,200
pause it. We'll get there 100% because that's what my brain just said. Because I was like,

225
00:24:57,200 --> 00:25:01,760
I'm never going to remember all of these, but they all sound fabulous. But also, right, if part of

226
00:25:01,760 --> 00:25:07,440
our audience is not technical, not just doing cybersecurity day in and day out, I know from

227
00:25:07,440 --> 00:25:11,360
a personal standpoint, right, that I'm lucky enough that when something happens with, say,

228
00:25:11,360 --> 00:25:15,440
one of our web plugin tools, I get a message from Nate going in the morning going, Hey,

229
00:25:15,440 --> 00:25:19,360
there's something going on. Do we have this? And then I can go check it. And I'm like,

230
00:25:19,360 --> 00:25:23,280
Oh, I got my whole back covered by an entire team that's looking out for these things and

231
00:25:23,280 --> 00:25:28,720
double checking my work, which is fabulous. But I can only imagine for somebody running a business,

232
00:25:28,720 --> 00:25:32,880
if cybersecurity is only one of the hats that you wear. And we just listed out things that,

233
00:25:32,880 --> 00:25:37,760
as Nate pointed out, may take up all of your free time just to stay up to date with all of this.

234
00:25:38,560 --> 00:25:42,160
How would you ingrant it? It sounds like I'm totally leading into a sales pitch of going,

235
00:25:42,160 --> 00:25:47,680
work with CIT, which spoilers is one of the answers. But is that kind of the best way if

236
00:25:47,680 --> 00:25:51,040
you're running a small to medium business is to find a cybersecurity partner?

237
00:25:51,040 --> 00:25:59,120
Yeah, like you said, that is the correct answer, at least the selfish plug in there. But

238
00:26:00,640 --> 00:26:06,400
yeah, so if, for example, if there's something that you're working with CIT on,

239
00:26:07,760 --> 00:26:12,400
again, our teams are staying up to date on this. So I'll use one of the latest ones was

240
00:26:13,440 --> 00:26:20,080
Outlook. Outlook had a major, major vulnerability that someone could send you an email. You never

241
00:26:20,080 --> 00:26:26,240
had to interact with it, but your computer could send your kind of password encrypted

242
00:26:26,240 --> 00:26:30,480
password out to the threat actor, they could then use that to try and get into your network.

243
00:26:31,440 --> 00:26:36,000
Zero interaction, it was extremely critical, right? That's something that CIT,

244
00:26:37,520 --> 00:26:43,920
we saw, we put in custom scripts to remediate it on our customers' be halves. We notified the

245
00:26:43,920 --> 00:26:49,680
customer saying we are going to do this. And then we pushed that out to the thousands of endpoints

246
00:26:49,680 --> 00:26:55,600
that we have to make sure that those were mitigated as fast as possible, right? So that is the value

247
00:26:55,600 --> 00:27:00,800
that you're going to get out of some type of partnership. If you're just looking for staying

248
00:27:00,800 --> 00:27:09,600
up to date, like I said, those RSS feeds, the YouTube channels, whatever your flavor of learning

249
00:27:09,600 --> 00:27:16,480
is, watching, reading, whatever it is, there's so many great resources out there. Yes. Then

250
00:27:16,480 --> 00:27:22,320
apart from that, monitoring environment, testing, and regular L check of some of the

251
00:27:23,440 --> 00:27:30,320
security tools, those also matter. Yeah, one of the things I think you'll find

252
00:27:31,120 --> 00:27:38,160
for anyone that is interested is the security community is very, very interested in sharing

253
00:27:39,920 --> 00:27:46,080
knowledge with the wider community because we all know that it takes a village to actually

254
00:27:46,080 --> 00:27:53,200
protect all these organizations, right? There's a, on our last podcast or so, we did the whole thing

255
00:27:53,200 --> 00:27:58,640
about a shortage of cybersecurity labor, right? There's already a labor, so there's already a

256
00:27:58,640 --> 00:28:04,000
deficiency of people that can actually patch these things. So rather than trying to keep all that in

257
00:28:04,800 --> 00:28:11,360
our own heads, let's share. So you'll find a lot of security people are doing online writings.

258
00:28:11,360 --> 00:28:16,080
John mentioned that he wrote a book about it. We've got YouTube channels. We're sitting on this

259
00:28:16,080 --> 00:28:26,320
podcast right now if you're still listening, but I hope you're still listening. Yeah. Yeah.

260
00:28:28,320 --> 00:28:37,840
Yeah, exactly. So basically, staying up to date has to do with protecting your business,

261
00:28:37,840 --> 00:28:43,120
which is synonymous with protecting your customers. And that is what is always fueling

262
00:28:43,120 --> 00:28:49,200
my own passion about anything I want to do. Like the book I wrote, just to help people.

263
00:28:50,000 --> 00:28:55,440
I believe I am in the cybersecurity profession because I don't want to see anybody cry.

264
00:28:58,160 --> 00:29:04,320
I'm always trying my best to assist, delete where I can. And some of our customers,

265
00:29:04,320 --> 00:29:10,800
as in CIT, they can also testify to that. Because if anybody reaches out to me and say,

266
00:29:10,800 --> 00:29:16,560
oh, this thing is going on with me, can you help me look at it? Even if I'm doing something that

267
00:29:17,200 --> 00:29:22,400
is not too important at that moment, I will quickly jump on the call just to help them look at what

268
00:29:22,400 --> 00:29:32,720
is going on. And as we kind of wrap up here, if there's any kind of closing thoughts, anything

269
00:29:32,720 --> 00:29:37,360
you want to share, anything, if somebody is listening to this podcast and they're feeling

270
00:29:39,040 --> 00:29:47,920
overwhelmed or they're feeling like, I am so behind. Any practical do this today advice that

271
00:29:47,920 --> 00:29:55,760
you could maybe give them. Okay. I will say this. Staying up to date is not something that is

272
00:29:55,760 --> 00:30:02,960
negotiable. Especially if you think about the zero trust and the Joe Biden's executive order

273
00:30:04,720 --> 00:30:11,520
in improving the nation's cybersecurity. So you are less vulnerable if you are on the latest

274
00:30:11,520 --> 00:30:19,520
software and application. So try as much as possible to stay up to date by using

275
00:30:19,520 --> 00:30:27,440
the authentication app. Check your information if they are not on the dark net or dark web or deep

276
00:30:27,440 --> 00:30:36,960
web. Always try to attend conferences, webmina and all of those things and try to monitor them.

277
00:30:36,960 --> 00:30:43,120
Just like I said before, monitor the environment and then do regular check of your security

278
00:30:43,760 --> 00:30:49,280
information and event management to and things like that. Then attend podcasts. Just to

279
00:30:49,280 --> 00:30:53,440
generalize everything like we've been saying just in conclusion.

280
00:30:55,360 --> 00:31:01,840
That's some great stuff, John. I love that you took it completely to the super practical level.

281
00:31:02,400 --> 00:31:06,960
Not even anything really about sharing, just saying, by the way, you should start focusing on

282
00:31:06,960 --> 00:31:13,600
this. I am going to bring it a little bit back to some of the new sources since John covered that

283
00:31:13,600 --> 00:31:24,880
one so well. Try to find websites or blog posts or anything that's relatable to your industry.

284
00:31:24,880 --> 00:31:30,880
So if you're in healthcare, I'm going to call this one out again, health IT security. There's a whole

285
00:31:30,880 --> 00:31:39,120
website dedicated to that and what is coming down for the latest regulations, the revisions that

286
00:31:39,120 --> 00:31:48,560
are happening. Also, there's just other components. For example, if you're more of an executive,

287
00:31:48,560 --> 00:31:56,080
probably websites like this CSO online, it's intended for extremely high level

288
00:31:57,120 --> 00:32:01,600
reading. I'm not going to say comprehension, but it's intended for executives.

289
00:32:03,360 --> 00:32:08,160
Now, if you're a technical person, maybe you're trying to break into cybersecurity,

290
00:32:08,160 --> 00:32:14,400
maybe more of the technical ones are going to be of interest to you. I recommend John Hammond,

291
00:32:14,400 --> 00:32:23,280
but I don't because he is up here. I try and follow along there, but a lot of great articles

292
00:32:23,280 --> 00:32:29,920
out there to really fit what you're looking for. So again, we can provide all these in the notes

293
00:32:29,920 --> 00:32:36,400
and everything, but start taking a look at them. Just even one of them, just to say,

294
00:32:36,400 --> 00:32:42,880
this applies to my industry and I should be aware of it. Maybe you bookmark it and look at it at

295
00:32:42,880 --> 00:32:48,800
lunch or something, right? But if you want to get completely flooded with articles, then I would say

296
00:32:48,800 --> 00:32:54,720
take a look at something like the RSS feeds or some other way to gather data from a lot of

297
00:32:54,720 --> 00:33:01,200
different sources. Then at that point, you'll start really seeing a comprehensive coverage of the

298
00:33:01,200 --> 00:33:11,040
entire industry, not just specific to you. And then work with CIT. Yeah, first. Yeah, I was going to

299
00:33:11,040 --> 00:33:16,640
say, if you need anything, feel free to reach out to us. We can get in contact with both of these

300
00:33:16,640 --> 00:33:22,720
people or anyone else that you're interested in speaking to and just getting some information.

301
00:33:23,520 --> 00:33:28,720
We're always here to help. So thank you, Nate. Thank you, John, for joining us today.

302
00:33:28,720 --> 00:33:35,360
And if you are curious about cybersecurity in general or how CIT can help you and support you,

303
00:33:35,360 --> 00:33:43,040
reach out to us at info at cIT-net.com or head out to our website at cIT-net.com

304
00:33:43,040 --> 00:33:59,600
slash podcast. And we'll be back next week with an all new episode.