Episodes
-
In this session, we will be looking at AC-5 - Separation of Duties - as defines by NIST SP 800-53 Revision 5. We will only be discussing the controls and enhancements that are required by the low, moderate, or high baseline or those required based on privacy requirements. We will be diving into AC-5.
-
In this session we will be looking at Ac-4 as defines by NIST SP 800-53 Revision 5. we will only be discussing the controls and enhancements that are required by the low, moderate, or high baseline or those required based on privacy requirements. We will be diving into Ac4 and AC-4(4)
-
Missing episodes?
-
Baselines control a selection of security and privacy controls to serve as a starting point for system owners to develop tailored baselines specific to the risks associated with implementing that specific system in the organization's organizational production environment. In this session, we will discuss the Access Control (AC) controls implemented into the low, moderate, and high baselines and indicate those controls that protect privacy.
-
In this session, we will be looking at the details of NIST SP 800-53 R5 the remaining control enhancements of AC-3 Access Enforcement. This will include what is needed to fully implement this control and what is needed to ensure you can pass the associated assessment.
-
In this session, we will be looking at the details of NIST SP 800-53 R5 the control enhancements of AC-3 Access Enforcement. This will include what is needed to fully implement this control and what is needed to ensure you can pass the associated assessment.
-
In this session, we will be looking at the details of NIST SP 800-53 R5 the control enhancements of AC-2- Account Management. This will include what is needed to fully implement this control and what is needed to ensure you can pass the associated assessment.
-
In this session, we will be looking at the details of NIST SP 800-53 R5 control AC-2- Account Management. This will include what is needed to fully implement this control and what is needed to ensure you can pass the associated assessment.
-
In this session, we will be looking at the details of NIST SP 800-53 R5 control AC-1 - Access Control Policies and Procedures. This will include what is needed to fully implement this control and what is needed to ensure you can pass the associated assessment.
-
RMF! Yes, we will be looking into the controls – and more!
Join us for a hot Cup of Cyber. We have made it to the halfway point of 2021, and it is time to get the show on the road! We will be covering what the rest of the year will look like, talk about the COHORT and talk about RMF controls from NIST SP 800-53 R5. If you are looking to be on the inside, we will be looking at each of the controls, and each controls enhancements in our Cup of Cyber mornings for the rest of the year. We have a lot to cover, so I hope you can join us live – or catch up later in the day by watching the recording.
If you could (and it would help us a lot), please like and subscribe to the channel as we have a ton of good content coming!
-
In January we started thinking about how to best prepare people for a career in the information security field. The answer was simple, we will take a small group of motivated individuals and train them in the basics of the technology field. We asked for these individuals to stand up and accept the challenge and the call was answered. For those accepted into this first COHORT there will be no cost, but we hope you get the following books to help prepare for this career. [note: these links are my affiliate links and you do not have to get your books from these links]. If you were selected for the COHORT you will be notified this week and the training will start April 1.
The COHORT will cover more than just the technology, we will also cover the other tasks that will need to be followed to become successful in the information technology field. This will include gaining experience, developing resumes, gaining certifications (of course). We will point out what will help members of the COHORT get a start and ahead in this challenging and rewarding field.
It is, however, not too late. I have held out a few slots for folks that still want to challenge themselves to get a new career in an expanding field. Contact us immediately to be considered to be included in the 2021 Vanguard COHORT.
To be clear there has been a 0% unemployment rate and this has been consistent since 2011! In fact, there is a projected shortage of 3.5 million security professionals in 2021. (1). It is important that the right people with the right training and experience fill these positions. That is why we want to develop security prohttps://www.esecurityplanet.com/trends/cybersecurity-employment-2021/fessionals – not just train people for a certification exam.
Links
A+ Certification
https://amzn.to/3lhjP57
Network+ Certification
https://amzn.to/3rR1fmT
Security+
https://amzn.to/3vz9Gpk
Reference
(1) https://www.esecurityplanet.com/trends/cybersecurity-employment-2021/
-
There is a new group of scams that are going around. They aim to capture your personal information and credit card info. They capitalize on one of the hottest stars on YouTube, Mr. Beast. The scams are so effective because Mr. Beast is well known for his generosity including giving away a crazy amount of money Thanks to Mako for uncovering this Oscar-winning scam! Join us at 7:30 AM on February 11th to discuss this scam.
-
Many people have been waiting for ubiquity to introduce a WiFi camera to its Unifi Protect Offerings. With the release of the sub $30 G3 Instant the company has answered this call. Let's take an initial look at the camera
-
This morning we will bring back RMF Thursdays as we discuss the RMF 2.0 Implement step. When we look at SP 800-37 R2 it looks like this is one of the smaller steps with only two tasks, but this step is much larger than it appears. Up to this point, we have been planning and documenting how we think the controls will be implemented, but now we have to actually complete the implementation, that is the first task. As you can imagine the implementation may not go as planned and you may need to change how you implement some of the controls. Any changes in implementation will result in the need for the planned implementation documentation that was created in the select step to be updated, that is the second task in this step. So join us at 7:30 AM Eastern to talk about this of watch anytime through the day.
-
Identification and authentication allows us to access computers and other pieces of technology, but we have to prove who we are when we access this tech. Over the years, many people have relied on passwords to protect themselves on computers and also online; this is just not secure enough anymore. Today we have to use multi-factor authentication or MFA to securely protect our identities and accounts online. This video will talk about the Yubikey and how it can be used We day carry for MFA as we secure our online presence.
-
An update on the following --
If you have been following things you will know that there are many people that have been talking a lot about the $15 an hour minimum wage, both for and against. I know the simple economics of raising the wage is this, if you raise the minimum wage to $15 an hour big businesses will replace workers with automation, small businesses will cut staff or close and those that adjust to the new minimum wage will pass this on to the customers raising prices, that is just the truth.
Now for me, I got lucky - it is often better to be lucky than good and I was lucky many times in my life that have lead me to where I am as a Director of Cyber Engineering for an awesome financial organization with over 25 years of experience in cyber security. I could go on about the education and experience I have but that is not the point... here is the point ...
I am looking for a COHORT of people that are willing to take a year-long journey to gain the experience and training to work in the ever-expanding world of Cyber Security. I am looking for 10 to 15 people that are willing to put in the time - no not money, the people selected will get this for free. we will cover the basics of technology, Cloud Computing, Computer Security, Risk Management, and Resume and Job Search Trining. This year will go fast and there will be a lot of training packed into the next 11 months (I know January is gone already).
I hope that I can find Military Veterans, High School Students not Going to College, or people changing careers.
PM me to get on the list and if you just want to watch the experience unfold follow us on Facebook at https://www.facebook.com/CyberReconTr... and youtube at https://www.youtube.com/cyber-recon.
Please if you know anyone that could benefit from this please let me know. This is not a trick or scam, I am just trying to pass on the good fortune and luck I have had to this next group.
Please follow us in the is the great journey this year and share with anyone that could benefit from this.
SHOW LESS
-
If you have been following things you will know that there are many people that have been talking a lot about the $15 an hour minimum wage, both for and against. I know the simple economics of raising the wage is this, if you raise the minimum wage to $15 an hour big businesses will replace workers with automation, small businesses will cut staff or close and those that adjust to the new minimum wage will pass this on to the customers raising prices, that is just the truth.
Now for me, I got lucky - it is often better to be lucky than good and I was lucky many times in my life that have lead me to where I am as a Director of Cyber Engineering for an awesome financial organization with over 25 years of experience in cyber security. I could go on about the education and experience I have but that is not the point... here is the point ...
I am looking for a COHORT of people that are willing to take a year-long journey to gain the experience and training to work in the ever-expanding world of Cyber Security. I am looking for 10 to 15 people that are willing to put in the time - no not money, the people selected will get this for free. we will cover the basics of technology, Cloud Computing, Computer Security, Risk Management, and Resume and Job Search Trining. This year will go fast and there will be a lot of training packed into the next 11 months (I know January is gone already).
I hope that I can find Military Veterans, High School Students not Going to College, or people changing careers.
PM me to get on the list and if you just want to watch the experience unfold follow us on Facebook at https://www.facebook.com/CyberReconTr... and youtube at https://www.youtube.com/cyber-recon.
Please if you know anyone that could benefit from this please let me know. This is not a trick or scam, I am just trying to pass on the good fortune and luck I have had to this next group.
Please follow us in the is the great journey this year and share with anyone that could benefit from this.
-
Today we will talk about the direction of the training we will be taking in 2021. Think about Cloud and SecDevOps
-
We will have a quick discussion of what 2021 looks like for Cyber-Recon. What training will we are offering and what will the cup of cyber look like?
-
A look at every certification that Offensive Security offers. Including the specific domains that must be understood and mastered, the time limits, and of course the price to take each exam. This is a high-level overview and in the videos that follow we will dive deeper into each certification. This video provides a high-level overview of all seven of the certifications that Offensive Security offers and what field in security each is targeted at.
- OSCP
- OSWP
- OSEP
- OSWE
- OSEE
-
A look at every certification that ISACA offers. Including the specific domains that must be understood and mastered, the number of questions, the time limits, and of course the price to take each exam. This is a high-level overview and in videos that follow we will dive deeper into each certification. This video provides a high-level overview of all seven of the certifications and the three certification concentrations certifications that (ISC)2 offers and what field in security each is target at.
- Associate of (ISC)2
- CAP
- CCSP
- CSSLP
- HCISPP
- SSCP
- CISSP
And these concentrations
- CISSP-ISSMP
- CISSP-ISSEP
- CISSP-ISSAP
This is my affiliate link to the book I talked about in the video: https://amzn.to/3740Zcg
- Show more