Sticky Pickles
Sticky Pickles
Oct 29, 2020
5: Sticky Pickles S1E5 Bad Chef and Controlling Girlfriend
23 min
What would you do? Your live-in partner is cooking you weird food, or your roomie brings his scary girlfriend to live in your apartment.

Join Anna and Carole on episode 5 as they wiggle out of these unbelievable Sticky Pickles. You'll laugh. You'll gasp. You might even cringe a little.

Sticky Pickles. Inspired by the internet, embellished by us. 

Subscribe to the Sticky Pickles podcast to get your weekly dose of giggles.

And tell us what you would do!

Instagram: @StickyPicklesPod
Twitter: @StickyPickles
Getting Into Infosec
Getting Into Infosec
Ayman Elsawah (@coffeewithayman)
Lisa Jiggetts - From Navy Cook To Pentester To Non-Profit Founder!
Lisa Jiggetts knew from an early age that she was going to be in tech an cyber. A navy veteren who started off as a cook, she always found herself gravitating towards technology. She is also the Founder & Board of Director of Women’s Society of Cyberjutsu, a non-profit that is dedicated to increasing the opportunities and advancement for women in cybersecurity. Checkout her journey into the cybersecurity field.Notes * Originally a cook in the military, then migrated to information security. * Looked for opportunities to transition into information security by talking to people in and outside her social network. * Networking can be hard, but it will turn in your favor. * Lisa is an introvert, but know how to become an extrovert when needed.Quotes * "When you're starting out, you don't necessarily get into the area you want to be in—you got to work your way up." * “That's the biggest thing you can do. I think is networking because somebody knows somebody" * "So I got all these certifications… I read a book and pass. What is it to me personally? That didn't tell me, you know, how to do anything. They get you in the door" * "[Networking is] hard, but, just do it because in the end, it's gonna turn out in your favor."Links * Lisa on Twitter: https://twitter.com/lisajiggetts * Intro Music: https://trash80.com/#/content/133/weeklybeats-2012-week5 * Women’s Society of Cyberjutsu : https://womenscyberjutsu.org/Getting Into Infosec * Breaking IN: A Practical Guide to Starting a Career in Information Security: https://www.amazon.com/dp/B07N15GTPC/ * T-Shirts, Mugs, and more: https://gettingintoinfosec.com/shop/ * Stay in touch and sign up for sneak peaks, updates, and commentary: https://pages.gettingintoinfosec.com/subscribe * Ayman on Twitter: https://twitter.com/coffeewithayman
42 min
CISO-Security Vendor Relationship Podcast
CISO-Security Vendor Relationship Podcast
Mike Johnson and David Spark
Why Is 'Pay the Ransom' In Next Year's Budget?
All links and images for this episode can be found on CISO Series (https://cisoseries.com/why-is-pay-the-ransom-in-next-years-budget/) With 25 percent of ransomware victims paying the ransomware, have we waved the white flag to the attackers? Should we just budget for it? This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and founder of Spark Media Solutions and Mike Johnson. Our guest is Les McCollum (@doinmorewithles), managing vp, CISO, ICMA-RC. Thanks to our sponsor, BitSight. BitSight is the most widely used Security Ratings service with a mission to change the way the world addresses cyber risk. Learn how BitSight for Third-Party Risk Management helps you efficiently mitigate the growing risk across your vendor ecosystem by taking an automated, data-driven approach. On this week’s episode Why is everybody talking about this now Are culture fit and diversity mutually exclusive? Allan Alford, co-host of Defense in Depth podcast, brought up the conversation of needing diversity in all areas: age, gender, ethnicity, city vs. country, country of origin, military vs. civilian, college educated vs. self-taught, socioeconomic status, and disabilities. But at the same time, I'm thinking we NEVER see those types of groups hanging out together or getting along. So how do you create a culturally sane group among such a diverse group? People are tribal by nature and even if you're successful creating diversity on your team they're going to bond with people of similar types. Won't this introduce new problems? If you haven’t made this mistake you’re not in security At the end of the year when you look at your security budget, what are the costs you didn't expect or budget appropriately at the beginning of the year? On CSO Online, John Edwards has an article about seven overlooked cybersecurity costs that may bust your budget. He mentioned items such as staff acquisition and retention, incident response, third-party analysis, and replacement costs. What has been a surprise for you and has adjusting things for the next year helped, or is there always a surprise? Which is the one everyone should prepare for but they don't? More bad security advice Over a quarter of companies that fall victim to ransomware, pay the ransom, according to a study by Crowdstrike. In a discussion thread on reddit, user yourdigitalmind said they had a client who remarked, "WHEN we get hit, it will force us to start doing things right, but right now, it's cheaper'" So he's accepted being hit by ransomware is inevitable. That falls in line with Crowdstrike's study that found after a ransomware attack 75 percent of the victims do increase their security spend on tools and hiring. Humor for me a moment. Most of us do not want to pay the ransom, but sometimes you can't think of the greater good and you have to think of the survival of the business. Is this where I should put my marketing dollars? What types of vendor stories do you respond to? I bring this up because Mike O'Toole, president of PJA Advertising wrote a great piece about how to build a cybersecurity brand story. In the article, he offers up some really good advice such as "Position yourself against the category, not just your direct competitors," "Fear gets attention, but opportunity can drive purchase behavior," and "The strongest brand stories are about market change." Which advice most resonates with how you're pitched, and can you think of either a customer story or offering that you overheard that pushed you into exploring a vendor's solution?
34 min
Defense in Depth
Defense in Depth
Allan Alford and David Spark
Data Protection and Visibility
All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-data-protection-and-visibility/) Where is your data? Who's accessing it? You may know if you have an identity access management solution, but what happens when that data leaves your control. What do you do then? Check out this post for the basis for our conversation on this week’s episode which features me, David Spark (@dspark), producer of CISO Series, co-host Allan Alford (@allanalfordintx), and our sponsored guest is Elliot Lewis (@elliotdlewis), CEO, Keyavi Data. Thanks to this week's podcast sponsor, Keyavi Data. Our Keyavi breaks new ground by making data itself intelligent and self-aware, so that it stays under its owner’s control and protects itself immediately, no matter where it is or who is attempting access. Keyavi is led by a team of renowned data security, encryption, and cyber forensics experts. See for yourself at keyavidata.com. On this episode of Defense in Depth, you’ll learn: * In general, all of security is based on detecting threats and stopping threats. When those two fail, and they do, what's your recourse to protect your data? * What if when your data leaves your control either accidentally or through a malicious breach, you were still able to see your data wherever it went and your data could communicate back to you its status, allowing you to control access to your data? * There are so many scenarios when data leaves you, it's impossible to protect for all scenarios. * Asset inventory is first step in the CIS 20. Just trying to get an asset inventory of equipment is difficult. An inventory of data is near impossible especially when you may be pumping out a terabyte of data a day. * Ideal situation is to protect data proactively, as it's being created. * The ultimate goal is to have visibility of your data in perpetuity, for the life of the data, and you can decide when to destroy it even when it's no longer within the confines of your greater network and ecosystem. * Governing your network, your applications, the rules, and the data is half the battle. * Data visibility also allows you to make informed decisions as a business and can provide the answers your legal team will need in case there's a breach. * You want the data protection and visibility schema to be platform and ecosystem independent. If data is taken out of the ecosystem, then the protection and visibility is moot. * A good precursor to this is digital rights management or DRM. They have figured out how to manage data from being copied and manipulated and they can place controls on it. The limiting factor though is it's platform dependent.
33 min
More episodes
Search
Clear search
Close search
Google apps
Main menu