BlackNight Cyber brings us some valuable information on how to avoid some of the high cost of top dollar penetration testers. Some of their competition may not like the free advice they give on todays show, but I think you will enjoy it. Today's guest Josh Stinson and Jeramie Crabtree, tell us to "stop and do these top 10 things" before calling that high priced penetration tester.
1) Know your business risks and identify your information crown jewels
2) Identify basic vulnerabilities using free version of Nessus
3) Identify what regulation is related to your business and how do you stand vs required thresholds.
4) Check that you do not use default Logins on: cameras, printers, routers, wireless networks
5) Determine if you use older Operating systems that are not supported by Microsoft: Vista or older will cause large amounts of time spent making penetration testing reports
6) Check for unknown wireless access points
7) Know your plan for "bring your own device" (BYOD)
8) Have an employee connected, informed, and attending CISO organization events
9) Connect with and attend local ISSA Chapter, ISC2 or NCC events
10) Subscribe to Cyberwire, HackFive, New Cyber Frontier, or other Cyber education series
We thank both of our guest and company BlackNight for the valuable direction on do-it-yourself actions to save us all some valuable resources.
Visit our sponsors:
Cyber Resilience Institute
Internet Broadcasting Network
Logic Central Online
Storage Networking Industry Association
National Cybersecurity Center
NCF-SR16 2021 Year in Review – Securing Critical Infrastructure
NCF-282 Cybersecurity Communication and Leadership
NCF-281 Miniature Sensors Control Cybersecurity
NCF-280 Setting up Diversity in Cyber Security
NCF-279 Is your Personality the best fit for your chosen Career?
NCF-278 Making Cybersecurity More Inclusive
NCF-277 Marketing of Cyber Security Products
NCF-276 What you need to know about NIST Privacy Framework
NCF-SR15 Convergence of Health care and Cybersecurity
NCF-SR14 Cyber Security Professional Specializing in Audit and Training From The Founder at SecurityFeeds
NCF-275 Incident handling and response for Fortune 100 Companies
NCF-274 Securing Next-Gen Renewable Energy Systems
NCF-273 Security Performance Management
NCF-DC08 Cybersecurity Workforce Trends
NCF-272 Securing an Ageing Electric Grid layered with New IIoT
NCF-271 Global Trends in Blockchain
NCF-270 An Integrated Future: Securing Exponential IIoT Growth
NCF-269 Transitioning from Technical to a Leadership Role
NCF-268 Introducing NCF Host Martha Laughman
NCF-267 Small Business Contractors Struggle with CMMC Expectations
Create your
podcast in
minutes
It is Free
The Commercial Edge: Unleash the Power of People
The emPOWERed Half Hour
NABOR® TALKS
U.S Property Podcast
Aligned Money Show
The Ramsey Show
Planet Money