Cybersecurity Sense

In this episode, Host William Parks shares ransomware awareness tips and cybersecurity best practices to keep your company safe from attacks.

To celebrate Women's History Month, LBMC interviews a panel of our women cybersecurity experts on their unique career journeys, what advice they would give to women looking to work in the field, and goals for the future. 

In this episode, the LBMC team gives listeners insight into what to expect when interviewing for a role in information security. Learn what qualities hiring managers are looking for as you prepare for your job interview.

Part two of our Information Security Careers podcast series. Our panel of experts share their paths to their first infosec jobs and provide advice for pursuing a career in the field.

Learn how a few members of the LBMC Information Security team got started in their careers, and what you should consider when going into the field. 

In this episode, Caryn Wooley joins us to discuss the Cybersecurity Maturity Model Certification (CMMC). Learn why the Department of Defense created the model to improve security for government contractors and subcontractors. Hear what you can do to start preparing for CMMC today.

Nancy Spizzo, Senior Manager at LBMC Information Security, joins Bill Dean to talk about HITRUST and the new LBMC Information Security HITRUST Guide being released later this fall. 

In this episode Bill Dean and Stewart Fey discuss penetration testing for PCI compliance. Learn about the differences between penetration testing and vulnerability assessments, and what is needed to meet requirements for PCI compliance.

In this episode Nancy Spizzo joins Bill Dean to discuss re-entry to the workplace. They'll discuss what items you should consider from a security and technology perspective as organizations plan to reopen their facilities. 

In this episode, Chelsea Smith talks with Bill Dean about the impact of remote work on IT audits during the COVID-19 pandemic. 

Zoom is soaring in popularity as a large population of remote workers are using it for video conferencing. With it's surging popularity, the platform's loose security protocols made it an easy target for hackers to take advantage and disrupt calls. "Zoombombing" allowed anyone to login to unprotected links to intrude on the calls often sharing lewd photos and videos. Listen to our most recent podcast to hear what you can do to use Zoom securely. 

In this episode, LBMC's cybersecurity experts discuss the topic of social engineering via phishing. Learn the difference in using phishing software solutions versus penetration testing services for your cybersecurity program.

LBMC Cybersecurity expert, Derek Rush, joins Bill Dean as they discuss the benefits and limitations of multi-factor authentication. 

The LBMC Information Security team recaps the 2019 HITRUST conference that was held in Texas in May. The team talks about the latest news on third-party assurance, HITRUST CSF adoption and controls implementation, SOC 2 + HITRUST, and the latest initiatives in the quality sub committee.

In this podcast, LBMC Information Security’s Mark Burnette offers a summary and perspective on the council’s insights—specifically addressing the three likely changes for the next version of the PCI DSS.

In this podcast, LBMC Information Security’s Bill Dean and John Dorling discuss some of the new tools available to help merchants who are trying to achieve PCI compliance.

2018 was one of the biggest years for data breaches to date, with more than 6,500 data breaches reported throughout the year. In this podcast, LBMC Information Security’s Bill Dean dives deeper into these recent data breach statistics and why it’s important to keep investing in the hard work involved with combating cyber-attacks to prevent data breaches in the days to come.

All companies are subject to opportunistic attacks, but do you know if you are subject to a targeted attack based on the data you generate or maintain? In this podcast, LBMC Information Security’s Bill Dean addresses this question while diving deeper into the key differences between targeted attacks and opportunistic attacks.

Since incident response issues are no longer just an IT issue and can often involve legal issues, it is important for organizations to develop an incident response team, seek outside expertise, and have an overall action plan in the event of an incident. In this podcast, LBMC Information Security’s Bill Dean discusses how a complex situation like incident response can be purely based on common sense.

In a previous podcast, we discussed purple-teaming as it compares to a conventional penetration test. Let’s now build on that approach, starting with the differences between attack simulation and conventional penetration tests. The methodology of attack simulation is the assumption that the network or a system will become compromised and the current controls will not prevent the infection. So, how does attack simulation differ from purple-teaming? With purple-teaming, everyone know what controls are being tested and when. The attack simulation is a bit different, asthe focus is the emulation of a specific attacker group and their methods of obtaining sensitive data. In this podcast, LBMC Information Security’s Bill Dean discusses attack simulation, or what some people label adversary simulation.