Biometrics data hacking is evolving– and, if you’re not careful and aware of the risks, it could potentially be used in an attack against your organization. In this episode, we’ll hear from Rishabh Goswami, a Compliance Manager at Amazon Web Services (AWS), as he shares real-world examples of how biometrics data is used by both malicious actors and businesses alike. In this episode, you'll learn: How could biometric data breaches impact your organization’s security and operational integrity? What are the risks of personal biometric data being misused in ways that threaten both employees and the company? What measures can security teams take to protect sensitive biometric data from breaches or misuse? How can organizations navigate the current gaps in biometric data regulations to ensure robust protection? Relevant links: Follow Rish on LinkedIn: https://www.linkedin.com/in/rishabh-goswami/ Learn more about how D3 optimizes your workflows to help you respond to emerging threats: https://d3security.com/capabilities/soc-management/

It’s a new year, and with that brings an opportunity for MSSPs to re-evaluate their growth strategies to reach new customers and diversify their offerings. This week, Amy chats with Tony UcedaVelez, CEO & Founder of VerSprite, about offering Threat Modelling as a Service. Tony explains his 7-step threat modelling methodology, PASTA, and how he incorporates his methodology into security services for VerSprite’s customers. In this episode: 😎 How can threat modelling help MSSPs identify and prioritize security risks for clients? 🖼️ What are the key threat modelling methodologies or frameworks MSSPs can use? 🔐 How does threat modelling enhance an MSSP’s overall security services and reduce client risk  exposure? Relevant links: Learn more about how to scale your MSSP with D3’s automation: https://d3security.com/capabilities/software-to-scale-your-mssp/ Learn how VerSprite delivers a more profitable MSSP offering with D3: https://www.youtube.com/watch?v=ivC5Nfk0YdY  Follow Tony on LinkedIn: https://www.linkedin.com/in/tonyuv/ Follow Tony on X: https://x.com/t0nyuvCheck out the PASTA GitHb Fork Community: https://github.com/VerSprite/fork-community

Identity and access management (IAM) is stepping up and adopting AI & automation to tackle the ever-growing “Phishing Problem”. Amy chats with Natee Pretikul, the Principal PM Manager at Microsoft Security, about how MFA, passkeys, and AI-driven tools like Microsoft Copilot are transforming security strategies. In this episode, you will learn: 🐟 How does enabling multi-factor authentication (MFA) reduce the risk of phishing attacks by 99%? 🔑 What are passkeys, and why are they seen as a key step toward a passwordless future? 🧑‍💻 How are hackers using AI to make phishing emails more convincing and harder to detect? 🧑‍✈️ What role does Microsoft’s Copilot play in helping security teams respond faster to incidents and prioritize risks? Relevant links: Learn how D3 helps prevent phishing attacks: https://d3security.com/solutions/by-use-case/phishing-attack/ Follow Natee on LinkedIn: https://www.linkedin.com/in/nateenew/

We’re joined this week by Ketan Nilangekar, the Co-Founder and CEO of ThreatWorx, to answer the question– how can we approach third-party risk management today, especially in the newly AI-driven world? In this episode: 🚧How do we deal with the challenges of third-party risk management? 🤖What role does AI play in the risk management space? 🔐Does the market need a new push towards stronger security measures for software vendors? 🤝How can we work with vendors effectively to ensure we are compliant and secure? Relevant links: Learn more about the D3 + ThreatWorx integration: https://d3security.com/blog/automate-vulnerability-threat-management-threatworx/ Learn more about ThreatWorx at threatworx.io Learn about D3’s cyber threat hunting playbooks: https://d3security.com/capabilities/threat-hunting/

Enter the world of AI in cybersecurity with Anthony Green, President of the ISACA Vancouver Chapter. From managing data protection to setting up the right guardrails, Anthony shares practical insights into getting the most out of AI while maintaining your security posture. In this episode, you’ll find out: 🤔 How can businesses ensure AI models align with security policies and privacy standards? 🪜What steps should companies take to manage AI risks while remaining compliant with regulations? 🧑‍💻 Who is responsible for setting up and enforcing AI governance within an organization? 👷 What are the key security guardrails needed to use AI safely and prevent unauthorized data access? Relevant Links: Leverage D3’s Ace AI to speed up playbook development: https://d3security.com/platform/ace-ai/  Connect with Anthony on LinkedIn: https://www.linkedin.com/in/anthonygreen00/

They say that innovation isn’t just about adopting the right technology, it's about adopting a change mindset that allows you to adapt to the evolving environment in cybersecurity… Ok, well maybe no one actually says that, but it’s still true. In this episode of Let’s SOC About It, Amy Tom chats with Evgeniy Kharam about how SOAR and SIEM tools have adapted to changes in the tech landscape. In this episode, you’ll learn: ☁️ How did the introduction of cloud technology change the development and functionality of SOAR tools? 🤝 How did APIs play a role in security automation? 🥴 Why was the traditional VPN and tunnel creation workflow inefficient and insecure? ⚙️ How are automation and AI transforming roles within security teams to improve efficiency in incident response today? Relevant links: Learn how reduce alert noise with D3’s Smart SOAR https://d3security.com/ Connect with Evgeniy Kharam on LinkedIn https://www.linkedin.com/in/ekharam/ Get your copy of “Architecting Success: The Art of Soft Skills in Technical Sales” https://www.amazon.ca/Architecting-Success-Skills-Technical-Connect/dp/1998503003

Whether you’re new to cybersecurity, want to switch things up, or find yourself looking for a job well into your career, this episode of ‘Let’s SOC About It’ helps you answer the question, “why is getting a job in cybersecurity so hard?” Amy Tom talks with Francois Guay, the Founder of the Canadian Cybersecurity Network, about navigating today’s competitive cybersecurity job market. In this episode of Let's SOC About It: 🤔Why is it so hard to get a job in cybersecurity? 🥊How do I navigate the high level of competition in today’s cybersecurity job market? 🌎Does where you live influence your hireability? 👀If I can’t get in contact with someone via LinkedIn, what can I do? Relevant links: Learn how to reduce alert noise with D3 - www.d3security.com/ Follow D3 on LinkedIn for show updates - www.linkedin.com/company/d3-security-management-systems/ Join the Canadian Cybersecurity Group on LinkedIn - https://www.linkedin.com/groups/8837399/ Check out the Canadian Cybersecurity Job Board - https://canadiancybersecurityjobs.com/ Visit the Canadian Cybersecurity Network’s website - https://canadiancybersecuritynetwork.com/

For episode 1 of Let's SOC About It, we're bringing you a real banger🔥 Amy Tom (your Community Manager and Host extraordinaire) sits down with Ed Vasko, CEO of High Wire Overwatch, to understand how CEOs make strategic decisions, evaluate new markets, and grow their businesses. In this episode of Let's SOC About It, you'll learn: When should CEOs leverage emotional thinking vs analytical thinking? How do CEOs evaluate new markets to break into? How do CEOs analyze and identify industry trends that are worthy of exploration? Relevant links: Learn how to automate SecOps with D3 - www.d3security.com/ Follow us on LinkedIn for show updates - www.linkedin.com/company/d3-security-management-systems/ Connect with Ed on LinkedIn - www.linkedin.com/in/ed-vasko-cissp-a146283/ Visit High Wire Overwatch - www.highwirenetworks.com/services/managed-cybersecurity/