Posts

The UNSECURITY Podcast – Episode 82 Show Notes – World On Fire

/in /by

So, in case you missed it, the world blew up last week. Again.

This time it’s not COVID-19 that takes the headlines, it’s rioting. Rioting that was triggered by (NOT caused by) one of the most disturbing videos I’ve ever watched, that of Minneapolis Police officer Derek Chauvin kneeling on the neck of George Floyd. As I write this, riots are taking place (or have taken place) in Atlanta, Bakersfield, Boston, Chicago, Columbus, Dallas/Fort Worth, Des Moines, Denver, Detroit, District of Columbia, Houston, Los Angeles, Louisville, Memphis, Minneapolis, New York City, Phoenix, Portland, Sacramento, and San Jose, among many others. The media is reporting riots are even taking place in other countries!

Seems like the world is on fire. While this isn’t the place for us to dig into the debate about racial injustice and inequality, we’ve all got opinions (and I’ll share mine later, in another place/time). The UNSECURITY Podcast is dedicated to information security, so we’ll stay on topic. Today’s current events are hard to process, but a relevant question is, what do current events mean to/for information security? This will be our topic.

I’m not going to recap last week/weekend personal events here either. We might discuss these things a little during the time that Brad and I catch up with each other, but otherwise, we have plenty to discuss in this episode. Let’s get to it!

These are my (Evan) show notes…

SHOW NOTES – Episode 82

Date: Monday, June 1st, 2020

Episode 82 Topics

  • Opening
  • Catching Up (as per usual)
  • World On Fire
  • News
  • Wrapping Up – Shout outs
Opening

[Evan] Hey there! Welcome to episode 82 of the UNSECURITY Podcast. Today’s date is June 1st, 2020. Due to a lack of personal hygiene, well mostly a hair cut, I’m your information security chia pet, Evan Francen. Joining me is my good friend and co-host Brad Nigh. Good morning Brad!

[Brad] He wishes all the listeners nothing but the best of mornings!

[Evan] Some serious stuff to talk about in today’s show, but one of the most serious things, for me at least, is checking in with you. How you doing Mr. Nigh?

Catching Up

Quick discussion about last week, the weekend, family, safety etc.

[Brad] Gives us the low down on his haps.

[Evan] I give the low down on my haps. Also, I hit a deer on my motorcycle on Saturday (again). What the?!?! Who does this?

World On Fire

[Evan] It was easy to pick a topic for this week’s show. Just when you think the world couldn’t get any crazier, we encounter the events of last week. There are so many thoughts and emotions running through our heads. Everything from sorrow to anger to frustration and everything in between. We don’t ever want to shy away from tough issues, but we also need to keep things on topic (information security) for the show. What I’d like to do is discuss today’s current events and apply them to what we do. Ultimately, what do all these things mean to information security?

Whatya say Brad, you game?

[Brad] He’s a smart and competitive son of a gun. You know he’s game!

Things to discuss:

  • FRSecure’s Information Security Principle #1; a business is in business to make money.
  • Physical security implications, lessons, ideas, etc.
  • What does this mean for cyber/technical security?
  • Some organizations are targets.
  • Personnel information security implications.
  • If COVID-19 wasn’t enough to motivate better response planning, does this?
  • Whatever other pertinent thoughts come to mind.

[Evan] Great discussion and lots of good advice I think! Let’s do some newsy stuff.

News

[Evan] Even though information security may not be dominating the news, there are still plenty of information security news stories to choose from. Here are three news stories that caught my eye.

Wrapping Up – Shout outs

[Evan] Alright listeners! That’s episode 82. Brad, who you got a shout out for?

[Brad] Somebody special for sure!

[Evan] Here’s mine…

[Evan] Thank you to all our listeners! You guys are a big deal to us. PLEASE be safe out there; physically, mentally, and electronically. Let us know what you think of this episode or whatever else is on your mind. Send us things (preferably not malware, but whatever) by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen and you can find this Brad guy @BradNigh. If you wanna follow our company’s stuff, you can follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for whatever cool things they’re up to.

That’s it! Talk to you all again next week!

#S2Roadshow Recap – Week Nine

/in /by

This week on the SecurityStudio Roadshow, we made the trip down to Scottsdale, Arizona to visit the people attending the ISSA Phoenix Q4 2019 Chapter Meeting. Of course, we got our fill of good BBQ too!

SecurityStudio Roadshow Summary

If you’re new, or you’re confused about this #S2Roadshow thing, start here (maybe).

Previous Week’s Recaps:

The purpose of the SecurityStudio Roadshow (#S2Roadhow) is to meet people and make partners. We want to meet people, understand their businesses, and help them grow using simple, fundamental, and compliant solutions (S2Score, S2Org, S2Vendor, and S2Team/S2Me).

Our mission is to fix the broken information security industry. Success requires collaboration, partnership, and transparency.

BBQ Reviews

In the spirit of transparency, we have a secondary mission on the #S2Roadshow. We eat as much BBQ as we can. After stuffing ourselves, I summarize our BBQ reviews at the end of each recap article (see below).

Scottsdale, Arizona

We arrived in Phoenix/Scottsdale on Wednesday (12/4), the day before the ISSA chapter meeting. After getting our sweet rental, a 2019 Dodge Charger Hemi, we drove straight to our first BBQ joint, NakedQ BBQ in Scottsdale.

This slideshow requires JavaScript.

When you’re from Minnesota, a December trip to Scottsdale doesn’t suck. The weather was great. After BBQ, we were off to the hotel for some meetings and to catch up with work.

 

This slideshow requires JavaScript.

Next was a dinner meeting with a good friend and partner from the area, and afterwards day one was complete. Four or five great meetings, some good work completed, and two BBQ visits. Not bad.

Day two started with, you guessed it, more BBQ, before we headed off to the ISSA chapter meeting. Three BBQ visits in less than 24 hours. Think maybe we’re overdoing this? I think not!

ISSA Phoenix Q4 2019 Chapter Meeting

We’ve been to more than a couple ISSA chapter meetings, and this was one of the best! Lorna Kertész, the chapter President does a great job running things. She was running all over the place making sure things went off without a hitch. Huge shout out to Lorna!

Overall, this was a fantastic meeting! The venue was top notch, the speakers were great, and the happy hour was very well attended. On a scale of 1 – 10 for chapter meetings, this one was a 10!

When John and I arrived, it was cool to know that there were some people who were expecting me. A couple people came up to tell me that they’d read my book, and a few mentioned that they’d attended the FRSecure CISSP Mentor Program. Feels like we’re making a difference.

The first speaker of the day was Rachel Harpley from Recruit Bit Security. She gave a very good talk titled “Yule be Sorry without Security Researchers”. Rachel is cool. She’s got some great things to share and her perspectives about information security are spot on (in my opinion). If you haven’t met her, or attended one of her talks before, you should! It was fun to visit with her for after her talk.

The next speaker was Dr. Paulo Shakarian CEO and co-founder of CYR3CON. This dude is smart! He gave a legit talk titled “Artificial Intelligence Research for Forecasting Exploit Usage”. We caught up after his talk and scheduled a meeting (week after) to discuss how his research can make the SecurityStudio platform better. The prospects of tying legit AI into SecurityStudio’s S2Org technical vulnerability scoring are very exciting!

My talk followed the talks of these two esteemed speakers.

This slideshow requires JavaScript.

I gave a similar talk that I’ve given across the country now. Want the deck? Four topics in the agenda, housekeeping, meat, the dream, and call to action. The talk was well received, and the interaction with the attendees was super! Gave away three books, and had some wonderful discussions with people afterwards.Like I said earlier, this meeting was a 10 on a scale of 1 – 10. The only thing that would have made it better is if the guy next to me wouldn’t have gotten up and left his laptop unlocked.

I talked to him about it afterwards. We’re cool.

BBQ Reviews

You know how we roll, right?! BBQ man! As much as we can get, and yes, we (well I am) are gaining a few pounds along the way.

Three BBQ reviews this week; all three in Scottsdale. We expected good BBQ in Kansas City, but Scottsdale, Arizona?! Believe it or not, Scottsdale has some awesome BBQ joints! Here’s our take on the three we visited.

NakedQ BBQ – https://www.thenakedbbq.com/ – Overall: 8.25

  • Atmosphere – 7, the atmosphere for this place was OK. It was another one of those strip mall feeling sort of places.
  • Service – 9, Everyone was very pleasant and went out of their way to make sure you were satisfied. It’s great when people come out from behind the counter to see how you’re doing.
  • Portion/Value – 8, the price was better than I expected and the portions were generous.
  • Taste – 9, the food tasted great and you could tell it was made by people who know what they’re doing. The best brisket we’ve had in a while.

This slideshow requires JavaScript.

This was really, really good BBQ. I had a 1/4 pound of brisket, jalapeno sausage, turkey, and pulled pork, and they were all great. It’s a tie between the brisket and sausage for my favorite.

The Thumb – https://www.thethumb.com/ – Overall: 8.5

  • Atmosphere – 10, the atmosphere for this place was one of the best yet. The restaurant is part of a gas station and a gift shop. Totally comfortable and cozy. My kind of BBQ joint to just chill and visit with friends.
  • Service – 10, Seriously, these people know how to serve and make you feel like you’re a king (or queen, as the case may be)! One of the few places where they offer you a sample before you order. Once we ordered, they brought the food out to us, grabbed an assortment of sauces, gave us some free goodies, and constantly made sure we were happy.
  • Portion/Value – 7, the portions were hefty, but the price reflected it. Better than average, I’d say.
  • Taste – Maybe my expectations were set too high after experiencing the super cool atmosphere and getting service reserved for royalty, but the food tasted OK. Not great, but good maybe.

This slideshow requires JavaScript.

We met a good friend and business partner for dinner here. Overall, we had a great time and I’d visit this place again. Oh yeah, one more thing. This place was featured by Guy Fieri too. Some people think that’s pretty cool.

Little Miss BBQ – https://www.littlemissbbq.com/ – Overall: 8.75

  • Atmosphere – 9, this was a cool joint. It sort of felt like I was down south in the 70s. This is a order your food, grab your food, and sit sort of BBQ joint.
  • Service – 9, certainly above average. We arrived before the place was open and there was already a line around the corner. While we waited, a waitress walked the line offering samples of their home made sausage. While we ordered, the cook gave us a small cut sample of the pastrami brisket. After we ordered, we were assured that we had everything we needed to be happy.
  • Portion/Value – 8, very reasonable and worth every penny.
  • Taste – 9, We would have said “10”, but we use that number very sparingly. The brisket might have been the best we’ve had so far on the SecurityStudio Roadshow. It might be a toss-up between this place and Pecan Lodge (Dallas, TX in week #3). The taste of the meats here was incredible.

This slideshow requires JavaScript.

This was the best BBQ we’ve had for a long time, if ever, on the SecurityStudio Roadshow. If you like BBQ and you are in the Scottsdale area, you have to visit this place. It’s amazing!

BBQ Summary

Three new BBQ joints to add to our list, and this makes 28 we’ve visit so far. This was a VERY good BBQ week for us, with all three BBQ joints easily making the top 10. The winner this week was Little Miss BBQ, but it was close. Pecan Lodge is still on top as the overall #S2Roadshow leader with a score of 9 (but we need to go back an validate this now), and Little Miss joins Bowlegged BBQ in the #2 spot. The current overall standings are listed below.

Overall Standings (at the end of #S2Roadshow Week Eight):

  • Pecan Lodge – 9
  • Little Miss BBQ – 8.75
  • Bowlegged BBQ – 8.75
  • The Thumb – 8.5
  • Divine Swine – 8.5
  • Naked Q BBQ – 8.25
  • Dinosaur BBQ – 8.25
  • Big Ed’s BBQ – 8.25
  • Mission BBQ – 8
  • Slaps BBQ – 8
  • Q39 BBQ – 7.75
  • Cousin’s BBQ – 7.75
  • Blackwood BBQ – 7.5
  • Broad Street BBQ – 7.5
  • Hard Eight – 7.25
  • Spring Creek Barbeque – 7.25
  • Redd’s BBQ – 7.25
  • RIBBRO BBQ – 7.25
  • Iron Horse – 7
  • Lucille’s Smokehouse BBQ – 7
  • Texas Bar-B-Q Joint – 7
  • Fire Breather BBQ – 7
  • Smoque – 6.75
  • Sweet Lucy’s Smokehouse – 6.75
  • Red Coal BBQ – 6.75
  • Bad to the Bone BBQ – 6.75
  • Unkl Moe’s – 6.5
  • Hambone’s Smokehouse – 6.25
  • Shakedown BBQ – N/A (wasn’t open when it was supposed to be, wasted trip)

Next Week’s #S2Roadshow

A couple of talks this week, one in St. Paul, MN and another visit to Dallas, TX. We’re visiting the Minnesota Government IT Symposium on Wednesday and we’re visiting the Dallas/Fort Worth ISC2 chapter on Friday. Looking forward to meeting a bunch of great people this week, and we’re looking forward to revisiting Pecan Lodge.

Stay tuned for next week’s #S2Roadshow updates. You can follow us on Twitter (@evanfrancen, @HarmonJohn, @StudioSecurity, and the #S2Roadshow hashtag) and on LinkedIn.

See you next week! If you want to collaborate with us, get in touch!