Created with Sketch.
Hashtag Realtalk with Aaron Bregg
11 minutes | Dec 29, 2021
Episode 60 - Lookalike Domain Email Attack
In this brief end of the year episode I talk about a recent phishing attack on a 3rd party vendor that was compromised via email in a very unique way. I reveal how it happened and why defense in depth in so important.Talking Points:What is a lookalike domain?The importance of having a defensive domain strategyHow bad guys used an operating system and email applications default behavior against the user
60 minutes | Dec 22, 2021
Episode 59 - Preparing for a Ransomware Attack
In this episode I had a chance to talk with Israel Barak about a listener submitting topic, 'How do I prepare for a ransomware attack?'. Israel is the CISO for Cybereason and has intricate knowledge of ransomware and cybersecurity dating back to his days in the Israeli Defense Force.Using his extensive knowledge we talked through his concept of having different security 'pillars' to help navigate the lifecycle of ransomware: Security Hygiene - Checklists are in security hygiene - you don't build a program around ransomwarePeople - Executive Leadership (how to educate exec leadership), Awareness (do you know what to do when you have already clicked), Security People (surgery example)Recovery - How do you plan for a recovery processInsurance - Do you really need it, do you trust it with your CFOEpisode Sponsor:This episode is sponsored by Cybereason. Cybereason is an eXtended Detection and Response solution company with Global Headquarters based out of Boston Massachusetts. Proceeds from the sponsorship fee will be going towards a local Youth Mental Health program that is happening in 2022.
58 minutes | Dec 16, 2021
Episode 58 - Advanced Social Engineering with Mobile Hacking
In this special holiday fundraising episode I have not one but two special guests joining a small panel to discuss the current state of mobile security and the pitfalls of social engineering. Mike Jones is a former Anonymous hacker and founder of the Haunted Hacker security podcast and magazine. Jonathan Scott is a Mobile Security Researcher and the author of the Pegasus ID software. I was also joined by Jim Kuiphof, Director of Information Security for Spectrum Health, Richard Melick from Zimperium, Brian Schneble and Mitch Milligan from Sentinel One, Claudio Cattai and Chuck Chessor from Netskope. Talking Points:Can you really be hacked with just a mobile text message?Is your data 'really' gone after you wiped your phone?Did you know that your smart watch is listening when you wash your hands?Is Pegasus the only Nation State malware out there?How will this affect TeleHealth on mobile devices?What can we do to start reigning this issue?How do we protect ourselves from different social mobile attacks?Episode Sponsors:We are very to have 3 great sponsors for this fundraiser episode. Many thanks to Sentinel One for being a second year sponsor, and to Netskope and Zimperium for helping raise funds for 3 great charities! North Kent Connect, Toys for Tots and Hand for Help. Thank you very much!
50 minutes | Dec 8, 2021
Episode 57 - A Look Back at Cybersecurity in 2021
In this episode I sit down with Lloyd Guyot, Mike Peterson and Steve Barnes to discuss the state of cybersecurity in 2021. Lloyd is a Client Solutions Advisor for Optiv, Mike is a Cybersecurity Consultant for Cadre and Steve is a Systems Engineer for Fortinet.Talking Points:How do we secure the new hybrid workforce?Is SASE where is needs to be going into 2022?Do you think there is ransomware fatigue?How is Social Engineering just security marketing hype?We cover a veritable cornucopia of security topics for your listening pleasure! Episode Sponsor:This episode is sponsored by Fortinet. Fortinet is a leader in the Gartner® Magic Quadrant™ for Network Firewalls and moving towards a Zero Trust Access future. Fortinet is based out of Sunnyvale, California.
42 minutes | Nov 24, 2021
Episode 56 - A Passwordless Future: Insights from a CISO
In this episode I have a special guest joining me to talk about a 'Passwordless Future'. Jorel VanOs is the Chief Information Security Officer for the insurance company that is taking off like a rocket ship, Acrisure. This is continuing a great conversation that was discussed in the Security Leadership panel at this year's C3 Tech Advisors IT Summit.Talking Points:What are companies not understanding about Multi Factor Authentication (MFA)?Why do banks use Email/SMS in this age of basic data already being out there?If security keys are the answer then why aren't companies not using them more?What is this upcoming MFA apocalypse/reckoning I keep hearing about?What are somethings that a SMB can do right now when it comes to better use of MFA?Google Voice/Fi? Apple/Google need to convert their phones into an open standard Why can't your mobile phone provider use their verification as an MFA Podcast Charity: On behalf of Jorel's work in creating the Work + Shelter charity to support women in India, #RealTalkwithAaronBregg is donating $100 each to the following local charities for helping shelter women: Safe Haven MinistriesDegage Ministries Episode Sponsor:This episode was sponsored by Yubico. Yubico is a global authentication leader based of out Sweden(!) with a US office in Palo Alto.Episode Giveway:We are giving away (5) new Yubico BioKeys! All you have to do is be a new subscriber to the #RTWAB YouTube Channel and then message me on LinkedIn with your name, email address and company that you work for. A fair trade of a little bit of information for a great new security product!
47 minutes | Nov 10, 2021
Episode 55 - Mentoring Women in Security: A Look Back
In this episode we are going to do things a little different. I am very to have Rebecca Harvey take over the hosting duties. She will be interviewing myself and my awesome mentee, Natasha Young, about the last 6 months of our participation in WomSA mentorship program.If you are interested in becoming either a mentor or a mentee, I highly encourage you to set aside sometime to listen to this episodes. Kudos to Rebecca for being a great guest host and to Natasha for being a great mentee!
43 minutes | Oct 27, 2021
Episode 54 - Security Posture Management as a Service
In this episode I talked with Dave Golding about Security Posture Management as a Service. What the heck is it? Are misconfigurations just FUD from vendor marketing teams? Dave is a Sales Executive for AppOmni.Talking Points:What the heck is Security Posture Management anyways?What is your CASB not doing (not in a bad way)?What is the biggest problem with default configuration that you are seeing with customers?What is one of the biggest surprises that you are seeing in the industry?What about best practice policies?Episode Sponsor:This episode is sponsored by AppOmni. AppOmni is a SaaS Security Management Software. They are based out of San Francisco California. As always, part of the sponsorship fees goes towards charities in West Michigan!
54 minutes | Oct 13, 2021
Episode 53 - How to Mature Your Security Awareness Program
In this episode I sit down with Corwin Tobias, to take a deeper dive into maturing a Security Awareness program. Corwin is the Information Security Awareness Ambassador for Blue Yonder. I had the pleasure of working with Corwin when he was working on the Information Security Training Team for Spectrum Health.Talking Points:How to quip your staff to identify key risksDoes an employee know what to do when they make a mistake?A Human Firewall sounds good but doesn't always work in real life because cyber criminals adaptWhat are some things that people get wrong about Security Awareness? (Information Security Compliance fallacies)What departments does information security frustrate the most? Why is it important to identify them?Metrics are more granular than you think? It's not all about volume
51 minutes | Oct 6, 2021
Episode 52 - Security Awareness is more than just Phishing training
In this episode I talk with Tim O'Connor about what companies don't understand about Security Awareness programs. Tim is the Manager of Knowledge Services for Cadre Information Security.Talking Points:Security Awareness is more than just Phishing awareness trainingWhat doesn't the business get about Security Education?Risk Assessments and Vulnerability Assessments are two different thingsThe importance of Table Top exercisesBrand Name ProtectionIT is NOT where the cybersecurity buck stopsEpisode Sponsor:This episode is sponsored by Cadre Information Security. Cadre is a trust security partner based out of Cincinnati Ohio. As always, parts of the sponsorship fee goes to Michigan charities. In 2021 #RTWAB has raised over $3,000!
42 minutes | Sep 22, 2021
Episode 51 - Let's Talk Security Operation Center as a Service
In this episode I have a special co-host, Alex O'Meera to help me interview my guest, Jim Jakary about Security Operation Center (SOC) as a Service. Alex is a newly minted Senior Security Engineer for Spectrum Health (congrats!) and Jim is an Account Executive for Expel. This was the first remote broadcast in a long time and definitely contained lots of #RealTalk!Talking Points:We already have a security program, what can SOCaaS do to further help?Should be looking at metrics to help guide you?Can SOCaaS help your program with alert fatigue?Can a mature VM program help setup your SOC as a Success?Do you have the tools in place to help setup your SOC as a Success?Podcast Sponsor:This episode is sponsored by Expel, Expel is a Security Operations Center as a Service company that is based out of Herdon Virginia. As always proceeds from the sponsorship will go to charities in West Michigan.
51 minutes | Sep 8, 2021
Episode 50 - SIEM and SOC - Taking a Step Before You SOAR
In this special milestone episode I talked with Ryan Dengate and Tim Vandermel about setting up a SIEM and SOC program before you try and tackle implementing SOAR. Ryan is a Technical Engineer Lead and Tim is a Global Account Executive. They both work for a great West Michigan company called C3 Tech Advisors. Talking Points:What are they seeing/hearing from customers right nowDo SMBs understand the importance of cyber liability insurance how SIEM/SOC programs can help?Where do you start your program?What are things you can do to 'get ready' to implement them?What are some of the biggest challenges?Can SOAR help with resource issues?Episode Sponsor:This episode is sponsored by C3 Tech Advisors. C3 is based out of beautiful West Michigan and offers both security solutions and Telecomm voice and data solutions as well. As always have of the sponsorship fee goes to charities throughout Michigan!
55 minutes | Jul 21, 2021
Episode 49 - Endpoint Solutions as a Business AND Security Tool
In this episode I have a special co-host Natasha Young. Natasha is my WomSA security mentee. Here and I had a chance to speak with Stephanie Aceves about endpoint solutions as a security AND business tool. Stephanie is an Threat Response Subject Matter Expert Leads for Tanium.Talking Points:What’s the difference between EDR and what Tanium does? Specifically, how can end-point management systems close the gap between traditional detection systems and automation while still being able to manage time sensitivity?What are some of the lessons learned from recent cyber attacks, such as SolarWinds, Microsoft Exchange, and the Colonial Pipeline where a tool like Tanium (end-point management) could have prevented or mitigated the damage?President Biden signed an executive order recently, this past May to improve cybersecurity in America. In the executive order talked about Improving Detection of Cybersecurity Incidents on Federal Government Networks. “The Federal government should lead in cybersecurity, and strong, Government-wide Endpoint Detection and Response (EDR) deployment coupled with robust intra-governmental information sharing are essential.” Where can Tanium be used with some of the statements made around EDR?What does this executive order mean for Tanium and has the company adopted this as an opportunity to help other companies? Podcast Sponsor: This episode was sponsored by Tanium. Tanium is an endpoint security solution and they are based out of Kirkland, Washington. As always proceeds from the sponsorship will go towards charities in Michigan.
45 minutes | Jun 23, 2021
Episode 47 - A Journey to Secure Your Email - Part Two: DMARC Reporting
In this episode I had a chance to speak with Rob Bowker about using DMARC and other secure email tools to prevent domain spoofing. Rob is the Director of Sales North America for EasyDMARC.Talking Points:How to use DMARC reports to move from 'quarantine' to 'reject'What is process of applying a percentage when moving to quarantineHow to get around DNS limitations for SPF recordsWhat is BIMI?What are the pre-requirements for implementing it?How to use domain scanners and reputation checksEpisode Sponsor:The sponsor for this episode is EasyDMARC. EasyDMARC is a phishing protection solution company based out of Middleton, Delaware. As always part of the sponsorship fee goes towards helping charities in the West Michigan area!
47 minutes | Jun 16, 2021
Episode 46 - Talking Network Access Control
In this episode I get a chance to talk with Jonathan Jesse about Network Access Control. Jonathan is a Senior Systems Engineer with Forescout. Talking Points:What are the biggest challenges that you are seeing with NAC during the pandemic?What are your employees going to bring back in?What has been on your home network that is now coming into your company network?Has the asset been patched?Do you plan on putting home devices into a quarantine segment before it gets on?Do you do compliance checks while there on or before they get on?Do we limit it to just Office 365 while you are having your coffee and then when the posture check is complete they can have full access?Who's watching the Watcher?Is Network Access Control a compliance issue?Episode Sponsor:This episode is sponsored by Forescout. They are a security solution that specializes in network access control, network segmentation and asset inventory. They are based out of San Jose California.
53 minutes | Jun 9, 2021
Episode 45 - What The Heck Is S.O.A.R?
Topic:What is Security Orchestration Automation and Response?Guest:Jeff Gardner of Rapid7Co-Host:Anthony Coggins from AcrisureEpisode Description:In this episode Anthony and I get a chance to talk with Jeff Gardner about Security Orchestration Automation and Response. Jeff is a Practice Advisor for Rapid 7.Podcast Sponsor:This episode is sponsored by Rapid7. They are multi-faceted security vendor based out of Boston, MA (Let's get some Chowdah!)
44 minutes | Jun 1, 2021
Episode 44 - A Journey To Secure Your Email - Part One
In this episode I sit down with two Spectrum Health colleagues, Robb Wesche and Jon Bult, to talk about our secure email journey. Robb is a Email Messaging Engineer and Jon is a Security Engineer with Spectrum Health.Talking points:Life before a good secure email gatewayA near miss with business email compromise storyWhat is DKIM?What is SPF?How does DMARC tie things that togetherWhat is IP warming?The importance of defensive domainsSeparating the 'Wheat from Chaff' with email security AI
49 minutes | May 4, 2021
Episode 43 - A Closer Look at Identity Automation
In this episode I talk with Kevin Foisy and Justin Taylor about Identity Automation. Traditional Identity Governance Administration is not adapting as the same business processes are in this digital transformation era. So how do you evolve the identity systems/solutions that you have put a considerable amount of money into? Let's take a deep dive.Talking Points:The 'Lifecycle' of IdentityHow do you do Identity Automation when you don't know where all of your data points are?Is it easier to clean up 'On-Prem' identity or 'Cloud' identity?What about Multi-Tenant Governance?Can automation help you take action when certain identity criteria is met?Podcast Sponsor:ReadiBots is a Identity Solutions company based out of our northern neighbor Canada is the wonderful town of Kanata.
50 minutes | Apr 21, 2021
Episode 42 - Lessons Learned: Security Metrics
In this episode I talk with Jim Kuiphof and Aaron Silver from Spectrum Health Information Security. We take a look at the last 5 years of the security program to glean some lessons learned about Security Metrics.Talking Points:There are three key principles in any security metrics program:It’s a Journey - You are going to have to be OK with taking a faceplant at first before you can mature and get quality metrics. Think of metrics are a ‘lifecycle’The ‘Why’ - What is the problem are you trying to solve e.g. How to effect change from your metrics. (Not getting numbers to just getting numbers) Build Partnerships - It’s a team effort. Invite help. Don’t do this in a vacuum. The first time a director sees a metric shouldn’t be in an all director meeting. Shaming isn’t going to help your cause.
56 minutes | Apr 7, 2021
Episode 41 - A Day in the Life of a SOC Analyst
In this episode I get a chance to speak with Dave Stycos who is a Senior Security Engineer for Spectrum Health. Dave was part of the Security Operation Center that helped thwart a Wannacry attack on a major healthcare system in West Michigan. We talk about what a day in the SOC looks like and what is going through the SOC analyst's mind during an active incident.Talking Points:What does a typical day look like? Is it like it is in Hollywood movies?What are some of the tools that you use everyday?What is the hardest part of your job?What is the coolest experience?Is there a fundamental difference between incident like 'Red October' and the HVAC incident that Jim talked about at Cloud Con last year?
61 minutes | Mar 31, 2021
Episode 40 - The State of Cybersecurity in 2021
In this episode I had the pleasure of doing a state of security in 2021 panel with guests from several different security backgrounds. My guests were Steve Barnes from Fortinet, Doug Copley from Data Protection Partners and Mike Peterson from Cadre Information Security.Talking Points in a Round Robin Format:Endpoint Security for Remote WorkersThoughts on Solar Winds FalloutF5 and Other Security Vendor Patching IssuesDevSecOps and AutomationPodcast Sponsor: This episode is sponsored by Optiv. Optiv is a security solutions integrator based out of Denver Colorado. Proceeds from this sponsorship will be supporting bring a Minecraft server to the Spectrum Health Helen DeVos Children's Hospital in Grand Rapids Michigan.
Terms of Service
Do Not Sell My Personal Information
© Stitcher 2022