Posts

UNSECURITY Episode 132 Show Notes

/in /by

Hey Listeners!

Spring is in full bloom (finally) in Minnesota, and life is good. The weather is great, and last week, our Governor (Tim Walz) lifted the mask mandate for people who are vaccinated and maintain some semblance of social distancing. It’s good to see people’s faces again, especially when they’re smiling. 🙂

We’re grateful for the guests who have joined our show the past four weeks! We’ve learned a ton from these conversations.

If you missed any of these shows, you can find them here:

NOTE: We’re looking for people from other walks of life to share their perspectives too, especially men and women of color. Let us know at unsecurity@protonmail.com if you have suggestions.

This week, we’re not planning to have a guest, so you’ll have to put up with Brad and I.

Next week (episode 133) we’re hoping to have Gabriel Friedlander from Wizer on the show!

Let’s get to the episode 132 show notes, shall we?

SHOW NOTES – Episode 132 – Tuesday May 18th, 2021

Opening

[Evan] Welcome listeners! Thanks for tuning into this episode of the UNSECURITY Podcast. This is episode 132, and the date is May 18th, 2021. Joining me is my good friend, highly-skilled information security expert, and all around great guy, Brad Nigh.

Good morning Brad!

There are so many things happening in our world, it’s hard to keep track. One interesting event from the last week (other than the Colonial Pipeline attack) was the announcement of President Biden’s Executive Order (EO) 14028 titled “Improving the Nation’s Cybersecurity”. In today’s episode, Brad and I are going to break this down.

Improving the Nation’s Cybersecurity

  • The EO was announced by the Administration on 5/12/21.
  • There’s a lot of information to unpack here, including:
  • Section 1. Policy, containing:
    • Policy statement.
    • Scope.
  • Section 2. Removing Barriers to Sharing Threat Information, containing:
    • Review existing reporting requirements and procedures.
    • Recommend updates to the Federal Acquisition Regulation (FAR).
    • Update the FAR.
    • Enforce IT/OT provider compliance.
    • Centralize reporting.
    • Provide budget for this section.
  • Section 3. Modernizing Federal Government Cybersecurity
    • Adopt security best practices.
    • Advance toward Zero Trust Architecture.
    • Accelerate movement to secure cloud services.
    • Adopt multi-factor authentication.
    • Encrypt data at rest and in transit.
    • Centralize and streamline access to cybersecurity data.
    • Invest in both technology and personnel to match the modernization goals.
  • Section 4. Enhancing Software Supply Chain Security
    • Develop standards, tools, and best practices for secure software development.
    • Enforce secure software development practices.
    • Define and enforce a “Software Bill of Materials (SBOM)”.
    • Define “critical software” and its protection requirements.
    • Consumer labeling programs for IoT and software.
  • Section 5. Establishing a Cyber Safety Review Board
    • Requirements for a new “Cyber Safety Review Board”.
    • All requirements are for the Secretary of Homeland Security and the (yet to be established) Cyber Safety Review Board (“board”).
  • Section 6. Standardizing the Federal Government’s Playbook for Responding to Cybersecurity Vulnerabilities and Incidents; the playbook:
    • Will Incorporate all appropriate NIST standards.
    • Be used by all Federal Civilian Executive Branch (FCEB) Agencies.
    • Will articulate progress and completion through all phases of an incident response.
    • Will allow flexibility so it may be used in support of various response activities.
    • Establishes a requirement that the Director of CISA reviews and validates FCEB Agencies’ incident response and remediation results upon an agency’s completion of its incident response.
    • Defines key terms and use such terms consistently with any statutory definitions.
  • Section 7. Improving Detection of Cybersecurity Vulnerabilities and Incidents on Federal Government Networks
    • The adoption of a Federal Government-wide Endpoint Detection and Response (EDR) initiative.
    • CISA threat hunting on FCEB networks and systems without agency authorization.
    • Information sharing between the Department of Defense and the Department of Homeland Security
  • Section 8. Improving the Federal Government’s Investigative and Remediation Capabilities
    • Types of logs to be maintained.
    • Time periods to retain the logs and other relevant data.
    • Time periods for agencies to enable recommended logging and security requirements.
    • How to protect logs (logs shall be protected by cryptographic methods to ensure integrity once collected and periodically verified against the hashes throughout their retention)
    • Data shall be retained in a manner consistent with all applicable privacy laws and regulations.
    • Ensure that, upon request, agencies provide logs to the Secretary of Homeland Security through the Director of CISA and to the FBI, consistent with applicable law.
    • Permit agencies to share log information, as needed and appropriate, with other Federal agencies for cyber risks or incidents.
  • Section 9. National Security Systems
  • Section 10. Definitions
  • Section 11. General Provisions

This will be a great conversation as Brad and I share our summary, thoughts and opinions on all this!

News

Just time for one news story this week. This one is from Brian Krebs, “Try This One Weird Trick Russian Hackers Hate“.

Wrapping Up – Shout Outs

Who’s getting shout outs this week?

Thank you to all our listeners! Thank you Brad for a great conversation! If you have something you’d like to tell us, feel free to email the show at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen, and Brad’s @BradNigh.

Other Twitter handles where you can find some of the stuff we do, UNSECURITY is @unsecurityP, SecurityStudio is @studiosecurity, and FRSecure is @FRSecure.

That’s it. Talk to you all again next week!

…and we’re done.

UNSECURITY Episode 131 Show Notes

/in /by

Apologies for not posting something about last week’s show, episode 130. We were honored and pleased to welcome John Strand from Black Hills Information Security as our guest. John, Brad and talked openly about John’s path through information security, what Black Hills is working on, the different pockets of security people, why it’s important to work together as information security vendors to improve the community, and John’s latest Pay What You Can (PWYC) Series.

It was a GREAT talk and we’re VERY grateful that John stopped by. Check out episode 130 here; https://podcasts.apple.com/us/podcast/unsecurity-episode-130-john-strand-black-hills-information/id1442520920?i=1000520139261

Episode 131

Pumped about this week’s show!

My good friend, Security Shit Show co-host, hacker extraordinaire, and all around great guy Chris Roberts is stopping in for a chat.

Special Guest – Chris Roberts

Chris and I (Evan) were introduced to each other by our mutual friend Tony Cole maybe three years ago, but we didn’t get to know each other well until the last 13, 14 months. We’re both REALLY busy guys, so our circles just didn’t cross much. In the past year, we’ve gotten to know each other quite well which is no surprise seeing that we spend more than two hours together each week on the Security Shit Show with Ryan Cloutier (another great guy).

Things about Chris:

From his LinkedIn Profile:

  • Currently the Chief Security Strategist for Cynet Security (among many other things)
  • Currently an Executive Committee Member at the CyberEdBoard Community
  • Currently an Advisor, Researcher, Hacker, Etc. at HillBilly Hit Squad
  • Currently co-host of The Security Shit Show
  • Former Chief Security Strategist at Attivo Networks, Inc.
  • Former Chief of Adversarial Research and Engineering at LARES Consulting
  • Former Chief Security Architect at Acalvio Technologies
  • Former Senior Consultant at Sentinel Global LLC
  • Founder of One World Labs
  • Former Managing Director Electronic Intelligence/Principal Investigator at Cyopsis, LLC
  • Former President/CEO at CCi5, Inc.
  • Former Director of Coalfire Labs at Coalfire Systems, Inc.
  • and on and on…

Chris has been all over the world and all over the United States doing crazy cool hacker stuff at every stop.

He is truly on of my favorite people on the planet to talk to! Always a good time.

Other Guests – Past, Present, and Future

Lots of GREAT conversations with lots of GREAT information security folks!

SHOW NOTES – Episode 131 – Tuesday May 11th, 2021

Opening

[Evan] Welcome listeners! Thanks for tuning into this episode of the UNSECURITY Podcast. This is episode 131, and the date is May 11th, 2021. Joining me is my good friend, infosec buddy and partner in crime.

Also joining the UNSECURITY Podcast is our special guest, Mr. Chris Roberts! Welcome my friend. It’s an honor to have you on our show!

Introducing Chris Roberts

  • Let’s start with trying to figure out how Chris first got into the information security industry.
  • Next, we’ll see how far we can get down his career path before 1) we start chasing squirrels (we’re both ADD) or 2) we run out of time (because there’s A LOT there).
  • The Colonial Pipeline Attack and global security tensions/consequences.
  • Current projects.
  • Current events.

We’ll see if we get to his plane hacking antics too, but I’m not sure we’ll have the time.

News

We’ll probably skip news in this show. Guessing that Brad, Ron, and myself will have no problem filling the entire show with good discussion.

Wrapping Up – Shout Outs

Who’s getting shout outs this week?

Thank you to all our listeners! HUGE thank you to Chris for joining us. If you have something you’d like to tell us, feel free to email the show at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen, and Brad’s @BradNigh.

Chris is easy to find, but can be reached on LinkedIn and Twitter (@Sidragon1).

Other Twitter handles where you can find some of the stuff we do, UNSECURITY is @unsecurityP, SecurityStudio is @studiosecurity, and FRSecure is @FRSecure.

That’s it. Talk to you all again next week!

…and we’re done.

The UNSECURITY Podcast – Episode 63 Show Notes – Mission

/in /by

I’m grateful to be back home. Two weeks in Cancun, Mexico where the sun was shining and the temperature was in the 80s. Now, I’m back in Minnesota where there’s a foot of snow on the ground and the temperature is in the single digits. I’m grateful to be back home because I’m with my family again. My FRSecure and SecurityStudio family!

THANK YOU to Brad and Ryan for doing holding down the fort!

OK, I was in Cancun to begin writing our next book. It’s “our” next book because Brad’s going to write his part and Ryan’s going to add a little flair too. The book is unofficially titled “Securing America” and will start to come together over the next couple of months. The (rough) outline looks like this so far:

  • Introduction
  • Information Security Operating System (ISOS)
    • Components
    • The Cycle
  • Securing America
    • Small Business
    • Local Government
    • Education
    • Home
  • The People Component
  • The Asset Component
  • The Control Component
  • The Process Component
  • The Measurement Component
  • The Journey – All Working Together
  • Starting NOW

If this book is anything like the first one (UNSECURITY), there’s likely to be some changes to the outline, but this is what we’ve got so far.

Alright. On to the show. This is episode 63 of the UNSECURITY Podcast. I’ll be hosting and these are my notes. Joining me in studio will be my co-host Brad Nigh and SecurityStudio’s very own Ryan Cloutier.

Let’s do this!

-Evan

SHOW NOTES – Episode 63

Date: Monday, January 20th, 2020

Show Topics:

Our topics this week:

  • Opening
    • Back Home
    • Book (Securing America) Status
    • What did I miss?
  • U.S. and Iran
    • Finishing the discussion from last week.
    • We’re not out of the woods.
  •  The “Mission” and CISSP Mentor Program
    • What is it?
    • Why do we care?
    • How can you join us?
  • News
Opening

[Evan] Hey UNSECURITY Podcast listeners! This is episode 62 and the date is January 20th, 2020. I’m Evan Francen, and it’s good to be back! I’m hosting today’s show, and joining me in studio is my friendly co-host Brad Nigh and my left-hand man Ryan Cloutier. Hey guys.

[Brad & Ryan] They’ll say “hi” or something.

[Evan] Did you guys catch that? I called Ryan my “left-hand man”. Of course you did, you guys read the show notes! You know why I called Ryan my “left-hand man”?

[Brad & Ryan] Stumped. Maybe.

[Evan] Well, I’ll tell you…

[Evan] Alright, I’m back home. It feels good to be back, and it couldn’t have been any better to come back to a bunch of smiling faces at our holiday party on Saturday! What did you guys think?

[Brad & Ryan] Sharing thoughts and such.

[Evan] We have a ton to cover today! Let’s catch-up quick. You guys cool with that?

Catching Up Discussion
  • Back home
    • Holiday Party
    • Q1/2020, Expectations
  • Book (Securing America) things
  • Did I miss anything?

[Evan] Like always, many good things to look forward too. Love you guys and love being back. Last week I had to run halfway through the show. We were talking about tensions between the United States and Iran and how it affects us all. There’s this talk of a cyberwar between us, and I just want to close the loop a little on the topic.

U.S. and Iran Discussion

[Evan] OK, the world’s not likely to end today, but we need to stay vigilant. Complacency and ignorance come with consequences. Switching gears now…

We talk about this mission at FRSecure and SecurityStudio. Brad, you have your take. Ryan, you have yours. I’ve certainly got mine too, but what is this “mission” and why is it important for our listeners to know about it?

Discussion about The “Mission” and CISSP Mentor Program

An open and honest discussion about our mission.

  • What is it?
  • Why do we care so much about it?
  • Are there ways for people to join us? If so, how?

The CISSP Mentor Program Registration is Open!

[Evan] Yes, it’s all about the mission! The theory is if you focus on the mission you’ll make money, but if you focus on the money, you’re certain to miss the mission. Love it! Alright, good talk. Let’s cover a few news stories, and wrap this thing up.

News

There’s always plenty of news in the information security industry. Here are a few stories that caught my eye recently:

Closing

[Evan] Wow. Lot’s going on and plenty of news to stay up on. I guess this is why they pay us the big buck, right?

This is the end of our show, and we close these things out pretty much the same way every week. Keep sending us your feedback, tips, of whatever else you’d like us to know at unsecurity@protonmail.com. If you have a suggested guest for us to reach out to, let us know that too.

If you’re the social type, socialize with us on Twitter, I’m Evan and you can find me @evanfrancen. Brad’s a cool cat, and you can find him @BradNigh. Ryan’s not to shabby himself, follow him at @CLOUTIERSEC.

That’s it! Talk to you all again next week!

The UNSECURITY Podcast – Episode 62 Show Notes – Iran and Stuff

/in /by

Still in Cancun for another week (Evan). I know, poor me.

One thing is certain. It doesn’t matter what I’m doing or what you’re doing, the world doesn’t pause and wait for you. Attackers still attack and defenders still defend. Some of us are thriving and others of us are just struggling to survive.

So, the big worldwide news this past week was the U.S. spat with Iran. It was immediately politicized, as we would expect, but what does it mean to you, me, and the world of information security? Let’s talk about this.

A few of you took me up on my offer last week for a free copy of UNSECURITY. Your books are being sent soon.

If you haven’t read my first book, I invite you to. You can either purchase it, or if you’re with us on our mission to fix the brokenness in our industry, contact me (Twitter, LinkedIn, email, etc.) and tell me so. I’ll send you a free signed copy! P.S. I’m not publicizing this everywhere, so let’s see if your paying attention.

I’m supposed to be leading the show this week, but I’m still out of the office. Brad and Ryan should be in studio for this episode, and I’ll call in again.

These are my notes (Evan).

SHOW NOTES – Episode 62

Date: Monday, January 13th, 2020

Show Topics:

Our topics this week:

  • Opening – Catching up
  • U.S. and Iran
    • What does it mean for information security?
    • What does it mean for you and me?
    • Avoiding collateral damage
  •  News
    • Is Microsoft sharing Skype and Cortana audio with the Chinese?
    • Security tips for college students
    • Amazon Ring employees caught snooping
  • Contact Us – featuring people looking for jobs in information security
Opening

[Brad] Hey UNSECURITY Podcast listeners! This is episode 62 and the date is January 13th, 2020. I’m Brad Nigh, your host for today’s show. Joining me in studio is Ryan Cloutier and by phone is Evan Francen. Hi guys.

[Ryan & Evan] We’re welcoming fellas, so we’ll say “hi” or something here.

[Brad] Let’s catch up quick. How was your week and what’s going?

Catching Up Discussion

Who’s doing what?

  • Ryan’s first week at SecurityStudio.
    • What was it like?
    • Anything newsworthy or exciting?
  • Brad’s crazy week.
    • Most weeks are crazy. What was craziest?
    • What are you excited about?
  • Evan in Cancun.
    • Chillin’ or workin’?
    • How’s the book coming along?

[Brad] Cool. Good things last week and coming up this week.

Switching gears a bit. I want to discuss a topic that’s on many people’s minds; the conflict between the United States and Iran, and what effect it has on our daily information security/cybersecurity lives.

U.S., Iran, and Information Security Discussion

Very significant events have taken place over the past few weeks. Events that impact our world as we know it; politically, economically, and from an information security (or cybersecurity) perspective. Let’s stay out of the politics as much as we can and leave the economic discussion to the economics experts.

What I’d like to discuss is how these current events affect us with respect to information security. We should all be concerned about how these things affect our ability to protect ourselves, our families, our schools, our workplaces, and our local governments.

First a little background on the current events:

  • December 27th, 2019 – The K-1 Air Base in Iraq was attacked killing an American civilian contractor, injuring four U.S. service members and injuring two Iraqi security forces personnel. The U.S. blamed Iranian-backed militia for the attack.
  • December 29th, 2019 – The United States attacked five Hezbollah positions in Iraq and Syria resulting is an at least 25 killed militia members and another 55 wounded.
  • December 31st, 2019 – January 1st, 2020 – Hezbollah militiamen, their supporters and sympathizers attacked the U.S. embassy in the Green Zone of Baghdad. The United States blamed Iran and its non-state allies for orchestrating the attack. No deaths or serious injuries occurred during the attack and protesters never breached the main compound.
  • January 3rd, 2020 – A targeted U.S. drone strike killed the commander of the Islamic Revolutionary Guard Corps (IRGC) Quds Force, Qasem Soleimani. Soleimani was considered to be the second most powerful person in Iran.
  • January 8th, 2020 – The Iranian military launched numerous ballistic missiles at two airbases in Iraq. there were neither American nor Iraqi casualties. Hours after the initial Iranian missile attacks, a Boeing 737-800 (Ukrainian International Airlines Flight 752) crashed shortly after takeoff from Tehran Imam Khomeini International Airport, killing all 176 passengers on board. Iran initially claimed the cause of the crash was mechanical failure.
  • January 11th, 2020 – A video showing the moment Flight 752  was hit by an Iranian missile was published by The New York Times. The Iranian government was forced to admit that it “inadvertently” shot the plane out of the sky. A wave of anti-government protests have now emerged across Iran.

Phew! These are only the latest events in decades of conflict between the two nations.

So, back to the point of our discussion. I’d like us to share our opinions, and hear the opinions of our listeners this week. You know what they say about opinions, right?

  • What does it mean for information security?
  • What does it mean for you and me?
  • How can we avoid collateral damage?

Some sources of information to guide our discussion:

[Brad] Great discussion and plenty of healthy opinion. I think the same things hold true for us that have always held true:

  1. Focus on what you can do to protect your area of influence (your habits, at home, at work, etc.)
  2. Master the fundamentals. We can’t control what Iran or the United States does, but we can make it a little less likely that we’ll be a victim in all this.
News

Now for some (other) news. Here are three newsy things that caught our attention last week.

Closing

[Brad] OK, that’ll just about do it. Be careful out there.

One last thing before we close this show out. Are you or someone you know looking for a job in information security? If so, we’d love to hear from you and help out where we can. Email us at unsecurity@protonmail.com and we’ll chat.

If you’re the social type, socialize with us on Twitter, I’m @BradNigh, Ryan can be found at @CLOUTIERSEC, and Evan’s in his usual spot, @evanfrancen.

That’s it! Talk to you all again next week!