BlackNight Cyber brings us some valuable information on how to avoid some of the high cost of top dollar penetration testers. Some of their competition may not like the free advice they give on todays show, but I think you will enjoy it. Today's guest Josh Stinson and Jeramie Crabtree, tell us to "stop and do these top 10 things" before calling that high priced penetration tester.
1) Know your business risks and identify your information crown jewels
2) Identify basic vulnerabilities using free version of Nessus
3) Identify what regulation is related to your business and how do you stand vs required thresholds.
4) Check that you do not use default Logins on: cameras, printers, routers, wireless networks
5) Determine if you use older Operating systems that are not supported by Microsoft: Vista or older will cause large amounts of time spent making penetration testing reports
6) Check for unknown wireless access points
7) Know your plan for "bring your own device" (BYOD)
8) Have an employee connected, informed, and attending CISO organization events
9) Connect with and attend local ISSA Chapter, ISC2 or NCC events
10) Subscribe to Cyberwire, HackFive, New Cyber Frontier, or other Cyber education series
We thank both of our guest and company BlackNight for the valuable direction on do-it-yourself actions to save us all some valuable resources.
Visit our sponsors:
Cyber Resilience Institute
Internet Broadcasting Network
Logic Central Online
Storage Networking Industry Association
National Cybersecurity Center
NCF-351 Contrasting Consumer Security Needs
NCF-347 Cyber Physical Security
NCF-350 Modernizing for the Future: Navigating Legacy System Upgrades
NCF-349 Colorado Cyber-Tech Startup Capital
NCF-348 Cybersecurity Takes Flight
NCF-346 Escalating Effectual DevOps
NCF-345 Sustainability of Cybersecurity in the AI Era
NCF-344 Protecting your Data Wealth
NCF-343 Post Digital Transformation Philosophy
NCF-342 On the 2024 Cyber Frontier
NCF-341 Exploring New Methods of Distributed Trust
NCF-340 It Takes a Community to Build Next-Gen Cyber
NCF-339 New Frontier of Individual Empowerment
NCF-338 Disrupting Markets by Cybersecurity Economics
NCF-337 Entering a New Year and New Phase for Cybersecurity
NCF-335 Small Business Balances Cybersecurity Cost vs Value
NCF-336 Confidential Computing Explained
NCF-334 Security Engineering for Industrial Systems
NCF-333 EDGE Symposium Presentation
NCF-332 Weaponized Documents and Content
Create your
podcast in
minutes
It is Free
The Commercial Edge: Unleash the Power of People
The emPOWERed Half Hour
Aligned Money Show
Gorse Culture PODcast : The H.R. Detective Agency!
HCI Leadership Revolution
The Ramsey Show
Planet Money