Security on Tap

Hosted by Jim Desmond & Randy Fields

Technology

Website RSS feed

Episodes

Latest episode

Nov 2024

Language

About the show

The Security professional’s podcast on how to start, manage, and drive a successful career in cyber security and risk management.

Listen to episodes

16 recent

November 5, 2024Episode 1724 min

Don't Call Me Stupid!

Join these two stupids, as they stupidly discuss what not to do during a security incident, because it could make you, wait for it, look stupid. https://www.youtube.com/watch?v=85aiUbvD-k0

September 14, 2024Episode 1625 min

CROWDSTRUCK!

Join Randy and Jim as they talk about the implications of last month's CrowdStrike outage, and how you, as a security leader, can help avoid that kind of impact in the future.

July 8, 2024Episode 1523 min

I scream - you scream - RED TEAM!

Join Randy and Jim as they talk about what a Red Team is, and is not, for your cybersecurity organization.

June 4, 2024Episode 1427 min

Getting our SAAS Kicked!

Hey there, Leader Today. In today's episode of Security on Tap, we dive deep into the world of Software as a Service (SaaS). Join Randy and Jim as they explore what SaaS is, why it poses significant security risks, and what steps you can take to mitigate those dangers. We start with an eye-opening statistic: the average company used around 15 SaaS services in 2015-2016, but that number has skyrocketed to 150-200 today. This explosive growth has led to a shift where many non-core business processes are now housed outside the core business, creating a blurred network boundary and increasing vulnerabilities. Randy breaks down SaaS for beginners, explaining how it works and citing major providers like Workday, Salesforce, and Microsoft 365. They discuss real-world breaches involving giants like Microsoft and Snowflake, highlighting the significant risks posed by SaaS environments. The episode also delves into the challenges of managing third-party risk and the pressures faced by SaaS providers to grow rapidly, sometimes at the expense of robust security measures. They debate the need for industry standards or government regulations to ensure SaaS providers maintain stringent security protocols. Finally, Randy and Jim offer practical advice for security practitioners, emphasizing the importance of understanding your company's critical business processes, assessing the risk posed by third-party vendors, and having contingency plans in place. Whether you're a seasoned security leader or new to the field, this episode provides valuable insights into managing SaaS risks and keeping your organization secure.

April 1, 2024Episode 1325 min

Physician, heal thyself!

On this gripping episode of Security on Tap, we undertake a detailed exploration of the recent, impactful cybersecurity incident at Change Healthcare. We outline the events that unfolded on February 21st when Change Healthcare became the latest casualty of Black Cat/Alf V's sinister ransomware service. We shed light on the monumental repercussions this episode has had on the healthcare industry, disrupting pharmacies, SMB healthcare institutions, and even Medicare. Additionally, we emphasize the critical importance of disaster recovery, business continuity planning, and rigorously evaluating third-party risks and supply chain vulnerabilities. We further broach topics including the security-related implications of mergers and acquisitions, and the vital need for sound identity verification and advanced authentication measures in the face of a surge in cyber threats. The episode also delves into more profound aspects of cybersecurity, such as 502 compliance, privileged access management, and the rising threat of social engineering. We demonstrate how essential cybersecurity training for employees can drastically minimize potential threats in sectors like healthcare.

March 12, 2024Episode 1227 min

Mission Impossible

Join Randy and Jim as they try to do the impossible. How to get the tech team to do what you want them to do when they don't want to do it. It's not as hard as you think. But doing the intro to a podcast is, which you will discover if you listen in.

January 15, 2024Episode 1128 min

Gone Phishing!

Join Randy and Jim as they discuss why phishing is still around and what security leaders can do about it.

December 5, 2023Episode 1028 min

Risky (Cyber) Business

Join Randy & Jim as they make mistakes, manage risk, and enjoy a cold one.

November 21, 2023Episode 930 min

So Ya Wanna Do the Cyber, do ya?

Join Randy Fields and Jim Desmond as they explore what it takes to break into the field of CyberSecurity. Certifications, education, and experience all converge to make the Peruvian Purple Unicorn.