Hashtag Realtalk with Aaron Bregg

In this episode I had a chance to have a candid conversation with Charles Henderson. Charles is a global managing partner at IBM and also happens to be the head of the X-Force team. IBM recently released the X-Force Threat Intelligence Index report for 2024.While the report is delves into many different areas of Threat Intelligence, we concentrated on several key areas focused primarily on artificial intelligence:Pronounced increase in Identity attacksUnderstanding how more 'business-like' malicious actors are becomingUpcoming universal AI attack surfaceHow much do you think this will get wors? For example, I reached out to a couple of CISOs from some prominent local companies and one of their worries was and I quote, "Longer term I think we will have to worry about attackers trying to attack and leverage AI technologies that are being utilized by organizations."50% is the expected market share threshold likely to trigger attacks against AI platforms.Evolution of malware delivery mechanisms. AI's part in Business Email Compromise. Another area of concern when I polled my CISO contacts was AI's ability to, and I quote again, "Easier to perfect grammar and templates for phishing and other social engineering attempts.". How do you think companies like IBM can start helping people combat these types of attacks?)Thoughts on OpenAI's Sora and its potential impact on securityEpisode Charity:The Corewell Health's involvement in the Blue Envelope Suicide Prevention Program. The School Blue Envelope Suicide Prevention Program trains middle and high school faculty and staff so that every school employee—from teachers to coaches and bus drivers—would know how to respond to a student who may express thoughts of suicide. The “Blue Envelope” protocol for crisis management was developed internally to quickly activate patient safety responses by communicating the code words "Blue Envelope."Every person within a physician’s office became proficient in how to respond at a moment’s notice to a patient who may have thoughts of suicide. Through previous grant and foundation dollars, this program has been able to successfully train over 8,500 middle, high, and elementary school personnel across 156 schools within 53 different school districts. This training has resulted in over 2,000 interventions for students in crisis.Episode Sponsor:This episode is sponsored by IBM, who recently celebrated their 100th birthday! IBM is a computer solution company based out of Armonk, New York.

In this episode I had a chance to sit down in person with the always insightful and never dull cybersecurity leader, Jim Kuiphof. Jim is the Deputy Chief Information Security Officer at Corewell Health. The topic for this casual conversation is Understanding Your Personal Risk Tolerance. More specifically, it speaks to understanding the different between your own risk tolerance and the business's risk tolerance.Jim has talked on this recently at events like Cloud Con and the Digital Services Summit. His ideas for understanding how to balance personal and business has been a HUGE thing in my professional career.Talking Points:What is Risk?What is Tolerance?Understanding the difference between Personal Risk and Business RiskWhy is it so important to understanding alignment?Diagnosing the DissonanceWhat do you do about it?What does taking ownership look like?Maintaining risk tolerance alignmentThis talk is not only useful for people in the cybersecurity industry, but across all of information technology. It does matter what level you are at, this information can help you!

In this episode I had a chance to speak with Bryan 'Woody' Woodworth around simplifying and securing multi-cloud networking. Bryan is the Director of Solution Strategy for Aviatrix. As we are a few weeks into 2024 and the importance of understanding and utilizing multi-cloud strategies is becoming more and more apparent. Talking Points:What are the current trends in the industry pertaining to multi-cloud?Skills Gaps - More pronounced in Multi-Clouds, FinTech and Banking industries will 'mandate' what environments you use.What are the areas where skill gaps can be addressedSecure Cloud Networking Field Report Sneak PeakWhat kind of tools can you give them and creative ideas that you can use themAutomation is hot but do you know how to prioritize what you automate?The glory days of cloud are over and how do you 'save your pennies' and still move towards a solid FinOps modelConstant state of attack that the cloud is under (How can you protect yourself going forward)Episode Charity:Proceeds from this episode will be going towards the children's mental health program at Corewell Health Foundation.Episode Sponsor:Aviatrix is a Secure Cloud Networking company based out of Santa Clara California.

In this special episode we celebrate the 4th annual holiday fundraiser podcast. It is already a blessing to raise money for great causes all while raising security awareness for small and medium sized businesses. The topic for this episode is one that is super relevant for this day and age of Digital Transformation. However, in keeping with the format of #RealTalk, we are going to explore some 'real world' use cases for using Artificial Intelligence in Security in 2024.The have two special guests and one awesome co-host for this episode. Kassandra Murphy is a Senior Consulting Solutions Engineer for Splunk. My other guest is Sanjay Kalra who is in Product Management for ZScaler.My co-host for this episode is none other than Jim Kuiphof, who happens to be the Deputy Chief Information Security Officer at Corewell Health!Talking Points:Touched on phases of the kill chain/attack lifecycle and how AI comes into play, WHY it's expanding the attack surface within each phase (i.e., system enumeration can be done at such a larger speed and scale)How will AI change how companies will be adhering to the new Security and Exchange Commission's policy for reporting security breachesResearching AI from a defensive Point of ViewHow do you keep up with the business's speed of moving forward with AI while trying to protect itEpisode Sponsors:Splunk -  Splunk is a security observability solutions provider based out of San Francisco California.Zscaler -  ZScaler is a security solution provider based out of San Jose California. Episode Charities:North Kent Connect - North Kent Connect is a Christian organization committed to improving the lives of all people in northern Kent County by providing access to basic needs and promoting economic independence.Toys for Tots West Michigan - The mission of the U. S. Marine Corps Reserve Toys for Tots Program is to collect new, unwrapped toys during October, November and December each year, and distribute those toys as Christmas gifts to less fortunate children in the community in which the campaign is conducted.Reference Links:If you are interested in the SURGe blog that Kassie talked about in the episode, you can find it Here.

Have you ever wondered what it takes to get into the information security field? Have you thought how hard could it be? What about all of the big money I hear people make in this space? Well in this episode I talk with Mattalynn Darden and Esther Muchai about how hard it really is to break in.If you are wondering how these two talented young women know, here is a little background on what they are currently doing and why it is relevant to the this episode's topic.Mattalynn is an Information Security Intern at Lear Corporation and Esther is pursuing your Master's Degree in Cybersecurity at Grand Valley State University. Both of them share some of the struggles that they are currently having and I give some advice on how to possibly overcome them.So, if you are thinking of entering the crazy, foggy world that is Information Security, then this episode is for you!Talking Points:What made you want to get into the cybersecurity field?What are some of the main challenges that you are facing right now?Did either of you go the 'paid' learning route (e.g. college or training classes)?What are some free training/tools you have found useful?

*Disclaimer* Thoughts and opinion in this episode are solely myself or my guests and not necessarily reflective of our employers.In this episode I had a chance to sit down with Matt Nelson and do the podcast from a very cool location.  Matt is a Senior Security Architect for Guidepoint Security. The topic of our rant was centered around all of the things 'wrong' with cybersecurity sales and why it hurts everyone.Talking Points Include:Ineffective Bad Behavior - You are doing you and your company a disservice Improper In-person Event EtiquetteDo Social Engineering for Good!What you as a Customer can do to help set expectationsThe importance of building relationshipsSpecial shout outs to Maril Vernon, Michelle Beracy and Anthony Coggins!

In this episode I talk with Lloyd 'Lucky' Guyot and Alex O'Meera about The Center for Internet Security's Critical Security Controls. Lloyd is a Security Advisor for Optiv and President of the Grand Rapids ISSA Chapter. Alex is a Security Analyst for Stack Overflow and Secretary of the Grand Rapids ISSA Chapter.Talking Points:How can the CIS 18 help an SMB build your security program?How can the CIS 18 help mature a security program?Which controls should a company start with?And many more!Episode Sponsor:Grand Rapids ISSA Chapter (with special thanks to Optiv). The GR-ISSA is the local chapter of the Information Systems Security Association.Episode Charity:The charity for the month of November is the Corewell Health Foundation. More specifically, the money will be going to assist children with various mental health challenges.

In this episode I had a chance to speak with Chris Jordan and Al Wissigner about where a small and medium sized business (SMB) should start their security journey. This is especially important in this day and age of the ever expanding cloud infrastructure and Software as a Service (SaaS) models.  Both of these fine gentlemen work for Fluency and have a TON of experience working SMBs.Talking Points:The idea of bridging the gap between what they want to do and what they can afford to do?Why is it so important for an SMB to understand how to properly do cross-platform?Security companies are generally not targeting SMBsWhy is BEC one of the most important things to do understand?How can a SMB use automation to help offset the lack of a large security team?Episode Charity:October's selected charity is called the Both Hands. Both Hands is an organization that helps local widows with chores/projects that are hard to do on their own, all while raising money for a family to adopt a child.Episode Sponsor:This episode was sponsored by Fluency. Fluency is a modern security operations platform that can handle today's agile environments. They are based out of Rockville, Maryland.

Despite the recent push by some old school (re: outdated) leaders to force employees to return the office, remote work is here to stay. While we all talk about the importance of making remote work secure, there isn't much talk about how the experience for the end-users. Fortunately, there are some companies out there that are understanding the need to balance security, business and end user needs.In this episode I talk with Melinda Ann O'Neill about Digital Employee Experience (DEX). Melinda Ann is a Director of Strategic Accounts for Tanium. We covered several key areas of both business success and information security success.Talking Points:Why is ensuring a remote employees' experience is critical to a company's success?What are some of the main challenges businesses are having when it comes to DEX?What are some ways that a multi-faceted solution can balance both security and business concerns?Episode Charity:October's selected charity is called the Both Hands. Both Hands is an organization that helps local widows with chores/projects that are hard to do on their own, all while raising money for a family to adopt a child.Episode Sponsor:This episode was sponsored by Tanium. Tanium is a End Point Solutions company based out of the West Coast state of Washington.

In this episode I head out to The Unicorn Tavern in Grand Haven, Michigan to talk Network Segmentation with Steve Barnes and Tyler Adams. Steve is an Enterprise Security Architect for Fortinet and Tyler is a Information Security Analyst for Corewell Health.Talking Points:How has Network Segmentation changed in 2023?Who is responsible? Is that team being supported enough?How are you compartmentalizing things?Should you separate your IT and your OT?Does network segmentation make it easier to start a deception campaign?How can you get business buy it to make this happen?Episode Sponsor:This episode is sponsored by Fortinet. Fortinet is a Network Security Solutions company based out of Sunnyvale California.Episode Charity:Part of the sponsorship fees from this episode will be going to the Alex's Saints charity. Alex's Saints Foundation works to provide life-changing emotional and financial assistance to young adults who struggle with substance use disorder, while empowering long-term recovery.Editor's Note:A quick note about the charity comment in the episode. I mistakenly confused the topic of the charity we are working this month to one I am looking into. Alex's Saints is not a suicide prevention organization.  My sincerest apologies for the confusion.

A few years ago, the topic for the 3rd episode for the #RealTalk with Aaron Bregg podcast about Diversity And Inclusion in the Cybersecurity Industry. To this date it is one of the most downloaded episodes. Since that episode was publish a LOT has changed in the world. I felt that it was time to revisit the topic but with a little bit of a twist. The need for a twist comes from the fact that DEI in cybersecurity still where it needs to be.As luck would have it I had met Angela Hill a few years back when Matt Nelson and I were looking to have her as a keynote speaker. While due to scheduling issues it didn't work out, it did lead to this moment.Join me as I have a #RealTalk conversation about 'Rethinking DEI' and more specifically focusing on Latinas in Cybersecurity. Angela Hill from Palo Alto Networks, Samantha Bolet. from TikTok, Vanessa Morales. from NBC Universal who are some of the co-founders of Latinas In Cyber challenge me and themselves into taking a different approach to solving this problem.Talking Points:What kind of restrictions do you run into? E.g. Cultural roadblocks, etc.What issues do you run into when it comes to showcasing your 'real world' experience?The importance of having a security 'brand' - VanessaHow do we need to change our approach to DEI? The importance of DEI in academia and starting to embrace creativity - SamA HUGE thanks to SevCo, Cadre and NetSPI today the podcast donated $500 to support Latinas in Cyber!

In this episode I had a chance to dive into a topic that is ripped straight from my day job. Multi Cloud Compliance. My guest for this episode is Mike Roman. Mike is a Senior Security Sales Engineer for Orca Security, which happens to be  the company that just won the 'Best Swag' award at Cloud Con last week!In all seriousness though, more and more companies are having to rely on multi-cloud environments in order to keep the lights on. You may be a Amazon AWS shop but you may use Snowflake for data analytics and something else for your ERP solution.Getting compliant across the different environments not only means business success but may keep you from avoiding fines from regulators.Talking Points:What is an overly permission role in a multi-cloud environment?Is it really over permissive or is it really right for the job?What is the 'real' world example for the principle of least privilege for multi-cloud?Stitching the flow from misconfigs back to identity Taking a lot more inputs from many different spots including Behavioral Analytics informationEpisode Sponsor: This episode is sponsored by Orca Security. Orca is a cloud security solution and is based out of Portland, Tel-Aviv and London.Episode Charity: Part of the sponsorship fees from this episode will be going to the Alex's Saints charity. Alex's Saints Foundation works to provide life-changing emotional and financial assistance to young adults who struggle with substance use disorder, while empowering long-term recovery.

In this episode I break from the norm a little bit in order to delve into the minds of security leadership. These insights come from a recent Grand Valley State University Cybersecurity Masters Graduate, Isaac Beasley.As part Isaac's Master's project, he interviewed 10 different cybersecurity leaders in the West Michigan area about a variety of different topics. For the sake of time, I concentrated on talking to the following key data points:Hiring, Retention, & Advancement80% reported not fully cyber staffed60% struggle with team burnout70% see diversity as a top challenge when building out a teamGRC, Security Architects and Cloud Security where the most in demand rolesTo help me with the intricacies of this episode is a security leader that participated in the interviews but also is very familiar with them, Jim Kuiphof, Deputy Chief Information Security Officer of Corewell Health.

While PenTesting (i.e. hacking) may be the most visible part of Information Security, it is sometimes can lead to a false sense of security. In this episode I had a chance to talk with Nabil Hannan about rethinking your penetration testing strategy and moving towards Attack Surface Management. Nabil is the Field Chief Information Security Officer for NetSPI  and has a ton of useful information to share about starting this journey.Talking points include:What are the biggest misconceptions with PenTesting?The problem with buying security 'things'Understanding your Attack Surface using Breach and Attack SimulationsTargeting your ransomware readinessEpisode Sponsor:NetSPI is a penetration testing company based out of Minneapolis, Minnesota.Episode Charity:This episode's charity is Latinas in Cyber. LAIC is focused on continuing to break barriers and open paths for those who chose to pursue careers in cybersecurity. Our mission is to empower through mentorship, networking, support, and representation.

Earlier this year Cloud Security Alliance covered the big debate around should you buy or build for your Cyber Asset Attack Surface Management (CAASM) solution. As luck would have it, Ken Liao recently reached out to me regarding the new company that he works for who handles this very topic. In this episode I had a chance to talk with Sevco Security's Chief Strategy Officer, Brian Contos, on this very topic. The timeliness is very apt, as Gartner recently named CAASM as an emerging technology that enables security teams to solve persistent asset visibility and vulnerability changes.Talking Points:What is Asset Intelligence?How has it evolved Various Use Cases Where it’s heading (Security, IT Ops, Risk Management) Is 4D Intelligence is more than just marketing fluffEpisode Sponsor: This episode is sponsored by Sevco Security. Sevco Security is a CAASM security vendor based out of Austin Texas.Episode Charity:This episode's charity is Latinas in Cyber. LAIC is focused on continuing to break barriers and open paths for those who chose to pursue careers in cybersecurity. Our mission is to empower through mentorship, networking, support, and representation.

I know some of you are thinking, "Ugh another podcast on artificial intelligence!", to which I say, "Nope". Originally this was supposed to be a two-part series with the first episode focusing on high level AI talk. The second episode that drills down into how to actually come up with AI/ML policies and standards.However, like all things related to the podcast, we are going to mix it up a little. In this episode I have a non-security co-host, Brian Carlson and a security guest, Tim O'Connor. Brian is one of the Lead Data Analysts for Corewell Health and Tim is Manager of Knowledge Services for Cadre Information Security.The premise of the episode is around the talking point of 'What AI is and What it is Not'. Brian brings the insight from working with AI/ML for a major healthcare system and Tim brings some insight on some of the confusion and questions he is getting from his clients.Episode Sponsor:Cadre Information Security is a WBE certified network and information security solutions provider that serves large and medium sized firms. They are based out of Cincinnati Ohio.Episode Charity:This episode's charity is Latinas in Cyber. LAIC is focused on continuing to break barriers and open paths for those who chose to pursue careers in cybersecurity. Our mission is to empower through mentorship, networking, support, and representation.

In this episode I go outside of the topics and talk about one that I think is definitely underrated, Protecting Your Executives. I sometime forget how lucky my healthcare organization is very forward thinking when it comes to security. However, not all companies have the luxury of having a full team to protect VIPs.I had a chance to have an in-depth conversation with Daniel Floyd around this very subject. Daniel is the Chief Information Security Officer for BLACKCLOAK. BLACKCLOAK was one of the first companies to focus on Digital Executive Protection. Daniel shares some interesting stories about the crazy things that happen when protecting VIPs.Talking Points:Why is it is important to protect executives outside of the corporate wall (CISO working on a Sunday example)When you need someone to 'Black Ops' outside of your org?Why are some Execs in denial about their being 'attackable'?What about new types of attacks like AI generated sound clips?Episode Sponsor:This episode is sponsored by BLACKCLOAK. BLACKCLOAK is a Digital Executive Protection for executives, high-profile, high-net-worth & ultra-high-net-worth individuals & families. They are based out of Orlando Florida.Episode Charity:Proceeds from this sponsorship will be going to the Mecosta-Osceola Career Center's rural outreach program to try and talk with elementary and middle school girls to consider a career in STEM.

In a recent episode Matt Nelson from Guidepoint was talking about how he is seeing a trend with medium-sized companies moving away from the idea of building out or building up a security team. There were several reasons including budget constraints and an experienced talent shortage. So I reached out to Bill Bernard about having a deeper discussion on how revisiting the topic of using a #managedsecurityoperations company.Talking Points:What is Managed Detection and Response?Because of budget and resource constraints, more companies are starting to move away from the idea of building up their internal solution. What are you (the guests) seeing lately? Digital Transformation seems to be moving out from it's 1st phase since Covid and becoming more mature. Because of this more and more companies are moving to 3rd party SaaS solutions for things that were traditionally done 'In House'. Why is it so important to revisit how you handle #SIEM and #SOAR APIs when it comes to a managed #SOC?Episode Sponsor:This episode is sponsored by Deepwatch. Deepwatch is a Managed Security Operation solution based out of Denver, Colorado. The charity topic for this episode is helping a Rural Northern Michigan career center recruit more young girls into IT/Cybersecurity.

In this episode I had a chance to talk with Todd Brockdorf and Chris Lawrence about Zero Trust. Todd is a Senior Sales Engineer and Chris is a Customer Success Engineer. Nowadays it is hard to sift through all of the security vendor marketing chaff to get #RealTalk about Zero Trust.Talking Points:What is the biggest misconception around Zero Trust that is happening right now?What about thinking of the cloud as a segmented network?How are upcoming government regulations, how do company’s balance with regulations and end user experience?How does ChatGPT and other emerging AI/ML technologies play into a Zero Trust mindset?Episode Sponsor:This episode was sponsored by Zscaler. Zscaler is a security solution provider based out of San Jose California. Proceeds from this episode will be going toward supporting families of children with autism in Michigan via the Autism Alliance of Michigan.

4.6.23 Update:If you had downloaded this file before 6pm on April 6th you received the wrong episode. This error has been fixed and you have my sincerest apologies for the mess up!*Disclaimer* While there was no physical harming of bad security vendors in this episode, there is a lot of honest #RealTalk. Opinions in this episode are my own and do not necessarily reflect the views of my leadership or my employer. Additionally, this episode is not sponsored and therefore is not influenced by outside sources.In this episode I finally had some time to go over to the 'Fresh' Coast of West Michigan and sit down with Matt Nelson to talk about the current state of the cybersecurity industry. Matt is a Senior Solutions Architect for GuidePoint Security and brings a plethora of both useful and useless security knowledge to the conversation!We kept the conversation focused on several different key areas of information security:How NOT to work with a business if you are a security vendorHow are companies dealing with the rising cost of cybersecurityGiving some #RealTalk advice to  people looking to break into the information security industryWhile this episode went a little bit longer that I would like, it contains a TON of useful advice for not only employees and leaders, but security vendors as well.