The Gate 15 Company is a leader in helping organizations by providing threat-informed, risk-based approaches to analysis, preparedness and operations.
Nerd Out Security Panel Discussion: EP 18. Dave Solo?! Talking Recent Events and Preparedness
30:57In the most recent episode of Nerd out, and as accurately described by Ron Burgundy it could be a horrible news story but Dave goes solo to talk about the recent events. These include the Norway Bow and Arrow attack, the murder of a British Member of Parliament, and two of the more recent insider threat attacks and how organizations can learn from these events and improve their security posture. Dave then goes a little pop culture to talk about his three favorite security movies and shows. He also uses these references to talk about how organizations can build and nuture their own intelligence analysts and the value they can bring to an organizations. Rough transitions aside and some help from Ron Burgundy and Syndrome aside the panel will return for next month as they look ahead to what should be a busy holiday season.
The Cybersecurity Evangelist_Ep14_Cybersecurity Awareness Month 2021
37:41The Cybersecurity Evangelist "evangelizes" Cybersecurity Awareness Month 2021. Cybersecurity Awareness Month is co-led by the National Cyber Security Alliance and the Cybersecurity and Infrastructure Agency (CISA) of the U.S. Department of Homeland Security. For more information about ways to keep you and your family safe online visit https://staysafeonline.org/cybersecurity-awareness-month/ and cisa.gov/ncsam. Other resources mentioned during this episode: https://www.cisa.gov/cyber-essentials https://www.ic3.gov/ https://www.sans.org/tip-of-the-day?msc=main-nav https://cybercrimesupport.org/ https://fightcybercrime.org/ https://gate15.global/cybersecurity-awareness-month-2021-tips-from-the-pros/
The Risk Roundtable: EP 23. CAM, Disgruntled Employees, and Scott Bakula
50:33The latest episode of the Risk Roundtable gets the group going in all sorts of directions ranging from an opening related to COVID fatigue, Cybersecurity Awareness Month, and disgruntled employees. After deliberating whether they need a new roulette round music selection (Dave volunteered to sing it), the group sang the praises of new CISA chief Jen Easterly and the way she has been out front on all of the latest security issues, as well as sharing some of our favorite security twitter feeds, as well as hitting on the importance of Patching (catch out Jen's latest Cybersecurity Evangelist Pod for more details). The group wrapped up with Andy's three questions to address Super Bowl projections, Halloween, and what show we would want to reboot - hello Quantum Leap! Some of the reports and postings referenced in the podcast include: CISA and Krebs: https://gate15.global/cybersecurity-infrastructure-security-time-to-make-this-happen/ Cybersecurity Awareness Month - Tips from the Pros: https://gate15.global/cybersecurity-awareness-month-2021-tips-from-the-pros/ Jen Easterly Twitter: https://twitter.com/CISAJen Suzanne Spaulding Twitter: https://twitter.com/SpauldingSez Chris Krebs Twitter: https://twitter.com/C_C_Krebs Jennifer Lyn Walker, Director of Cyber Defense Posts: @Gate_15_Analyst & @WaterISAC, LinkedIn: https://t.co/XGIB3hLkam Disgruntled Employees: https://www.waterisac.org/portal/insider-threat-%E2%80%93-former-employee-indicted-unauthorized-computer-access-intent-harm-kansas HEAC White Paper: https://gate15.global/white-paper-the-hostile-event-attack-cycle-heac-2021-update/
Nerd Out Security Panel Discussion: EP 17. Lessons of the past to prepare the future
49:00In the latest edition of Nerd Out, Dave is joined by nerdette Bridget Johnson, and nerd Joe Levy to take stock of what did and did not happen at the recent Justice for January 6th event in Washington D.C. and the preparedness lessons learned. Equally important is how could venues use those lessons to plan for the future. The team also looked at some of the root causes for the low attendance and why there may be a larger cause for concern. The merry band of nerds and nerdettes went through some fall-inspired quick hits all the while giving due credit to CISA for their bevy of resources to include the latest series: De-Escalation Series for Critical Infrastructure Owners and Operators (www.cisa.gov/publication/de-escalation-series). Dave Pounder is a Senior Risk Analyst for Gate. Twitter: @dpounder; email: email@example.com Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: firstname.lastname@example.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/ Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ
The Gate 15 Interview EP 15. Mark Arena, Intel 471, Cyber Intelligence Expert and CEO, Intel 471
47:47In this episode of The Gate 15 Interview, Andy Jabbour talks with Mark Arena, CEO, Intel 471. In the discussion we address: Mark’s background Intel 471 Cyber threats Future threats And more! “It all goes down to password reuse… enforce two-factor authentication on everything…” – Mark Arena Mark on Twitter: @markarenaau. Mark on LinkedIn. https://www.linkedin.com/in/mark-arena-36a86516/ Intel471 on Twitter: @Intel471Inc. Intel471 on LinkedIn. https://www.linkedin.com/company/intel-471/ A few references mentioned in or relevant to our discussion include: Intel 471: https://intel471.com Intel 471’s Cyber Underground General Intelligence Requirements Handbook. https://intel471.com/resources/cu-girh-download-request Upcoming Intel 471 video podcast! Intel 471 CTI experts will examine recent developments in the cyber underground through the lens of the media & telecommunications sector. Check it out: 28 Sep 2021, 11am (see registration link for time zone options). Register here: https://hubs.la/H0WW0Gn0. Top FBI official says there is 'no indication' Russia has taken action against hackers, The Hill, 14 Sep 2021. (https://thehill.com/policy/cybersecurity/572184-top-fbi-official-says-there-is-no-indication-russia-has-taken-action) “Based on what we’ve seen, I would say there is no indication that the Russian government has taken action to crack down on ransomware actors that are operating in the permissive environment that they have created there… We’ve asked for help and cooperation with those who we know are in Russia who we have indictments against, and we’ve seen no action, so I would say that nothing’s changed in that regard,” - FBI Deputy Director Paul Abbate, via The Hill Russia is fully capable of shutting down cybercrime, CSO Online, 14 Sep 2021. (https://www.csoonline.com/article/3632943/russia-is-fully-capable-of-shutting-down-cybercrime.html) Australian Cyber Security Centre Essential Eight. (https://www.cyber.gov.au/acsc/view-all-content/essential-eight) “While no set of mitigation strategies are guaranteed to protect against all cyber threats, organisations are recommended to implement eight essential mitigation strategies from the ACSC’s Strategies to Mitigate Cyber Security Incidents as a baseline. This baseline, known as the Essential Eight, makes it much harder for adversaries to compromise systems.” Thoma Bravo Makes Strategic Investment in Intel 471 Announcement, 08 Sep 2021. (https://intel471.com/company/press-releases/thoma-bravo-makes-strategic-investment-in-intel-471)
TCE EP13 - Prattling on About Patching on this Podcast Party of One
27:03Your favorite cybersecurity evangelist waxes solo and prattles on about patching in this no frills episode of TCE.
The Risk Roundtable: EP 22. Acronym Soup
54:21Security awareness months kick into high gear and the Risk Roundtable crew gives their thoughts on the various ones (NPM, NITAM, NCAM, XYZPDQ...) and the heart of each one - Preparedness and Awareness! The group then talks about some of the ongoing protest activities and look ahead to some upcoming events including the "Justice for J6" event. Continuing the preparedness theme, and switching to the Roulette Round the roundtable turned to everyone's favorite security researcher - Troy Hunt and him living his best life while making everyone aware of their risks as well as a lively debate on passwords. Toss in some comments about weather preparedness and whatever Andy wanted to go off on and the group wrapped up with some fun (even questionable) questions. Still not sure why everyone shutters at green holidays. Some of the references from the discussion: National Preparedness Month | Ready.gov: https://www.ready.gov/september National Insider Threat Awareness Month: https://www.odni.gov/index.php/ncsc-features/2834 Press Briefing by Press Secretary Jen Psaki and Deputy National Security Advisor for Cyber and Emerging Technologies Anne Neuberger, September 2, 2021: https://www.whitehouse.gov/briefing-room/statements-releases/2021/09/02/press-briefing[…]-and-emerging-technologies-anne-neuberger-september-2-2021/ The White House Memo to Industry on Ransomware: Take Action (Now): https://gate15.global/the-white-house-memo-to-industry-on-ransomware-take-action-now/ Stuff Off Search | CISA: https://www.cisa.gov/publication/stuff-off-search www.cisa.gov/sites/default/files/publications/Assets_Showing_Primer_508c.pdf Troy Hunt Montage: https://www.pentestpartners.com/security-blog/from-open-guest-wi-fi-to-pwning-a-lift/ https://abbreviations.yourdictionary.com/reference/abbreviations/what-is-an-initialism.html https://www.troyhunt.com https://haveibeenpwned.com https://www.youtube.com/watch?v=N_y8B-tmDM0 TroyHunt from BlackHat Asia Lessons from 11 Billion Breached Records (edited) https://twitter.com/rhowe212/status/1433308481214369797 https://youtu.be/N_y8B-tmDM0 https://www.ncsc.gov.uk/news/ncsc-lifts-lid-on-three-random-words-password-logic James DeMeo - What's Your Plan? https://jamesademeo.com
The Gate 15 Interview EP 14. Amanda Mason, Vice President, Intelligence, Related Companies, discusses security, info sharing, terrorism, extremism, 9/11, and more.
46:37In this episode of The Gate 15 Interview, Andy Jabbour talks with Amanda Mason, Vice President, Intelligence, Related Companies. “Our passion for urban life could not be any stronger. We are committed to moving our communities forward and enriching people’s lives.” - Stephen M. Ross, Chairman & Founder. Amanda on LinkedIn. In the discussion we address: Amanda’s background Amanda’s current responsibilities at Related Companies COVID and safe and secure operations and reopening The recent National Terrorism Advisory System Bulletin, Afghanistan and associated concerns Terrorism, extremism, and the upcoming 20th anniversary of the 9/11 attacks And more! Please enjoy this episode of The Gate 15 Interview podcast on Anchor, Spotify, Apple, Google, as well as other locations accessible via the Anchor link or almost anywhere you listen to your favorite podcasts. “We can’t necessarily predict, but we can prepare.” A few references mentioned in or relevant to our discussion include: Learn more about Related! https://www.related.com New York Post, Real estate giant Related Cos. to require all employees to get vaccinated (02 Aug 2021) National Terrorism Advisory System (NTAS) Bulletin (13 Aug 2021) DHS CISA: MIS, DIS, Malinformation DHS CISA: Countering Disinformation In Social Media video DHS FEMA: Homeland Security Exercise and Evaluation Program DHS FEMA: ICS Resource Center “We have to do our tabletop exercises… we have to think of the worst case scenario.” “I can’t believe that I get to protect a landmark asset in NYC.” The Gate 15 Interview is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues. Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Anchor, Apple, Spotify, Google, as well as other locations accessible from the Anchor link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes: The Risk Roundtable, is a recurring monthly discussion among our team and occasional guests as we explore the all-hazards threats and risks impacting the United States and internationally. The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests. Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics. The Gate 15 Interview, is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues. We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Twitter, LinkedIn or via email at: podcast@ga
Nerd Out Security Panel Discussion: EP 16. Terrorism, NTAS, Misinformation, COVID, and the end credits!
52:58After a a busy couple of weeks, the merry band of Nerdies gathered to discuss the latest news on the terrorism and extremist front and how misinformation has shaped so much of these advanced. The group started with Bridget’s reporting of a new Al Qaeda message, which was followed with press reports extremist chatter and then the he National Terrorism Alert System Bulletin. These all gave the group an opportunity to talk to the risks to various locations, especially venues and the Commercial Facilities Sector. Next, the group transitioned to mis-information and how integral it was to both terrorist groups as well as domestic violent extremism. COVID dominated the last part of the discussion with Bridget sharing her personal story and loss before the group went through a rapid fire set of questions! But just like our favorite band of super-heroes, stay for the end credits and you might here about killer mosquitos. Dave Pounder is a Senior Risk Analyst for Gate. Twitter: @dpounder; email: email@example.com Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: firstname.lastname@example.org; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/ Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ
The Risk Roundtable: EP 22. Who's the Nerd Now?
51:12The discussions were lively on the latest edition of the Risk Roundtable as Jen showed off her inner nerd! With Andy nursing an injury, Dave and Jen took off on topics ranging from the latest White House memos on improving critical infrastructure to the troubling trends on COVID and what it all means for businesses and organizations. In the roulette round (Dave is on a 2 pod winning streak with the theme music) the roundtable talked about some all-hazards and preparedness for the upcoming religious holidays before Jen "nerded out" on various reports on new CVEs and displayed a very nerdy t-shirt to boot! Andy got his strength back for his three questions where Dave revealed his disgust over some veggies and lack of love for a historic band! Some of the links mentioned in the podcast included: National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems: https://www.whitehouse.gov/briefing-room/statements-releases/2021/07/28/national-security-memorandum-on-improving-cybersecurity-for-critical-infrastructure-control-systems/ Background Press Call on Improving Cybersecurity of U.S. Critical Infrastructure: https://www.whitehouse.gov/briefing-room/press-briefings/2021/07/28/background-press-call-on-improving-cybersecurity-of-u-s-critical-infrastructure/ FACT SHEET: Biden Administration Announces Further Actions to Protect U.S. Critical Infrastructure: https://www.whitehouse.gov/briefing-room/statements-releases/2021/07/28/fact-sheet-biden-administration-announces-further-actions-to-protect-u-s-critical-infrastructure/ 2021 CWE Top 25 Most Dangerous Software Weaknesses: https://cwe.mitre.org/top25/archive/2021/2021_cwe_top25.html Joint Cybersecurity Advisory: Top Routinely Exploited Vulnerabilities: https://us-cert.cisa.gov/sites/default/files/publications/AA21-209A_Joint%20CSA_Top%20Routinely%20Exploited%20Vulnerabilities.pdf Bridget Johnson's COVID Article: https://www.hstoday.us/subject-matter-areas/pandemic-biohazard/covid-19-a-plea-to-learn-from-those-who-have-suffered-and-lost/