Off the Wire: A Play by Play on Cybersecurity and Technology Issues

Off The Wire: 2024 Tech and Cybersecurity Year in Review & 2025 Predictions In this episode of Off The Wire, hosts Anthony and Tanner cover a detailed review of 2024, focusing on significant advancements and incidents in technology and cybersecurity. They discuss notable headlines like the global IT outage caused by CrowdStrike, the Salt Typhoon incident involving Chinese hackers, and the implications of potential DJI drone bans. The episode delves into the rise of AI and its applications in everyday workflows, the ongoing shift to hybrid cloud models, and the increasing trend towards zero trust security frameworks. As they reflect on the year's technological strides, they also share insights on what to expect in 2025, including potential AI advancements and continued focus on zero trust architectures. Tune in for an engaging discussion on the past year's tech and cybersecurity landscape and a glimpse into the future. 00:00 Introduction and Episode Overview 01:06 Major Cybersecurity Incidents of 2024 01:15 CrowdStrike Global IT Outage 04:24 Salt Typhoon: Chinese Hackers and Telecoms 07:42 The DJI Drone Ban and Chinese Technology Concerns 12:37 The Rise of Generative AI in 2024 13:54 AI Integration in Everyday Tasks 17:22 Power Usage and Limitations of AI 20:33 Shift to OpEx Model and Hybrid Cloud 24:57 Changing Communication Trends 25:28 The Shift from Email to Chat 26:02 The Rise of Internal Chat Systems 30:00 The Impact of Starlink 32:15 Zero Trust Architecture Gains Traction 33:56 Looking Ahead to 2025 35:01 Building Internal AI Systems 37:28 AI Use Cases and Challenges 48:34 Optimizing Existing Technologies 50:02 Wrapping Up and Listener Engagement

Critical Alerts in Cybersecurity: Best Practices to Avoid Alert Fatigue | Off The Wire Podcast Welcome to Off The Wire, the podcast that helps you curb cybersecurity risks and tackle technology challenges. In this episode, IT executives Tanner and Anthony share insights on effective alert systems in cybersecurity. Drawing from their combined 35 years of experience, they discuss real-life scenarios, types of alerts crucial for situational awareness, and strategies to prevent alert fatigue. They also explore alert sources, essential configurations, and future considerations for OT environments. Join us to better understand how to tailor your alert system for optimal performance and security.   Remove info from Zoom Info Trust Center | ZoomInfo   00:00 Introduction to Off The Wire Podcast 00:24 A Real-World Cybersecurity Incident 01:11 Understanding and Managing Alerts 03:50 Endpoint Detection and Response (EDR) Alerts 07:21 Domain and Firewall Alerts 12:58 Multi-Factor Authentication (MFA) and Network Activity Alerts 20:19 Situational Awareness and Account Hygiene 23:06 Environment Hygiene and Group Policy Changes 23:54 Firewall Commit Alerts and Protocols 25:32 Backup Alerts: Successes and Failures 27:11 Endpoint Monitoring and USB Drive Policies 28:39 Misconfigurations and VM Backups 29:22 MFA Bypass and Snapshot Alerts 31:41 Application Installations and Phishing Attacks 35:00 Physical Security and Surveillance 36:34 Future Alerts and Vulnerability Tools 37:57 Alert Sources and SIEM Alternatives 39:20 Managing Alert Fatigue 46:05 Final Thoughts and Listener Engagement

Mastering Microsoft 365: Tips, Tricks, and Best Practices In Episode 28 of the 'Off the Wire' podcast, hosts Tanner and Anthony delve into Microsoft 365 (Office 365), offering a comprehensive guide on migrating, optimizing, and securing the suite. The episode covers essential aspects like hybrid architecture configurations, licensing tiers, and the importance of 2FA and logging for security. They also explore tools like Outlook, Teams, OneDrive, and SharePoint, providing actionable insights on feature utilization, retention policies, and efficient file sharing. Along with personal anecdotes and practical tips, this episode is a must-listen for IT professionals looking to maximize their organization's use of Microsoft 365. 00:00 Introduction and Episode Overview 00:49 Thanksgiving Recap and Personal Stories 01:37 General Tips for Microsoft 365 Migration 03:02 Licensing and Vendor Recommendations 05:33 Retention Policies and Legal Holds 07:11 Training and Continuous Learning 09:50 Backup Solutions and Internet Redundancy 13:42 Automation and Efficiency in Microsoft 365 15:57 Security Best Practices 20:47 Outlook and Exchange Tips 24:52 Microsoft Teams Tips 29:59 OneDrive Tips 35:11 SharePoint Tips 41:57 Conclusion and Final Thoughts

Cloud Dreams vs. On-Prem Realities | Episode 27 In this episode of 'Off The Wire,' hosts Anthony and Tanner tackle the ongoing debate between cloud and on-premise solutions: 'Cloud Dreams vs. On-Prem Realities.' They discuss myths, pros, and cons of each, share their experiences, and delve into specific scenarios and examples, such as cost implications, security considerations, and integration challenges. They also explore the future of hybrid environments and how businesses can navigate these choices effectively. Tune in to gain insights and practical advice on making the best decisions for your IT infrastructure. 00:00 Introduction and Episode Overview 01:34 Cloud vs On-Premise: Personal Experiences 02:57 First Steps into the Cloud 04:30 The Ongoing Debate: Cloud or On-Premise? 09:22 Advantages of Cloud Solutions 17:51 On-Premise Benefits and Cost Considerations 25:22 Real-World Scenarios and Lessons Learned 27:15 Second Guessing Decisions During the Storm 27:43 Inherited Cloud Solutions and Their Challenges 29:05 On-Premise Phone System Issues 29:43 Deciding Between Cloud and On-Premise Solutions 31:20 Surprises and Costs in Cloud Services 33:27 Security Concerns in Cloud vs. On-Premise 42:41 Building IT Infrastructure from Scratch 46:09 Future Plans and Final Advice 52:41 Closing Remarks and Listener Engagement

Mastering Customer Service in IT: Strategies and Best Practices In this episode, we dive into the importance of customer service within IT departments, emphasizing its crucial role in driving innovation and improving user satisfaction. We discuss how IT professionals can develop and hone their customer service skills, the importance of effective hiring practices, and the benefits of using tools like ticketing systems to manage and resolve issues efficiently. We also touch on the significance of empathy, building trust and credibility, and maintaining good relations with other departments. Tune in for valuable tips and insights on enhancing customer service in your IT organization. 00:00 Introduction to Customer Service in IT 01:17 Challenges IT Professionals Face with Customer Service 02:38 The Importance of Hiring the Right People 04:50 Key Attributes for Customer Service Excellence 07:57 The Role of IT in Enhancing Business Efficiency 15:34 Proactive vs. Reactive IT Support 20:25 Implementing Effective Ticketing Systems 28:14 Building Relationships and Empathy 39:46 Maintaining High Morale for Better Service 40:38 Final Thoughts and Encouragement

In this comprehensive episode, we explore critical aspects of managing IT security, focusing on Active Directory audits, password hygiene, and privilege management. We share practical strategies for conducting thorough security audits, managing group policies, and ensuring effective password practices using tools like CrowdStrike and Microsoft Azure. Emphasis is placed on minimizing over-privileged accounts, leveraging secure remote access tools, and implementing Multi-Factor Authentication (MFA) to enhance security. The discussion extends to the importance of dynamic employee groups, regular auditing of both AD and non-AD integrated systems, and the necessity of maintaining detailed documentation for enhanced cybersecurity. Real-life examples and practical advice underscore the importance of curiosity and constant improvement in IT security practices, with regular reviews and a proactive approach to identifying and mitigating risks.   Microsoft Entra Password Protection - Microsoft Entra ID | Microsoft Learn https://learn.microsoft.com/en-us/entra/identity/authentication/concept-password-ban-bad-on-premises Group Policy: Automatically Delete User Profiles Older Than Certain Number of Days Win 10 not working. - Microsoft Q&A https://learn.microsoft.com/en-us/answers/questions/441800/group-policy-automatically-delete-user-profiles-ol   00:00 Introduction and Episode Overview 00:04 Listener's Request: Active Directory Audit 02:14 Account Hygiene Tips and Auditing Processes 02:36 Handling Stale Accounts and Group Policies 04:48 Group Memberships and Elevated Access 09:35 Password Management and Security 16:41 Auditing GPOs and Password Expirations 19:56 Dynamic Groups and Documentation 29:34 File Sharing and Ransomware Stories 31:38 The Dangers of Open Shares 32:37 The Importance of Regular Audits 32:55 Onboarding and Job Role Audits 33:49 Offboarding and Permission Management 34:48 Curiosity in Cybersecurity 35:40 Overprovisioning Security Permissions 41:12 Vendor Access and Security Tools 46:30 Monitoring and Auditing Best Practices 47:57 Tools and Techniques for Better Security 51:36 The Importance of Continuous Improvement 01:01:52 Final Thoughts and Listener Engagement

Crisis Management: Lessons from Hurricane Helene In this episode of Off the Wire, hosts Anthony and Tanner discuss the impact of Hurricane Helene on regions like Western North Carolina and Eastern Tennessee, focusing on technological challenges and solutions. Tanner, from Blue Ridge Energy, shares insights into infrastructure resilience and the importance of multiple internet connections during disasters. They explore the role of alternative internet sources like Starlink, and highlight the value of having redundant systems and communicating with service vendors during crises. The episode also delves into challenges with cellular networks, emergency power setups, and the need for maintaining cybersecurity protocols during disasters. They emphasize the importance of supporting relief efforts and the psychological impact of witnessing such devastation. 00:00 Introduction and Welcome 00:09 Impact of Hurricane Helene 01:17 Devastation and Recovery Efforts 02:21 Technology Challenges During the Disaster 02:37 Internet Connectivity Issues 04:08 Starlink as a Backup Solution 10:09 Cellular Connectivity During the Crisis 18:53 Burnout and Mental Health   Please feel free to contact us at show@offtheirepodcast.com

In Episode 23 of Off The Wire, Tanner and Anthony, two seasoned IT executives, delve into IT budgeting. They discuss their experiences, tips, and strategies for creating effective technology budgets, emphasizing the importance of aligning budgets with strategic plans. The episode covers auditing existing technology stacks, communicating with stakeholders, leveraging automation, and investing in staff training. Tanner and Anthony also explore future technology trends for 2025, such as AI, project management tools, and enhanced cybersecurity measures. Listeners are invited to contribute their thoughts on 2025 investments, making this a comprehensive guide for IT professionals navigating budget season.

Integrating ChatGPT: Your Newest Cyber Team Member In this episode of 'Off the Wire,' Anthony and Tanner explore the impact of ChatGPT on the cybersecurity field. With a combined 35 years of experience, they discuss harnessing ChatGPT to enhance cybersecurity measures and tackle modern technology challenges. They delve into ways ChatGPT can assist, such as generating policies, creating scripts, aiding in tabletop exercises, supporting incident response, and more. The episode also covers potential concerns about privacy and data security when using ChatGPT. Concluding with actionable insights, the hosts emphasize the importance of embracing AI technologies to improve efficiency and cybersecurity posture. 00:00 Introduction to Off the Wire Podcast 00:35 ChatGPT: The Newest Member of Your Cyber Team 01:32 Generative AI: Benefits and Concerns 03:33 Practical Uses of ChatGPT in Cybersecurity 04:51 Enhancing Cybersecurity Policies with AI 07:38 Incident Response and Script Creation with ChatGPT 11:58 Advanced Uses: Tabletop Exercises and Phishing Training 13:33 Incident Response Support and Log Analysis 19:14 Summarizing Reports and Enhancing Efficiency 27:12 Privacy Concerns and Safe Usage of AI 31:13 Final Thoughts and Podcast Outro

- Hosts: Anthony and Tanner, IT executives with 35 years of combined experience. - Episode Title: One Password to Rule Them All: The Case for Password Managers in the Enterprise. - Overview: Discussing the importance and benefits of password managers in the enterprise, sparked by personal experiences.   Segment 1: The Need for Password Managers   Problem Statement:    - Frequent issues with lost passwords and user frustration with managing multiple complex passwords.   - Importance of providing a password manager to prevent unapproved, less secure solutions.   - 34% of employees use unapproved apps/tools, increasing security risks.   Segment 2: Benefits of Enterprise Password Managers   Security & Convenience:   - Simplifies creation of complex passwords and supports MFA.   - Allows secure sharing of passwords within teams.   - Can lower cybersecurity insurance costs and help with compliance.   Segment 3: Choosing the Right Password Manager**   Open Source vs. Closed Source:   - Open Source: Transparency, community review (e.g., KeePass, Bitwarden).   - Closed Source: Often better support and UI (e.g., Keeper, 1Password).   Tool Highlights:   - Bitwarden: Open source, highly secure, supports self-hosting.   - Keeper: Closed source, user-friendly, dark web monitoring.   - LastPass: Not recommended due to past security breaches.   Segment 4: Implementation Tips   Start Small:   - Pilot with a small, tech-savvy group.   - Gradual rollout with strong training and support.    Balance Security and Usability:   - Tailor security settings to user needs and require MFA.   Segment 5: The Future - Passkeys   Passkeys Overview:   - Passwordless authentication using cryptographic keys, a potential future replacement for passwords.   Conclusion:   Final Thoughts:   - Encourage providing password managers that align with security policies.   - Call to Action: Subscribe, share, and provide feedback for future episodes. - Closing Remarks: Thanks to listeners and recent giveaway winners.

**Introduction** - **Welcome Back:** Recap of the podcast’s focus on cybersecurity risk and technology challenges. - **Hosts’ Background:** Brief intro of Anthony and Tanner. - **Guest Introduction:** Anthony introduces Patrick Kelley from Leargas Security and Critical Path Security, who spoke about mental health at a recent cybersecurity conference.   **Main Discussion**   1. **Guest’s Personal Journey**    - Patrick shares his struggles with reading during childhood and how he overcame these challenges to succeed in cybersecurity.    - The role of spite and determination in his early career, transitioning to more positive motivations later.   2. **Mental Health in Cybersecurity**    - Discussing how Patrick manages imposter syndrome and the importance of mental health in leadership.    - Patrick’s approach to supporting his team’s well-being, including forced PTO and promoting work-life balance.   3. **Leadership and Delegation**    - The challenges of delegation, especially with trust issues.    - Practical tips on effective delegation and building trust within a team.   4. **Cybersecurity Insights**    - Importance of calm leadership during cybersecurity incidents.    - Tips for SMBs, focusing on consolidating tools and starting with cybersecurity basics.   5. **Role of a Virtual CISO**    - Explanation of what a vCISO is and how it can benefit SMBs, particularly in the energy sector.    - Patrick’s commitment to serving the EMC community with affordable cybersecurity solutions.   **Conclusion** - **Final Thoughts:** Emphasizing the importance of mental health in the cybersecurity industry. - **Call to Action:** Encouraging listeners to subscribe and follow on social media. - **Closing:** Thanking the guest and listeners, with a reminder to tune in for future episodes.

Tools Referenced:   Free SPF/DKIM/DMARC analyzer tools for DMARC setup - DMARCLY   Learn and Test DMARC (learndmarc.com)   DMARC Check Tool - Domain Message Authentication Reporting & Conformance Lookup - MxToolBox     **Introduction:**   **Welcome & Hosts Introduction:**    - “Welcome back to Off The Wire, the podcast that helps you curb cybersecurity risks and tackle technology challenges.”    - Introduction of hosts, Anthony and Tanner, with 35 years of combined IT and cybersecurity experience.   **Episode Overview:**    - Quick mention of today’s key topics: a special giveaway, an update on CrowdStrike, and an essential guide to email security (SPF, DKIM, DMARC).   **Listener Appreciation & Giveaway:**    - Celebrate the 20th episode and approaching 1,000 downloads.    - **Giveaway Details:**      - **Prizes:** ICON Flex Head Ratchet, Wera Ratcheting Screwdriver, Anker Wireless Earbuds.      - **How to Enter:**        - Review the podcast on any platform.        - Share this episode on social media.        - Email to the show’s email address to let us know.      - **Drawing Date:** August 16th.   **CrowdStrike Update & Cybersecurity Litigation:**    - Discuss the ongoing CrowdStrike issue and Delta Airlines litigation.    - Explore the implications of cybersecurity failures leading to lawsuits and potential industry impacts.   **Guardians of the Email Galaxy (SPF, DKIM, DMARC):**        - **SPF:** Prevent domain spoofing through proper SPF record setup.    - **DKIM:** Ensure email integrity with digital signatures.    - **DMARC:** Implement policies to manage failed SPF/DKIM checks and protect your domain’s reputation.    - **Bonus:** Introduction to Verified Mark Certificates (VMC) for enhancing email trust.   **Final Thoughts & Call to Action:**    - Recap the importance of securing your email with SPF, DKIM, and DMARC.    - Encourage listeners to verify their setups and enter the giveaway.    - Reminder to subscribe and send feedback for future episodes.   **Closing Remarks:**    - Mention of upcoming episodes and acknowledgment of current events.    - Thank listeners and sign off.

Podcast Outline: "Off the Wire" Episode Intro: Welcome back to "Off the Wire," the podcast helping you curb cybersecurity risks and tackle technology challenges. Hosts: Tanner and Anthony, IT executives with a combined 35 years of experience in IT and cybersecurity. Teaser for Episode 20: Upcoming giveaway in two weeks—details to come. Main Topic: Low-Cost, High-Impact Cybersecurity Investments Introduction to the Topic Discuss the challenges faced by small to medium-sized businesses in allocating budgets for cybersecurity. The importance of prioritizing cybersecurity efforts even with limited resources. Understanding Budget Constraints and Other Challenges Budget limitations and other constraints like legacy applications and organizational resistance to change. The need to prioritize cybersecurity based on the greatest risk and potential impact. Cybersecurity Prioritization Strategies Utilizing free or low-cost open-source tools when possible. Considerations for choosing between free tools and paid solutions based on staff availability and skill level. Cybersecurity Frameworks and Assessment Importance of assessing the current state of cybersecurity. Recommendations for using the CIS framework or similar tools for benchmarking and setting priorities. The value of starting with a basic maturity level and progressively advancing. Key Focus Areas for Low-Cost Cybersecurity Measures Asset Management: Importance of knowing what's on your network. Free and low-cost tools like Snipe-IT and Spiceworks for asset management. Strong Passwords and Multi-Factor Authentication (MFA): Using free tools like Microsoft Authenticator or Google Authenticator. Implementing password managers for better security and efficiency. Regular Updates and Patching: The critical role of updates in preventing security breaches. Options for automated patch management solutions. Incident Response and Business Continuity Planning: Developing and maintaining security plans and policies. Storing physical copies of these plans for accessibility during crises. Additional Low-Cost Solutions Threat Intelligence: Leveraging free industry-specific threat intelligence resources and communities. Utilizing platforms like Reddit for real-time information on vulnerabilities and threats. Email Security: Importance of investing in additional layers of email security. Mention of tools like Avanan and Microsoft Defender. Optimizing Existing Investments: Making full use of existing tools and software, especially in environments like Microsoft 365. EDR Solutions: The importance of Endpoint Detection and Response (EDR) in mitigating breaches. Notable EDR solutions and their benefits. Backups and Disaster Recovery The necessity of regular and tested backups. Considering both free and paid backup solutions. The importance of documenting and testing backup processes. Creating a Cyber Go-Bag The concept and contents of a cyber go-bag for emergency response. Recommendations for setting up a go-bag, including tools and documentation. Connecting Cybersecurity to Business Objectives Emphasizing the alignment of cybersecurity goals with overall business objectives. Importance of communicating cybersecurity successes and needs to leadership. Conclusion: Recap of key points and encouragement to implement the discussed strategies. Reminder about the upcoming Episode 20 giveaway. Call to action: Subscribe, share the podcast, and reach out with episode ideas or feedback. Closing Remarks: Next episode preview and sign-off.

Introduction:   - Welcome back to a bonus episode of Off the Wire. - Highlight of the week: a bad patch pushed out by CrowdStrike caused worldwide outages.   Initial Impact:   - Anthony's experience: dealing with server and workstation blue screens. - Timeline of the incident: starting at 12:09 AM with alerts coming in around 12:40 AM. - Initial thoughts and confusion about the cause of the outages.   Incident Breakdown:   - Detailed recount of the events from the first alert to the realization of the issue. - Actions taken: communicating with the team, creating a list of affected servers, and initial troubleshooting steps. - The emotional toll: dealing with the uncertainty and high-stress situation.   Discovery and Response:   - Identifying the issue was linked to CrowdStrike after finding relevant information on their support portal. - Relief upon realizing it was not a hack but a bad patch. - Steps taken to mitigate the issue: removing CrowdStrike from systems, following CrowdStrike's fix instructions.   Operational Challenges:   - Logistics of fixing the issue across remote and local systems. - Game plan for addressing workstation issues at different office locations. - The coordination effort: managing communications and task delegation.   Post-Incident Reflection:   - The importance of a coordinated response and having a "bug-out" bag. - CrowdStrike's handling of the incident and the need for transparency. - Discussion on potential industry-wide implications and the fragility of IT infrastructure.   Impact and Future Considerations:   - Worldwide impact: other organizations affected including critical infrastructure. - Reflection on CrowdStrike's reputation and future trust. - Legal and liability considerations for CrowdStrike in various jurisdictions.   Closing Thoughts:   - The importance of preparedness and having a response plan in place. - Lessons learned from the incident and changes to be implemented. - Invitation to listeners to share feedback and follow on social media.   Outro:   - Thanks for joining this bonus episode. - Reminder about the regular podcast schedule and mention of recent episodes. - Encouragement to share the podcast with others and stay tuned for more content.

Introduction: Host Introduction: Tanner Greer and Anthony Kent, two IT executives with 35 years of combined experience in the IT field, specializing in cybersecurity. Episode Overview: Discussion on Zero Trust security. Segment 1: Conference Recap Anthony's recent attendance at the IT conference for South Carolina co-ops. Key takeaway: Importance of IT communication with non-IT stakeholders, avoiding jargon and using relatable examples. Segment 2: Understanding Zero Trust Zero Trust explained: "Never trust, always verify." History of Zero Trust: Coined by John Kindervag in the 90s and popularized in the 2000s. Shift in mindset: From securing trusted internal networks to assuming all networks are potentially hostile. Segment 3: Key Concepts of Zero Trust Basic principles: Never trust, always verify; least privilege; and assume breach. NIST guidance on Zero Trust (800-207). Segment 4: Implementing Zero Trust Defining the protect surface: Identify what needs protection. Mapping transaction flows: Understand how data moves. Architecting Zero Trust: Building a secure infrastructure. Creating Zero Trust policies: Setting rules and guidelines. Monitoring and maintaining: Continuous improvement and vigilance. Segment 5: Real-world Application Anthony's recent project: Redesigning an OT environment using Zero Trust principles. Challenges and solutions: VLAN segmentation, micro-segmentation, and user/device checks. Segment 6: Lessons Learned Importance of strategic goals: Integrating Zero Trust into organizational strategy. Using existing tools effectively: Leveraging current technology to implement Zero Trust. Practical tips: Start with test environments, prioritize critical applications, and consider business operations. Segment 7: Pitfalls and Considerations Usability impact: Balancing security measures with operational needs. Internal threats: Monitoring for suspicious internal activities. Continuous monitoring: Importance of regular checks and updates. Segment 8: Resources and References Recommended reading: "Project Zero Trust" book. Key documents: NIST 800-207 and CISA's Zero Trust Maturity Model. Conclusion: Recap of the episode. Encouragement to start the Zero Trust journey: Don't be overwhelmed; take it step by step. Final thoughts: Zero Trust as a critical part of modern cybersecurity strategies. Closing: Reminder to check previous episodes. Contact information: Website, email, and social media handles. Episode release schedule: Every other Monday. Sign-off: Hosts' sign-off and thanks for listening.

Introduction Welcome to the Show: Greet listeners and introduce the podcast name. Briefly describe the purpose of the podcast and what listeners can expect. Hosts Introduction: Anthony and Tanner, two IT executives with a combined 35 years of experience in IT and cybersecurity. Background on their roles and the companies they lead. Brief mention of past episodes to give new listeners context. Episode Overview: Introduction to today’s topic: Finding, Hiring, and Retaining Technology Employees. Importance of the topic in the current IT landscape. Segment 1: Weekly Updates Anthony’s Update: Recap of the conference attended. Key takeaways and interesting trends observed. Details on the new SCADA system being prepared for implementation. Challenges and excitement related to the new system. Tanner’s Update: Current issues being tackled in the company. Specifics about the online ads issue and its impact on the business. Steps taken to mitigate the problem. Broader discussion on the state of online ads and cybersecurity concerns. Segment 2: Introduction to Main Topic Brief Introduction: Overview of the main topic: The critical aspects of finding, hiring, and retaining technology employees. Why this topic is particularly relevant now. Personal experiences and why this topic matters to Anthony and Tanner. Segment 3: Challenges in Hiring Technology Employees Attracting Talent in SMBs: The difficulty small and medium-sized businesses (SMBs) face compared to larger corporations. Discussion on limited resources and lesser-known brand recognition. Location-Based Challenges: How geographical location affects the talent pool. Case examples from Anthony and Tanner’s experiences. Remote Job Market Competition: The rise of remote work and its impact on local hiring. Specific roles (e.g., data analysts, developers) that are particularly affected. Salary Disparities: Comparison of pay scales between SMBs and large enterprises. Strategies to offer competitive compensation packages. Segment 4: Advantages of Working in SMBs Close-Knit Work Environment: Describing the family-like atmosphere in smaller organizations. Personal anecdotes from Anthony and Tanner. Direct Interaction with Leadership: Opportunities for employees to interact with top executives. The benefits of having a direct line to decision-makers. Impact and Recognition: How individual contributions are more visible in smaller settings. Examples of significant projects led by team members. Flexibility and Work-Life Balance: Offering flexible schedules and remote work options. Balancing personal interests and professional responsibilities. Segment 5: Strengthening Recruitment Strategies Highlighting Advantages in Job Postings: Crafting compelling job descriptions that attract top talent. Emphasizing unique benefits and company culture. Promoting Company Culture and Values: The importance of a strong organizational culture. Ways to communicate this during the hiring process. Competitive Salary and Benefits Packages: Offering market-competitive salaries. Additional benefits that make a difference (e.g., healthcare, retirement plans). Community Involvement and Reputation: How being active in the community can enhance your company’s attractiveness. Success stories from Anthony and Tanner’s companies. Segment 6: Retention Strategies Work-Life Balance: Policies that support employees’ personal lives. Encouraging hobbies and outside interests. Team-Building Activities: Organizing regular team outings and events. The role of informal gatherings in building team cohesion. Autonomy and Leadership Opportunities: Allowing employees to lead projects. Offering professional development and career growth opportunities. Flexible Work Arrangements: Implementing hybrid work models. Adapting to individual needs for remote work. Segment 7: Internships and Temporary Positions Benefits of Internships: How internships can serve as a talent pipeline. Providing real-world experience to interns. Challenges of Implementing Internship Programs: Security and training concerns. Ensuring meaningful projects for short-term interns. Success Stories: Examples of interns who became full-time employees. The impact of internships on both the company and the interns. Segment 8: Screening and Interviewing Processes Technical Interviews and Assessments: Different approaches to evaluating technical skills. The importance of practical assessments. Cultural Fit and Team Dynamics: Assessing candidates for cultural and team fit. Techniques for determining alignment with company values. Pre-Employment Tests: The role of cognitive and personality tests in the hiring process. Pros and cons of using these tests. Segment 9: Final Thoughts on Hiring and Retaining Talent Balancing Long-Term and Immediate Impact: The value of hiring for both short-term gains and long-term stability. Strategies for keeping high-impact employees engaged. Fostering a Positive Work Culture: Continuous efforts to maintain and improve workplace culture. Engaging employees in meaningful ways to ensure retention. Continuous Improvement of Recruitment Processes: Regularly reviewing and refining hiring practices. Staying updated with industry trends and best practices. Conclusion Listener Engagement: Encourage listeners to share their experiences and strategies. Invite feedback and topic suggestions for future episodes. Call to Action: Subscribe to the podcast. Leave reviews and share the podcast with others. Follow on social media platforms. Outro Reminder of Release Schedule: Biweekly episodes released every other Monday. Tease the topic of the next episode to keep listeners engaged. Thank You: Thank listeners for their support and engagement. Encourage them to reach out with questions, feedback, or topic ideas.

Podcast Episode Show Notes: Importance of Incident Response Plans (IRPs)  Episode Highlights:  Rising Cybersecurity Threats:Discussing the increasing threat levels and the growing importance of cybersecurity.  Incident Response Plans (IRPs): Why IRPs are essential and how they serve as a playbook during cyber incidents.  Key Topics Covered:  Need for IRPs:  Importance for regulatory compliance (HIPAA, GDPR, PCI).  Legal requirements and state breach laws.  Adhering to cybersecurity frameworks like NIST and CIS.  Simplicity and Accessibility:  IRPs should be simple enough for the least experienced technical staff to understand and use.  Regular Reviews and Updates:  Importance of annual or quarterly reviews to keep the IRP current.  Conducting tabletop exercises to test and refine the IRP.  Documentation:  Importance of centralized and proper documentation during incidents.  Stakeholder Involvement:  Involving legal, communications, accounting, and other relevant departments in the IRP.  Top-Down Buy-In:  Securing support from top management to facilitate smoother implementation and adherence.  Practical Tools:  Creating a "go bag" with necessary tools and documentation for incident response.  Resources and Templates:  Utilizing resources like the CIS IRP template and industry-specific frameworks for effective IRPs.  Final Advice:  Start with what you have, involve stakeholders, keep the plan simple, and ensure regular reviews and updates.  Additional Resources:  CIS IRP Template: Link to CIS IRP Template  Contact Us: Email us atshow@offthewirepodcast.com or visit our website for more information.  Stay Connected:  Subscribe: Don’t miss an episode – subscribe to our podcast.  Follow Us: Connect with us on YouTube, X, Facebook, and LinkedIn.  Join the Conversation: Share your thoughts and engage with us on social media.  Next Episode:    Join us next time for more insights on cybersecurity and technology. New episodes drop every other Monday!    We hope you enjoyed this episode. If you found it helpful, please share it with your colleagues and friends. Thank you for listening to Off the Wire Podcast! 

## Off The Wire Podcast Show Notes ### Episode: Backups and Data Recovery with Brian Williams from Rubrik **Guest:** Brian Williams, Rubrik **Location:** NCLGISA Conference 2024, Downtown Wilmington ### Key Topics Discussed #### Importance of Backups - **Personal Anecdote:** Anthony shares advice from his mentor on the importance of backups. - **Monthly Backup Reviews:** Ensuring regular checks and recovery plans. #### Transition to Rubrik - **Migration Experience:** Anthony discusses his positive experience migrating to Rubrik. - **Onboarding Process:** Highlights the comprehensive onboarding and quarterly meetings Rubrik provides. #### Role of Backup Engineers - **Critical Role:** Brian emphasizes the evolving and crucial role of backup engineers. - **Backups Beyond Cybersecurity:** Discussion on various scenarios where backups are vital. #### Tape Backups and Air Gapping - **Nostalgia:** Reminiscing about tape backups. - **Air Gapping:** Importance of air-gapped backups for data security. #### Modern Backup Strategies - **Three-Two-One Method:** Explanation of three copies, two types of media, one off-site. - **Four-Three-Two Method:** Discussion on more extensive backup strategies. #### Cloud-Based Backups - **Pros and Cons:** Evaluating the benefits and drawbacks of cloud-only backups. - **Internet Dependency:** Challenges with relying solely on internet connections for backup and recovery. #### Immutability and Data Security - **Defining Immutability:** Data that cannot be edited or changed. - **Zero Trust for Backups:** Ensuring no unauthorized access or changes to backup data. #### Data Integrity and Reliability - **Testing Restorations:** Regularly testing backup data for integrity and reliability. - **Fingerprints and Checksums:** Using these methods to ensure data consistency. #### Regional Backup Strategies - **Geographic Distribution:** Replicating data to different locations to ensure regional disaster recovery. #### Real-World Examples - **Local Government Incidents:** Discussing the impact of ransomware on local governments and the importance of having robust backups. ### Quarterly Checkups with Rubrik - **Relationship Building:** Importance of maintaining a strong relationship between Rubrik and its clients. - **Health Checks:** Regular assessments of the backup system’s health and client needs. ### Recommendations for All Organizations - **Robust Testing:** Developing a rigorous and regular testing schedule for backups. - **Self-Scouting:** Continuously evaluating and improving backup strategies. - **Courage to Address Gaps:** Identifying and addressing potential security gaps proactively. ### Conclusion - **Final Thoughts:** Emphasis on the importance of backups and continuous improvement. - **Next Steps:** Encouraging organizations to adopt best practices for data security and backup integrity. ### Call to Action - **Subscribe to the Podcast:** Encouragement to subscribe to Off The Wire on all major podcast platforms. - **Share the Podcast:** Request to share the podcast with others who might benefit from the content. --- For more information on Rubrik and their backup solutions, visit [Rubrik's website](https://www.rubrik.com).  Stay tuned for more episodes and insightful discussions on Off The Wire!

**Podcast Episode Summary: Off the Wire - Cybersecurity Insights from the Verizon 2024 Data Breach Investigations Report** **Hosts:** Anthony Kent and Tanner Greer **Episode Overview:** In this episode of Off the Wire, hosts Anthony Kent and Tanner Greer dive deep into the Verizon 2024 Data Breach Investigations Report (DBIR). With their combined 35 years of experience in the IT industry, they provide valuable insights into the latest trends and findings in cybersecurity. **Key Topics Discussed:** 1. **History and Importance of the DBIR:**    - The DBIR, introduced by Verizon in 2008, has become a cornerstone report in the cybersecurity industry, analyzing thousands of real-world security incidents annually.    - This year’s report analyzed 30,458 security incidents and 10,626 confirmed data breaches across 94 countries. 2. **Ransomware and Extortion:**    - Ransomware and extortion account for 32% of all breaches. While ransomware attacks declined by 23%, extortion incidents rose by 9%. 3. **Human Element in Breaches:**    - Human errors continue to play a significant role, with 68% of breaches involving a human element such as social engineering or misuse of privileges.    - Financial costs of breaches vary widely, with the average cost in the 95th percentile being $46,000. 4. **Vulnerability Exploitation:**    - Exploitation of vulnerabilities increased by 180% over the previous year, highlighting the importance of minimizing internet attack surfaces. 5. **Attack Vectors:**    - The most common attack vectors include web application credentials, phishing emails, and web application vulnerabilities. 6. **Denial of Service Attacks:**    - 50% of incidents involved denial of service (DoS) attacks, which are relatively easy to deploy and often highly successful. 7. **Lost and Stolen Assets:**    - Laptops are the most likely assets to go missing, with lost assets more likely to result in data breaches than in previous years. 8. **Privilege Misuse:**    - Privilege misuse, mainly by internal actors, remains a steady threat, with personal and banking data being the most targeted. 9. **Artificial Intelligence:**    - Despite the hype, AI’s role in cyberattacks is minimal, though there is some concern about its potential use in social engineering and deep fakes. **Mitigation Strategies:** - Stick to cybersecurity fundamentals like updating and patching systems. - Leverage multifactor authentication and employee training. - Implement device hardening and least access policies. - Follow the CIS controls referenced in the DBIR to strengthen cybersecurity frameworks. **Call to Action:** - Subscribe to Off the Wire on your favorite podcast platform for more cybersecurity and technology insights. - Visit their new website, offthewirepodcast.com, and follow them on social media (YouTube, X, Facebook, LinkedIn). - Download the full Verizon 2024 DBIR at verizon.com/DBIR. **Upcoming Episodes:** - Off the Wire will release new episodes every other Monday before 8 AM, perfect for your commute.  

## Off the Wire Podcast Show Notes ### Episode Summary Welcome to the Off the Wire podcast, your go-to source for insights into the fast-paced world of cybersecurity and technology. This episode features a new co-host, Tanner Greer, who joins Anthony Kent to discuss a critical topic: what happens when users work from home. ### Key Topics Covered 1. **Introduction of New Co-host Tanner Greer**    - Anthony Kent introduces Tanner Greer, highlighting his extensive experience in the co-op world and his contributions to the field of IT and cybersecurity.    - Tanner shares his background and journey from entry-level IT roles to his current position as CTO. 2. **Impact of COVID-19 on Remote Work**    - Discussion on how COVID-19 has forced organizations to support remote work, highlighting both challenges and opportunities.    - The shift to remote work and its implications on cybersecurity, including the need for new security measures. 3. **Challenges of Securing Remote Work Environments**    - The increased complexity of securing networks as employees work from home or other remote locations.    - The vulnerabilities of home networks and the risks posed by mobile devices and personal usage on work devices.    - Real-life examples of phishing attacks and other security breaches. 4. **Best Practices for Remote Work Security**    - The importance of endpoint protection and hardening, including the use of EDR (Endpoint Detection and Response) tools like CrowdStrike.    - Strategies for patch management and remote support using tools like Endpoint Central and Secure Gateway Server.    - Implementing DNS protection and micro-segmentation to limit lateral movement and protect sensitive data. 5. **User Education and Awareness**    - The role of continuous user education in maintaining security, including live training sessions and the use of security awareness platforms.    - Encouraging good security habits like locking devices when not in use and avoiding the use of work email addresses for personal accounts.    - The importance of tools like Duo for multifactor authentication and additional security checks. 6. **The Future of Remote Work Security**    - Emphasizing the need for organizations to adopt a Zero Trust approach, treating all devices and networks as potentially insecure.    - The potential benefits of using VDI (Virtual Desktop Infrastructure) to maintain control over remote work environments.    - The ongoing need for adaptation and vigilance in cybersecurity practices as remote work continues to evolve. ### Key Takeaways - Remote work introduces significant security challenges that require robust solutions and continuous education. - Tools like EDR, DNS protection, and multifactor authentication are essential in securing remote environments. - User education is crucial in fostering a culture of security awareness and proactive behavior. - Adopting a Zero Trust approach and leveraging modern security tools can help mitigate risks associated with remote work. ### Resources Mentioned - CrowdStrike for EDR and vulnerability scanning. - Endpoint Central and Secure Gateway Server for patch management and remote support. - Duo for multifactor authentication and device security checks. - Cisco Umbrella for DNS protection. - Have I Been Pwned for checking compromised email addresses. ### Closing Remarks Anthony and Tanner emphasize the importance of staying vigilant and continuously improving security practices to protect against evolving threats in the cybersecurity landscape. They encourage listeners to implement the discussed strategies and remain proactive in their security efforts. Tune in next time for more insights and expert analysis on the Off the Wire podcast!