Episodes

I sat down with Matt Fisch of Fortmesa to discuss observations and highlights from ITN Connect. From new vendors in the pavilion tackling niche cybersecurity challenges to conversations with Solution providers that show our i...

Maybe we have talked about this before? At any rate Business email compromise is a constant threat. We do Phishing simulations and other security awareness training to help our staff and clients make good choices, but we aren...

What are insider threats? Tim Schnurr and I discuss the importance of cybersecurity in protecting digital assets and preventing insider threats in organizations. There is a overwhelming need for employee education, the use of...

Thinking back ten-plus years on the industry conferences we have attended in person and online. With vendor mergers and acquisitions it is hard to determine which shows you should still attend and every day it seems there is ...

As we go through the CIS controls we try to stay in sequence but as a result of some discussions at recent events, we decided to jump to Malware Defenses. Hopefully, Matt Lee's insights and my humor will be enough for you to ...

We talk about frameworks, compliance, cybersecurity, and many things in between but we haven't discussed getting assessed against a framework or even the new CompTIA Cybersecurity Trustmark. I sat down with Omer Kasim Aslim o...

In recent years we have seen Solution Providers begin offering services that are showing a shift in our industry around our client and client prospect needs. Five years ago very few solution providers would be comfortable tal...

From the trenches... I sit down with Jim Harryman of Kinetic Technology Group to discuss their progress through the new CompTIA Cybersecurity Trustmark. What are the significant challenges and what are the easy wins. A glipse...

Fireside chat with Matt Lee brings us control 6. Access Management goes hand in hand with Account Management but if you have been following along we coverd control 5 last month. Join Matt Lee and I as we deep dive into each s...

Each day we are bombarded by cybersecurity threats and this episode adds another vector you should be looking at as you address your asset inventory. Are you looking at the asset that controls your thermostat? How about the I...

There is no question that CMMC is here to stay. It is a much-needed maturity model for measuring companies that cater to the Defense space and are doing what is needed to protect Confidential Unclassified Information (CUI). I...

In Cyber we often focus only on the events that come from the ether, the dark web, and we forget that disasters can come from all sorts of events. With a hurricane less than 24 hours from making landfall, I sit down with Char...

I am a big fan of Scott Augenbaum's book, "The Secret to Cybersecurity." Specifically, the 4 truths that we talk about with Tye Male, Senior Pastor of Wellspring church. Suspicious email, inconvenient timing, stress-inducing,...

We are 1/3 of the way through the CIS Top 18 and I think Control 5 might be my favorite. Matt Lee joins me as we dive into all six safeguards and how important they are in the journey toward cyber resilience.

I remember the days when Joshua Smith and I decided we should build our own MSP. It was simpler times and Cybersecurity was defined largely by firewalls and antivirus. Today starting an MSP or even being a small MSP trying to...

There are lots of frameworks to choose from and some are more complicated than others. What is important is that you use some set of controls/safeguards or standards that are measurable and can be aligned with. I sit down wit...

Over the past few months we have spent time on policies, how to tackle controls and safeguards in CIS Top 18, and we have even pointed out cybersecurity areas that might be overlooked. In this episode, as we all look at matur...

It is the 3rd Tuesday of the month and it is time for Control 4 With Mat Lee. This is a shorter episode but we get it done and got great insights on how to go about addressing CIS Control 4.

Policies are the one thing no company wants to create but everyone has to have. We see them show up in employee handbooks, Written Information Security Plans (WISP), and System Security Plans (SSP), and there is no shortage c...

I don't often have vendors as guests on the show and so when there is an exception made it is because they are bringing something to the table that is exceptional. Discussing Single Sign-on with Nick Wolf Of Evo Security is a...

A little Chutes and Ladders, a little Yellow Brick Road. In this episode, I think you will find that Data Protection is a rather complex beast but through the guidance of Matt Lee of Pax8 you will have the tools you need to b...

This week we put a thought towards adding counterintelligence as something that should be part of your Business Continuity, Disaster Recover, and Incident Response. It makes sense when you hear what Darren Mott has to say. As...

After we did, "A Doozy of a Story." I was presented with this Gem. It almost feels like a perfect storm but in fact it is a legitimate business and as I discuss the details with Eric Hanson, I want you to think about CIS Cont...

When cybersecurity insurance first came on the scene it was a new frontier. Everyone seemed to be selling it and everyone seemed to qualify for it. That was then... Sitting down with Reid Wellock of FifthWall was an enlighten...