Off the Wire: A Play by Play on Cybersecurity and Technology Issues

Free SPF/DKIM/DMARC analyzer tools for DMARC setup - DMARCLY

Learn and Test DMARC (learndmarc.com)

DMARC Check Tool - Domain Message Authentication Reporting & Conformance Lookup - MxToolBox

Podcast Outline: "Off the Wire" Episode

Intro:

• Welcome back to "Off the Wire," the podcast helping you curb cybersecurity risks and tackle technology challenges.
• Hosts: Tanner and Anthony, IT executives with a combined 35 years of experience in IT and cybersecurity.
• Teaser for Episode 20: Upcoming giveaway in two weeks—details to come.

Main Topic: Low-Cost, High-Impact Cybersecurity Investments

1. Introduction to the Topic

   • Discuss the challenges faced by small to medium-sized businesses in allocating budgets for cybersecurity.
   • The importance of prioritizing cybersecurity efforts even with limited resources.

2. Understanding Budget Constraints and Other Challenges

   • Budget limitations and other constraints like legacy applications and organizational resistance to change.
   • The need to prioritize cybersecurity based on the greatest risk and potential impact.

3. Cybersecurity Prioritization Strategies

   • Utilizing free or low-cost open-source tools when possible.
   • Considerations for choosing between free tools and paid solutions based on staff availability and skill level.

4. Cybersecurity Frameworks and Assessment

   • Importance of assessing the current state of cybersecurity.
   • Recommendations for using the CIS framework or similar tools for benchmarking and setting priorities.
   • The value of starting with a basic maturity level and progressively advancing.

5. Key Focus Areas for Low-Cost Cybersecurity Measures

   • Asset Management:
     • Importance of knowing what's on your network.
     • Free and low-cost tools like Snipe-IT and Spiceworks for asset management.
   • Strong Passwords and Multi-Factor Authentication (MFA):
     • Using free tools like Microsoft Authenticator or Google Authenticator.
     • Implementing password managers for better security and efficiency.
   • Regular Updates and Patching:
     • The critical role of updates in preventing security breaches.
     • Options for automated patch management solutions.
   • Incident Response and Business Continuity Planning:
     • Developing and maintaining security plans and policies.
     • Storing physical copies of these plans for accessibility during crises.

6. Additional Low-Cost Solutions

   • Threat Intelligence:
     • Leveraging free industry-specific threat intelligence resources and communities.
     • Utilizing platforms like Reddit for real-time information on vulnerabilities and threats.
   • Email Security:
     • Importance of investing in additional layers of email security.
     • Mention of tools like Avanan and Microsoft Defender.
   • Optimizing Existing Investments:
     • Making full use of existing tools and software, especially in environments like Microsoft 365.
   • EDR Solutions:
     • The importance of Endpoint Detection and Response (EDR) in mitigating breaches.
     • Notable EDR solutions and their benefits.

7. Backups and Disaster Recovery

   • The necessity of regular and tested backups.
   • Considering both free and paid backup solutions.
   • The importance of documenting and testing backup processes.

8. Creating a Cyber Go-Bag

   • The concept and contents of a cyber go-bag for emergency response.
   • Recommendations for setting up a go-bag, including tools and documentation.

9. Connecting Cybersecurity to Business Objectives

   • Emphasizing the alignment of cybersecurity goals with overall business objectives.
   • Importance of communicating cybersecurity successes and needs to leadership.

Conclusion:

• Recap of key points and encouragement to implement the discussed strategies.
• Reminder about the upcoming Episode 20 giveaway.
• Call to action: Subscribe, share the podcast, and reach out with episode ideas or feedback.

Closing Remarks:

• Next episode preview and sign-off.

Introduction:

• Host Introduction: Tanner Greer and Anthony Kent, two IT executives with 35 years of combined experience in the IT field, specializing in cybersecurity.
• Episode Overview: Discussion on Zero Trust security.

Segment 1: Conference Recap

• Anthony's recent attendance at the IT conference for South Carolina co-ops.
• Key takeaway: Importance of IT communication with non-IT stakeholders, avoiding jargon and using relatable examples.

Segment 2: Understanding Zero Trust

• Zero Trust explained: "Never trust, always verify."
• History of Zero Trust: Coined by John Kindervag in the 90s and popularized in the 2000s.
• Shift in mindset: From securing trusted internal networks to assuming all networks are potentially hostile.

Segment 3: Key Concepts of Zero Trust

• Basic principles: Never trust, always verify; least privilege; and assume breach.
• NIST guidance on Zero Trust (800-207).

Segment 4: Implementing Zero Trust

• Defining the protect surface: Identify what needs protection.
• Mapping transaction flows: Understand how data moves.
• Architecting Zero Trust: Building a secure infrastructure.
• Creating Zero Trust policies: Setting rules and guidelines.
• Monitoring and maintaining: Continuous improvement and vigilance.

Segment 5: Real-world Application

• Anthony's recent project: Redesigning an OT environment using Zero Trust principles.
• Challenges and solutions: VLAN segmentation, micro-segmentation, and user/device checks.

Segment 6: Lessons Learned

• Importance of strategic goals: Integrating Zero Trust into organizational strategy.
• Using existing tools effectively: Leveraging current technology to implement Zero Trust.
• Practical tips: Start with test environments, prioritize critical applications, and consider business operations.

Segment 7: Pitfalls and Considerations

• Usability impact: Balancing security measures with operational needs.
• Internal threats: Monitoring for suspicious internal activities.
• Continuous monitoring: Importance of regular checks and updates.

Segment 8: Resources and References

• Recommended reading: "Project Zero Trust" book.
• Key documents: NIST 800-207 and CISA's Zero Trust Maturity Model.

Conclusion:

• Recap of the episode.
• Encouragement to start the Zero Trust journey: Don't be overwhelmed; take it step by step.
• Final thoughts: Zero Trust as a critical part of modern cybersecurity strategies.

Closing:

• Reminder to check previous episodes.
• Contact information: Website, email, and social media handles.
• Episode release schedule: Every other Monday.

Sign-off:

• Hosts' sign-off and thanks for listening.

Introduction

• Welcome to the Show:

  • Greet listeners and introduce the podcast name.
  • Briefly describe the purpose of the podcast and what listeners can expect.

• Hosts Introduction:

  • Anthony and Tanner, two IT executives with a combined 35 years of experience in IT and cybersecurity.
  • Background on their roles and the companies they lead.
  • Brief mention of past episodes to give new listeners context.

• Episode Overview:

  • Introduction to today’s topic: Finding, Hiring, and Retaining Technology Employees.
  • Importance of the topic in the current IT landscape.

Segment 1: Weekly Updates

• Anthony’s Update:

  • Recap of the conference attended.
  • Key takeaways and interesting trends observed.
  • Details on the new SCADA system being prepared for implementation.
  • Challenges and excitement related to the new system.

• Tanner’s Update:

  • Current issues being tackled in the company.
  • Specifics about the online ads issue and its impact on the business.
  • Steps taken to mitigate the problem.
  • Broader discussion on the state of online ads and cybersecurity concerns.

Segment 2: Introduction to Main Topic

• Brief Introduction:
  • Overview of the main topic: The critical aspects of finding, hiring, and retaining technology employees.
  • Why this topic is particularly relevant now.
  • Personal experiences and why this topic matters to Anthony and Tanner.

Segment 3: Challenges in Hiring Technology Employees

• Attracting Talent in SMBs:

  • The difficulty small and medium-sized businesses (SMBs) face compared to larger corporations.
  • Discussion on limited resources and lesser-known brand recognition.

• Location-Based Challenges:

  • How geographical location affects the talent pool.
  • Case examples from Anthony and Tanner’s experiences.

• Remote Job Market Competition:

  • The rise of remote work and its impact on local hiring.
  • Specific roles (e.g., data analysts, developers) that are particularly affected.

• Salary Disparities:

  • Comparison of pay scales between SMBs and large enterprises.
  • Strategies to offer competitive compensation packages.

Segment 4: Advantages of Working in SMBs

• Close-Knit Work Environment:

  • Describing the family-like atmosphere in smaller organizations.
  • Personal anecdotes from Anthony and Tanner.

• Direct Interaction with Leadership:

  • Opportunities for employees to interact with top executives.
  • The benefits of having a direct line to decision-makers.

• Impact and Recognition:

  • How individual contributions are more visible in smaller settings.
  • Examples of significant projects led by team members.

• Flexibility and Work-Life Balance:

  • Offering flexible schedules and remote work options.
  • Balancing personal interests and professional responsibilities.

Segment 5: Strengthening Recruitment Strategies

• Highlighting Advantages in Job Postings:

  • Crafting compelling job descriptions that attract top talent.
  • Emphasizing unique benefits and company culture.

• Promoting Company Culture and Values:

  • The importance of a strong organizational culture.
  • Ways to communicate this during the hiring process.

• Competitive Salary and Benefits Packages:

  • Offering market-competitive salaries.
  • Additional benefits that make a difference (e.g., healthcare, retirement plans).

• Community Involvement and Reputation:

  • How being active in the community can enhance your company’s attractiveness.
  • Success stories from Anthony and Tanner’s companies.

Segment 6: Retention Strategies

• Work-Life Balance:

  • Policies that support employees’ personal lives.
  • Encouraging hobbies and outside interests.

• Team-Building Activities:

  • Organizing regular team outings and events.
  • The role of informal gatherings in building team cohesion.

• Autonomy and Leadership Opportunities:

  • Allowing employees to lead projects.
  • Offering professional development and career growth opportunities.

• Flexible Work Arrangements:

  • Implementing hybrid work models.
  • Adapting to individual needs for remote work.

Segment 7: Internships and Temporary Positions

• Benefits of Internships:

  • How internships can serve as a talent pipeline.
  • Providing real-world experience to interns.

• Challenges of Implementing Internship Programs:

  • Security and training concerns.
  • Ensuring meaningful projects for short-term interns.

• Success Stories:

  • Examples of interns who became full-time employees.
  • The impact of internships on both the company and the interns.

Segment 8: Screening and Interviewing Processes

• Technical Interviews and Assessments:

  • Different approaches to evaluating technical skills.
  • The importance of practical assessments.

• Cultural Fit and Team Dynamics:

  • Assessing candidates for cultural and team fit.
  • Techniques for determining alignment with company values.

• Pre-Employment Tests:

  • The role of cognitive and personality tests in the hiring process.
  • Pros and cons of using these tests.

Segment 9: Final Thoughts on Hiring and Retaining Talent

• Balancing Long-Term and Immediate Impact:

  • The value of hiring for both short-term gains and long-term stability.
  • Strategies for keeping high-impact employees engaged.

• Fostering a Positive Work Culture:

  • Continuous efforts to maintain and improve workplace culture.
  • Engaging employees in meaningful ways to ensure retention.

• Continuous Improvement of Recruitment Processes:

  • Regularly reviewing and refining hiring practices.
  • Staying updated with industry trends and best practices.

Conclusion

• Listener Engagement:

  • Encourage listeners to share their experiences and strategies.
  • Invite feedback and topic suggestions for future episodes.

• Call to Action:

  • Subscribe to the podcast.
  • Leave reviews and share the podcast with others.
  • Follow on social media platforms.

Outro

• Reminder of Release Schedule:

  • Biweekly episodes released every other Monday.
  • Tease the topic of the next episode to keep listeners engaged.

• Thank You:

  • Thank listeners for their support and engagement.
  • Encourage them to reach out with questions, feedback, or topic ideas.

Podcast Episode Show Notes: Importance of Incident Response Plans (IRPs) 

Episode Highlights: 

• Rising Cybersecurity Threats:Discussing the increasing threat levels and the growing importance of cybersecurity. 
• Incident Response Plans (IRPs): Why IRPs are essential and how they serve as a playbook during cyber incidents. 

Key Topics Covered: 

1. Need for IRPs: 

• Importance for regulatory compliance (HIPAA, GDPR, PCI). 
• Legal requirements and state breach laws. 
• Adhering to cybersecurity frameworks like NIST and CIS. 

• IRPs should be simple enough for the least experienced technical staff to understand and use. 

• Importance of annual or quarterly reviews to keep the IRP current. 
• Conducting tabletop exercises to test and refine the IRP. 

• Importance of centralized and proper documentation during incidents. 

• Involving legal, communications, accounting, and other relevant departments in the IRP. 

• Securing support from top management to facilitate smoother implementation and adherence. 

• Creating a "go bag" with necessary tools and documentation for incident response. 

• Utilizing resources like the CIS IRP template and industry-specific frameworks for effective IRPs. 

• Start with what you have, involve stakeholders, keep the plan simple, and ensure regular reviews and updates. 

Additional Resources: 

• CIS IRP Template: Link to CIS IRP Template 
• Contact Us: Email us atshow@offthewirepodcast.com or visit our website for more information. 

Stay Connected: 

• Subscribe: Don’t miss an episode – subscribe to our podcast. 
• Follow Us: Connect with us on YouTube, X, Facebook, and LinkedIn. 
• Join the Conversation: Share your thoughts and engage with us on social media. 

Next Episode: 

• Join us next time for more insights on cybersecurity and technology. New episodes drop every other Monday! 

• We hope you enjoyed this episode. If you found it helpful, please share it with your colleagues and friends. Thank you for listening to Off the Wire Podcast! 

## Off The Wire Podcast Show Notes

### Episode: Backups and Data Recovery with Brian Williams from Rubrik

**Guest:** Brian Williams, Rubrik

**Location:** NCLGISA Conference 2024, Downtown Wilmington

### Key Topics Discussed

#### Importance of Backups
- **Personal Anecdote:** Anthony shares advice from his mentor on the importance of backups.
- **Monthly Backup Reviews:** Ensuring regular checks and recovery plans.

#### Transition to Rubrik
- **Migration Experience:** Anthony discusses his positive experience migrating to Rubrik.
- **Onboarding Process:** Highlights the comprehensive onboarding and quarterly meetings Rubrik provides.

#### Role of Backup Engineers
- **Critical Role:** Brian emphasizes the evolving and crucial role of backup engineers.
- **Backups Beyond Cybersecurity:** Discussion on various scenarios where backups are vital.

#### Tape Backups and Air Gapping
- **Nostalgia:** Reminiscing about tape backups.
- **Air Gapping:** Importance of air-gapped backups for data security.

#### Modern Backup Strategies
- **Three-Two-One Method:** Explanation of three copies, two types of media, one off-site.
- **Four-Three-Two Method:** Discussion on more extensive backup strategies.

#### Cloud-Based Backups
- **Pros and Cons:** Evaluating the benefits and drawbacks of cloud-only backups.
- **Internet Dependency:** Challenges with relying solely on internet connections for backup and recovery.

#### Immutability and Data Security
- **Defining Immutability:** Data that cannot be edited or changed.
- **Zero Trust for Backups:** Ensuring no unauthorized access or changes to backup data.

#### Data Integrity and Reliability
- **Testing Restorations:** Regularly testing backup data for integrity and reliability.
- **Fingerprints and Checksums:** Using these methods to ensure data consistency.

#### Regional Backup Strategies
- **Geographic Distribution:** Replicating data to different locations to ensure regional disaster recovery.

#### Real-World Examples
- **Local Government Incidents:** Discussing the impact of ransomware on local governments and the importance of having robust backups.

### Quarterly Checkups with Rubrik
- **Relationship Building:** Importance of maintaining a strong relationship between Rubrik and its clients.
- **Health Checks:** Regular assessments of the backup system’s health and client needs.

### Recommendations for All Organizations
- **Robust Testing:** Developing a rigorous and regular testing schedule for backups.
- **Self-Scouting:** Continuously evaluating and improving backup strategies.
- **Courage to Address Gaps:** Identifying and addressing potential security gaps proactively.

### Conclusion
- **Final Thoughts:** Emphasis on the importance of backups and continuous improvement.
- **Next Steps:** Encouraging organizations to adopt best practices for data security and backup integrity.

### Call to Action
- **Subscribe to the Podcast:** Encouragement to subscribe to Off The Wire on all major podcast platforms.
- **Share the Podcast:** Request to share the podcast with others who might benefit from the content.

---

For more information on Rubrik and their backup solutions, visit [Rubrik's website](https://www.rubrik.com). 

Stay tuned for more episodes and insightful discussions on Off The Wire!

**Podcast Episode Summary: Off the Wire - Cybersecurity Insights from the Verizon 2024 Data Breach Investigations Report**

**Hosts:** Anthony Kent and Tanner Greer

**Episode Overview:**
In this episode of Off the Wire, hosts Anthony Kent and Tanner Greer dive deep into the Verizon 2024 Data Breach Investigations Report (DBIR). With their combined 35 years of experience in the IT industry, they provide valuable insights into the latest trends and findings in cybersecurity.

**Key Topics Discussed:**

1. **History and Importance of the DBIR:**
   - The DBIR, introduced by Verizon in 2008, has become a cornerstone report in the cybersecurity industry, analyzing thousands of real-world security incidents annually.
   - This year’s report analyzed 30,458 security incidents and 10,626 confirmed data breaches across 94 countries.

2. **Ransomware and Extortion:**
   - Ransomware and extortion account for 32% of all breaches. While ransomware attacks declined by 23%, extortion incidents rose by 9%.

3. **Human Element in Breaches:**
   - Human errors continue to play a significant role, with 68% of breaches involving a human element such as social engineering or misuse of privileges.
   - Financial costs of breaches vary widely, with the average cost in the 95th percentile being $46,000.

4. **Vulnerability Exploitation:**
   - Exploitation of vulnerabilities increased by 180% over the previous year, highlighting the importance of minimizing internet attack surfaces.

5. **Attack Vectors:**
   - The most common attack vectors include web application credentials, phishing emails, and web application vulnerabilities.

6. **Denial of Service Attacks:**
   - 50% of incidents involved denial of service (DoS) attacks, which are relatively easy to deploy and often highly successful.

7. **Lost and Stolen Assets:**
   - Laptops are the most likely assets to go missing, with lost assets more likely to result in data breaches than in previous years.

8. **Privilege Misuse:**
   - Privilege misuse, mainly by internal actors, remains a steady threat, with personal and banking data being the most targeted.

9. **Artificial Intelligence:**
   - Despite the hype, AI’s role in cyberattacks is minimal, though there is some concern about its potential use in social engineering and deep fakes.

**Mitigation Strategies:**
- Stick to cybersecurity fundamentals like updating and patching systems.
- Leverage multifactor authentication and employee training.
- Implement device hardening and least access policies.
- Follow the CIS controls referenced in the DBIR to strengthen cybersecurity frameworks.

**Call to Action:**
- Subscribe to Off the Wire on your favorite podcast platform for more cybersecurity and technology insights.
- Visit their new website, offthewirepodcast.com, and follow them on social media (YouTube, X, Facebook, LinkedIn).
- Download the full Verizon 2024 DBIR at verizon.com/DBIR.

**Upcoming Episodes:**
- Off the Wire will release new episodes every other Monday before 8 AM, perfect for your commute.