The UNSECURITY Podcast – Episode 46 Show Notes

Here we go, we’re on week 46 (already)!

Hard to believe how far we’ve come over the past 45 weeks. Our first podcast was recorded over a Zoom Web conference on a Sunday afternoon. Brad was at home and so was I. We kept up the Sunday routine for a while, at least until our wives requested their Sunday afternoons back. Thank God, because the quality of those early podcasts sucked, and we needed to up our game.

Anyway, there’s a story here. Maybe a story for another day.

This has been another incredible week.

The week started with a Sunday evening trip to Washington D.C. for a Monday afternoon meeting.

The highlight on Tuesday was participation in the 2019 Minnesota IT Symposium at the Mall of America. I had the privilege to participate on a panel with two really awesome information security leaders; Judy Hatchett (VP, Information Security & CISO at Fairview Health Services) and David Young (CISO at Medica). The panel was moderated by my good friend (and SecurityStudio board member) Nick Hernandez. It was an amazing discussion, and it was an honor to share the stage with these guys.

Wednesday was an office day, trying to catch up. It doesn’t seem healthy to process so many emails in such a short period of time.

Thursday was arguably the highlight of the week. FRSecure held their 4th Hacks & Hops event. More than 200 friends and partners gathered at U.S. Bank Stadium to talk about security incident response. After the keynote, I was joined by some incredible information security peers; Jadee Hanson (CISO and VP of Information Systems at Code 42), Bill Boeck (Senior VP, Insurance and Claims Counsel at Lockton Companies), and our very own Oscar Minks (FRSecure’s Director of Technical Solutions and Services).

We discussed the importance of incident response planning, cyber insurance, shared some personal stories, and fielded some great questions from the audience.

One or our attendees summed it up well in his LinkedIn post after the event.

There is an incredible amount of work that goes into arranging an event like this. FRSecure’s Jess Kooiman led the charge, with a significant amount of help from Brandon Matis, Andy Forsberg, Christy Kleve, Renay Rutter, and McKenzie Adams.

Friday wrapped with some good SecurityStudio meetings, including one with Tyler Olson (Founder and CEO of SHYLD Academy). He’s got a good thing going there!

Great week and tons going on. I hope you had a great week too. If you’d like to share your week, get in touch with me or Brad. You can find us at unsecurity@protonmail.com. We’d love to hear your successes and/or help if we can.

If you missed episode 44 of the UNSECURITY Podcast, here it is.

OK. Show notes…


Just a quick note. Brad’s super busy, so these are his show notes written by me (Evan).

SHOW NOTES – Episode 46

Date: Monday, September 23rd, 2019

Show Topics:

Our topics this week:

  • Hacks & Hops Recap
  • Upcoming Speaking Engagements
    • Our upcoming talks
    • The SecurityStudio Roadshow
  • Mental Health
  • Industry News

[Brad] – Hi there, welcome to episode 46 of UNSECURITY Podcast. I’m Brad Nigh and joining me in studio is Evan. This is two weeks in a row where we’ve been together in studio. Want to say “hi” Evan?

[Evan] We record the show at 6:45am on Mondays. Who knows what sort of mood I’ll be in.

[Brad] Sheesh, we have another jam-packed show this week. I need to stop Evan from writing the show notes!

[Evan] Yeah, probably.

[Brad] Another crazy, but great week around here. One of the highlights from this past week was our Hacks and Hops event. Let’s talk about it and share some thoughts, especially for the listeners who couldn’t make their way to U.S. Bank Stadium on Thursday.

Hacks & Hops Recap and Discussion

[Brad] It was a great event! I didn’t mind helping you out with the joke you couldn’t remember either. Your welcome.

[Evan] I was stuck. Why are jokes so hard for me to remember?

[Brad] You and I have a bunch of talks coming up, and you’ve got the Project Bacon roadshow too. We’re going to be all over the place.

[Evan] We do. It’s exciting to spread the word, and we hope that we’re helping people along the way.

Upcoming Speaking Engagements Discussion

[Brad] This will be good. One of the things that you mentioned at the beginning of your Hacks & Hops keynote was the mental health. This is a topic that isn’t discussed as much as it should be.

[Evan] Yeah, we need to shine a brighter light on this.

[Brad] You wore a Mental Health Hackers t-shirt and gave some statistics. Let’s talk about Mental Health Hackers, the statistics you shared, and how this hits home for us here at FRSecure.

Mental Health Discussion

We could spend an entire series talking about the importance of mental health in our information security industry, but for now we’ll keep it fairly short.

[Brad] Talking about mental health openly is important. We are all in this together, and we all need to take a more active role in supporting each other.

[Brad] OK, as is the custom, we close this thing out with some news. Here’s the industry newsy things to discuss briefly this week.

News

Here’s our news for this week:

Closing

[Brad] There you have it. We talked about a lot!

Always grateful for our our loyal listeners. We love your feedback and appreciate the fact that you join us each week. Send your feedback to us at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @BradNigh and Evan’s @evanfrancen.

Talk to you all again next week!

The UNSECURITY Podcast – Episode 45 Show Notes

Welcome back for another quick recap of the week and another dose of UNSECURITY Podcast show notes. Hope you all had a great week!

For last week’s show, Brad was in studio while I was calling in from Sofia, Bulgaria. Brad was joined by Ryan Cloutier, an awesome return guest. As far as I could tell, it was another great show. I had some connectivity issues, but who doesn’t have connectivity issues in Bulgaria? Brad did a great job holding things together while we chatted about issues such as liability and speaking information security with “humans”.

Catch episode 44 here.

I was in Bulgaria to visit members of our SecurityStudio development team, check out the new office, and spend some time planning future releases of the software. Bulgaria is eight hours ahead, so timing with U.S. resources was interesting.

This slideshow requires JavaScript.

The trip was very successful and we made significant progress on a number of fronts. While I was halfway around the world, Brad held down the fort. He’s a really good leader and I’m sure he has a bunch of things going on. I didn’t get to check in with him last week, so we’ll ask how he’s doing on the podcast.

Lots of other really cool stuff to share, but I’ll do that in another post or on the show.

Let’s do some show notes now.


SHOW NOTES – Episode 45

Date: Monday, September 16th, 2019

Show Topics:

Our topics this week:

  • Catching Up
    • More Mentor Program success
    • Civic duty example
  • vCISO Revisited
  • Book Announcement

[Evan] – Hi folks, welcome to the UNSECURITY Podcast. This is episode 45 and I’m your host, Evan Francen. Brad’s joining me as usual. Hi Brad!

[Brad] Brad politely says hello to me and by proxy all of our listeners. Good Brad.

[Evan] Man, this is two shows in a row where I’m out of studio. Today I’m stuck in Washington, D.C. for a meeting. Only one day, so that’s good. What’s up with you?

[Brad] Stuff and things.

[Evan] We haven’t recorded together in person the last couple of weeks, and I haven’t even been able to catch up with you. You cool if we catchup quick?

[Brad] Brad will probably say “yes”.

[Evan] Alright, let’s start with your week. Tell us what you’ve been up to.

Catching up

  • What Brad’s up to.
  • What I’m up to.
  • We have more Mentor Program success to talk about
  • One of our listeners is setting a great example for all of us in holding his local government accountable for security.

[Evan] Alright, lots of good things. We’re all in this together and there’s a job and place for everyone.

[Brad] Brad’s words of wisdom.

[Evan] We’re always grateful for feedback that we get from listeners. If you’d got some, email us at unsecurity@protonmail.com. One of the more popular topics in the past few months has been that of the virtual Chief Information Security Officer (or vCISO). We’ve received some great questions about how to become a vCISO. A couple of episode ago, we talked about what a good vCISO is, but we didn’t really talk about how to become one. Let’s do that.

How to become a vCISO discussion

  • If you’re new (less experience).
  • If you’re experienced (even existing CISOs)
  • What are the benefits to being a vCISO versus being a FTE CISO?

[Evan] Alright. Good perspective and good discussion. Thank you Brad.

[Brad] Brad’s gotta say something or we’ll have an uncomfortable silence here.

[Evan] OK, last topic before we get into some news. I want to announce something that I’m VERY excited about. You and I are going to write a book, right?

[Brad] Brad confirms. See if you can notice any change in the tone of his voice when he responds.

New book announcement and discussion

There’s a tie in here with vCISO too.

[Evan] I’m pumped about writing with you Brad. What better time than 4th quarter to get started?

[Brad] He’s lived through multiple 4th quarters, so he’ll laugh/cry.

[Evan] Let’s close this thing out with some news, eh?

News

Here’s our news for this week:

Closing

[Evan] There you have it. Thank you for another great show Brad!

A special thank you to our loyal listeners. We love your feedback and sincerely appreciate the fact that you join us each week. Send your feedback to us at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen, and Brad’s @BradNigh.

Talk to you all again next week!

The UNSECURITY Podcast – Episode 44 Show Notes

Welcome back for another quick recap of the week and another dose of UNSECURITY Podcast show notes!

Last week, Brad and I were back in studio together to record episode 43. It was a good show, where we covered some relevant topics such as (more fricken) incident response, vCISO questions, and how we (the good guys) can’t possibly do all the things that they (the bad guys) do.

Quick words about vCISO

  • It’s the future of information security leadership.
  • There are good vCISOs and less good (maybe bad) vCISOs, you need to learn the differences.
  • We got some great feedback this week from people who aspire to be a vCISO, which was really cool!

Quick words about good guys and bad guys

  • There’s a gap between what we can do and what they can do.
  • We have rules, they don’t.
  • We have ideas about how to close some of the obvious gaps (didn’t cover in the episode 43, but we’ll cover this somewhere in the future).

If you missed episode 43, you can always go back and nab it here.

Hoping you all had a great week. It was a short week, but if you’re like me, it only meant that we crammed more stuff into less time.

Most of my time this week was spent working with SecurityStudio partners find success in serving their clients. This is a blast because we create situations where everyone wins, and we do it together.

This week I started exploring the possibility of helping an incredible organization combat sex trafficking in the United States. The organization is SHAREtogether, and they’re doing amazing work. The organization is run by Jaco Booyens, the director of the movie 8 Days. If you get a chance, check them out and watch the movie (it’s been watched more than 2,000,000 times). If you feel more inclined, do more to help. Right now, my involvement is more exploratory, but I’m sure there will be more to this story before it’s all said and done.

Anyway, on the the show! Brad is leading the show this week, and he’ll have another returning


SHOW NOTES – Episode 44

Date: Monday, September 9th, 2019

Show Topics:

Our topics this week:

  • The security expert’s take on liability.
  • Speaking information security for “humans”.
    • What’s the problem?
    • Ideas for solving the problem(s).
    • Consequences of the failure to solve the problem.
  • Industry News

[Brad] – Brad can choose any opening he’d like. This is his show to lead. The standard one sort of goes like this…

Welcome to the UNSECURITY Podcast, episode 44. Joining me is my co-host, Evan Francen. Say hi Evan.

[Evan] I’ll say something here. Probably. Maybe I’ll stay silent to through Brad off, but now that it’s in the show notes, I think I let the cat out of the bag. Whatever.

[Brad] Also joining us today is a repeat guest. Ryan Cloutier is here in person. Ryan is an amazing information security expert with a noble mission. He was also on with us back in episode 27, back in May. Welcome Ryan.

[Ryan] Ryan’s a guy with something to say, so he’ll say something here.

[Brad] This week, Evan’s in Bulgaria. What’s going on over there, Evan?

[Evan] Stuff.

[Brad] It’s sort of funny. We’re beginning to think you don’t like Ryan all that much because last time he was on, you were in California. You got something against Ryan or what?

[Evan] Maybe.

[Brad] We brought Ryan on the show again because we love his perspectives on helping “normal” people, or as he likes to call them, “humans”, secure themselves better. Great mission, but before we cover that, let’s talk about some common questions we get about liability. Now, we’re not lawyers, so don’t think this is official legal advice, but we do work with lawyers pretty often when we investigate breaches.

Discussion about liability, from a security person’s perspective

[Brad] So, the key is to do the things that a “reasonable” person would do in your same circumstance. This leads to a whole bunch of questions that you should be asking yourself.

Now let’s switch gears a little bit. Ryan, you’ve got this deep desire to help “humans” secure themselves better, and this passion is shared with us here at FRSecure. You recently posted an open letter to the security community on Evan’s blog and you regularly speak to crowds all over the United States. Let’s talk about all this for a bit.

Discussion about Ryan’s mission and speaking “human”

  • What are some of the problems we’re facing when speaking “human”?
  • What ideas do we have for solving the problem(s)?
  • What are some of consequences of the failure to solve the problem?

[Brad] There’s so much we can do together, as a community, to do this better. Great discussion. What’s our one call to action?

[Brad] OK, on to this week’s security news.

News

Here’s our news for this week:

Closing

[Brad] Alright. Another great show. Thank you for joining me Ryan.

Evan, have a good time in Bulgaria. Bring me home a gift or something.

A special thank you to our loyal listeners. We love your feedback and sincerely appreciate the fact that you join us each week. Send your feedback to us at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @BradNigh and Evan’s @evanfrancen.

Talk to you all again next week!

The UNSECURITY Podcast – Episode 43 Show Notes

Crap. I had a good streak going for a bit. I was getting show notes published on Friday, but now I’m back to being consistently late with this. Oh well, it is what it is.

Did you catch last week’s show? It was a really good one, where Christophe Foulon joined the show again. He gave us an update on what he’s been up to and reinforced his mission of helping people get into the information security field. Great guy, great mission, and a great talk. Listen to it here.

This week was tough, filled with tough decisions, but the outcome was incredible. I won’t go too much into the details, but I’ll give you a quick recap.

  • My good friend Ryan Cloutier published his first article as a guest on my blog. Ryan’s a great advocate for helping “normal” people learn information security basics, and it’s a honor to have him write something for me/us to share.
  • I was off to New Jersey this week, spending time with a global company’s information security team, building some great information security processes. The two days was filled with some amazing working sessions. We left things much better off than where we found them.
  • Friday was filled with meetings, back to back to back to back. Each meeting was unique, and they all produced positive results. It’s sometimes crazy coming back to the office after a few days away. I love my team and I love being with them, even if it is in a meeting. 😉

OK, show notes. Here they are…


SHOW NOTES – Episode 43

Date: Monday, September 2nd, 2019

NOTE: We recorded this podcast on Friday, August 30th ahead of the Labor Day holiday.

Show Topics:

Our topics this week:

  • Incident Response (why not?)
  • What’s a vCISO?
  • Gaps between us and them
  • Industry News

[Evan] – Some sort of non-standard opening… The standard one is:
“Welcome to the UNSECURITY Podcast, this is episode 43 and the date is sometime in late August. I’m Evan Francen and joining me is my partner in crime, Brad Nigh. Hello Brad.”

[Brad] Brad does Brad.

[Evan] We have a packed show in store again today. We’re recording this episode on Friday because Monday is Labor Day. Summer is over. What the ?!?! Got plans?

[Brad] Brad still does Brad because Brad is Brad.

[Evan] Hopefully our listeners all had an enjoyable Labor Day and an enjoyable summer. Back to school and back to the grind. Speaking of “back to the grind”, let’s talk about a topic that we always seem to be talking about, Incident Response. I’ll be damned if we don’t have more lessons to share with our listeners. Let’s keep it short though, if we can.

Incident response discussion

  • Keep it sort of short.
  • Mention some recent lessons.
  • Mention the upcoming Hacks & Hops

[Evan] A topic came up this week when I was talking with an investor. He asked, “what is a vCISO?” The conversation got me thinking, do we just assume that people know what a vCISO is?

[Brad] Still doing the Brad thing.

[Evan] Let’s discuss this and be clear in our definition of a vCISO and what they do. I’d also like to discuss what makes a good vCISO and what makes a bad vCISO.

[Brad] Yep, still doing Brad. Life is good. 😊

vCISO discussion

  • Define vCISO
  • Why do we need vCISOs?
  • What makes a good vCISO?
  • If you’re looking for a vCISO, what should you demand from them?
  • Whatever else seems pertinent to the conversation.

[Evan] Alright, last topic for the show is something that came up in a recent vCISO engagement with a customer. It demonstrates the gaps between what good guys can do when they test something and what the bad guys can do. There’s always a gap. There’s a line that we can’t or won’t cross. Here’s a recent example:

From: Marty Wikle <mwikle@sygnosinc.com>

Sent: Sunday, August 25, 2019 9:46:59 PM

To: REDACTEDNAME <redacted@redacted.com> Subject: Respond ASAP

Someone ask me to kill you. For your information I am not sending this message with my email address and internet service provider just in case you want to proof smart and stubborn..any ways I like someone like that!because I will be so happy to put a bullet on your skull..My boys have been watching your steps for few days.

I am giving you a chance to live simply because my oracle show me that you dont have a hand in what you were accused of

You are to pay me $10,000 and I shall terminate the operation,after that I will give you the info of the person that wants you dead

You can call the authority and have them do patrol in your area 24/7 that didn’t stop me from hunting you and your love ones down.We are invisible!!

Reply to this email addresse:

trinitybharath048@gmail.com

[Evan] This email demonstrates a gap between what we can test as the good guys and what the bad guys do. This gap will always exist because we play by rules and the bad guys don’t care.

[Brad] Still doing Brad…

Short discussion

[Evan] Alright, let’s wrap this thing up with some news.

News

Here’s our news for this week:

Closing

More great episodes to come.

If you’re the social type, socialize with us on Twitter, I’m @evanfrancen and Brad’s @BradNigh.

Talk to you all again next week!

The UNSECURITY Podcast – Episode 42 Show Notes

Son of a …! Back to being a day late with the show notes. Day jobs get in the way sometimes.

Did you catch last week’s show? Listen to it here.

I won’t bore you (much) with the details, most of my week was spent on SecurityStudio:

  • Our first Board of Director’s meeting was last Friday (8/16), lots to do and talk about, but worthy of it’s own post/article. We’ve put together a great board.
  • Financial projections, modeling, etc. Not my strongest suit, for sure. I’m a security guy who became a business guy, not the other way around.
  • Drafting documentation for SecurityStudio’s platform and products. I guess you can never have too much documentation.
  • Investor meetings and pitches. Raising capital is a crazy experience for someone like me. Learning a whole new side of business.
  • Collaboration with some really cool people.

The entire SecurityStudio experience has been a crazy one. Crazy good some days and crazy challenging other days.

FRSecure is rocking along. Only a few meetings for me here and some very high level support for another incident response.

Overall, good things! Let’s get to the show notes, shall we? Brad’s leading and we have another returning special guest.


SHOW NOTES – Episode 42

Date: Monday, August 26th, 2019

Show Topics:

Our topics this week:

  • More Incident Response(s)
  • Seriously what is going on with all these Incident Responses?
  • Hey, Christophe is back!
  • Industry News

[Brad] – Hi everybody, and welcome to another episode of the UNSECURITY Podcast! This is episode 42, and I’m Brad Nigh, your host. Joining me today is my good friend, Evan Francen. Good Morning Evan.

[Evan] Evan responds with Evanisms

[Brad] We have a jam-packed show this week! If you’ve seen the show notes on Evan’s blog, you know how much we’re planning to get through! Let’s start by talking about what we’ve been busy with, then I’ll share my crazy week. Evan, what’s your week been like?

[Evan] Hopefully has good things to recap from the last week.

[Brad] (literally copied this from last week because, well it’s true) More incidents this week. If this keeps up, we might have to dedicate an entire podcast to incident response! Sheesh.

Incident response discussion

[Evan] We like responding to incidents because we love helping people. We hate responding to incidents because it means someone is (maybe) in trouble. We’ll see if we make it a week without another one.

Active IR discussion and transition into discussion with Christophe Foulon.

[Brad] Christophe, welcome back to the show. How’s things on the East Coast this morning?

[Christophe] Says what Christophe says…

[Brad] So, it’s been a few months since you were on with us. What’s new with you? What are you working on?

Discussion with Christophe

About his current projects and what he’s been up to. Will certainly be a good discussion! We’ll see where it goes.

We have Christophe for 1/2 hour before he needs to get back to work, so he may/may not stick around for news.

[Brad] Alright, we’d better get to some news. We might not get through all of it, but we’ll get through some of it.

News

Here’s our news for this week:

Closing

[Brad] – Dang, that was a helluva lot of stuff to fit into one show! That’s how it is. Big thanks for Christophe for joining us. He’s a great ally in the industry. Thanks Evan, and a special thank you to our listeners. The show grows each and every week, and we love your feedback. You can reach the us on the show by email at  unsecurity@protonmail.com.

Evan’s already got a great show planned for next week, so keep up with us. If you’re the social type, socialize with us on Twitter, Evan’s @evanfrancen  and I’m @BradNigh.

Talk to you all again next week!

The UNSECURITY Podcast – Episode 41 Show Notes

Happy Friday! Time for show notes, and I’m actually early with the notes this time.

We’re humbled and grateful for the growth of the UNSECURITY Podcast audience. Every week breaks a new record, in terms of listeners and downloads. Thank you for spending time with us!

Great show planned this week, with some healthy controversy. I won’t put the controversial stuff in these notes, so you’ll have to listen to get the skinny.

Hope you had a great week! Here’s some quick highlights from us:

  • Our very own Team Ambush came back from Def Con after capturing 2nd place in the warl0ck gam3z capture the flag (CTF)! Helluva accomplishment for an awesome and incredibly skilled group! We’re VERY proud of them and their accomplishment. This is the 2nd year in a row that they’ve captured 2nd place at Def Con. We’ll be talking with the leader of FRSecure’s Technical Services Team, and member of Team Ambush on this show!
  • Speaking of Team Ambush, they were featured on KARE 11 news (one of the largest in Minneapolis/St. Paul) on Wednesday night during prime time. A link to the feature is here; https://www.kare11.com/article/news/minnesota-team-places-2nd-in-national-hacking-competition/89-77305e34-dadd-4b55-afcb-c8d1af6165f9
  • Minnetonka School District is one of the largest and arguably the best school district in Minnesota. I had the pleasure of presenting to their faculty and staff on Monday. The title of the talk was Security@Home Security@Work. In the talk, I featured SecurityStudio’s newest product, S2Me. S2Me is a personal information security assessment and it’s free. If you haven’t done so already, go get your S2Score now! We used the results of the assessments to drive conversation about information security. Great discussion! S2Me is a great conversation starter and we’re excited to go where it takes us.
  • I spent the rest of the week fundraising for SecurityStudio. We’re in the middle of seeking our seed round of funding, and it’s a helluva experience for me. I’ve never raised money before, so I’m learning as I go. If you know anybody who’s willing to share wisdom in this area, send them my way (efrancen@securitystudio.com).

Things are good. On to show notes, eh?


SHOW NOTES – Episode 41

Date: Monday, August 19th, 2019

Today’s Topics:

Our topics this week:

  • What is S2Me?
  • More Incident Response(s)
  • Def Con with Oscar
  • Industry News

[Evan] – Hi everybody, and welcome to another episode of the UNSECURITY Podcast! This is episode 41, and I’m Evan Francen, your host. If this isn’t your first time listening, you already knew that. Joining me today is my show buddy, Brad Nigh. Care to say “hi” Brad?

[Brad] Brad almost always says “hi” but we’ll see if he read the show notes. Maybe he’ll come up with something unique.

[Evan] We’re excited for today’s show because we have a first time special guest joining us. None other than the infamous Oscar Minks, joining us from his home base in Kentucky. Oscar, wanna say “hi”?

[Oscar] Hi, or something similar.

[Evan] Oscar, you’re the Director of Technical Services at FRSecure, right? Tell our listeners what that job is.

[Oscar] Tells us what he does here.

[Evan] Thank you Oscar, it’s an honor to have you here.

Brief discussion with Oscar

[Evan] OK. Have you guys heard of the S2Me yet?

[Brad][Oscar] Tell the truth.

[Evan] Have you guys got your S2Score yet? Care to share?

Discussion about S2Me and the theories behind it. Maybe a little chat about Minnetonka School District too

[Evan] More incidents this week. If this keeps up, we might have to dedicate an entire podcast to incident response! Sheesh. I’ll tell you about mine, then you tell me about yours Brad.

Incident response discussion

[Evan] We like responding to incidents because we love helping people. We hate responding to incidents because it means someone is (maybe) in trouble. We’ll see if we make it a week without another one.

[Evan] Two weeks ago, we had “Ben” on the show to talk about going to Def Con among other things. Now Def Con is over, and we can talk a little about our team’s experience. Oscar, you were there. Let’s chat.

Def Con discussion

[Evan] Thank you for sharing Oscar. More to come I’m sure. Let’s wrap this up with some news. We’ll cover as much as we’ve got time for. Three stories to start.

News

Here’s our news for this week:

Closing

[Evan] – Again, that’s how it is. Thank you Oscar for joining us. Thank you Brad for being a great partner. Special thank you to our listeners, and especially those of you who give us input and feedback. You can reach the us on the show by email at  unsecurity@protonmail.com.

If you’d like to be a guest on the show or if you want to nominate someone to be a guest, send us that information too.

As always, you can find me and/or Brad on Twitter. I’m @evanfrancen and Brad’s at @BradNigh. Oscar, do you twit?

Talk to you all again next week!

The UNSECURITY Podcast – Episode 40 Show Notes

Another week in the books (almost). Speaking of books, I’m working on one with two more in the works. So much writing to do, and not enough time! I’m sure that lack of time is not a problem that’s unique to me. Time is precious, and nobody’s got enough of it.

In case you missed it, this week was “Hacker Summer Camp” in Las Vegas. Thousands of information security people descended upon Sin City this week for Black Hat, BSides Las Vegas, and DEF CON. These are three of the best known and well-attended conferences in our industry. David (aka “System Overlord”) writes a good summary, you can read it here.

Instead of going to Hacker Summer Camp, I took this week to get away. A few people were surprised that I wasn’t going, but to be honest, it’s not really my jam. It’s too much noise, too much BS, too much drinking, and too flashy for me. Maybe it’s just a different stage of life for me now. Some people thrive on being where the action is; I’m just not one of them. To each his/her own.

We sent 10 people from FRSecure, people with more self-control.

While Black Hat was kicking off, I took off to Duluth, MN and the North Shore for a few days. Did some catch-up work and some writing. It was good soul time.

This slideshow requires JavaScript.

Alright back to the grind. In the office this morning, putting together episode 40’s show notes, and getting face time with some of my favorite people. Hopefully, you enjoyed last week’s show, with the return of “Ben”. As I write this, Ben is neck deep with FRSecure’s Team Ambush competing (and winning?) in their DEF CON CTF.

This week, Brad’s back!

On to the show notes…


SHOW NOTES – Episode 40

Date: Monday, August 12th, 2019

Today’s Topics:

Our topics this week:

  • Catching up; Brad’s Back
  • More Incident Response(s)
  • Hacks & Hops
  • warl0ck gam3z
  • Industry News

[Brad] – Welcome to episode 40 of the UNSECURITY Podcast! My name is Brad Nigh, and I’m your host this week. I’ve had a couple of weeks off from the podcast, but it’s good to be back! Joining me as co-host this week is Evan Francen. Hi Evan.

[Evan] Hi Brad. Welcome back!

Catching up (a little)

[Brad] So, jumping right back into things this week. We received a couple of interesting incident response calls. I’d like to talk about them, how we handle them, and then we’ll segue into Hacks & Hops and a great tip/question we received from one of our listeners this week.

[Evan] Sounds good. Let’s do it.

Incident response discussion

Discuss real security incidents that we’re working on/investigating.

[Brad] Incident response is the theme for our next Hacks & Hops event coming up next month at US Bank Stadium.

[Evan] Yep. We’ve got an amazing event planned with an all-star panel.

[Brad] Who’s on the panel? Tell me about them.

[Evan] We have three panelists joining us, and I’ll be moderating. All three panelists are people that I have deep respect for; Jadee Hanson, Mark Lanterman, and Chris Roberts.

  • Jadee is the CISO at Code42, and she’s done an amazing job building a world-class security team. She’ll bring the perspective of an expert security leader. Jadee’s bio is here.
  • Mark is the CTO at Computer Forensic Services. He’s one of the best incident investigators I know, and he’s got some amazing stories to share. He’ll bring the perspective of an expert security investigator. Mark’s bio is here.
  • Chris is Chris. Two things I like most about Chris is his truth and his style. He scares most people by telling them the truth, he’s got some incredible stories, and he’s blunt. Chris will bring the perspective of a hacker. Chris’ bio is here.

All in all, this is an incredible panel. I’m pumped!

Hacks & Hops discussion

[Brad] Since we’re on the topic of incident response, let’s address a question that came in from one of our listeners this week. This is from Jeff. Jeff asks:

Incident Response – what is minutia and what is a real incident?  It seems contradictory to say that some companies may not use their IR plan in a year – and to also say that every suspected attack, malware, scan, etc. is an incident.

Let’s tackle this quick.

[Brad] Alright, moving on. Last week was “Hacker Summer Camp” in Vegas. Neither you nor I went this year, mainly because of workloads and other priorities. We did send ten (10) people from FRSecure though, and eight of them belong to a group that calls themselves “Team Ambush”. These guys competed in the warl0ck gam3z CTF at DEF CON. Two years ago, they took 3rd place. Last year, they took 2nd place. This year they claimed that they were all in!

How’d they do.

Discuss warl0ck gam3z and Team Ambush

[Brad] OK. I’ve only got one news item to discuss this week. I think one is enough because of it’s significance. Let’s talk about the security incident(s) at AT&T that were announced recently.

Sources:

Closing

[Brad] – There you go, that’s how it is. It’s great to be back. Thank you Evan, and a special thank you to our listeners. We’re sort of blown away by the number of people who listen to our podcast each week, and we love getting your feedback. Please keep it coming. You can reach the us on the show by email at  unsecurity@protonmail.com.

If you’d like to be a guest on the show or if you want to nominate someone to be a guest, send us that information too.

As always, you can find me and Evan on Twitter. I’m @BradNigh and Evan’s at @evanfrancen. Talk to you all again next week!

The UNSECURITY Podcast – Episode 39 Show Notes

HAPPY FRIDAY! You made it through another week. Did you survive or did you thrive? Hmm. Something to think about, I suppose.

Good week here for me, the folks at FRSecure and the folks at SecurityStudio. Most weeks are good weeks really.

I was in town all week, but not in the office too much. Came in for meetings, then excused myself for more writing. Most of my days are consumed by writing lately. Writing a few blog posts, a few articles, and working on the upcoming book.

I’ll leave it at that for now. Many exciting things to share, but we’ll be patient and let them take a little more shape before sharing.

Did you catch episode 38 of the UNSECURITY Podcast? John Harmon, the president of SecurityStudio was in studio and we had a great chat. John and I are working well and working closely together. It’s a blast!

This week’s show, episode 39, is a real treat. “Ben” comes back in studio to give us the lowdown on what he’s been up to. I’m excited for you to hear what he’s got to say. This show is released on Monday (8/5), so be sure to look for it!

On to the show notes…


SHOW NOTES – Episode 39

Date: Monday, August 5th, 2019

Today’s Topics:

Our topics for the week include:

  • Conversation with “Ben”
    • Research
    • Responsible Disclosure
    • Social Engineering (SE) Things
    • Team Ambush
    • DEF CON
  • Industry News

[Evan] – Hello listeners, and welcome to episode 39 of the UNSECURITY Podcast. My name, for those of you who don’t know, if Evan Francen. I’m your host for today’s show, again. Scheduling stuff for security people is always a pain in the ass, and this week is no different. We’re recording this show on Friday because I’m out of the office next week. This is still Brad’s vacation, so he’s out of hand for hosting. All this means that I get to host again! That’s cool, right?!

Brad will be back next week, and he’ll have a great show planned I’m sure.

Now, you don’t want to sit there and listen to this voice for an entire show, so I invited someone last minute to join me. I found “Ben”! Want to say hi to the listeners Ben?

[Ben] Ben does Ben.

[Evan] Ben, thank you for agreeing to join me, especially last minute like this.

[Ben] Ben does Ben.

[Evan] Ben’s not your real name, right? So why do we call you “Ben”?

[Ben] Ben does Ben.

[Evan] You were here back in episode 14 (February 11). It was a great talk then, and this one will certainly be as good or better. Ben, you live a damn cool life, at least as it goes for security people. You cool if we talk about some of the things going on with you?

[Ben] Ben does Ben.

Conversation with “Ben”

Topics to discuss with Ben include:

  • Research
  • Responsible Disclosure
  • Social Engineering (SE) Things
  • Team Ambush
  • DEF CON

[Evan] See, I told you. Ben does cool stuff, and a lot of it! We could have talked for hours, but we can’t do that here. Let’s close with some news.

Industry News

Plenty of news this week, but arguably the most talked about is the Capital One breach. Instead of what’s in your wallet, now the joke is “who’s” in your wallet. Seriously though, this was big news this week.

Here’s our news to discuss in this week’s show.

Closing

[Evan] – So, there you go. That’s how it is. Ben, a huge thank you for joining me this week. Best of luck to you and all of Team Ambush this week at DEF CON. You’re going to have a great time and I can’t wait to hear how things went. Also, as always, thank you to our listeners. The podcast continues to grow and we’re grateful. Keep the awesome feedback coming, send it to unsecurity@protonmail.com. If you give us something real cool, we’ll mention it. Without your approval of course. Wait. That’s not right. I mean WITH your approval.

If you’d like to be a guest on the show or if you want to nominate someone to be a guest, send us that information too.

Ben, how can people reach out to you? Or do you even want people to reach out to you?

[Ben] People can reach me through Twitter. My Twitter handle is @M1ndFl4y. I don’t post much, but you can reach me through a DM there.

[Evan] OK. Thanks again. Find us on Twitter for daily chatter. I’m @evanfrancen and Brad’s @BradNigh. Have another great week everybody!

Denver ISSA Incident Management Workshop Recap

Finally. I’m finally getting around to posting about this event. The fine folks of the Denver ISSA chapter invited me to speak at their chapter event on May 23rd. The event was a three-hour incident management workshop (titled Incident Management – Panic or Plan).

‘Wait! What?! Three hours?!

Yes. These poor folks endured three hours of my preaching. Read on…

About Denver ISSA

The Denver ISSA Chapter is the largest chapter in the world with more than 800 members. I’ve attended numerous ISSA chapter events over the years, and the Denver ISSA Chapter is one of the best! Read about the Denver ISSA Chapter here.

I spent some time with James Johnson, the Chapter President, and Shannon Welton, the Chapter Training Coordinator while I was there, and they are both top notch! Seriously. They’re good, and it was great conversation (for me anyway).

Can’t say enough good things about Denver ISSA. Loved every minute I spent there.

About the Workshop

Shannon Welton was my primary contact for the workshop. She’s a pleasure to work with. I was given liberty to create and present whatever content I wanted to, and she made sure I had everything I needed at every step of the way.

Flight in the morning from Minneapolis to Denver. Grabbed a Lyft. Made the trip from the airport to Maggiano’s Little Italy (16th St Mall). Lunch started at noon, and I got there at 12:05. Not bad. 😉

From the moment I arrived, I felt welcomed. There seemed to be ~100 people there, and they were all engaging. They showed genuine interested in each other and it felt good to be there. Lunch ran from noon til 12:45, at which time Shannon kicked off the workshop with an introduction. When she introduced me, she asked if anyone had heard of me. Funny! Only one person raised their hand.

After three hours together, they’ll all have heard of me now!

I’m the sort of guy that could talk for three days about information security (and incident management), so three hours wasn’t going to be a problem for me. The challenge is/was keeping people engaged for three hours.

Here’s the learning objectives.

Here’s the agenda.

I used two things to keep people awake; a 15-minute break at 2:15 and Dad jokes. We made it through to 4:00pm, and the group was very engaged. More than I expected. There were great questions, good eye contact, and I felt as though we all got something from the experience together.

Workshop Content

Get it here.

  • ISSA-Denver_PanicOrPlan-052319.pdf, the slide deck.
  • CSIR-Maturity-assessment-tool_Info1.pdf, the CREST Cyber Security Incident Response Maturity Assessment Tool introduction document.
  • Maturity-Assessment-Tool.xlsm, CREST Cyber Security Incident Response Maturity Assessment Tool (Summary).
  • Maturity-Assessment-Tool_Detailed.xlsm, CREST Cyber Security Incident Response Maturity Assessment Tool (Detailed)
  • ISSA-SAMPLE_Incident_Log&Categorization_Tool.xlsx, the FRSecure basic information security incident logging and categorization workbook.
  • ISSA-SAMPLE_Security_Incident_Response_Plan-052319.docx, the FRSecure basic incident management/response plan template.

Summary

The Denver ISSA is awesome! If I lived in Denver, I’d be at every event. If you live in Denver, you should go to every event. Seriously, get there.

A dozen of so people came up to speak with me after the workshop. More great questions and some great connections. I felt bad that I had to run shortly after the workshop in order to catch my plane back to Minneapolis. Next time (if/when there is one), I will stay longer.

Presenting this workshop was a real privilege, and I’d go back anytime.

P.S. Another example of their awesomeness; I received a beautiful “thank you” gift basket at my office from these guys. Too cool!