wWhat's the Final Frontier? For Trekkies, it's space. For cybersecurity, it's Critical Infrastructure. Might not sound exciting, but the risks from poor security and the rewards of strong controls might get you to sit up and take notice. Maybe even motivate you to boldly go where no ethical hacker has gone before. On this episode of the SecureAF Podcast, Donovan Farro and Phillip Wylie discuss why Critical Infrastructure matters, where the vulnerabilities are (such as being 20 yrs behind in awareness and implementation), what Alias does to test, and what you can do to secure your environment. Hear stories ranging from the serious to the surprising. Listen to hear our favorite ICS story from the interwebs - the little known but infamous Turbopig.Watch the full video at youtube.com/@aliascybersecurity.Catch the whole episode now at https://bit.ly/47eYPTKListen on Apple Podcasts, Spotify and anywhere you get you're podcasts.

Wondering what the best path into cybersecurity is? Here's a hint: There's not one answer. On this episode of the SecureAF Podcast, Tanner Shinn and Keelan Knox share very different stories of getting into the field. Even with different paths, they'll share what they have in common and what you should think about and do if you want to become an ethical hacker. Spoiler alert - one of their recommendations is to find internships. Alias is currently accepting applications here: https://bit.ly/3TMDWM0Watch the full video at youtube.com/@aliascybersecurity.Catch the whole episode now at https://bit.ly/47eYPTKListen on Apple Podcasts, Spotify and anywhere you get you're podcasts.

You may have heard of Penetration Tests. You may know you need one. You may have had one or more. But do you know there's more than one type? More than one take? More than one test? On this episode of the SecureAF Podcast, Alias Principal Security Engineer Tanner Shinn and CISO Jonathan Kimmitt discuss the types of Pen Tests, how they're conducted, what they measure, and why they are needed. You'll walk away more informed about this important cybersecurity topic and more ready to know what you need to secure your environment.  We're always here as a resource to educate, empower, and offer the best services to fit your needs.Watch the full video at youtube.com/@aliascybersecurity.Catch the whole episode now at https://bit.ly/47eYPTKListen on Apple Podcasts, Spotify and anywhere you get you're podcasts.

There has been a lot of news about the alleged incident experienced by Integris. Some of you may have even received emails from the threat actors revealing personal information to solicit money. This is not the first attack to leverage the threat of leaked data for monetary reward. It is among the first for the threat actors to directly appeal to the individual victims.  Join host Donovan Farrow and guest Chris Yates for a discussion about the cybersecurity backdrop to this assumed incident, what we know about what has happened, and what you can do to protect yourself. Whether you’re a victim in this or not, the podcast will help you better understand what you hear in the news and better protect yourself against attacks.Watch the full video at youtube.com/@aliascybersecurity.Catch the whole episode now at https://bit.ly/47eYPTKListen on Apple Podcasts, Spotify and anywhere you get you're podcasts.

You know you need regular penetration tests to ensure your network is secure. You know the steps to remediate the findings and take the recommended actions to continue on a path toward cybersecurity. But what about what you don't know? What about what the penetration test doesn't cover or doesn't reveal?On this episode of the SecureAF Podcast, Alias CISO Jonathan Kimmitt and Director of Security Phillip Wylie share their insights on what penetration tests should cover, what they often don't, and how to verify you're getting what your organization needs. These two bring a holistic viewpoint, from policy and procedure to on-the-ground network testing.  Find out what you need to know and how to act on it.Watch the full video at youtube.com/@aliascybersecurity.Catch the whole episode now at https://bit.ly/47eYPTKListen on Apple Podcasts, Spotify and anywhere you get you're podcasts.

The Solar Winds breach is not news. The CISO being personally named in the investigation is. Although not the first CISO to be so identified, this is the most high profile.  This raises questions for the future of CISO role and responsibility and IT more generally. Should an individual be held responsible for an incident? What is their responsibility to monitor and report? Does this responsibility extend from C-Suite to SOC Analyst? What legal precedent might this set? On this episode of the SecureAF Podcast, Alias CISO Jonathan Kimmitt and Principal Engineer Tanner Shinn discuss these questions. The conversation is far ranging, from the immediate Solar Winds event to the broader questions it poses.Watch the full video at youtube.com/@aliascybersecurity.Catch the whole episode now at https://bit.ly/47eYPTKListen on Apple Podcasts, Spotify and anywhere you get you're podcasts.

If you follow our socials, you know Phillip Wylie recently joined the Alias crew! We’re excited to welcome him to help us build our team’s presence supporting organizations’ and individuals’ growth in cybermaturity. Join Alias CISO Jonathan Kimmitt to hear his story of getting into cybersecurity, what’s brought him to Alias, and what's to come. Watch the full video at youtube.com/@aliascybersecurity.Catch the whole episode now at https://bit.ly/47eYPTKListen on Apple Podcasts, Spotify and anywhere you get you're podcasts.

It requires technical expertise to respond to a breach. It requires thinking like a hacker to know where to go, what to do, and what level of response is appropriate. It requires the human element. But humans aren't machines. Your staff and any outside experts require basic needs to be met: food, shelter (well, at least sleep), probably a lot of caffeine. In a crisis, it's easy to not attend to those. How much easier is it to not attend to the interpersonal dynamics both during and after an incident, to restore your people and not just your network to safety and stability. On this episode of the SecureAF Podcast, Alias CISO Jonathan Kimmitt and Communications Director Todd Wedel discuss the human side of incident response. They'll discuss principles and best practices from both a general perspective and from lessons learned in the trenches.Watch the full video at youtube.com/@aliascybersecurity.Catch the whole episode now at https://bit.ly/47eYPTKListen on Apple Podcasts, Spotify and anywhere you get you're podcasts.

Did you know some ransomware groups have customer support better than major businesses? That the negotiations might feel more like a regular corporate transaction than a back-alley holdup?On this episode of the SecureAF Podcast, CEO Donovan Farrow and Security Team Lead Tanner Shinn share their experience working the business side of an Incident Response. You'll hear stories of every size and brand of company, lessons learned, and tips for how to respond. It's a fitting topic to begin Cybersecurity Awareness Month - join us to become more aware and armed to protect yourself, your business, and your community!Watch the full video at youtube.com/@aliascybersecurity.Catch the whole episode now at https://bit.ly/47eYPTKListen on Apple Podcasts, Spotify and anywhere you get you're podcasts.

You know you may be a target. But what about your family? How could a hacker leverage those closest to you to gain advanced access to your work? Recently on the And Security For All podcast, Alias CISO Jonathan Kimmitt and Security Team Lead Tanner Shinn discussed this question. You can listen to their conversation here. On this episode of the SecureAF Podcast, they turn a Blue Team eye to your family. Join us as they discuss steps they currently take or would take with their family to ensure bad actors won’t use them as avenues of attack. Listen for yourself to learn how to keep your family safe. Listen for (or even with!) your organization to learn how to support your employees and coworkers to build a secure company culture, starting at home.Watch the full video at youtube.com/@aliascybersecurity.Catch the whole episode now at https://bit.ly/47eYPTKListen on Apple Podcasts, Spotify and anywhere you get you're podcasts.