BlackNight Cyber brings us some valuable information on how to avoid some of the high cost of top dollar penetration testers. Some of their competition may not like the free advice they give on todays show, but I think you will enjoy it. Today's guest Josh Stinson and Jeramie Crabtree, tell us to "stop and do these top 10 things" before calling that high priced penetration tester.
1) Know your business risks and identify your information crown jewels
2) Identify basic vulnerabilities using free version of Nessus
3) Identify what regulation is related to your business and how do you stand vs required thresholds.
4) Check that you do not use default Logins on: cameras, printers, routers, wireless networks
5) Determine if you use older Operating systems that are not supported by Microsoft: Vista or older will cause large amounts of time spent making penetration testing reports
6) Check for unknown wireless access points
7) Know your plan for "bring your own device" (BYOD)
8) Have an employee connected, informed, and attending CISO organization events
9) Connect with and attend local ISSA Chapter, ISC2 or NCC events
10) Subscribe to Cyberwire, HackFive, New Cyber Frontier, or other Cyber education series
We thank both of our guest and company BlackNight for the valuable direction on do-it-yourself actions to save us all some valuable resources.
Visit our sponsors:
Cyber Resilience Institute
Internet Broadcasting Network
Logic Central Online
Storage Networking Industry Association
National Cybersecurity Center
NCF-298 Embracing Empathy for the User Community
NCF-297 How To - Funding for Cybersecurity Workforce
NCF-IEEE3 Privacy of Critical Health Predictive Data
NCF-296 Cybersecurity of Firefighting and Paramedics
NCF-295 The Cybersecurity of Transport Logistics
NCF-294 Imaginary vs Real Threats to The Electric Grid
NCF-293 Rethinking Cybersecurity Designs
NCF-292 Internal I.T. With The Customer First Mindset
NCF-IEEE2 Using Emerging Technology to Problem-Solve Healthcare
NCF-291 Unpacking the SolarWinds hack
NCF-290 Adapting to Today’s Cybersecurity Landscape
NCF-289 Dedication to Information Security
NCF-288 New Techniques in Network Security
NCF-287 New Defined Future with Blockchain
NCF-286 Building ”We” and ”Us” Cyber Teams
NCF-IEEE1 The Emerging Participatory Grid
NCF-285 Hardening to limit Overexposure from Business Services
NCF-284 Assessing to Predict Career Success
NCF-283 Hacking to make Secure Software
NCF-SR17 Looking Forward - Cybersecurity Trends in 2022
Create your
podcast in
minutes
It is Free
The Commercial Edge: Unleash the Power of People
The emPOWERed Half Hour
NABOR® TALKS
U.S Property Podcast
Aligned Money Show
The Ramsey Show
Planet Money