Tuesday Morning Grind: A Cybersecurity Podcast

Mark Weatherford, Homeland Security Cybersecurity Deputy Under President Obama talks about Cyber Risk and Leadership

Mark Weatherford has a long career in public service including serving in Homeland Security and CISO for the state of California and Colorado. In this episode of Tuesday Morning Grind, Mark and Christian discuss cyber risks, cybersecurity legislation, and leadership in the public sector.

About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.

Gerald Auger is the host of Simply Cyber, an information security YouTube channel designed to help individuals go further, faster in the information security field. He’s also the Director of Cybersecurity Education at ThreatGEN™. Christian and Gerald discuss his passion for the information security field which led to the creation of Simply Cyber, handling breaches, how to talk to executives about security, and what’s missing from the field for it to work better. They also talk about Gerald’s new adventure into ThreatGEN™ and the gamification of cybersecurity education.

About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.

How to make a business case as a CISO, attract talent and tell a story in cyber.

Rock Lambros is the CEO & Founder of RockCyber. In this episode of Tuesday Morning Grind, Rock and Christian discuss how to make a business case to C-suite executives, how to attract top-tier talent in a virtually zero unemployment industry and how to tell a story so employees can understand cyber issues and risks.

About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.

Gary DeMercurio was arrested for breaking into a courthouse in Iowa.   

Gary DeMercurio is a master at physical security. He breaks into buildings and tells the owners how he did it so they can improve their security posture. In 2019, he was arrested in Iowa after breaking into a courthouse. In this episode of Tuesday Morning Grind, Gary and Christian discuss how it all went down and lessons learned from the event. They also discuss some of the tactics used in physical penetration test engagement.    

About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.

What it takes to grow a hyper growth start-up, lead people, and the courage to take your shots.

Dinah Davis is the VP of R&D Operations at Arctic Wolf. She has helped the organization scale from 35 to nearly 1500 employees. In this episode of Tuesday Morning Grind, Dinah and Christian discuss practical lessons on leadership, Dinah’s journey as a women in technology leadership, cybersecurity trends, and the incredible value in finding the courage to take your shot.

About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. 

You can learn more about risk3sixty at www.risk3sixty.com.

Privacy considerations in the world of healthcare, emerging tech, and regulation.

From regulations like HIPAA, GDPR, and CPRA to home listening devices -- Kate and Christian discuss the future of privacy and the potential implications for businesses and individuals.

About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.

Four of the World’s Top Hackers Talk Cyber War, Spying, Hacking, Privacy, and Life 

The impacts of technology on our society are further reaching that we yet understand. As our society increases screen time, connects our home, our cars, and ourselves to the digital universe both practical and philosophical questions must be answered. Questions of cyber conflict, privacy, digital interaction, and what it means to be human all emerge. In this episode of Tuesday Morning Grind, four of the world’s top hackers discuss some of these questions at length. 

Connect with the hackers in this episode:

• Chris Roberts: https://www.linkedin.com/in/sidragon1/
• Luke “Pyr0” McOmie: https://www.linkedin.com/in/lmcomie/
• Mike Weber: https://www.linkedin.com/in/webermike/
• Mike “The Haunted Hacker” Jones: https://www.linkedin.com/in/mikejonesnotanalias/ 

About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.

Crypto - What are the threats and opportunities?  

There are big threats and even bigger opportunities in the world of crypto right now. New technologies, huge upside investment, software vulnerabilities, bugs, world changing payment solutions, and criminal organizations – all exist and thrive in the same environment. In this episode of Tuesday Morning Grind, Lance, Sawyer, and Christian discuss blockchain technology and crypto.  

About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.

We are seeing the highest volume of cyber attacks we have ever seen.  

Raj has briefed heads of state, CEOs, and politicians on cybersecurity. During his time a chief scientist at McAfee he was responsible for understanding the thread landscape, researching emerging threats, and perhaps most importantly – mastering the human side of cybersecurity – emotion, self-interests, fear, and geo-politics. In this episode of Tuesday Morning Grind, Raj and Christian discuss the current state of cybersecurity, emerging trends, and the human side of cybersecurity.  

About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com.  

Books Recommended in this Episode: What Everybody is Saying by Joe Nevarra  

Whitepaper by Raj: Hacking the Human Operating System

Learn how to take your security assessments to the next level by implementing a few best practices. 

Jo is an author, teacher, and life long internal auditor. She has spent her career thinking about risks and helping communicate those risks to executives. In this episode of Tuesday Morning Grind, Jo and Christian discuss how principles of “total quality auditing” can be used to execute better security assessments. They talk about selecting risk based projects, communication issues, report writing, and driving organizational change. 

About risk3sixty: risk3sixty is a security, privacy, and compliance consulting firm that helps high growth technology organizations build, manage, and assess security and privacy programs. Offering services related to SOC 2, ISO 27001, PCI DSS, HITRUST, Virtual CISO, Privacy Programs (GDPR, CCPA, etc.), Penetration Testing, and a GRC Platform built for cloud technology companies, Phalanx. You can learn more about risk3sixty at www.risk3sixty.com. 

Book Recommendation from this episode: Total Quality Auditing 

Check out training and education: https://www.auditconsultingeducation.com/total-quality-auditing/