The UNSECURITY Podcast – Episode 87 Show Notes – Women in Security Pt4

Welcome back! Hope you and your loved ones had an enjoyable 4th of July holiday. It was a HOT one here in Minnesota!

Women in Security Series

So far, the Women in Security Series has been a smashing success! We’ve had three women share their perspectives on our show thus far, and we’ve got another five or six planned. We’re honored that our guests would share their stories about being a woman in our industry and also give us their opinions about women in information security in general. We’ve learned a ton already, and we’re hungry to learn more!

Our series will be at least ten parts long, meaning 1) we’re not even half done yet and 2) we’ll continue this until mid-August (episode 93 or 94).

Here’s our guest line up thus far:

  • Episode 84 – Renay Ruter (an information security business/IT executive)
  • Episode 85 – Lori Blair (a 35-year information security veteran)
  • Episode 86 – Victoria Fogarty (relatively new to the industry)
  • Episode 87 (today) – Kristin Judge (founder and CEO of the Cybercrime Support Network, SC Media “Women in IT Security Influencer” in 2017, former Director of Government Affairs at the National Cyber Security Alliance (NCSA), thought leader, and all-around amazing information security expert)
  • Episode 88 – Andrea Hatcher (Senior majoring in Cybersecurity Analytics and Operations at Pennsylvania State University)
  • Episode 89 – Judy Hatchett (Information security corporate leader and expert formerly with Accenture, Best Buy, SUPERVALU, 3M, Fairview Health Services, and current VP, Information Security and CISO at Surescripts)
  • Episode 90 – Amy McLaughlin (Information security leader and expert in education, having served with the State of Oregon, the Consortium for School Network (CoSN), Chemeketa Community College, and Oregon State University)
  • Episode 91 – TBD/not-yet-confirmed (information security executive in healthcare, CISO in higher education, or senior information security sales executive)
  • Episode 92 – TBD/not-yet-confirmed (information security executive in healthcare, CISO in higher education, or senior information security sales executive)
  • Episode 93 – TBD/not-yet-confirmed (information security executive in healthcare, CISO in higher education, or senior information security sales executive)

How awesome is this lineup?!  WOW! We purposely selected a variety of different perspectives from within the women in our field, but this is way better than we expected!

Here’s what we’ve done so far…

Women in Security Series – Part One

We kicked off the Women in Security series on June 15th, and we couldn’t have chosen a better first guest! Renay Rutter, FRSecure’s COO, got the series started with sharing her experience, wisdom, and insight she’s gained over her 30+ year IT career. Brad and I learned a ton!

If you missed this episode, you can catch up here; https://podcasts.apple.com/us/podcast/unsecurity-episode-84-women-in-security-pt-1-renay-rutter/id1442520920?i=1000478037575

Thank you Renay!

Women in Security Series – Part Two

We kept things in the FRSecure family for week two, hosting Lori Blair. Lori is a treasure chest of information security knowledge and wisdom, beginning from when she started her information security career in 1985. Think about that for a second; 1985?! For the math folks in the house, that’s 35 years!

I have a TON of respect for Lori, and her opinions carry weight for me (and many others). It’s not just her experience that makes Lori amazing, she’s a wonderful, practical, and level-headed person who loves mentoring others. This is a can’t miss episode, go give a listen here; https://podcasts.apple.com/us/podcast/unsecurity-episode-85-women-in-security-pt-2-lori-blair/id1442520920?i=1000479175255

Thank you Lori!

Women in Security Series – Part Three

Part Three was incredible! Victoria is very relatable and she’s a natural when it comes to effective communication. She did a great job explaining how she transitioned from Insurance Adjuster to Information Security Associate Analyst at FRSecure. Her journey is pretty cool so far, and her future is VERY bright in our industry. She even shared a shocker (at least for me) in this episode. Definitely worth the listen! If you missed episode 86, here it is; https://podcasts.apple.com/us/podcast/unsecurity-episode-86-women-in-security-pt-3-victoria/id1442520920?i=1000480167348

Thank you Victoria!

Women in Security Series – Part Four

This is our first guest in the series who works outside the FRSecure/SecurityStudio family, and we’re honored to have her join us! We welcome Kristin Judge to our show for Part Four and Episode 87. We don’t know Kristin as well as we know the previous three guests, but judging from her BIO and LinkedIn profile, she stacks up with the best our industry has to offer! This episode is Brad’s to lead and there is no shortage of things we could talk to Kristin about (her work as Washtenaw County Commissioner, her start in information security, her time as Executive Director of Trusted Purchasing Alliance at the Center for Internet Security, her time as Director of Special Projects and Government Affairs for the National Cyber Security Alliance, her time as an information security entrepreneur, her founding of the Cybercrime Support Network, etc., etc.). Truly an amazing person that we’re very excited to chat with!

WELCOME KRISTIN!

Let’s get on with the show!

Brad’s leading the show this week, and these are his notes…


SHOW NOTES – Episode 87

Date: Monday, July 6th, 2020

Episode 87 Topics

  • Opening
  • Introducing Our Special Guest: Kristin Judge (current CEO/President of the Cybercrime Support Network)
  • Catching Up (as per usual)
  • Women in Security
  • News
  • Wrapping Up – Shout outs
Opening

[Brad] Welcome back! This is episode 87 of the UNSECURITY Podcast, and I’m your host this week, Brad Nigh. Today is July 6th, and joining me this morning as usual is Evan Francen.

[Evan] Hopefully Evan took the holiday weekend off to relax, let’s find out.

[Brad] We have an incredible guest this week, our 4th in the Women in Security series! She’s our first guest in the series from outside the FRSecure family, and I’m sure she has great stories and wonderful insights to share with us. She’s got a long BIO, including:

  • Former Washtenaw (MI) County Commissioner
  • Former Center for Internet Security (CIS) Director of Partner Engagement and Executive Director of Trusted Purchasing Alliance
  • Former National Cyber Security Alliance (NCSA) Director of Special Projects and Government Affairs
  • Former Principal and Owner of Opcio Solutions
  • Current Cybersecurity Author of numerous education and awareness courses
  • Current CEO/President and Founder of the Cybercrime Support Network (CSN)

And I’m sure, many, many other cool things. We’re honored to have Kristin Judge join us on the show this morning. Welcome Kristin!

[Kristin] I haven’t actually met Kristin prior to this so I don’t know what she will say.

[Brad] We sort of have a tradition around here. Before we dive in, we catch-up with each other quick. Let’s recap our week.

Catching Up

Quick discussion about last week, the weekend, or whatever else comes to mind.

[Evan] Short week and long weekend…

[Brad] And what about you Kristin?

[Kristin] I’m sure she did something very cool.

[Brad] Alright, let’s get on with the series!

Women in Security, Part Four

[Brad] This is the fourth week of our series discussing the topic of women in the information security industry. Personally I’ve found the first three weeks to be incredibly enlightening, even with people that I’ve worked with very closely for years. I’m really looking forward to hearing an “outsider’s” perspective and continue this conversation. So with that let’s dive in!

Do we have a shortage of women in our industry? If so, what’s the big deal? Why is the topic important for us to talk about? Lot’s of questions and I’m sure just about everyone has an opinion. Instead of people listening to our opinions, we’re going to talk to the people this relates to the most; women! What better way to get a woman’s perspective on things than to talk to a woman? Let’s do this.

Open Discussion (~30 minutes)

  • How you got into the industry?
  • Your journey in the industry.
  • Advice you have for someone starting out.
  • Do you think we need more women in our industry and why?
  • Opinions about the talent shortage in our industry.
  • What can we do better in recruiting more people, and specifically more women in our industry?
  • Whatever else we’d like to share.

[Brad] Thank you Kristin! Again, we’re honored to have you join us! Please feel free to stick around while we cover a few news stories from the past week.

News

[Brad] Here are a few news stories from the pas week that I thought were interesting…

Wrapping Up – Shout outs

[Brad] That’s it for episode 87. Thank you Kristin for a joining us and making this fourth installment of to the Women in Security series a great one! We’ve got more amazing guests lined up for the next five(ish) weeks, again I’m really looking forward to hearing their perspectives. Either of you have any shout outs this week?

[Evan and/or Kristin] We’ll see.

[Brad] Thank you to all our listeners! Keep the questions and feedback coming. Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @BradNigh, and Evan is @evanfrancen. Kristin, is there a particular way you’d prefer people to find you?

Lastly, be sure to follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more goodies.

That’s it! Talk to you all again next week!

The UNSECURITY Podcast – Episode 86 Show Notes – Women in Security Pt3

Hoping everyone reading this is healthy and doing well. Losing focus on what matters is too easy in today’s craziness. Reach out to someone if you need a listen.

Women in Security Series

Well, we’re a couple weeks into the Women in Security Series, and so far the feedback has been great! Brad and I continue to learn great things from our guests. We’re not sure yet how long the series will go yet, but we have guests booked for the next six (6) shows (after this one). So, we DO know the Women in Security Series will go through (at least) episode 92 (August 10th). The guests we have lined up are incredible:

  • Today – Victoria Fogarty (see below)
  • Episode 87 – CEO of an information security-related non-profit
  • Episode 88 – A Senior, majoring in Cybersecurity Analytics and Operations at a leading university
  • Episode 89 – A CISO from a really cool large company
  • Episodes 90 through 92 – A CISO working in healthcare, a renowned educator, and a cool lady working in information security sales.

This journey is just getting started!

Women in Security Series – Part One

We kicked off the Women in Security series on June 15th, and we couldn’t have chosen a better first guest! Renay Rutter, FRSecure’s COO, got the series started with sharing her experience, wisdom, and insight she’s gained over her 30+ year IT career. Brad and I learned a ton!

If you missed this episode, you can catch up here; https://podcasts.apple.com/us/podcast/unsecurity-episode-84-women-in-security-pt-1-renay-rutter/id1442520920?i=1000478037575

Thank you Renay!

Women in Security Series – Part Two

We kept things in the FRSecure family for week two, hosting Lori Blair. Lori is a treasure chest of information security knowledge and wisdom, beginning from when she started her information security career in 1985. Think about that for a second; 1985?! For the math folks in the house, that’s 35 years!

I have a TON of respect for Lori, and her opinions carry weight for me (and many others). It’s not just her experience that makes Lori amazing, she’s a wonderful, practical, and level-headed person who loves mentoring others. This is a can’t miss episode, go give a listen here; https://podcasts.apple.com/us/podcast/unsecurity-episode-85-women-in-security-pt-2-lori-blair/id1442520920?i=1000479175255

Thank you Lori!

Women in Security Series – Part Three

Here we are, Part Three. In episode 86 (this one), we’ll introduce you to Victoria Fogarty. Victoria works at FRSecure and does some pretty cool things around here. You’ll get to meet her and hear her perspective on all sorts of things, including the information security industry (as a whole), her journey, what it’s like to do what she does, etc. Victoria is a pretty cool lady, and you’ll definitely enjoy her energy!

WELCOME VICTORIA!

Let’s get on with the show!

I’m (Evan) leading the show this week, and these are my notes…


SHOW NOTES – Episode 86

Date: Monday, June 29th, 2020

Episode 86 Topics

  • Opening
  • Introducing Our Special Guest: Victoria Fogarty
  • Catching Up (as per usual)
  • Women in Security
  • News
  • Wrapping Up – Shout outs
Opening

[Evan] Hey all! Welcome to this episode, number 86, of the UNSECURITY Podcast! For those of you who are new to the show, I’m your host, Evan Francen, and the date is June 29th, 2020. We’re a good 100(ish) days into the COVID pandemic here in the States, so it’s easy to lose track of the date. At least for me it is! Joining me this morning is my good friend and colleague, Mr. Brad Nigh. Morning Brad!

[Brad] <<<INSERT BRAD’S GREETING HERE>>>

[Evan] We’re on our 3rd week of the Women in Security series, and I’m super excited to welcome our guest, Victoria Fogarty! Victoria works here at FRSecure and is an all-around awesome person! Join me in welcoming Victoria. Welcome Victoria!

[Victoria] Every time I’ve talked with Victoria, she’s always got energy and a GREAT attitude. Let’s see if this is true at 7am on Monday morning (when we record the UNSECURITY Podcast)

[Evan] You all know what we do first before jumping into business, we check in quick. What’s up guys? How you doing, and how was your weekend?

Catching Up

Quick discussion about last week, the weekend, or whatever else comes to mind.

[Brad] Guessing he got outside, did some family stuff, did some yard/garden work, made some sweet BBQ, and other cool things.

[Evan] Victoria, how about you?

[Victoria] Looking forward to this. I don’t really know what Victoria does for fun, hobbies, etc. Opportunity to learn.

[Evan] Ugh. Interesting weekend (aren’t they all?) here…

Alright, now on to our series topic.

Women in Security, Part Three

[Evan] This is the 3rd week in the Women in Security Series. It’s been a blast so far! Feedback keeps rolling in, and so do the guests. I’m excited to hear about Victoria’s perspectives because honestly, I don’t know many (if any) of them. This will be a great discussion!

So, Victoria, thanks again for joining us. Let’s start out with how you got started with information security.

Open Discussion (~30 minutes)

  • How you got into the industry?
  • Your journey in the industry.
  • Advice you have for someone starting out.
  • Do you think we need more women in our industry and why?
  • Opinions about the talent shortage in our industry.
  • What can we do better in recruiting more people, and specifically more women in our industry?
  • Whatever else we’d like to share.

[Evan] Thank you Victoria! Nice work! I’m sure our listeners learned some good things.

News

[Evan] Time for newsy things again. My God, there’s never a shortage of news, is there?! We could use an entire day and not cover it all. Our day jobs won’t allow us an entire day, so I’ll just take a few that caught my eye:

Wrapping Up – Shout outs

[Evan] There you have it. Episode 86 is almost in the books. Just wrapping up and shout outs before we go. Victoria, thank you for joining us. Also, thank you for sharing you story and your thoughts.

You’re going to enjoy next week’s guest too! We’re going outside FRSecure to get perspectives from women beyond these four walls. Going to be a great show!

Either of you have any shout outs this week?

[Brad and/or Victoria] We’ll see.

[Evan] Thank you listeners! You guys are pretty cool, I think. Send us your questions, feedback and suggestions by email at unsecurity@protonmail.com. We still need to talk about the whole Mandiant, Capital One, incident response, confidential legal report thing. Ugh! Maybe next week.

Online social people can follow us on Twitter. I’m @evanfrancen and Brad is @BradNigh. Victoria, you got somewhere you want people to follow/interact with you?

[Victoria] Maybe/maybe not.

The companies we work for are pretty social too. SecurityStudio’s Twitter is @studiosecurity and FRSecure’s Twiiter is @FRSecure.

That’s it! Talk to you all again next week!

The UNSECURITY Podcast – Episode 85 Show Notes – Women in Security Pt2

It’s been a good week around here. I hope you’re well.

Women in Security Series – Part One

We kicked off the Women in Security series last week, and we couldn’t have chosen a better first guest to help us off on the right track! Renay Rutter, FRSecure’s COO, shared some of the experience, wisdom, and insight she’s gained over her 30+ year IT career. Brad and I learned a ton!

If you missed last week’s episode, you can catch up here; https://podcasts.apple.com/us/podcast/unsecurity-episode-84-women-in-security-pt-1-renay-rutter/id1442520920?i=1000478037575

Women in Security Series – Part Two

Now we’re heading into Part Two of the Women in Security series on the UNSECURITY Podcast, and we’re VERY excited to announce this week’s guest, Lori Blair! Lori’s another veteran, and you’ll love her practical, level-headed approach to information security. She’s another person with a ton of experience and some great insight to share.

WELCOME LORI!

Women in Security Series – Future Guests & Episodes

There’s been great interest in this series. We love it!

Many of our listeners have reached out to us (Brad and I), recommending women that we should have on the show as guests. We could easily dedicate our entire podcast to the topic; however, we do need to limit how long the series goes (for a number of reasons). As it looks now, we will be running this series through the end of July (at least)! So far, we have an additional five women lined up to speak with us (and you). Our future guests include a lady who’s sort of new to the field, a lady who’s won multiple awards and runs her own organization, a lady who’s studying information security topics as a senior in a well-respected university, a lady who’s been CISO in multiple organizations, and a lady who helps organizations by selling information security consulting services.

We’ve got an all-star lineup of amazing women to share their stuff with us!

Let’s get on with the show!

Brad’s leading the show this week, and these are his notes…


SHOW NOTES – Episode 85

Date: Monday, June 22nd, 2020

Episode 85 Topics

  • Opening
  • Introducing Our Special Guest: Lori Blair
  • Catching Up (as per usual)
  • Women in Security
  • News
  • Wrapping Up – Shout outs
Opening

[Brad] Welcome back! This is episode 85 of the UNSECURITY Podcast, and I’m your host this week, Brad Nigh. Today is June 22nd, and joining me this morning as usual is Evan Francen.

[Evan] I’m guessing he has stories about deck building or motorcycle riding.

[Brad] We have our 2nd guest in the Women in Security series this week. FRSecure’s own Senior Security Analyst, Lori Blair. Lori is easily one of our most experienced and talented Analysts at FRSecure. She has over 20 years experience in information security and has experience across multiple industries as both a consultant and as a manager in organizations. Thank you for joining us this morning!

[Lori] This is where we find out if Lori is a morning person or not.

[Brad] Before we get going, let’s recap our week quick.

Catching Up

Quick discussion about last week, the weekend, or whatever else comes to mind.

[Evan] Evan struggles, as I do, to remember what happened last week.

[Brad] And what about you Lori?

[Lori] Hopefully, she does better than Evan and I did at recapping her last week.

Alright, now on to our series topic.

Women in Security, Part Two

[Brad] This is the second week of our series discussing the topic of women in the information security industry. We’ve already received a ton of positive feedback from Part One, so I’m excited to keep the momentum going with Lori here in Part Two.

Do we have a shortage of women in our industry? If so, what’s the big deal? Why is the topic important for us to talk about? Lot’s of questions and I’m sure just about everyone has an opinion. Instead of people listening to our opinions, we’re going to talk to the people this relates to the most; women! What better way to get a woman’s perspective on things than to talk to a woman? Let’s do this.

Open Discussion

  • How you got into the industry?
  • Your journey in the industry.
  • Advice you have for someone starting out.
  • Do you think we need more women in our industry and why?
  • Opinions about the talent shortage in our industry.
  • What can we do better in recruiting more people, and specifically more women in our industry?
  • Whatever else we’d like to share.

[Brad] Thank you Lori! Good information and things to think about more. Much appreciated! How about some quick news stuff?

News

[Brad] Like every week, there is no shortage of news in our industry. Here are three stories I’d like to discuss quick:

Wrapping Up – Shout outs

[Brad] That’s it for episode 85. Thank you Lori for a great second installment of the Women in Security series. We’re lining up our guest for next week and it’s going to be another great show! Either of you have any shout outs this week?

[Evan and/or Lori] We’ll see.

[Brad] Thank you to all our listeners! Keep the questions, feedback and suggestions coming. One topic suggestion we just received this morning was to discuss Mandiant, Capital One, incident response, and confidential legal reports. Interesting story that Evan might pick up next week. If you’ve got something you’d like to hear us talk about, you can email us at unsecurity@protonmail.com. You social types can follow us on Twitter if you’d like. I’m @BradNigh and Evan is @evanfrancen.

The companies we work for are pretty social too. SecurityStudio’s Twitter is @studiosecurity and FRSecure’s Twiiter is @FRSecure.

That’s it! Talk to you all again next week!

The UNSECURITY Podcast – Episode 84 Show Notes – Women in Security Pt1

Happy Monday!

Last week was another blur. The world hasn’t quite ended yet, but it seems to be getting closer.

Women in Security Series

Brad and I are starting a Women in Security Series this week. This will be (at least) a four-part series where we’ll talk about the topic of women in the information security industry. We’ll have a special female guest each week to give us their experiences, advice, opinions, etc. At FRSecure, we work with some amazing women, and we’ll start the series talking with them. After talking with some of our own, and if things seem to be going well, we’ll reach out to other women outside of FRSecure for an even broader perspective.

Our first guest in the series is Renay Rutter, FRSecure’s Chief Operations Officer. She’s pretty much all around awesome, and it will be great talking with her this week!

Let’s get on with the show!


SHOW NOTES – Episode 84

Date: Monday, June 15th, 2020

Episode 84 Topics

  • Opening
  • Introducing Our Special Guest: Renay Rutter
  • Catching Up (as per usual)
  • Recap of the 2020 FRSecure CISSP Mentor Program
  • Women in Security
  • News
  • Wrapping Up – Shout outs
Opening

[Evan] Hi everyone. Episode 84 of the UNSECURITY Podcast is upon us. Wow, it’s already mid-June! June 15th, 2020 to be exact. I’m your host, Evan Francen and joining me as usual is Mr. Brad Nigh. Good morning Brad!

[Brad] Brad does Brad.

[Evan] Brad, last week I mentioned that I wanted to do a Women in Security series on our show and you seem pretty excited about it. Well, I was talking about this for a couple weeks with a close friend of ours and an awesome business person, Renay Rutter. Renay has more than 30 years of IT and business leadership experience, and we’ve had the pleasure of working with her here at FRSecure for the past 2(ish). She’s currently FRSecure’s Chief Operating Officer, and she’s pretty much kicking butt. Welcome to the show Renay!

[Renay] Renay does Renay.

[Evan] We have a lot to cover today, and before we jump into the meat of the show, let’s check in like we always do. What’s up you two?

Catching Up

Quick discussion about last week, the weekend, family, safety etc.

[Brad] Brad shares his things.

[Renay] Renay shares her things.

[Evan] Alright, that’s that. Was it last week or the week before that we finished up the 2020 FRSecure CISSP Mentor Program? Ugh. I can’t remember.

Recap of the 2020 FRSecure CISSP Mentor Program

This was the BEST year yet, by far. Just some of the highlights:

  • We had 1,444 total registrations at the beginning of class.
  • There were three instructors this year, which made life a lot smoother (me, Brad, and Ryan Cloutier)!
  • There have been 5,398 views of Session One.
  • Already had a dozen or so people inform us they’ve already passed the exam!
  • Renay (our guest) attended too!

[Evan] It was a great season and I’m pumped about what’s to come. The CISSP Mentor Program has been such a blessing for us ever since we started it 11 years ago. Huge thank you to our instructors, Brad and Ryan. Also, a huge shout out to the people behind the scenes who make this thing happen:

  • Brandon Matis, FRSecure Content Marketing Specialist
  • Lori Blair, FRSecure Senior Security Analyst
  • Ryan Abraham, FRSecure Senior Security Analyst
  • Chad Spoden, FRSecure Senior Security Analyst

A great team effort and a great success. Here’s to next year!

Alright, now on to our series topic.

Women in Security, Part One

[Evan] This could be the start of something cool. We’re going to take a big portion of the next four shows (or so) to get real and be honest about the topic of women in the information security industry. Do we have a shortage of women in our industry? If so, what’s the big deal? Why is the topic important for us to talk about? Lot’s of questions and I’m sure just about everyone has an opinion. Instead of people listening to our opinions Brad, we’re going to talk to the people this relates to the most; women! What better way to get a woman’s perspective on things than to talk to a woman?

Who better to start the series off with than Renay. Let’s do this.

Open Discussion

  • How you got into the industry?
  • Your journey in the industry.
  • Advice you have for someone starting out.
  • Do you think we need more women in our industry and why?
  • Opinions about the talent shortage in our industry.
  • What can we do better in recruiting more people, and specifically more women in our industry?
  • Whatever else we’d like to share.

[Evan] Thank you Renay. Good information and things to think about more. Much appreciated! How about some quick news stuff?

News

[Evan] Between COVID-19, the social justice things going on around the world, and everything else. Yes, there is plenty of information security news too! Here’s just a few stories to bring your attention to quick:

Wrapping Up – Shout outs

[Evan] There you go. That’s it for episode 84. Thank you Renay for giving a great start to the Women in Security series. We’re lining up our guest for next week and it’s going to be a great show too! Either of you have any shout outs this week?

[Brad and/or Renay] We’ll see.

[Evan] Thank you to all our listeners! We dig all you folks (mostly). Let us know what you think about this show or share your ideas with us. You can email us at unsecurity@protonmail.com. You social types can follow us on Twitter if you’d like. I’m @evanfrancen, Brad is @BradNigh, and even Renay’s got some Twitter foo; she’s at @RenayRutter. The companies we work for are social too, heck everyone’s social nowadays. SecurityStudio’s Twitter is @studiosecurity and FRSecure’s Twiiter is @FRSecure.

That’s it! Talk to you all again next week!

The UNSECURITY Podcast – Episode 62 Show Notes – Iran and Stuff

Still in Cancun for another week (Evan). I know, poor me.

One thing is certain. It doesn’t matter what I’m doing or what you’re doing, the world doesn’t pause and wait for you. Attackers still attack and defenders still defend. Some of us are thriving and others of us are just struggling to survive.

So, the big worldwide news this past week was the U.S. spat with Iran. It was immediately politicized, as we would expect, but what does it mean to you, me, and the world of information security? Let’s talk about this.

A few of you took me up on my offer last week for a free copy of UNSECURITY. Your books are being sent soon.

If you haven’t read my first book, I invite you to. You can either purchase it, or if you’re with us on our mission to fix the brokenness in our industry, contact me (Twitter, LinkedIn, email, etc.) and tell me so. I’ll send you a free signed copy! P.S. I’m not publicizing this everywhere, so let’s see if your paying attention.

I’m supposed to be leading the show this week, but I’m still out of the office. Brad and Ryan should be in studio for this episode, and I’ll call in again.

These are my notes (Evan).


SHOW NOTES – Episode 62

Date: Monday, January 13th, 2020

Show Topics:

Our topics this week:

  • Opening – Catching up
  • U.S. and Iran
    • What does it mean for information security?
    • What does it mean for you and me?
    • Avoiding collateral damage
  •  News
    • Is Microsoft sharing Skype and Cortana audio with the Chinese?
    • Security tips for college students
    • Amazon Ring employees caught snooping
  • Contact Us – featuring people looking for jobs in information security
Opening

[Brad] Hey UNSECURITY Podcast listeners! This is episode 62 and the date is January 13th, 2020. I’m Brad Nigh, your host for today’s show. Joining me in studio is Ryan Cloutier and by phone is Evan Francen. Hi guys.

[Ryan & Evan] We’re welcoming fellas, so we’ll say “hi” or something here.

[Brad] Let’s catch up quick. How was your week and what’s going?

Catching Up Discussion

Who’s doing what?

  • Ryan’s first week at SecurityStudio.
    • What was it like?
    • Anything newsworthy or exciting?
  • Brad’s crazy week.
    • Most weeks are crazy. What was craziest?
    • What are you excited about?
  • Evan in Cancun.
    • Chillin’ or workin’?
    • How’s the book coming along?

[Brad] Cool. Good things last week and coming up this week.

Switching gears a bit. I want to discuss a topic that’s on many people’s minds; the conflict between the United States and Iran, and what effect it has on our daily information security/cybersecurity lives.

U.S., Iran, and Information Security Discussion

Very significant events have taken place over the past few weeks. Events that impact our world as we know it; politically, economically, and from an information security (or cybersecurity) perspective. Let’s stay out of the politics as much as we can and leave the economic discussion to the economics experts.

What I’d like to discuss is how these current events affect us with respect to information security. We should all be concerned about how these things affect our ability to protect ourselves, our families, our schools, our workplaces, and our local governments.

First a little background on the current events:

  • December 27th, 2019 – The K-1 Air Base in Iraq was attacked killing an American civilian contractor, injuring four U.S. service members and injuring two Iraqi security forces personnel. The U.S. blamed Iranian-backed militia for the attack.
  • December 29th, 2019 – The United States attacked five Hezbollah positions in Iraq and Syria resulting is an at least 25 killed militia members and another 55 wounded.
  • December 31st, 2019 – January 1st, 2020 – Hezbollah militiamen, their supporters and sympathizers attacked the U.S. embassy in the Green Zone of Baghdad. The United States blamed Iran and its non-state allies for orchestrating the attack. No deaths or serious injuries occurred during the attack and protesters never breached the main compound.
  • January 3rd, 2020 – A targeted U.S. drone strike killed the commander of the Islamic Revolutionary Guard Corps (IRGC) Quds Force, Qasem Soleimani. Soleimani was considered to be the second most powerful person in Iran.
  • January 8th, 2020 – The Iranian military launched numerous ballistic missiles at two airbases in Iraq. there were neither American nor Iraqi casualties. Hours after the initial Iranian missile attacks, a Boeing 737-800 (Ukrainian International Airlines Flight 752) crashed shortly after takeoff from Tehran Imam Khomeini International Airport, killing all 176 passengers on board. Iran initially claimed the cause of the crash was mechanical failure.
  • January 11th, 2020 – A video showing the moment Flight 752  was hit by an Iranian missile was published by The New York Times. The Iranian government was forced to admit that it “inadvertently” shot the plane out of the sky. A wave of anti-government protests have now emerged across Iran.

Phew! These are only the latest events in decades of conflict between the two nations.

So, back to the point of our discussion. I’d like us to share our opinions, and hear the opinions of our listeners this week. You know what they say about opinions, right?

  • What does it mean for information security?
  • What does it mean for you and me?
  • How can we avoid collateral damage?

Some sources of information to guide our discussion:

[Brad] Great discussion and plenty of healthy opinion. I think the same things hold true for us that have always held true:

  1. Focus on what you can do to protect your area of influence (your habits, at home, at work, etc.)
  2. Master the fundamentals. We can’t control what Iran or the United States does, but we can make it a little less likely that we’ll be a victim in all this.
News

Now for some (other) news. Here are three newsy things that caught our attention last week.

Closing

[Brad] OK, that’ll just about do it. Be careful out there.

One last thing before we close this show out. Are you or someone you know looking for a job in information security? If so, we’d love to hear from you and help out where we can. Email us at unsecurity@protonmail.com and we’ll chat.

If you’re the social type, socialize with us on Twitter, I’m @BradNigh, Ryan can be found at @CLOUTIERSEC, and Evan’s in his usual spot, @evanfrancen.

That’s it! Talk to you all again next week!

The UNSECURITY Podcast – Episode 56 Show Notes

Brad and I hope you had a wonderful Thanksgiving holiday! We have so many things to be thankful for, including our faith, our families, our work families (FRSecure and SecurityStudio), our friends, our partners, our clients, and last, but not least, our UNSECURITY Podcast listeners!

Our listeners make our podcast worthwhile.

If you missed last week, we introduced you to one of the most amazing 15 year-old kids you’ll ever meet, Zoe Bundy. She’s an all around awesome gal, and the founder of Brainy Ladies. Give it a listen. You won’t be disappointed!

This week we welcome another special guest, Justin Webb. Justin is a “Data Privacy & Cybersecurity Attorney / Chief Information Security Officer at Godfrey & Kahn, S.C.”. We’re going to talk to Justin about all sorts of legal information security and privacy stuff. It’ll be like 30-40 minutes of free legal advice (sort of)!

I’m (Evan) leading the show this week, and here are my notes.


SHOW NOTES – Episode 56

Date: Monday, December 2nd, 2019

Show Topics:

Our topics this week:

  • Introducing Justin Webb
    • Who is Justin Webb?
    • Target vs. Chubb
    • The California Consumer Privacy Act (CCPA)
    • China’s Cryptography Law
  • New Show Format (reminder)
  • News
Opening

[Evan] Welcome back! Unless you’re lost, you know this is the UNSECURITY Podcast. This is episode 56, and I’m Evan Francen, your host. The date is December 2nd, and joining me is my buddy Brad Nigh. Sup Brad?

[BradShares some of the simple things in life.

[Evan] How was your Thanksgiving holiday?

[Brad] Great, duh!

[Evan] We have another awesome show planned today! A couple of weeks ago, I read a news story about Target suing Chubb, their insurance provider, about claims related to the infamous Target breach of 2013. Here we are, six years later, and the fallout continues.

People who know my past, know that I spent twenty-one months consulting the Special Litigation Committee (SLC) of Target Corporation’s Board of Directors who addressed the derivative claims
arising out of the December 2013 data breach. I mention this only because I’m still obligated to maintain confidentiality from this work, and for perspective. I was privileged to see almost everything about this breach, or at least it seemed that way.

So, I read the news about this lawsuit, and I figured I’d reach out to my favorite cyber-insurance guy, David Kruse and get his take. David introduced me to this cool cat, Justin Webb, an information security stud and data privacy attorney with Godfrey & Kahn, a leading law firm out of Milwaukee, Wisconsin.

Welcome Justin!

[Justin] Justin does Justin.

[Evan] I’m sort of looking at this like we get 30 minutes or so of free legal advice. Right?

[Justin] Probably not right, but whatever.

[Evan] We’re very excited to have you join us Justin!

Discussion with Justin

Conversation items:

[Evan] Good stuff! Legalling is exhausting. Thank you Justin for providing your insight and advice!

New Show Format Discussion (reminder)

[Evan] Just a quick reminder about the upcoming new addition to the show, starting after the first of the year. We’re devoting ten minutes of each show to anyone who’s looking for a job in the information security industry. Email us at unsecurity@protonmail.com if you want your slot! We’ll respond to you on a first come, first serve basis.

We’ve already received some emails, which is super cool!

If you’re chosen, and the time works out, we’ll invite you on to our show to learn about you. Think of this as a quick 10 minute interview. We’ll work out the kinks between now and the time we kick this off, but we’ll have a standard format defined by then.

If you’re looking for a job, use us to help you get the word out! Stay tuned, we’ll mention this a few more times before we make this change official.

OK, now some news…

News

[Evan] Alright, what the heck happened this last week? Let’s see…

Closing

[Evan] That’s it. Episode 56 is a wrap. Thank you to Justin Webb for joining us and for sharing your perspective.

Thank you to our listeners! Keep the questions and feedback coming. We’re still a little behind on responding right now, so please be patient with us. We love your feedback. Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen and Brad’s @BradNigh. Justin, how do you want people to socialize with you?

Follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more goodies there too!

That’s it! Talk to you all again next week!

The UNSECURITY Podcast – Episode 55 Show Notes

Here we are, show notes for the UNSECURITY Podcast, episode 55!

Last week’s show featured pioneer virus researcher and keynote speaker Kenneth Bechtel. We learned from his wisdom, and he also shared some of his recent struggles with landing a job. UPDATE: Ken informed us that he’s landed a job, and we’re pumped about it! If you know Ken, reach out an congratulate him.

This week we have another super special guest! Zoe Bundy, the teenage founder of Brainy Ladies is joining us. We’re going to dedicate the show to learning more about her, her company, and her cause! This is going to be amazing!

This is Brad’s show to lead this week, and these are my (Evan) notes.


SHOW NOTES – Episode 55

Date: Monday, November 25th, 2019

Show Topics:

Our topics this week:

  • World Meet Zoe!
    • Who is Zoe Bundy?
    • Introduction to Brainy Ladies
    • What’s next?
    • How can we help?
  • Thanksgiving – What’s one thing we’re thankful for this year?
  • New Show Format
  • News
Opening

[Brad] Welcome to the UNSECURITY Podcast. The date is November 25th, 2019 and this is episode 55. My name is Brad Nigh and joining me in studio is Evan Francen. Sup Evan?

[EvanThings and such.

[Brad] So, Evan. You meet a lot of really awesome people on the SecurityStudio Roadshow. There are few, if any, that you mention with more admiration than our guest this week, Zoe Bundy. Before we introduce her, tell me how you met and your thoughts about what she’s doing.

[Evan] You’re absolutely right, by far the best part of being on the SecurityStudio Roadshow is meeting the people I get to meet. One of the most incredible people I’ve met is Zoe Bundy. She’s the CEO of Brainy Ladies, an organization with this super cool mission of helping more girls get into STEM.

I first met Zoe in November 2018 at Network Center’s nVision Conference in Fargo, North Dakota. Steve Marsden, FRSecure employee #3 ran up to me and told me he’d met the most fascinating girl who’s got this awesome mission to help girls get into STEM. She gave a talk at nVision 2018 and he was blown away by her poise, her ambition, and her mission. When we met in 2018, I put her in touch with some of the great women we have working at FRSecure like Megan Larkins and Lori Blair.

Fast forward to this year’s nVision conference, and I ran into Zoe again. She came by our SecurityStudio booth with her brother Grover. She’s still trucking along, making a huge difference in the world. I felt like we needed to get her on the show, get to know her a little, and help her spread the word about her noble mission!

[Brad] Awesome! Well, let’s introduce Zoe. Hi Zoe, welcome to the UNSECURITY Podcast!

Discussion with Zoe
  • World meet Zoe and Brainy Ladies!
  • Open, unscripted discussion.
  • Getting to know Zoe.
  • Questions we may/may not get to:
    • How old are you?
    • Do you come from a family with a STEM/technical background?
    • How did she come upon her mission?
    • What motivated her to do something?
    • Tell us about Brainy Ladies.
    • What plans do you have for the future of Brainy Ladies?
    • How can we get involved with helping Brainy Ladies or you?
    • What do her friends at school think?
    • Does she recruit girls into STEM? If so, what works and what doesn’t?
    • What advice does she give girls who have an interest in STEM, where should they go?
    • What about girls who are struggling with STEM, what help can we give?
    • If there was one thing you’d like our listeners to know about girls in STEM, what is it?
    • If there was one thing you’d like our listeners to help you with, what would it be?

[Brad] Wow! There are tons of opportunities to encourage girls to get into STEM. STEM isn’t for everyone, but for everyone who’s got an interest, there’s plenty of opportunity! Amazing.

Thanksgiving

[Brad] OK, this is Thanksgiving week. We all have things to be thankful for this year, starting with you Zoe, what’s one thing you’re particularly thankful for this year?

[Zoe] She can choose whatever she wants or nothing at all. This is her time.

[Brad] How about you Evan, what’s one thing you’re thankful for this year?

[Evan] We’ll see what he/I say…

[Brad] Good stuff! I’m thankful for ______________.

New Show Format Discussion (quick)

[Brad] Next let’s talk quick about an upcoming show format change, starting the first of the year. We’re going to devote ten minutes of each show to anyone who’s looking for a job in the information security industry. You email us at unsecurity@protonmail.com sometime before the next episode, and we’ll respond to you on a first come, first serve basis.

If you’re chosen, and the time works out, we’ll invite you on to our show to learn about you. Think of this as a quick 10 minute interview. We’ll work out the kinks between now and the time we kick this off, but we’ll have a standard format defined by then.

So, if you’re looking for a job, use us to help you get the word out! Stay tuned, we’ll mention this a few more times before we make this change official.

OK, now some news…

News

[Brad] There’s always plenty of news to choose from. Here’s just a couple of stories that caught our eye this week.

Closing

[Brad] Alright! Episode 55 is a wrap. Thank you again to Zoe Bundy from Brainy Ladies for joining us! We’re very excited to keep up with what she’s doing.

Thank you to our listeners! Keep the questions and feedback coming. We’re a little behind on responding right now, so please be patient with us. We love your feedback. Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @BradNigh and Evan’s @evanfrancen. Zoe, how do you want people to socialize with you?

Follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more goodies there too!

That’s it! Talk to you all again next week!

The UNSECURITY Podcast – Episode 54 Show Notes

Show notes are almost on time this week! Yay us.

I started writing our show notes on Thursday night in the Salt Lake City airport, and now I’m finishing them on a plane back from LA. Ugh. The life.

This was a crazy week, but what’s new? While Brad’s been bustin’ his tail keeping up with FRSecure’s sales and operations, I’ve been traveling the country on the SecurityStudio Roadshow. My travels this week took me to Rochester (NY), Baltimore (MD – layover), Kansas City (MO), Salt Lake City (UT – layover), Sacramento (CA), and Los Angeles (CA – layover).

I’m supposed to get home late on Friday night. We’ll see. 🙂

If you’d like to follow the SecurityStudio Roadshow, I write a recap every week on my/this site. Keep up with me, and give me some BBQ tips.

I’ve met some amazing people on my travels, and one really cool cat is Kenneth Bechtel. I met Kenneth during week one of the SecurityStudio Roadshow. On week one, John Harmon and I traveled to Harrisburg, Pennsylvania for BSides. I was speaking in a mid-morning session and Kenneth was the keynote speaker.

I have a lot of respect for Kenneth because he’s been at his game for a long time. He’s been doing threat hunting before threat hunting was a thing. Big props to this guy. During our time together at BSides, Kenneth shared his recent troubles finding a job. This bugs me. So, I invited him to be a guest on the podcast.

We’re honored to have him share some of his wisdom. We’ll try to get to the bottom of his job search struggle too.

Special thanks to Brandon Matis for putting together last week’s anniversary show! That couldn’t have been easy.

Pretty sure I’m supposed to lead this episode, so here goes.

My show to lead this week and these are my notes.


SHOW NOTES – Episode 54

Date: Monday, November 18th, 2019

Show Topics:

Our topics this week:

  • What’s up man?
  • Introducing Kenneth Bechtel
    • The earlier days versus today. What’s changed and what’s the same?
    • The (alleged) infosec labor crunch. Kenneth isn’t the first person who’s had trouble finding work. What gives?
  • New show ideas
  • News
Opening

[Evan] Hey UNSECURITY Podcast listeners! This is episode 54, and the date is November 18th, 2019. I’m Evan Francen, and it’s my show this week. Brad’s here with me too. Care to chime in Brad?

[BradYou know he’s got something to say. Probably something good too!

[Evan] Alright, we’ve got another great show planned!

  • Brad and I are going to catchup with our craziness quick.
  • We’re going to get real with a true information security pioneer Kenneth Bechtel. He’s got an incredible amount of wisdom to share and we want to get to the bottom of why people like Kenneth are not getting hired when we have this alleged talent shortage.
  • We’ll talk about an upcoming show idea that we have, then we’ll wrap with some newsy things.

I’m pumped about this show! So, let’s get on with it, eh?

[Brad] Brad’ll agree probably.

[Evan] So, what’s up man?! I’ve been out for the past two weeks preaching to folks everywhere and stuff. I missed you man.

Catchin’ up with Brad (quick)

[Evan] Alright, enough of that. We are excited and honored to have Kenneth Bechtel on the phone, so let’s welcome him. Hi Kenneth.

[Kenneth] He’ll confirm (unless of course we have some tech issue or something).

[Evan] Can’t tell you how grateful and pumped we are to have you on the show! We’re going to get to know each other more, and discuss things. I’d like to start off with you telling us about you, then we can talk about how the industry has evolved, then lastly, let’s discuss this whole infosec talent shortage thing.

I found an old photo of you on your Team Anti-Virus website.

About Kenneth:

I have been actively involved in Anti-Malware defense and research since 1988 at both a corporate and international level, with close ties to the international Anti-Malware efforts and fellow researchers.

In the corporate world, I have worked as both a Virus Laboratory and Field researcher for major organizations, providing expert support for malware outbreaks.

Internationally, I was a Founding Members of AVIEN – Anti-Virus Information Exchange Network, and served as Chairman of its Disciplinary Committee and well as member of the Advisory Board to the Administrator.

I have presented at international conferences, including the Virus Bulletin Conference, at which I am a regular attendee.

My work has been published in trade magazines and specialized websites such as Security Focus.

I have written a handbook on Anti-Virus Security and was one of the co-authors of the AVIEN Malware Defense Guide. 

I am regularly asked to speak at small organization and company conferences and training seminars.

Media requests, Opportunities and general inquiries are welcome at kbechtel@teamanti-virus.org

Discussion with Kenneth Bechtel
  • Introductions
  • The earlier days versus today. What’s changed and what’s the same?
  • The (alleged) infosec labor crunch. Kenneth isn’t the first person who’s had trouble finding work. What gives?
  • Your recent post about your cowboy hat

[Evan] Alright. Let’s see what we can do here to help each other. Kenneth, I sincerely appreciate your tireless work for this industry and for being on our show!

News

[Evan] Some interesting news stories for us to discuss this week. The first one is interesting because we’ve warned about this and sadly things are going to get much worse before they get better.

Closing

[Evan] OK, cool! Episode 54 is a wrap. Thank you again Kenneth for being on our show. I think our discussion will benefit others!

Thank you to our listeners! Keep the questions and feedback coming. We love it, well Brad does, but I don’t. Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen, and Brad’s @BradNigh. Kenneth, do you have a way you want people to socialize with you?

Follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more goodies!

That’s it! Talk to you all again next week!

The UNSECURITY Podcast – Episode 49 Show Notes

OK, late again. Show notes before the show recording though, so it’s not terrible.

Lately, Brad and I haven’t seen each other much (or at all). I’ve been on the SecurityStudio Roadshow (#S2Roadshow) and Brad’s been swamped running his part of the FRSecure business (solutions development, sales support, innovation, IR support, and Analyst team support, etc.). Brad’s got a lot of stuff!

FRSecure won another award last week, which is super cool! The company was ranked #22 of the 50 fastest growing companies in the Twin Cities! In addition to being the 22nd fastest growing company, FRSecure was also the highest ranked information security consulting company on the list. This is the 3rd consecutive year that FRSecure has made the Fast 50 list, and I AM SUPER PROUD of this team! HUGE CONGRATULATIONS on a great accomplishment! They are all amazing, top to bottom!

When you get out of the way, incredible people to do amazing things. This is how FRSecure works.

Let’s get to some show notes, shall we?


SHOW NOTES – Episode 49

Date: Monday, October 14th, 2019

Show Topics:

Our topics this week:

  • Quick Catch-up/Roadshow Week #2
  • IT Security, Information Security, Cyber Security, and Physical Security
  • Cybersecurity Maturity Model Certification (or “CMMC”)
  • What it takes to do this job
Opening

[Brad] – Hi UNSECURITY Podcast listeners! It’s me, Brad Nigh. This is episode 49 and the date is October 14th. Evan’s here too. Say “hi” Evan.

[Evan] I oblige. I’m nice.

[Brad] It’s been a couple weeks since you and I have been in studio together. Last week, you and John Harmon hosted episode 48 while I was traveling. This week I’m back!

[Evan] It’s good to have you back man! I’m excited to catch-up and record this episode with you!

[Brad] Holy cow, we’ve got a jam-packed show today. Is this what I get for letting you write the show notes?

[Evan] 😉

[Brad] OK, let’s catch-up quick. Let’s chat about the stuff I’ve been up to, and some of the stuff you’ve been up to.

Quick Catch-up/Roadshow Week #2 Discussion

[Brad] Good things. We receive good questions from our listeners each week, and this past week is no exception. There was one question in particular that I wanted to cover with you. It was nice to here that the listener  has adopted our definition of information security in his policies, but he struggling with the term “IT Security”. He’s not alone I guess, because he also provided a link to a CompTIA article titled “What Is the Difference Between IT Security and Cybersecurity?“.

[Evan] Yeah, this can be confusing for some people. Words really do matter, especially when we struggle with using them correctly.

[Brad] The CompTIA article is sort of confusing, as the author covers different approaches to the definitions of IT Security, Information Security, Cyber Security, and Physical Security.

In one diagram, he arranges information security, cyber security, and physical security inside of IT security. In another diagram he drops IT security altogether and puts cyber security and physical security inside of information security. 

He then poses the question “So, which is best? Who is right?”. His answer leaves us hanging and then he a attempts to address whether terminology even matters. Let’s discuss this and address our listener’s question.

IT Security, Information Security, Cyber Security, and Physical Security Discussion

[Brad] Glad we settled it. Maybe we should make a diagram too. Later.

[Evan] Pretty sure we’ve got one or two of these somewhere.

[Brad] Alright. Another listener emailed us this week and asked us about the new(ish) Cybersecurity Maturity Model Certification (“CMMC”). Should we talk about this quick?

[Evan] I’ll agree because I agree.

Quick Cybersecurity Maturity Model Certification Discussion
  • All companies conducting business with the DoD must be certified, regardless of the use/presence of Controlled Unclassified Information (CUI)
  • Initial implementation of the CMMC will only be within the DoD
  • The intent of the CMMC is to combine various cybersecurity control standards such as NIST SP 800-171, NIST SP 800-53, ISO 27001, ISO 27032, AIA NAS9933 and others into one unified standard for cybersecurity.
  • CMMC is intended to serve as a verification mechanism.
  • CMMC will implement multiple levels of cybersecurity. In addition to assessing the maturity of a company’s implementation of cybersecurity controls, the CMMC will also assess the company’s maturity/institutionalization of cybersecurity practices and processes.
  • accredited and independent third party commercial certification organization to request and schedule your CMMC assessment
  • Some of the higher level assessments may be performed by organic DoD assessors within the Services, the Defense Contract Management Agency (DCMA) or the Defense Counterintelligence and Security Agency (DCSA).
  • Your certification level will be made public
  • The government will determine the appropriate tier, contained in sections L & M of future Request for Proposals
  • On October 3rd, the DoD posted the RFI for the CMMC Accreditation Body.
  • The draft CMMC v0.4 is posted.
  • The draft CMMC v0.6 is expected for public review in November, 2019.
  • Finalization of CMMC v1.0 is expected by January, 2020.

[Brad] Lots to say about that. Last week, you mentioned me in a Twitter conversation you were engaged in. The tweet that started the conversation was “Lol lots of people whining about empathy in infosec this morning… what, are you all on the same sensitive mailing list or something?”

[Evan] Yeah. The author had a point and I thought it could be a good conversation about what it takes to be good at what we do from a slightly different perspective.

Discussion about what it takes to do this job

The Twitter thread:

Continues…

Good stuff to discuss, and shoutout to @c0Bchik for engaging in a discussion.

[Brad] Alright, let’s wrap this up with a few news stories.

News

[Brad] I’ve got three news stories to discuss this week:

Closing

[Brad] There you go, episode 49 is a wrap! Like many of you listening, we’ve got another busy week ahead.

Thank you to our loyal listeners! Thank you for your tips and feedback. Send us your wisdom, questions, advice, whatever, by email to unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @BradNigh and Evan’s @evanfrancen. Also, follow SecurityStudio (@studiosecurity) and the #S2Roadshow hashtag.

That’s it! Talk to you all again next week!