Off the Wire: A Play by Play on Cybersecurity and Technology Issues

## Off the Wire Podcast Show Notes

### Episode Summary
Welcome to the Off the Wire podcast, your go-to source for insights into the fast-paced world of cybersecurity and technology. This episode features a new co-host, Tanner Greer, who joins Anthony Kent to discuss a critical topic: what happens when users work from home.

### Key Topics Covered
1. **Introduction of New Co-host Tanner Greer**
   - Anthony Kent introduces Tanner Greer, highlighting his extensive experience in the co-op world and his contributions to the field of IT and cybersecurity.
   - Tanner shares his background and journey from entry-level IT roles to his current position as CTO.

2. **Impact of COVID-19 on Remote Work**
   - Discussion on how COVID-19 has forced organizations to support remote work, highlighting both challenges and opportunities.
   - The shift to remote work and its implications on cybersecurity, including the need for new security measures.

3. **Challenges of Securing Remote Work Environments**
   - The increased complexity of securing networks as employees work from home or other remote locations.
   - The vulnerabilities of home networks and the risks posed by mobile devices and personal usage on work devices.
   - Real-life examples of phishing attacks and other security breaches.

4. **Best Practices for Remote Work Security**
   - The importance of endpoint protection and hardening, including the use of EDR (Endpoint Detection and Response) tools like CrowdStrike.
   - Strategies for patch management and remote support using tools like Endpoint Central and Secure Gateway Server.
   - Implementing DNS protection and micro-segmentation to limit lateral movement and protect sensitive data.

5. **User Education and Awareness**
   - The role of continuous user education in maintaining security, including live training sessions and the use of security awareness platforms.
   - Encouraging good security habits like locking devices when not in use and avoiding the use of work email addresses for personal accounts.
   - The importance of tools like Duo for multifactor authentication and additional security checks.

6. **The Future of Remote Work Security**
   - Emphasizing the need for organizations to adopt a Zero Trust approach, treating all devices and networks as potentially insecure.
   - The potential benefits of using VDI (Virtual Desktop Infrastructure) to maintain control over remote work environments.
   - The ongoing need for adaptation and vigilance in cybersecurity practices as remote work continues to evolve.

### Key Takeaways
- Remote work introduces significant security challenges that require robust solutions and continuous education.
- Tools like EDR, DNS protection, and multifactor authentication are essential in securing remote environments.
- User education is crucial in fostering a culture of security awareness and proactive behavior.
- Adopting a Zero Trust approach and leveraging modern security tools can help mitigate risks associated with remote work.

### Resources Mentioned
- CrowdStrike for EDR and vulnerability scanning.
- Endpoint Central and Secure Gateway Server for patch management and remote support.
- Duo for multifactor authentication and device security checks.
- Cisco Umbrella for DNS protection.
- Have I Been Pwned for checking compromised email addresses.

### Closing Remarks
Anthony and Tanner emphasize the importance of staying vigilant and continuously improving security practices to protect against evolving threats in the cybersecurity landscape. They encourage listeners to implement the discussed strategies and remain proactive in their security efforts.

Tune in next time for more insights and expert analysis on the Off the Wire podcast!

Join us in this episode as we delve into the world of cybersecurity with the Center for Internet Security (CIS). As a community-driven nonprofit, CIS is responsible for establishing the CIS Controls® and CIS Benchmarks™, globally recognized best practices for securing IT systems and data. 

Discover how CIS supports the cyber threat prevention, protection, response, and recovery efforts of U.S. State, Local, Tribal, and Territorial government entities through the Multi-State Information Sharing and Analysis Center® (MS-ISAC®) and the Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®). 

Learn about CIS Membership pricing tiers and the benefits they offer, including access to essential cybersecurity resources like the CIS Controls and CIS Benchmarks. Explore the different Implementation Groups (IG) within the CIS Controls and the recommended security settings provided by CIS Benchmarks for various systems, such as Microsoft Server, Linux, and IOS.

Find out about other CIS offerings and how CIS, in partnership with Accenture and CrowdStrike, provides Managed Security Services (MSS) and Endpoint Security Services (ESS) to help organizations enhance their cybersecurity posture. Additionally, discover innovative solutions like Malicious Domain Blocking and Reporting Plus (MDBR+) and Albert Network Monitoring and Management, designed to bolster security for government organizations and private hospitals. Join us to uncover the comprehensive cybersecurity offerings available through CIS and why they're essential for safeguarding your digital assets in today's threat landscape.

In Episode 12 of our podcast series, we delve into the world of cybersecurity, focusing on the benefits and drawbacks of implementing vendor access solutions.

We kick off by exploring the pros of enhancing cybersecurity measures. From fortified security protocols to streamlined centralized management and strict compliance adherence, we uncover how these solutions can bolster your organization's defenses against cyber threats.

However, as with any solution, there are potential drawbacks to consider. We delve into how implementing robust cybersecurity measures may inadvertently slow down support processes, increase overhead for IT departments, and result in ongoing costs that can strain budgets.

Join me as we navigate the intricate landscape of cybersecurity, empowering you with the knowledge to make informed decisions to safeguard your organization's digital integrity.

Available on Apple Podcasts, Spotify, YouTube, and your favorite podcast app, this episode promises valuable insights into cybersecurity and its implications for your business. Stay tuned for expert analysis and practical advice.

In this episode, we dive deep into the fundamental practices necessary for safeguarding your organization's digital infrastructure.

Join us as we explore crucial topics such as patch management, application control, vulnerability scanning, and the principle of least privilege. With insights gleaned from years of experience in protecting sensitive networks, we offer actionable strategies that apply to every level of your organization.

Learn why patching everything is non-negotiable, and why it's imperative to speak with authority when it comes to operating securely. Discover the importance of limiting applications and questioning the necessity of ubiquitous tools like Chrome.

We delve into the necessity of vulnerability scans, emphasizing the need for regular, credentialed scans to ensure your defenses remain robust. And when vulnerabilities are found, we discuss mitigation strategies to minimize risk effectively.

But security isn't just an IT concern—it's a company-wide responsibility. Find out why all IT personnel, from help desk to data analysts, should possess a baseline understanding of security principles.

Discover how the use of Security Technical Implementation Guides (STIGs) and CISA Benchmarks can elevate your security posture, reinforcing the principle of least privilege and hardening your systems against potential threats.

In our discussion on policy enforcement, we highlight the importance of technical solutions in achieving compliance. While policies are crucial, we emphasize the need for practical, technical measures to fortify your network against evolving threats.

So join us as we share our insights, lessons learned, and practical advice in "Securing Your Network." Because in today's digital landscape, proactive defense is the key to staying ahead of the curve.

Tune in to uncover the 10 essential lessons learned from protecting a DoD network, and embark on your journey towards a more secure tomorrow.

Summary of Podcast Notes:

Introduction:
- The podcast welcomes listeners with a brief introduction to the episode.
- The episode overview discusses the future of the IT Manager role.

Main Content:
- The role of IT Managers is explored, detailing responsibilities such as overseeing IT systems, managing personnel, training, budget management, and day-to-day operations.
- Differences between an IT Manager, VP of IT, and CIO are outlined.
- The importance of having a strategic IT leadership role, such as a CIO or VP of IT, is emphasized, including their responsibilities in aligning technology with business objectives, long-term planning, and ensuring efficiency.
- The absence of a CIO or similar leadership role can lead to various challenges such as lack of strategic direction, inefficient resource utilization, security vulnerabilities, limited innovation, and poor decision-making.
- The increasing importance of technology in organizations, with IT leaders potentially transitioning into CEO roles.
- IT professionals are encouraged to adopt a CIO mindset regardless of their current role, and the importance of seeking organizations that support professional growth is highlighted.

Outro:
- The episode concludes with a recap of key points and closing remarks thanking listeners and encouraging engagement through social media.

Timeline Bullets:
- Responsibilities of IT Managers are detailed, covering various aspects of IT operations and management.
- Responsibilities of CIOs are outlined, focusing on strategic direction and long-term planning.
- Challenges associated with the absence of a CIO or similar leadership role are highlighted.
- The evolving role of technology in organizations, with potential opportunities for IT professionals to transition into CEO roles, is discussed.
- The importance of adopting a CIO mindset and seeking growth-supportive organizations is emphasized.

Broadcom's acquisition of VMware has created uncertainty among many, leading some to explore alternatives. Broadcom has shifted from perpetual licensing to a subscription model, with significant price increases. Layoffs have occurred, and the company plans to divest some assets. VMware partner agreements are being canceled, requiring reapplication for partnership. Broadcom's focus on global enterprise systems raises questions about support for coops and local governments. The free version of ESXi is discontinued, while other VMware offerings undergo restructuring. Broadcom intends to halve VMware Cloud Foundation offerings to encourage migration. The move away from VMware products prompts consideration of alternatives like Microsoft's Hyper-V, Scale, Nutanix, and open-source tools. Investors are eyeing potential returns following Broadcom's stock increase. CEO Hock Tan emphasized VMware's hardware and cloud agnostic approach. VMware Cloud Foundation facilitates seamless operation across various environments, supporting hybrid multi-cloud setups.

In the latest episode of our insightful podcast series, we tackled a hot-button issue in the realm of Operational Technology (OT) security: the role of Endpoint Detection and Response (EDR) systems. This episode, "To EDR or Not to EDR: A Clash of Views in OT Security," features our own Jon and Anthony diving deep into the contentious debate, offering enlightening perspectives on whether EDR systems are a boon or a bane in the OT environment. 

The Case for EDR: Anthony's View

Anthony, a staunch advocate for the integration of EDR in OT security, laid out compelling reasons why EDR systems are indispensable in today's increasingly interconnected and cyber-threat-prone world. His arguments centered on:

• Proactive Threat Detection: Anthony emphasized how EDR provides real-time monitoring and rapid response capabilities, crucial for thwarting cyber attacks in their infancy.
• Bridging IT and OT: He highlighted the importance of integrating IT and OT security strategies, considering the blurring lines between these once-separate domains.
• Compliance and Advanced Intelligence: With growing regulatory demands, Anthony argued that EDR systems help in meeting compliance standards while leveraging advanced threat intelligence to combat sophisticated cyber threats.

The Case Against EDR: Jon's Perspective

On the flip side, Jon presented a well-articulated case against the use of EDR in OT environments. His main points included:

• Integration and Complexity Concerns: Jon pointed out the unique complexities of OT environments, which might not mesh well with EDR systems primarily designed for IT networks.
• Risk of Disruption: He raised concerns about the potential for EDR systems to unintentionally disrupt sensitive industrial processes.
• Resource and Cost Implications: Highlighting the resource-intensive nature of EDR systems, Jon questioned the feasibility of their deployment in resource-constrained OT settings.

A Balanced Discussion

What made this episode particularly engaging was the balanced nature of the discussion. Both Jon and Anthony presented well-researched arguments, backed by real-world examples and expert insights. This not only enlightened our listeners but also sparked a thought-provoking dialogue about the future of cybersecurity in OT environments.

Conclusion: An Ongoing Debate

As our podcast wrapped up, it was clear that the debate on EDR in OT security is far from settled. The episode ended on a note that encourages listeners to consider both sides of the argument, weigh the pros and cons, and think critically about the best path forward for their specific OT environments.

Discover the inspiring journey of KIKrr's co-founders, Mariana Padilla and Craig Ellrod, in Episode 7 of the Off the Wire podcast, "Introducing KIKrr and the HACKERverse." Dive into Mariana's transition from non-profit work to leading KIKrr, as she demystifies cybersecurity for businesses. This episode is a must-listen for anyone interested in tech innovation and cybersecurity solutions.

KIKrr is an innovative platform designed for the cybersecurity industry. It acts as an automated demo marketplace with a built-in events arena, showcasing the functionality of cybersecurity software. KIKrr enables users to experience products in a real-world, interactive environment. Additionally, it fosters a community of professionals seeking new cybersecurity solutions and provides a unique marketplace for connecting buyers with vendors.

Learn more and connect with KIKrr at kikrr.co. Don't miss this captivating exploration of the HACKERverse!

Follow Mariana and Craig on LinkedIn!