E097 - The Art of Tabletop Exercises

E097 - The Art of Tabletop Exercises

Recorded live at RSAC 2026, this episode explores the importance of risk management, tabletop exercises, and incident response planning. Learn how to prepare your team for real-world scenarios and improve your organization's resilience through structured communication events. Project Zero Trust: https://www.amazon.com/Project-Zero-Trust-Strategy-Aligning/dp/1119884845/ref=asc_df_1119884845 [https://www.amazon.com/Project-Zero-Trust-Strategy-Aligning/dp/1119884845/ref=asc_df_1119884845]  Chapters 00:00 Looking Ahead: Insights from RSA Conference 00:37 Understanding Risk Management 02:54 Scenario-based Planning 05:21 The Frequency and Variability of Tabletop Exercises 06:46 Planning for Cyber Attacks 11:13 Team Communication Exercises 16:55 Annual Exercises 17:35 The Role of Non-Technical Teams in Incidents 19:09 Creating Actionable Improvement Plans 20:21 The Importance of In-person Table Top Exercises 22:42 Personal Experiences with Tabletop Exercises 24:28 Tabletop Exercises as Training 26:36 Learnings From Project Zero Trust 27:47 Planning for Future Security Tests 28:50 Outro

E096 - HERS Conference: Fireside Chat with Start-up Founders

Recorded live at the HERS Conference comes a panel discussion about Humans in Security. This panel features experts in data security, privacy, AI governance, and startup strategy discussing how to stay secure as a startup, the importance of community, decision-making, and the ongoing fight for privacy and security in the digital age. Tech Auntie's Podcast 📹 https://www.youtube.com/@TechAuntiesPodcast/videos 🎧 https://open.spotify.com/show/3EFJc29Ql18NwhRxerS7NS Panelists Milou Lammers - https://www.linkedin.com/in/milou-lammers/ Gina Rosenthal - https://www.linkedin.com/in/gminks/ Marian Newsome - https://www.linkedin.com/in/mariannewsome/ Gene Holloway - https://www.linkedin.com/in/gene-holloway-ph-d-pmp-516803154 Karen Lopez - https://www.linkedin.com/in/karen-lopez-195921b4 Chapters 00:00 Introduction to the Panelists 05:24 Navigating Security as a Startup 14:37 Challenges in Data Management and Compliance 25:03 The Importance of Collaboration and Networking 27:19 The Balancing Act of Entrepreneurship 37:47 Looking Out for Mental Health and Community 55:04 Privacy vs. Security in Today's World

E095 - Lawyers Creating Content

Recorded live at the HERS Conference comes a panel discussion with Kameron Monet and Alexandra L. Mack about what it means to be a lawyer and content creator online. They discuss how each of them started posting, how their content has evolved, and how social media can create community, mentorship, and new professional opportunities. The conversation also covers the risks of posting as a lawyer, including negative comments, political topics, professional boundaries, and the importance of making clear that educational content is not legal advice. Chapters 00:00 Introduction to Non-Traditional Legal Careers 03:00 The Evolution of Content Creation in Law 05:52 Navigating Social Media as Lawyers 08:51 The Impact of Personal Branding on Legal Professionals 11:40 Challenges and Rewards of Being a Content Creator 14:45 The Intersection of Law and Social Media 17:39 Handling Feedback and Criticism Online 26:10 Navigating Legal Content Creation Risks 27:48 Building Community Through Social Media 29:41 The Power of Representation in Law 31:41 Content Creation: Balancing Expertise and Audience 33:45 Authenticity in Content Creation 35:32 The Evolution of Community Building 41:46 The Role of Platforms in Community Engagement 47:42 Personal Growth Through Content Creation

E094 - May the Security Be With You: Security Lessons from Star Wars

In this May the 4th inspired episode, Brian uses scenes from Star Wars: A New Hope to draw analogies with cybersecurity concepts, emphasizing data protection, supply chain risks, social engineering, and internal security measures. A fun and insightful way to understand complex security topics through pop culture. Credit to George Lucas and Lucasfilm for a great movie we could dissect. Previous episode on authentication: 📹https://youtu.be/uLewnRK65qI 🎧https://www.socializingsecurity.com/e/e087-a-password-primer Chapters 00:00 Introduction to Star Wars and Cybersecurity 04:26 Data Loss Prevention: The Death Star Plans 09:05 Supply Chain Risks: The Droids on Tatooine 16:49 Jedi Mind Tricks Are Advanced Social Engineering 21:31 Stopping Rebels with Intrusion Detection 25:57 Zero Trust: Security That Should've Been Inside the Death Star 30:43 The Exhaust Port Vulnerability 35:13 The Importance of Analogies and Wrap-up

E093 - HERS Conference: Risk Summit, Part 3

Recorded live at the HERS Conference comes a panel discussion about Humans in Risk. This episode features a detailed discussion on cybersecurity risks, especially phishing, and risk management strategies in startups and organizations. Experts share real-world examples, mitigation tactics, and the importance of a proactive risk culture. Make sure you catch up on the previous two episode for the first and second parts of this three-part Risk Summit from the HERS Conference. 🎧 Risk Summit, Part 1: https://www.socializingsecurity.com/e/e091-hers-conference-risk-summit-part-1 🎧 Risk Summit, Part 2: https://www.socializingsecurity.com/e/e092-hers-conference-risk-summit-part-2 Guests: Paul Lammers Sophie Lammers: https://www.linkedin.com/in/sophie-lammers Chapters 00:00 Understanding Risk Management 03:31 Intro to CEO Phishing Risk 04:28 Scenario 4: CEO Phishing Scam 05:50 Assessing and Scoring the Risk of CEO Phishing 08:15 Assessing the Impact and Harm of CEO Phishing 09:18 Controlling For Phishing Risks 12:21 A Personal Anecdote of a Scam 14:56 Introducing Sophie Lammers 16:13 Scenario 5: Startup Funding Failure 17:19 Assessing and Scoring the Risks of Startup Failure 21:28 Assessing the Harms of a Startup Failure 22:47 Mitigating the Risks of a Startup Failure 25:47 Saying Goodbye to Sophie Lammers and the Risk Summit 27:22 Reflecting on the Risk Summit 28:51 Outro