Cybersecurity threats are evolving faster than many organizations can adapt. MSPs and SMBs are increasingly being targeted by sophisticated attackers using automation, AI-assisted tools, and highly coordinated attack chains that exploit weaknesses across modern IT environments.

In this episode of DailyCyber, Brandon Krieger speaks with Andrew Scott — Field CISO at Todyl — about the real cyber risks facing service providers today and why organizations must rethink how they approach cybersecurity strategy.

Episode Overview

Cybersecurity has shifted from a prevention-first mindset to one that increasingly focuses on resilience. Attackers are operating faster, using automation and AI to scale attacks, and targeting MSP ecosystems as high-value entry points into multiple organizations.

Andrew Scott shares insights from working directly with MSPs and partners in the field, helping them strengthen their security posture and evolve their cybersecurity strategies. The conversation explores how providers can move beyond prevention-only models toward security architectures designed to detect, respond to, and recover from attacks quickly.

The discussion also examines the rapidly expanding role of artificial intelligence in cybersecurity. While AI is enabling attackers to automate phishing campaigns, reconnaissance, and vulnerability discovery, it is also providing powerful capabilities for defenders to improve detection, automate SOC operations, and strengthen threat intelligence analysis.

Andrew’s experience spans enterprise security architecture, SOC transformation, and threat intelligence leadership across major organizations including Leidos, CrowdStrike, and IBM.

Now working closely with MSPs as a Field CISO at Todyl, Andrew helps organizations rethink their cybersecurity strategy, identify blind spots in their security programs, and adopt modern platforms designed to simplify and strengthen security operations.

Topics covered:

• The biggest cyber risks facing MSPs and SMBs today

• Why cyber resilience must replace prevention-only security models

• How AI is reshaping both cyber attacks and defensive capabilities

• The blind spots many service providers still overlook

Guest:

Andrew Scott — Field CISO, Todyl

https://www.linkedin.com/in/andrew-s-8b691729/

https://www.todyl.com

Host:

Brandon Krieger — CEO & vCISO Advisor

https://www.linkedin.com/in/brandonkrieger

https://www.DailyCyber.ca

Listen to the podcast:

DailyCyber.ca

In this episode of DailyCyber, Brandon Krieger is joined by Andrew Gault, CEO of ZeroTier, to examine whether quantum computing represents a real cybersecurity threat today or remains theoretical.

The conversation explores what quantum computing could break within current encryption standards, why infrastructure providers should be planning now, and how modern zero trust architecture must evolve in response.

Topics include:

• The realism of quantum cybersecurity risk

• Vulnerabilities in today’s cryptographic stack

• Infrastructure planning for post-quantum security

• CISO strategy for 2026

• Zero trust implications

Guest: Andrew Gault — CEO, ZeroTier

https://www.linkedin.com/in/andrewgault/

https://www.zerotier.com/

Host: Brandon Krieger — CEO & vCISO Advisor

https://www.linkedin.com/in/brandonkrieger

https://www.DailyCyber.ca

Watch: https://www.youtube.com/BrandonKrieger

Listen: https://www.DailyCyber.ca

Blockchain has moved beyond experimentation. Governments and enterprises are now evaluating how decentralized technologies can support national infrastructure, financial systems, and next-generation digital economies.

In this episode of DailyCyber, Brandon Krieger speaks with Jeff Mahony, Chief Architect of RYTChain, about scalable blockchain architecture, patented consensus mechanisms, and what it truly takes to onboard the next billion users securely.

Jeff brings more than three decades of experience in fintech, defense, predictive modeling, and enterprise systems architecture. His work on RYT’s Proof of Majority mechanism reflects a systems-oriented approach to transparency, scalability, and security in Web3 environments.

Topics covered:

• The challenges of scaling blockchain for enterprise and government

• How Proof of Majority differs from traditional consensus models

• Nation-level blockchain pilots and digital identity implications

• Security risks in decentralized infrastructure

• Integrating Web3 principles into financial ecosystems

• The future of AI, decentralization, and digital governance

Guest:

Jeff Mahony — Chief Architect, RYTChain

https://www.linkedin.com/in/jeff-mahony-ba8a591/

Host:

Brandon Krieger — CEO & vCISO Advisor

https://www.linkedin.com/in/brandonkrieger

https://www.DailyCyber.ca

📅 Tuesday

🕔 5:00 PM EST

📺 youtube.com/BrandonKrieger

Listen to the podcast:

https://www.DailyCyber.ca

Cybercrime has entered a new phase — one driven by automation, AI impersonation, and criminal ecosystems that operate like legitimate software businesses.

In this live episode of DailyCyber, Brandon Krieger speaks with Chris Nyhuis, CEO and Co-Founder of Vigilant, about how scams now work, why tech-savvy consumers are increasingly targeted, and what practical steps individuals can take to protect themselves in 2026.

Chris brings more than three decades of cybersecurity leadership, multiple patented innovations, and direct experience partnering with law enforcement to dismantle cybercrime and trafficking networks.

Topics covered:

• Why Gen-Z is being targeted for cybercrime

• How criminals sell scam tools, bots, and scripts like SaaS products

• Fake AI agents impersonating banks, retailers, and payment platforms

• Multi-stage scams combining tech support, spoofed bank calls, and fake government agents

• Why scams are expanding beyond seniors

• Practical protection steps for money, identity, and devices

Guest: Chris Nyhuis — CEO & Co-Founder, Vigilant

https://www.linkedin.com/in/chris-nyhuis-34427550/

Host: Brandon Krieger — CEO & vCISO Advisor

https://www.linkedin.com/in/brandonkrieger

https://www.DailyCyber.ca

Watch live or on replay:

https://www.youtube.com/BrandonKrieger

Listen to the podcast:

https://www.DailyCyber.ca

In this episode of DailyCyber, Brandon Krieger is joined by Robert Siciliano, CEO of ProtectNow LLC and architect of The Strategic Human Firewall™, to discuss why human behavior is now the dominant cybersecurity risk.

Robert explains how AI-driven fraud exploits trust and urgency, why personal security habits matter in corporate environments, and how leaders can move beyond tools to build effective behavioral governance.

Episode topics include:

• The Human Blindspot and AI deception

• Personal security as the foundation of corporate security

• Speed and secrecy indicators in BEC attacks

• Leadership’s role in preventing fraud

• Making security training stick through engagement

Guest: Robert Siciliano — ProtectNow LLC

Host: Brandon Krieger — CEO & vCISO Advisor

Watch: https://www.youtube.com/BrandonKrieger

Listen: https://www.DailyCyber.ca

In this episode of DailyCyber, I sit down with Oscar Hedaya, founder and inventor of The Space Safe, the world’s first next-generation connected safe designed to bridge the gap between physical security and modern cyber threats.

For decades, safes have barely changed. Oscar set out to fix that — by designing a safe that incorporates WiFi, cameras, sensors, real-time event visibility, and a mobile app to bring physical protection into the connected era.

But with innovation comes new questions: does adding connectivity make a safe less secure?

Do people still need safes in a world that uses less cash?

And how do you build trust in a product designed to protect what matters most?

This episode is ideal for cybersecurity leaders, product designers, IoT professionals, and anyone interested in the convergence of hardware and cyber risk.

🔥 Topics We Discuss

1️⃣ Does modernizing a safe introduce new cyber risks?

• How threat modeling changes when adding connectivity

• Why traditional safes fail in modern environments

• Balancing usability and security-by-design

2️⃣ Why The Space Safe doesn’t allow remote unlocking

• Exploit scenarios involving remote access

• Why user safety takes priority over convenience

• Physical control as a non-negotiable design rule

3️⃣ Are WiFi-enabled safes hackable?

• Misconceptions about IoT security

• Architecture decisions to isolate critical components

• Why “connected” doesn’t mean “remotely breachable”

4️⃣ Why not just use a safe + camera?

• The integration problem

• Why separate devices leave gaps in awareness

• The advantage of unified monitoring and real-time detection

5️⃣ Do people still need safes in a world with less cash?

• Securing valuables beyond money: identity documents, medication, digital assets, jewelry

• Why hotels and businesses still rely on safe storage

• Peace of mind as a technology challenge

👤 Guest Info

Oscar Hedaya – Founder & Inventor, The Space Safe

Website: https://www.thespacesafe.com

LinkedIn: https://www.linkedin.com/in/ohedaya

👤 Host

Brandon Krieger — CEO & vCISO Advisor

LinkedIn: https://www.linkedin.com/in/brandonkrieger

Website: https://www.DailyCyber.ca

📺 Watch more episodes:

YouTube: https://www.youtube.com/BrandonKrieger

🎧 Listen on the go:

DailyCyber Podcast: https://www.DailyCyber.ca

👇 Comment below — Would you trust a connected safe?

In this AMA edition of DailyCyber, I answer questions cybersecurity leaders face every day — from rebuilding income after a layoff to navigating account compromise scenarios.

This episode is packed with insights on mindset, leadership, communication, and technical decision-making.

🔥 Topics Covered

1️⃣ How I Rebuilt Income After a Layoff

• Turning a setback into a strategy

• Building momentum when everything restarts at zero

• Leveraging relationships without “selling”

• Mindset shifts for resilience in cybersecurity careers

2️⃣ How I Rebuilt My Cybersecurity Consulting Business

• The vCISO model and packaging expertise

• How to identify ideal clients

• Retainer building & predictable revenue

• Why trust, clarity, and specialization win

3️⃣ How To Sell a SIEM To Your Board — Quantify Downtime

• Boards buy business outcomes, not logs

• Framing SIEM value in terms of downtime, legal exposure, and financial impact

• Metrics that resonate with executives

• How to turn risk language into business language

4️⃣ Immediate Actions After an Account Compromise — And Why

• Session invalidation

• Identity isolation

• MFA & token checks

• Reviewing cloud logs and lateral movement indicators

• Rebuilding trust in the identity

5️⃣ When Fortinet Looks Like a Cyber Threat

• Why some Fortinet behavior resembles attacker traffic

• Logging quirks that cause SOC confusion

• Detecting real threats vs benign appliance behavior

• How to improve tool context for analysts

👤 Host:

Brandon Krieger — CEO & vCISO Advisor

🔗 www.linkedin.com/in/brandonkrieger

🔗 www.DailyCyber.ca

📺 Watch the episode: youtube.com/BrandonKrieger

🎧 Listen: DailyCyber.ca

👇 Share your questions — another AMA is coming soon.

In this episode of DailyCyber, I sit down with Joshua Scott, VP of Security at Hydrolix, a leader with nearly 30 years of hands-on experience across enterprise security, cloud architecture, GRC, risk, IR, compliance, detection engineering, and product security.

Joshua has built and led security programs in every major function — from enterprise GRC and security engineering to cloud security, DevSecOps, threat detection, incident response, IAM, and data governance. Today, he leads security for Hydrolix, a platform built to help organizations query terabytes to petabytes of security data at speed.

This episode is for CISOs, vCISOs, architects, analysts, SOC leads, and anyone trying to navigate today’s overwhelming security landscape.

🔐 What We Discuss:

1️⃣ Why Has the Amount of Security Exploded?

• Tool sprawl across endpoint, cloud, data, identities & apps

• AI, cloud, SaaS, microservices — multiplying the attack surface

• The shift from logs → events → telemetry → full-fidelity everything

2️⃣ When Did This Explosion Start — And What Triggered It?

• Cloud acceleration as the main catalyst

• Compliance frameworks multiplying requirements

• The “everything must be logged” mindset

• GenAI widening the data gap even further

3️⃣ The Headaches: Complexity, Noise & Burnout

• Detection engineering overload

• Noisy SIEMs and high ingestion bills

• Cloud logs, identity logs, app logs — everywhere

• Why teams burn out before they innovate

4️⃣ What Companies Should Do to Fix This

• Consolidation and prioritization

• Building minimum viable detection

• Logging with intention — not “log everything”

• Risk-driven filtering & smart data pipelines

5️⃣ How Hydrolix Helps Teams Analyze Massive Datasets Fast

• Querying petabyte-scale data in seconds

• Reducing cost + noise

• Empowering analysts and IR teams with usable data

• Why scalable data architecture is the real future of detection

👤 Guest Info:

🔗 Hydrolix: https://hydrolix.io

🔗 LinkedIn: https://www.linkedin.com/in/joshuascott

👤 Hosted by:

Brandon Krieger – CEO & vCISO Advisor

🔗 www.linkedin.com/in/brandonkrieger

🔗 www.DailyCyber.ca

📺 Watch the full episode: youtube.com/BrandonKrieger

🎧 Listen at: www.DailyCyber.ca

👇 Leave a comment — What security data challenge is overwhelming you the most right now?

In this AMA edition of DailyCyber, we go deep on what’s actually happening in cybersecurity leadership today.

From emotional regulation in the SOC to unapproved AI tools in the workplace, this episode unpacks the real conversations CISOs and vCISOs are having behind closed doors.

🔥 Topics Covered:

1️⃣ Don’t Paste This Into ChatGPT — A Work-Safe AI Warning

• Why public AI tools can leak sensitive data.
• How Shadow AI is creating hidden organizational risk.
• Safe policies for innovation without exposure.

2️⃣ How To Be The Calm In The Storm — Psychology & Emotions in Security

• Managing stress, burnout, and leadership tone under fire.
• How nervous system regulation improves decision quality.
• Emotional resilience as a cybersecurity skillset.

3️⃣ How To Use AI To Prepare For a Cybersecurity Interview

• Using AI to practice, research, and rehearse — safely.
• The right way to integrate AI feedback for interview prep.
• Balancing authenticity with automation.

4️⃣ Right-Sizing Security — Stop Checkbox Compliance

• Why “audit-ready” ≠ “attack-ready.”
• How to build a security program that actually works.
• The business case for maturity over compliance theater.

5️⃣ Shadow AI Is Everywhere — How Employees Secretly Use It

• Employees are bringing AI into workflows — often unknowingly.
• How to detect and guide safe AI use.
• Building trust and governance instead of fear-driven restrictions.

👤 Hosted by:

Brandon Krieger – CEO & vCISO Advisor

🔗 www.linkedin.com/in/brandonkrieger

🔗 www.DailyCyber.ca

📺 Watch the full episode: youtube.com/BrandonKrieger

🎧 Listen at: www.DailyCyber.ca

👇 Join the conversation — what’s your biggest cybersecurity challenge right now?

From AI threats to emotional intelligence, this session breaks down what’s shaping 2025’s security landscape — and how to stay ahead.

🔥 What We’ll Cover:

1️⃣ AI-Driven Threats & Deepfakes

– How attackers are using AI to manipulate trust

– What leaders can do to strengthen detection and awareness

2️⃣ The Evolution of Cyber Leadership

– Why emotional intelligence matters more than technical control

– How the CISO role continues to expand into business strategy

3️⃣ Third-Party Risk & Vendor Due Diligence

– Why security questionnaires are getting tougher

– How to build transparency and accountability across partners

4️⃣ Incident Response & Automation

– How speed and strategy must coexist

– Leveraging AI tools for faster containment and triage

5️⃣ The Future of Cyber Risk

– What resilience means in 2025 and beyond

– Why adaptability is the most critical skill in cybersecurity

👤 Hosted by:

Brandon Krieger – CEO & vCISO Advisor

🔗 www.linkedin.com/in/brandonkrieger

🔗 www.DailyCyber.ca

📺 Watch the full episode: youtube.com/BrandonKrieger

🎧 Listen at: www.DailyCyber.ca

👇 Leave your questions and join the conversation in the comments!

In this episode of DailyCyber, I sit down with Danny Quist, Chief Technology Officer at PolySwarm, to unpack the intersection of AI, reverse engineering, and cybersecurity economics.

Danny brings nearly two decades of experience leading research and analysis teams at Redacted, Bechtel, MIT Lincoln Laboratory, and Los Alamos National Laboratory. As a Ph.D. in Computer Science and educator at New Mexico Tech, he bridges deep technical expertise with practical guidance for cybersecurity professionals.

🔥 What we discussed:

1️⃣ AI & Reverse Engineering

– How AI is transforming malware and software analysis

– What the future looks like for defenders and reverse engineers

2️⃣ Demystifying Cybersecurity’s “Dark Arts”

– Teaching complex topics like reverse engineering in an accessible way

– How to guide teams through frustration and failure

3️⃣ Software Supply Chain Complexity

– Verifying what commercial software actually does

– The new challenges of trust in third-party code

4️⃣ Cybersecurity Economics

– The financial logic that keeps malware profitable

– How the industry can disrupt malicious incentive structures

👤 Guest:

Danny Quist – Chief Technology Officer, PolySwarm

🔗 https://www.linkedin.com/in/dannyquist

🔗 https://polyswarm.io

👤 Hosted by:

Brandon Krieger – CEO & vCISO Advisor

🔗 www.linkedin.com/in/brandonkrieger

🔗 www.DailyCyber.ca

📺 Watch the full episode: youtube.com/BrandonKrieger

🎧 Listen at: www.DailyCyber.ca

👇 Leave your thoughts or questions in the comments!

In this episode of DailyCyber, I’m joined by Michael Reichstein, a global cybersecurity executive with more than 20 years of experience leading security programs across multiple continents. His journey spans military service, enterprise GRC integration, and Fortune 500 leadership. Michael brings a people-first perspective to security, emphasizing communication, culture, and aligning security with business goals.

🔐 What we discuss:

1️⃣ The Talent Crisis – Why the cybersecurity workforce gap keeps growing and what can be done.

2️⃣ The CISO Role – How it’s evolving under pressure from boards, regulators, and AI disruption.

3️⃣ The Job Market – Why security careers are both in demand and unstable in 2025.

4️⃣ AI Tool Inflation – Sorting hype from real value in the flood of AI solutions.

🧠 Guest Bio:

Michael Reichstein is a global cybersecurity executive with over two decades of leadership experience across North America, Europe, and beyond. A dual US-German citizen and strongman training enthusiast, Michael has built resilient teams, advanced enterprise security maturity, and believes great security begins with great communication.

📌 Guest: Michael Reichstein, Chief Executive Officer | Chief Information Security Officer

🔗 https://quon.tech/

🔗 https://www.linkedin.com/in/mreichstein

📺 Watch the full episode: youtube.com/BrandonKrieger

🎧 Listen at: www.DailyCyber.ca

👤 Host: Brandon Krieger, CEO & vCISO Advisor

👇 Share your takeaways and join the conversation.

In this AMA edition of DailyCyber, I break down some of the most pressing issues in cybersecurity today. No guest—just me sharing unfiltered insights from the frontlines of vCISO advisory and leadership.

🔥 What we cover in this AMA:

1️⃣ The Cybersecurity Talent Shortage & Burnout Crisis

– Why the global skills gap keeps growing

– How burnout is reshaping the workforce

– Creative strategies for retention and resilience

2️⃣ Shadow IT & SaaS Sprawl – The Hidden Security Risk

– Why unauthorized apps and tools create blind spots

– How to regain visibility and control

– Shifting the culture from security-as-blocker to enabler

3️⃣ Third-Party Risk & the Supply Chain Security Gap

– Why attackers love vendor ecosystems

– The growing demand for security questionnaires

– How to balance compliance vs. real resilience

4️⃣ Cloud Security Myths That Put Companies at Risk

– Why “the cloud provider secures everything” is a dangerous myth

– Common misconfigurations that cause breaches

– Affordable security wins for SMBs

5️⃣ Cybersecurity Leadership in the Age of AI

– Balancing hype vs. reality in AI tools

– How attackers are weaponizing AI

– Building responsible AI governance in security programs

👤 Hosted by:

Brandon Krieger – CEO & vCISO Advisor

🔗 www.linkedin.com/in/brandonkrieger

🔗 www.DailyCyber.ca

📺 Watch the full episode: youtube.com/BrandonKrieger

🎧 Listen at: www.DailyCyber.ca

👇 Leave your thoughts or questions in the comments!

#DailyCyber275, #BrandonKrieger, #CyberSecurity, #vCISO, #IncidentResponse, #CyberLeadership, #Compliance, #SMBSecurity, #CloudSecurity, #AIThreats, #SecurityPodcast, #AMA

In this special AMA edition of DailyCyber, I take your questions and dig into the hottest issues facing cybersecurity leaders today. No guest—just unfiltered insights from the frontlines of vCISO work.

🔥 What we cover in this AMA:

1️⃣ SMB security—minimum essentials every business needs

2️⃣ Why vendors and partners are demanding more detailed security questionnaires

3️⃣ Incident response—speed vs strategy when ransomware hits

4️⃣ AI-powered phishing & deepfakes—what leaders must prepare for

5️⃣ vCISO realities—what it takes to succeed as a fractional security leader

🧠 Bonus: I’ll also cover breaking cyber news, including:

• Jaguar Land Rover’s recent cyber incident disrupting production
• Warnings on autonomous AI attacks from threat researchers
• September Patch Tuesday and critical Microsoft/Adobe updates
• Reports on burnout in cybersecurity teams

👤 Hosted by:

Brandon Krieger – CEO & vCISO Advisor

🔗 www.linkedin.com/in/brandonkrieger

🔗 www.DailyCyber.ca

📺 Watch the full episode: youtube.com/BrandonKrieger

🎧 Listen at: www.DailyCyber.ca

👇 Leave your questions or comments below—let’s keep the conversation going!

In this episode of DailyCyber, I’m joined by Evgueni Erchov, Sr. Director of Research & Threat Intelligence at Cypfer. With more than 25 years of experience in IT security, forensics, blockchain, and cybercrime investigations, Evgueni shares his perspective on the ever-evolving global cyber threat landscape.

🔐 What we discuss:

1️⃣ Geopolitics & Cybercrime – How the Ukraine/Russia conflict has reshaped ransomware groups – The role of nation-states vs. independent actors

2️⃣ AI & Deepfakes in Cybercrime – How threat actors are weaponizing AI – Emerging risks from synthetic content

3️⃣ Law Enforcement Operations – The impact of takedowns on ransomware gangs – Where law enforcement is winning—and where it’s not

4️⃣ Blockchain Analytics & Cryptocurrency – Following the money through blockchain – Why cryptocurrency still fuels cybercrime

5️⃣ Quantum Computing & the Future of Security – Will quantum break encryption—or help defenders? – What CISOs and security leaders should start planning for now

🧠 Guest Bio: Evgueni Erchov is the Sr. Director of Research & Threat Intelligence at Cypfer, where he leads a global team tracking ransomware and emerging threats. With over 25 years in application development, IT security, federal investigations, and private sector leadership, his expertise spans forensics, blockchain, cybercrime, and advanced threat intelligence.

📌 Guest Info: 

🔗 https://cypfer.com/ 

🔗 https://www.linkedin.com/in/eerchov/

📺 Watch the full episode: www.youtube.com/knssconsulting 

🎧 Listen at: www.DailyCyber.ca

👇 Share your takeaways or questions in the comments.

#DailyCyber273, #BrandonKrieger, #EvgueniErchov, #Cypfer, #CyberSecurity, #ThreatIntelligence, #Ransomware, #CyberCrime, #QuantumComputing, #BlockchainAnalytics, #Deepfakes, #AIThreats, #SecurityPodcast, #CyberResilience, #CyberAwareness, #IncidentResponse, #GlobalCyberThreats

In this episode of DailyCyber, I’m joined by Craig M. Taylor, Co-Founder & CISO at CyberHoot, who has spent nearly three decades building and leading security programs for organizations of all sizes.

Craig believes cybersecurity awareness should be short, engaging, and even fun—because punishment-based training and fear tactics don’t work.

🔐 What we discuss:

1️⃣ The Employee Factor – Why employees are still the #1 target – How to reduce human risk without blame

2️⃣ Why Traditional Training Fails – The psychology of why people click phishing emails – How behavioral science and gamification make training stick

3️⃣ Building a Cyber-Aware Culture – The leadership and culture shifts required – The biggest mistakes companies make in awareness programs

4️⃣ The SMB Security Gap – Why compliance ≠ security – Common blind spots in small and mid-sized businesses

5️⃣ AI & Phishing Evolution – How deepfakes, smishing, and vishing are changing the threat landscape – What to implement now for phishing-resistant authentication

🧠 Guest Bio: Craig M. Taylor is Co-Founder & CISO at CyberHoot, helping organizations eliminate risky employee behaviors with positive reinforcement security training. His background in psychology and decades of leadership at companies like Chase Paymentech, Vistaprint, and DXC Technology give him a unique edge in combining human behavior with cybersecurity strategy.

📌 Guest Info: 

🔗 https://cyberhoot.com/ 

🔗 https://www.linkedin.com/in/craigmtaylor/

📺 Watch the full episode: www.youtube.com/knssconsulting 

🎧 Listen at: www.DailyCyber.ca

👇 Share your takeaways or questions in the comments.

In this episode of DailyCyber, I’m joined by Steve Massaro, IT consultant, MSP owner, and strategic technologist with over 20 years of experience helping businesses succeed through managed services and secure IT leadership.

Steve shares insight from his years building MSPs in Hawaii and Kansas—from scaling tech teams to keeping SMB clients safe in today’s evolving threat landscape.

🔐 What we discuss:

 1️⃣ What “We Make Technology Work for You” really means – The customer mindset behind that promise – Strategic tech adoption for business outcomes

2️⃣ What “Secure” Actually Means – How Steve defines secure – What his clients need to maintain it over time

3️⃣ Keeping Clients Safe – Unique security strategies for small & mid-sized businesses – Practical steps every MSP should be implementing

4️⃣ Generative AI + Security – Is it a threat, a tool, or both? – Steve’s take on how it changes the game for IT service providers

5️⃣ Who Really Needs a Cybersecurity Program – The SMB sectors lagging behind – Why security isn’t optional in 2025

🧠 Guest Bio: Steve Massaro is the owner of BITS Midwest, providing IT consulting and managed services to SMBs across Kansas. He previously co-owned and scaled IT Kauai over 17 years, serving clients across the state of Hawaii. With a balance of hands-on technical knowledge and business-minded strategy, Steve helps his clients secure, modernize, and grow.

📌 Guest Info: 

🔗 https://bitsmw.com 

🔗 https://www.linkedin.com/in/steve-massaro/

📺 Watch the full episode: www.youtube.com/knssconsulting 

🎧 Listen at: www.DailyCyber.ca

👇 Join the conversation in the comments.

In this episode of DailyCyber, I’m joined by Martin Hinton, Executive Editor of Cyber Insurance News & Information and former Executive Producer at Fox News. With decades of experience in journalism, storytelling, and strategic communications, Martin brings a sharp lens to the world of cyber risk, insurance, and geopolitical change.

🔐 What we explore: 

1️⃣ Nation-state vs non-state actors – Who holds the upper hand in cyber conflict? – How cybercriminal groups rival traditional military powers

2️⃣ Motivation behind modern attacks – Has money taken a backseat to control, ideology, and disruption? – Historical parallels to cyber escalation

3️⃣ The paradox of digital borders – Why geography still matters—even in cyberspace – How conflict zones shape digital attack surfaces

4️⃣ Insurance as cyber frontline – How insurers are influencing response decisions – Risk shaping at the board level

5️⃣ AI in cyber conflict – Will AI equalize the playing field—or escalate the risk? – What history tells us about tech-driven tipping points

🧠 Guest Bio: Martin Hinton is an award-winning journalist, international storyteller, and Executive Editor at Cyber Insurance News & Information. Formerly with Fox News, Martin has developed and produced major programs ranging from military history to true crime, and now leads content at Rhetorical Ronin.

📌 Guest Info: 

🔗 https://www.linkedin.com/in/martinfhinton 

🔗 https://cyberinsurancenews.org/

📺 Watch the full episode: www.youtube.com/knssconsulting 

🎧 Listen at: www.DailyCyber.ca

👇 Leave your thoughts and join the conversation.

In this episode of the DailyCyber Podcast, I’m joined by John Christly, Vice President of Commercial Services at OneZero Solutions, and a seasoned cybersecurity executive with 30+ years in the field.

John has served as a CISO, CIO, and consultant across healthcare, government, and critical infrastructure—and brings a deep understanding of the intersection between business strategy, regulatory compliance, and operational resilience.

🔐 What we discussed:

1️⃣ Building Security in Regulated Spaces

How to align cybersecurity with regulatory expectations

Common challenges in healthcare, critical infrastructure, and defense sectors

Why compliance alone doesn’t equal security

2️⃣ Cyber in Mergers & Acquisitions

What companies get wrong when merging security programs

Due diligence, red flags, and post-acquisition integration

3️⃣ Educating & Enabling

John’s approach to making security programs stick

How training and education impact long-term resilience

4️⃣ Preparing for AI Governance

The future of AI regulation in cybersecurity

What organizations should do now to get ahead

🧠 Guest Bio: John Christly is the Vice President of Commercial Services at OneZero Solutions and has over 30 years of experience in cybersecurity and IT leadership. He has served as CISO and CIO for organizations across healthcare, government, and the defense industrial base. John is also a successful educator and thought leader, known for creating courses on cybersecurity, compliance, and AI governance.

📌 Guest Info: 🔗 https://www.onezerollc.com 🔗 https://www.linkedin.com/in/johnchristly

📺 Watch the full episode: www.youtube.com/knssconsulting 🎧 Or listen to the podcast at: www.DailyCyber.ca

👇 Leave a comment or question and join the conversation!

In this special AMA edition of the DailyCyber Podcast, I go live solo to answer your biggest questions about cybersecurity, incident response, and what it really takes to succeed as a Fractional vCISO in 2025.

Whether you’re building a security program, managing client risk, or navigating the transition from security engineer to executive advisor, this episode is packed with actionable insights and behind-the-scenes lessons.

🧠 What we covered:

👥 vCISO vs CISO—what’s right for your org? 

📉 Cyber risk ≠ just IT—what execs must know 

🧱 Building security programs that actually work 

💰 ROI of security—how to justify the budget 

🗺 Mid-market roadmaps—what to do and when 

⚠️ Scaling mistakes that wreck cyber maturity

👤 Hosted by: Brandon Krieger – President & CEO, Fractional vCISO & Host of DailyCyber 

🔗 https://www.linkedin.com/in/brandonkrieger 

🔗 www.knssconsulting.com

📺 Watch the full episode: www.youtube.com/knssconsulting 

🎧 Listen to the podcast at: www.DailyCyber.ca

👇 Drop your questions or reflections in the comments—let’s keep the conversation going.

In today’s DailyCyber Podcast, I’m joined by Paul Caron, Head of Cyber Security, Americas at S-RM.

Paul brings over 20 years of experience across military intelligence, counterterrorism, and cybersecurity leadership—including senior roles at PwC and as Managing Director of Incident Response at a global consulting firm. We dive deep into Incident Response realities and how AI is reshaping the security landscape.

🔐 What we discussed: 1️⃣ Incident Response: What Security Experts Need to Know

• The role of compliance and breach coaches (cyber lawyers)
• Why speed matters: response time and containment
• The value of critical partnerships during a breach
• Backup realities and where organizations fail
• The ripple effect of extortion: how it impacts your team, your brand, and your clients

2️⃣ AI in Cybersecurity: Paul’s Perspective as a Subject Matter Expert

• How AI is being used today (offensively and defensively)
• Where it’s headed—and what security leaders should be watching for

🧠 Guest Bio: Paul is S-RM's Head of Cyber Security, Americas. He has over 20 years of experience spanning the private and government sectors, with expertise in military intelligence, special operations, counterterrorism, and cybersecurity leadership. He has advised Fortune 100 companies on cyber strategy, post-breach remediation, and program maturity.

Paul holds an MBA from Norwich University and is the co-author of "Security Supervision and Management: Theory and Practice of Asset Protection."

📌 Guest Info: 

🔗 https://www.linkedin.com/in/paulcaron/ 

🔗 https://www.s-rminform.com/

📺 Watch the full episode: www.youtube.com/knssconsulting 

🎧 Or listen to the podcast at: www.DailyCyber.ca

👇 Leave your thoughts or questions in the comments!

#DailyCyber267, #BrandonKrieger, #PaulCaron, #SRM, #CyberSecurity, #IncidentResponse, #RansomwareRecovery, #CyberLeadership, #CyberResilience, #BusinessContinuity, #CyberThreats, #AIinSecurity, #StrategicCyber, #CyberRiskManagement, #CISO, #vCISO, #PostBreachResponse, #CyberAwareness, #SecurityPodcast

In today’s DailyCyber Podcast, I’m joined by Andy Maus, Head of Business Development, Cyber Recovery Services at DriveSavers Data Recovery.

We dive into the realities of ransomware recovery—from corrupted files to deleted backups—and what actually works when everything goes sideways.

With over 20 years of experience in data protection and cyber response, Andy shares hard-earned insight from his work with cyber insurers, IR teams, and legal experts navigating high-stakes breaches.

🔐 Questions we cover:

1. What’s the difference between data restoration, disaster recovery, and data recovery?
2. Can you really recover backups that were deleted by threat actors?
3. Does paying the ransom guarantee you’ll get your data back?
4. What are your options when critical databases are corrupted?
5. What separates free, commercial, and enterprise-grade recovery tools?

Learn what to expect after a ransomware attack—and what smart organizations do to prepare for the worst.

🧠 Guest Info: 

🔗 https://drivesaversdatarecovery.com/

🔗 https://www.linkedin.com/in/andymaus/

Watch the episode or listen to the podcast at www.DailyCyber.ca 

👇 Leave your questions and comments below!

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

https://youtu.be/CSMuUkv7j-o

In today’s DailyCyber Podcast I am fortunate to have Allan Alford as a guest to answer real life Cyber Security questions that Cyber Security professionals want to know. 

https://allanalford.com/

https://www.linkedin.com/in/allanalford/

https://twitter.com/AllanAlfordinTX

Recommended links we discuss through the stream: 

https://hackervalley.com/cyberranch

https://www.linkedin.com/in/naomi-buckwalter/

https://podcasts.apple.com/us/podcast/breaking-into-cybersecurity/id1463136698

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

#DailyCyber260, #BrandonKrieger, #Cybersecurity, #cybersecuritynews, #Cybersecurityawareness, #Cyberthreats, 

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

Website:  https://www.wapacklabs.com

Linkedin:  https://www.linkedin.com/in/jimckee/

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

Website: https://www.debbiereynoldsconsulting.com/

Linkedin: https://www.linkedin.com/in/debbieareynolds/

YouTube:  https://www.youtube.com/channel/UCVZ2nIE9bw43aH1QZVJh2UQ/videos

Twitter: https://twitter.com/DebbieDataDiv

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

To connect with Simon visit 

Website: https://LoginID.io

Twitter: @simoninnovates

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

In today’s DailyCyber Podcast I discuss the new General Toronto COVID-19 Pandemic lockdown and how it is affecting the GTA. I Also go over what is going in the Cyber Security Industry.

Articles I cover:   

3 Steps CISOs Can Take to Convey Strategy for Budget Presentations

https://www.darkreading.com/operations/3-steps-cisos-can-take-to-convey-strategy-for-budget-presentations-/a/d-id/1339337?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

How Retailers Can Fight Fraud and Abuse This Holiday Season

https://www.darkreading.com/cloud/how-retailers-can-fight-fraud-and-abuse-this-holiday-season/a/d-id/1339470?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

You can connect with Dr. Eric Cole here:

Website: https://secure-anchor.com/

LinkedIn: https://www.linkedin.com/company/secure-anchor-consulting/

Twitter: https://twitter.com/drericcole

YouTube: https://www.youtube.com/channel/UCwg_j4TF1dnP9OZFXzYussA

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

5 Cybersecurity Best Practices For Planning Ahead

https://securityintelligence.com/articles/five-cybersecurity-best-practices-for-planning-ahead/

CES 2021 Gadgets: Worst in Privacy and Security Awards

https://threatpost.com/tractors-pod-ice-cream-lipstick-ces-2021-worst/163117/

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

Robert McFeely: 

Linked: https://www.linkedin.com/company/octiga/

Twitter: https://www.Twitter.com/octiga_io

Website: https://www.Octiga.io

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

Articles I cover: 

2021 Cyber Security Predictions:

https://cisomag.eccouncil.org/cybersecurity-predictions-2021/

CCIO Certification

https://ciso.eccouncil.org/cciso-certification/

Brandon’s Speaking Engagement 

https://brandonknss.krtra.com/t/qZwG0D7FJyXc

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

Articles I cover: 

Microsoft Warns CrowdStrike of Hackers Targeting Azure Cloud Customers

https://thehackernews.com/2020/12/microsoft-warns-crowdstrike-of-hackers.html

Windows Zero-Day Still Circulating After Faulty Fix

https://threatpost.com/windows-zero-day-circulating-faulty-fix/162610/

Why cybersecurity tools fail when it comes to ambiguity

https://www.techrepublic.com/article/why-cybersecurity-tools-fail-when-it-comes-to-ambiguity/#ftag=RSS56d97e7

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

You can connect with Dr. Eric Cole here:
 

Website: https://secure-anchor.com/

LinkedIn: https://www.linkedin.com/company/secure-anchor-consulting/

Twitter: https://twitter.com/drericcole

YouTube: https://www.youtube.com/channel/UCwg_j4TF1dnP9OZFXzYussA

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

In today’s DailyCyber Podcast I discuss how are things going in the Pandemic in the GTA. I also go through the SolarWinds and FireEye Breach. 

Microsoft, FireEye confirm SolarWinds supply chain attack

https://www.zdnet.com/article/microsoft-fireeye-confirm-solarwinds-supply-chain-attack

The CyberWire DailyBriefing For 12.14.20

[https://thecyberwire.com/newsletters/daily-briefing/9/239]

Cozy Bear

https://en.wikipedia.org/wiki/Cozy_Bear

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below

Toymaker Mattel Hit by Ransomware Attack

https://threatpost.com/mattel-hit-by-ransomware/160947/

Endpoint Security Extends to the Cloud

https://cisomag.eccouncil.org/endpoint-security-cloud/

What is the “Cyberchology of Human Error” in Cybersecurity?

https://cisomag.eccouncil.org/human-error-in-cybersecurity/

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below

New Normal Effect! 85% of Organizations Say Cybersecurity is More Important than Ever

https://cisomag.eccouncil.org/new-normal-effect-85-of-organizations-say-cybersecurity-is-more-important-than-ever/

Security Officers, Are Your Employees Practicing Good Habits from Home?

https://www.darkreading.com/vulnerabilities---threats/security-officers-are-your-employers-practicing-good-habits-from-home/a/d-id/1338986?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Netflix: The Social Dilemma 

https://www.netflix.com/ca/title/81254224

Guide: Scale or Fail — Why MSSPs Need Multitenant Security Solutions**

https://thehackernews.com/2020/10/multitenant-cybersecurity-solution.html

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

https://www.bleepingcomputer.com/news/security/new-ransomware-vaccine-kills-programs-wiping-windows-shadow-volumes/

https://www.bleepingcomputer.com/news/security/why-everyone-should-disable-vssadminexe-now/

https://www.bleepingcomputer.com/news/security/new-jersey-hospital-paid-ransomware-gang-670k-to-prevent-data-leak/

https://www.techrepublic.com/article/vulnerable-supply-chains-introduce-increasingly-interconnected-attack-surfaces/#ftag=RSS56d97e7

https://cisomag.eccouncil.org/4-83-mn-ddos-attacks-reported-globally-in-h1-2020/

https://www.securitymagazine.com/articles/93482-uhs-hospitals-hit-by-ryuk-ransomware-forced-to-shut-down-systems

https://youtu.be/u0Q8OzTicnw

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

To contact Al White his email address is awhite@wricanada.com

Today I cover these Cyber Security articles: 

https://cisomag.eccouncil.org/under-attack-2000-magento-stores-hacked-in-a-magecart-campaign/

https://www.darkreading.com/iot/more-printers-could-mean-security-problems-for-home-bound-workers/d/d-id/1338895?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

Today we cover these three news articles to share what is going on in the industry: 

https://cisomag.eccouncil.org/cyber-insurance-claims/

https://cisomag.eccouncil.org/implementing-zero-trust-network/

https://cisomag.eccouncil.org/psychology-of-human-error-could-help-businesses-prevent-security-breaches/

To follow Neal check him out: 

https://www.twitch.tv/cyber_insecurity

https://www.youtube.com/channel/UCL4JGzitDkX5TOwzs9A02Kg

https://twitter.com/ITJunkie

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

To follow Neal check him out: 

https://www.twitch.tv/cyber_insecurity

https://www.youtube.com/channel/UCL4JGzitDkX5TOwzs9A02Kg

https://twitter.com/ITJunkie

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

To connect with Jason visit: 
 

Website:  www.pulsarsecurity.com

Podcast: Giac.org/podcasts

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

http://galbraithandassociates.ca/

Podcast:

https://open.spotify.com/show/0dLJ2TpWljyb40omiunVZt?si=Hnuo2zPSTda6SDj-AwrPWQ

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

CISO Dialogue: How to Optimize Your Security Budget

"There are many different approaches to managing a security budget, and CISOs organize and prioritize uniquely based on the company, industry, and threats. Three consistent areas of spending are identity and access management (IAM), global risk and compliance (GRC), and security operations,” Brett Wahlin CISO of Amazon Prime Video noting:

* IAM is always a mess because no one wants to deal with access management, passwords, access sprawl, and so on.  

* GRC is difficult because there are always new regulations to remain compliant with; privacy, in particular, is an ongoing challenge.

* With security operations, levels of effectiveness vary. Wahlin posed several questions for consideration. "Is it in-house? Are you outsourcing to an MSSP? How are you measuring effectiveness? It's an area where I often have to retool from a people, process, and technology standpoint."

Top Tips for New CISOs

Brett Wahlin concluded with a breakdown of the most important things he would recommend a new CISO look at, both budgetary and beyond:

* Look at the three most problematic areas: IAM, GRC, and SecOps. You can always find things to fix, and it will give you some quick wins.

* Know your industry and how your security program can help the company grow.

* You need to be able to constantly communicate the value you're bringing to the table — it's how you'll get budget and, more importantly, it's how you keep it.

* "Partnering with the business" is not just a catch phrase batted around at security conferences. Learn what it means for your company and be a good partner.

* Think like an architect: As you build a program, how do the different functions interact with each other? How do you plan to grow based on shared communication?

* Don't be afraid to pull something out if it's not raising the security bar for your company.  

https://www.darkreading.com/operations/ciso-dialogue-how-to-optimize-your-security-budget-/a/d-id/1338055

76.36% Believe Cloud Service Provider is Responsible for Security: CISO MAG Market Trends Report

From CISO Mag’s Cloud Security survey then found

76.36% said that cloud service providers (CSP) is entirely responsible for the security of the cloud

23.64% they said 40% in the article - stated the responsibility is on the cloud consumer  

Looking at these numbers you can tell that the “Shared Responsibility” as Amazon refers to it. Is not truly understood just by this survey alone.  

AWS defined a Shared Responsibility model that says “Security of the Cloud” is the responsibility of the CSP (Cloud Security Provider), but “Security in the cloud” is the responsibility of the customer. This model is gradually being accepted in the industry.

https://www.cisomag.com/shared-responsibility-model/

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below

Here are some facts for you from the Beazley Breach Insight Report: 

-Manufacturing Sector 156 % increase off incidents quarter to quarter

-Financial Sector and Healthcare continue to be the most affected which together account to almost 50% of all ransomware attacks reported in Q1 of 2020 

Q1 2020 Ransomware incidents:

26% Financial Institution 

24% Healthcare 

9% Manufacturing 

7% Professional services 

6% Retail

6% Education 

For more information 

https://www.cisomag.com/ransomware-attacks-rise-q1-2020/

How to protect you and your company:

1. Security systems are up to date

2. Work from home systems

   1. Are up to date and patched

   2. Have up to date endpoint and/or anti-virus protection

   3. Home network is secure

   4. VPN connect to work

   5. Family members on the home network are secure as well

3. Cyber Security Awareness training

   1. For employees and their families who are using the home network

4. Corporate polices are up to date

   1. Acceptable Use Policy

   2. Disaster Recovery

   3. Business Continuity

   4. Incident Response

   5. Breach Response

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

• Digital Transformation “DX” (DX spending globally is estimated at $7.4 trillion between 2020 and 2024)
• Digital Transformation Vulnerabilities
• Ransomware attack costs on average $80,000 to restore data
• The biggest challenge that will impact organizations within the next 12 months is cyberthreats (32%). Shortage of skills to implement technology (30%) and meeting changing customer needs (29%) were also cited as key hurdles.
• Lack of staff to work on new initiatives (42%) was cited as the most impactful data protection challenge organizations currently have. Lack of budget for new initiatives and lack of visibility on operational performance were also cited.
• Over a third (39%) of respondents said the ability to improve the reliability of backups is the most likely reason to drive their organization to change its primary backup solution.
• Over a quarter (27%) of organizations’ data is backed up to the cloud by a Backup as a Service (BaaS) provider. 14% of data across organizations globally is not backed up.
• Over two in five (43%) organizations plan to leverage cloud-based backup managed by a BaaS provider within the next two years.

https://www.cisomag.com/cyberattacks-on-business-2020/

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

https://www.bbc.com/news/technology-52632729

With COVID-19 and the increase of Cyber Attacks up 140% since the Pandemic started companies need to protect themselves. 

Things Companies need to focus on

1. Security Awareness training
2. Business Continuity
3. Cost Cutting Measures
4. Compliance
5. Assessments to validate your security posture

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

To purchase the Red Team Development and Operation book visit http://threatexpress.com/

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 
 

Dominic’s website: www.cyber.sc

Follow Catherine Moore on Instagram: @SocialWokersRise 

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

Diogène Ntirandekura Website: https://consultinglifestyle.fm

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

Listen to The Gritty Nurse Podcast on Apple Podcasts. https://podcasts.apple.com/ca/podcast/the-gritty-nurse-podcast/id1493290782

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

This is a podcast you don't want to miss. 
 

Dr. April Moreno - PhD Public Health and Informatics

Website- www.doctoraprilwellness.podbean.com

Questions: 

1)What do we need to know about COVID-19? 

2)Why do I need to quarantine myself?  

3)Can you tell us about Autoimmune diseases? What do we need to know about them?

4)What resources would you recommend to people for the lay person? 
 

Monica Noy - Osteopathic Manual Practitioner 

Website-https://www.monicanoy.com/

Questions : 

1)Why do I need to self quarantine?

2)Why do healthy people have to go through this process?

3)What do we need to focus on?

4)What are the responsibilities of health practitioners in this pandemic?

5)What are your recommendations we can do durning this Pandemic?   

Drew Prescott - Financial Advisor

Podcast- https://soundcloud.com/collar-city-financial-strategies

Website- www.collarcityfs.com

Questions:

1)Do you know if people can collect Temporary Aid or Unemployment benefits if they have been laid off due to the corona virus? 

2)What would you say to someone who is invested at this time and may be a little nervous? 

3)Obviously hind sight is 20/20 but what are some good practices for the listeners to work on going forward? So that they can be better prepared for an even like this in the future? 

4)What would you say to that person who is concerned they are short for their current bills?

Joseph Carnevale - Insurance Broker

Website: https://brokerstrust.ca/about/team/joseph-carnevale/

Questions: 

1) What is the current challenges people are facing with insurance personally as well as professionally?

2) What do people need to know?

3) What should they do going forward? This question is to help reduce the state of panic that everyone is in. 

"Coronaviruses (CoV) are a large family of viruses that cause illness ranging from the common cold to more severe diseases such as Middle East Respiratory Syndrome (MERS-CoV) and Severe Acute Respiratory Syndrome (SARS-CoV). A novel coronavirus (nCoV) is a new strain that has not been previously identified in humans.  

Coronaviruses are zoonotic, meaning they are transmitted between animals and people.  Detailed investigations found that SARS-CoV was transmitted from civet cats to humans and MERS-CoV from dromedary camels to humans. Several known coronaviruses are circulating in animals that have not yet infected humans.

Common signs of infection include respiratory symptoms, fever, cough, shortness of breath and breathing difficulties. In more severe cases, infection can cause pneumonia, severe acute respiratory syndrome, kidney failure and even death. 

Standard recommendations to prevent infection spread include regular hand washing, covering mouth and nose when coughing and sneezing, thoroughly cooking meat and eggs. Avoid close contact with anyone showing symptoms of respiratory illness such as coughing and sneezing.”

Reference: https://www.who.int/health-topics/coronavirus

"Researchers first isolated a coronavirus in 1937. They found a coronavirus responsible for an infectious bronchitis virus in birds that had the ability to devastate poultry stocks.

Scientists first found evidence of human coronaviruses (HCoV) in the 1960s in the noses of people with the common cold. Two human coronaviruses are responsible for a large proportion of common colds: OC43 and 229E.

The name “coronavirus” comes from the crown-like projections on their surfaces. “Corona” in Latin means “halo” or “crown.”

Among humans, coronavirus infections most often occur during the winter months and early spring. People regularly become ill with a cold due to a coronavirus and may catch the same one about 4 months later.

This is because coronavirus antibodies do not last for a long time. Also, the antibodies for one strain of coronavirus may be ineffective against another one.

Symptoms

Cold- or flu-like symptoms usually set in from 2–4 days after a coronavirus infection and are typically mild. However, symptoms vary from person-to-person, and some forms of the virus can be fatal.

Symptoms include:

sneezing

runny nose

fatigue

cough

fever in rare cases

sore throat

exacerbated asthma

Scientists cannot easily cultivate human coronaviruses in the laboratory unlike the rhinovirus, which is another cause of the common cold. This makes it difficult to gauge the impact of the coronavirus on national economies and public health.

There is no cure, so treatments include self-care and over-the-counter (OTC) medication. People can take several steps, including:

resting and avoiding overexertion

drinking enough water

avoiding smoking and smoky areas

taking acetaminophen, ibuprofen, or naproxen for pain and fever

using a clean humidifier or cool mist vaporizer

A doctor can diagnose the virus responsible by taking a sample of respiratory fluids, such as mucus from the nose, or blood."

Reference: https://www.medicalnewstoday.com/articles/256521#types

Preventative Measures: 

-Wash your hands frequently 

-Practice Good respiratory hygiene 

-How to deal with stress 

https://www.who.int/emergencies/diseases/novel-coronavirus-2019/advice-for-public

See all article here: 

https://www.who.int/health-topics/coronavirus

https://www.medicalnewstoday.com/articles/256521

https://www.medicalnewstoday.com/articles/256521#types

https://www.who.int/emergencies/diseases/novel-coronavirus-2019

https://www.who.int/health-topics/coronavirus

https://covid19info.live/

In today’s DailyCyber Podcast I discuss separation of duties and why it is so important to have a layered approach in your business. This video is because of Barbara Corcoran lost $400,000 USD from her staff being tricked by an email scam. 
 

See article here: 

   https://www.cnn.com/2020/02/27/business/barbara-corcoran-email-hack-trnd/index.html

-Cloud Security

-2 Factor Authentication “2FA”

-Security Triad - SEIM, NDR, EDR

-Data Security 

-Security Awareness Training  

Scott and I chat about why Cybersecurity is everyones business and things everyone should know to be able to protect themselves.

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

Join me for the ride by subscribing to the channel and don't forget to say hi on my social links below!

► SOCIAL

Website: https://www.DailyCyber.ca

Linkedin:  https://www.linkedin.com/in/brandonkrieger/

Twitter: https://www.Twitter.com/BrandonKrieger

Instagram: https://www.Instagram.com/BrandonKrieger

► GEAR & FAVORITES

Camera 1: https://amzn.to/31qb1yr

Future Camera 2: https://amzn.to/2B8YjJK

Camera Mic: https://amzn.to/2KG2Msq

Podcast Mic: https://amzn.to/2QDlepu
 

Music by from: www.Artlist.io

This video is not sponsored.

All products I purchase myself unless otherwise stated in the video.

This post contains affiliate links at no additional cost to you. They help to keep this channel up and running. I appreciate your support!!

1. CRA/IRS scam 
2. Sick family member away
3. Claim your inheritance of Millions of dollars 

I also discuss about social media and how to protect your mental health. 

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

1. Know yourself 
2. Figure out your path
3. Write out a plan 
4. S.M.A.R.T. goals 
5. Test to measurable results 
6. Be accountable 
7. Understand your finances

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

Hacked Again by Scott N. Schober - https://amzn.to/2YfxtKo

CyberSecurity Is Everybody’s Business by Scott N. Schober https://amzn.to/360H1vw

The Five A’s are:

1. Accountability 
2. Authentication 
3. Authorization 
4. Accounting
5. Assurance

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

Ted Demopouios Bio:

Ted Demopoulos’ professional background includes over 30 years of experience in Information Security and Business, including over 25 years as an independent consultant. Ted helped start a successful information security company, was the CTO at a "textbook failure" of a software startup, and has advised several other startups. He is a frequent speaker at conferences, conventions, and other business events, author of "Infosec Rock Star: How to Accelerate Your Career Because Geek Will Only Get You So Far" and two other books. Ted conducts Leadership and Information Security Bootcamps for The SANS Institute, and is the principal of Demopoulos Associates, a consulting organization specializing in information security.
 

We discuss these top 5 questions about being a Cyber Security Consultant and much more. 

1) Are many people interested in infosec consulting and why?

2) Why you? Why did you get started on this path?

3) What is the most important thing you can tell someone who is considering consuting?

4) What about clients - how do people find them?

5) How does pricing usually work?

To learn more watch the video or listen to the podcast www.DailyCyber.ca and comment below 

To learn more watch the video or listen to the podcast www.DailyCyber.ca and comment below 

Top Cyber Security Solution Providers 

1. Beyond Trust
2. Black Berry - Cylance
3. Carbon Black
4. Check Point 
5. Cisco 
6. Crowdstrike
7. CyberArk 
8. Dark Trace
9. Force Point 
10. Fortinet
11. KnowBe4 
12. IBM
13. Palo Alto
14. ProofPoint 
15. RSA Networks
16. Symantec
17. Splunk 
18. Sophos
19. Transmit Security
20. TrendMicro
21. Vectra 

Top Cyber Security solutions 

Categories: 
Software

Hardware 

Services/Consulting 

Different Solutions: 

-Data Loss Prevention

-Identity and Access Management - IAM

-Priviedge Access Management - PAM

-Risk and compliance management 

-Encryption

-Unified Threat Management (UTM)

-Firewall 

-Antivirus/Antimalware Solutions 

-Intrusion Detection Systems (IDS)

-Intrusion Prevention Systems (IPS)

-Network Detection System (NDS)

-Network Prevention System (NPS)

-Disaster Recover 

-Email Security 

-End Point Security 

-Network Detection Security 

-Security Information and Event Management (SIEM) 

-Advance Threat Protection (ATP)

-Cloud Access Security Broker 

-Secure Web Gateway 

-Internet of Things Security (IoT)

-Network Access Control (NAC) 


 

To learn more watch the video or listen to the podcast www.DailyCyber.ca and comment below 

News: 

Disney Plus Accounts Are Already Being Hacked and Sold online
 

On November 12th, 2019 the day Disney Plus went live user accounts where hacked. 

"Hijacked Disney+ accounts are being sold online just hours after Disney's new streaming service launched, reports have claimed.

Many of these stolen accounts are being offered for free on hacking forums or are available for sale with prices ranging from $3 to $11, despite the fact that a legitimate Disney+ subscription only costs $7."
 

“ Disney+ credentials

The hackers behind these account takeovers were able to mobilize quickly to steal Disney+ account credentials and make them available for sale online. This suggests that they either gained access to these accounts by either using leaked credentials from past data breaches or by using info-stealing malware.

Hacking forums now have thousands of Disney+ accounts available for sale but ZDNet also discovered that some forums were giving away these credentials for free so that the hacker community could use and share them with others.
 

https://www.techradar.com/news/hacked-disney-accounts-are-already-available-for-sale-online

Fundamental Principals of Cyber Security 

1. Personal Security 
2. Risk Management 
3. Business Continuity 
4. Laws, Regulations and Compliance 
5. Investigation and Ethics 

C.I.A - "Confidentiality, Integrity and Availability”
 

Confidentiality - is the concept of the measures used to ensure the protection of the secrecy of data, objects, or resources. The goal of confidentiality protection is to prevent or minimize unauthorized access to people, places or things.

Integrity - is the concept of protecting the reliability and integrity. Integrity protection prevents unauthorized alternation. 

Availability - Which means authorized subjects are granted timely and uninterrupted access. 

To learn more watch the video or listen to the podcast www.DailyCyber.ca and comment below 

To learn more watch the video or listen to the podcast and comment below

50 Cybersecurity Titles That Every Job Seeker Should Know About

From: Cybercrime Magazine

Editor: Steve Morgan

https://cybersecurityventures.com/50-cybersecurity-titles-that-every-job-seeker-should-know-about/

1.  Application Security Administrator – Keep software / apps safe and secure.

2. Artificial Intelligence Security Specialist – Use AI to combat cybercrime

3. Automotive Security Engineer – Protect cars from cyber intrusions.

4. Blockchain Developer / Engineer – Code the future of secure transactions.

5. Blue Team Member – Design defensive measures / harden operating systems.

6. Bug Bounty Hunter – Freelance hackers find defects and exploits in code.

7. Cybersecurity Scrum Master – Watch over and protect all data.

8. Chief Information Security Officer (CISO) – Head honcho of cybersecurity.

9. Chief Security Officer (CSO) – Head up all physical/info/cyber security.

10. Cloud Security Architect – Secure apps and data in the cloud.

SANS

https://www.sans.org/security-trends/2019/08/29/20-coolest-cyber-security-jobs

20 Coolest Cyber Security Jobs:

1.  Application Security Administrator

– Keep software / apps safe and secure.2. Artificial Intelligence Security Specialist – Use AI to combat cybercrime.3. Automotive Security Engineer – Protect cars from cyber intrusions.4. Blockchain Developer / Engineer – Code the future of secure transactions.5. Blue Team Member – Design defensive measures / harden operating systems.6. Bug Bounty Hunter – Freelance hackers find defects and exploits in code.7. Cybersecurity Scrum Master – Watch over and protect all data.8. Chief Information Security Officer (CISO) – Head honcho of cybersecurity.9. Chief Security Officer (CSO) – Head up all physical/info/cyber security.10. Cloud Security Architect – Secure apps and data in the cloud.

2. Threat Hunter

Featured top of the list for good reason, Threat Hunters are one of the most valuable jobs to the IT industry, with skills shown to improve the speed of threat detection and response more than two-fold, in comparison to teams without this dedicated resource. Enjoy job security by offering a 64% improvement in the detection of advanced threats, and a 63% reduction in investigation time according to the 2018 Threat Hunting Report.

Related SANS courses and GIAC Certification: FOR578 (GCTI Certification), FOR572 (GNFA Certification), FOR508 (GCFA Certification), FOR526, FOR610 (GREM Certification) and SEC487

3. Penetration Tester

"Penetration testing is the active circumvention of security features in networks, systems, and applications. This is where the penetration tester emulates threats by attempting to access alternative functionality. A penetration tester will also assess data or functionality in a manner not anticipated by the group designing that system. A good penetration tester will need to be highly technical and will also require a level of skill that enables meaningful communication of risk to management. Pen testing is a critical capability that most organisations will require, and it can also be quite fun, if not sometimes tedious. I love what I do, both as a tester and as an instructor for SANS."

Adrien De Beaupre SANS SEC642 Instructor

Related SANS courses: SEC487, SEC401 (GSEC Certification), SEC560 (GPEN Certification) and SEC660 (GXPN Certification)

4. Forensic Computer Analyst

Analyst findings might be used as evidence in a criminal investigation, to resolve a business or legal dispute, to uncover specific targets or to detect suspicious activity.

Related SANS courses: All FOR classes plus SEC504, (GCIH Certification), SEC401 (GSEC Certification) and SEC487

5. Incident Responder

When you're passionate about fighting cyber-crime, being an incident responder will bring a great deal of job satisfaction. Learn to discover the issue, mitigate the damages and investigate the situation from all angles.

Related SANS courses: All FOR classes plus SEC504 (GCIH Certification), SEC501 (GCED Certification) and SEC487

6. Security Architect

Design, build and supervise the implementation of network and computer security. As a Network Security Architect, you will test for vulnerabilities and install firewalls, along with various security policies and procedures.

Related SANS courses: SEC450, SEC503 (GCIA Certification), SEC511 (GMON Certification), SEC530, (GDSA Certification), FOR572 (GNFA Certification), SEC501 (GCED Certification) and MGT516

7. Malware Analyst

For those that like to fight the breach head on, a Malware Analyst will ensure the fast and effective response and containment to a cyber-attack.

Related SANS courses: FOR610 (GREM Certification)

8. CISO/ISO or Director of Security

As a chief information security officer, you will be the balance between the IT department and the boardroom, with an equal understanding of both business and information security. Together with the ability to influence and negotiate, you will also have a thorough knowledge of global markets, policy, and legislation. With the ability to think creatively, the CISO will be a natural problem solver and will find ways to jump into the mind of a cyber criminal, discovering new threats and their solutions.

Related SANS courses: SEC401 (GSEC Certification), MGT414 (GISP Certification), MGT512 (GSLC Certification), MGT514 (GSTRT Certification) and MGT525 (GCPM Certification)

9. Security Software Developer

As a senior developer, this creative position requires the ability to design secure software using protected programming techniques, that are free from vulnerabilities which could be abused by hackers. You will have the ability to incorporate security analysis, defences and countermeasures in order to ensure strong and reliable software.

Related SANS courses: MGT525 (GCPM Certification), DEV522 (GWEB Certification), DEV541, DEV544, and SEC540 (GIAC Certification coming soon)

10. Media Exploitation Analyst/Law Enforcement Computer Crime Investigator

If investigating computer crime excites you, and you want to make a career of recovering file systems that have been hacked or damaged, then this may be the path for you. In this position, you will assist in the forensic examinations of computers and media from a variety of sources, in view of developing forensically sound evidence.

Related SANS courses: FOR500 (GCFE Certification), FOR585 (GASF Certification), FOR518 and FOR498

11. Software Validation Engineer

As a software validation engineer, you will assess software in order to verify issues and log defects. You will be responsible for developing summary reports for tests performed and will review data with all team members. In summary, to fill this role you will be a qualified engineer responsible for managing, inspecting, testing and modifying the equipment and procedures used to manufacture various products.

Related SANS courses: MGT525 (GCPM Certification) and SEC540 (GIAC Certification coming soon)

12. Security Operations Centre Analyst

SOC Analysts work alongside security engineers and SOC managers, to provide situational awareness through detecting, containing, and resolving IT threats. Working closely with incident response teams, a SOC analyst will address security issues - when detected, quickly and effectively.

Related SANS courses: SEC501 (GCED Certification), SEC540 (GIAC Certification coming soon), SEC450, SEC511 (GMON Certification) and SEC555 (GCDA Certification)

13. Vulnerability Researcher/Exploit Developer

As one of the fastest growing careers in the tech industry, this vital role is responsible for research and analysis of new exploits and will hold experience in penetration testing and writing exploit code.

Related SANS courses: SEC460, SEC401 (GSEC Certification), SEC560 (GPEN Certification) and SEC660 (GXPN Certification)

14. Security Audit and Risk Management Specialist

As the role responsible for identifying and assessing a company's potential risks to safety, reputation and financial prosperity, the security audit and risk management specialist will have strong problem solving and analytical skills together with an ability to negotiate and be diplomatic while working under pressure.

Related SANS courses: SEC401 (GSEC Certification), MGT516, MGT525 (GCPM Certification), DEV522 (GWEB Certification) and SEC540 (GIAC Certification coming soon)

15. Cyber Security Analyst/Engineer

As one of the highest-paid jobs in the field, the skills required to gain footing in this role are advanced. You must be highly competent in threat detection, threat analysis, and protection, broken authentication, cross-site scripting and cross-site request forgery. This is a vital role in preserving the security and integrity of an organisation's data.

Related SANS courses: SEC401 (GSEC Certification), SEC501 (GCED Certification), MGT516, MGT525 (GCPM Certification), SEC540 (GIAC Certification coming soon), SEC450, SEC511 (GMON Certification), SEC503 (GCIA Certification), SEC530 (GDSA Certification) and SEC555 (GCDA Certification)

16. Mobile Security Manager

Taking care of an organisation's mobile device safety, as a Mobile Security Manager you are responsible for monitoring and securing all of a companies' Smartphones, laptops, smartwatches, and other connected devices. Managing the collective tools, technologies, and processes that enable the securing of a mobile device or mobile computing environment, you will be part of a broader information security management policy that focusses mainly on mobile IT assets.

Related SANS courses: FOR585 (GASF Certification), plus SEC575 (GMOB Certification) and MGT514 (GSTRT Certification)

17. Application Penetration Tester

One of the most exciting roles within the cyber security industry, you will be responsible for the penetration testing (or ethical hacking), of applications; a significantly vulnerable point. The objective is to find security weaknesses before a cyber criminal does.

Related SANS courses: DEV522 (GWEB Certification)

18. Disaster Recovery/Business Continuity Analyst/Manager

Level up your skills and earn your place as a disaster recovery manager, where you will be responsible for managing the design, implementation, and communication of organisations continuance and disaster recovery plans. Your processes will ensure the safeguarding of business data, technology, information systems, and databases.

Related SANS courses: SEC501 (GCED Certification), MGT414 (GISP Certification), MGT514 (GSTRT Certification) and MGT516

19: Technical Director and Deputy CISO

Would you like to train and develop future leaders in the cyber security department? You will be responsible for deciding on the costs needed to develop senior roles, on executing the security strategy consistently throughout the department and identifying and managing the skills and weaknesses of associates.

Related SANS courses: SEC501 (GCED Certification), MGT414 (GISP Certification), MGT512 (GSLC Certification), MGT514 (GSTRT Certification) and MGT525 (GCPM Certification)

20: Intrusion Analyst

"I've come to realise that network monitoring, intrusion detection, and packet analysis represent some of the very best data sources within our enterprise. These can be used to very rapidly confirm whether or not an incident has occurred, and allow an experienced analyst to determine, often in seconds or minutes, what the extent of a compromise might be. In a very real sense, I have found this to be the most important course that SANS has to offer. Not only will it cause you to think about your network in a very different way as a defender, but it is incredibly relevant for penetration testers who are looking to "fly under the radar." The concepts that you will learn in this course apply to every single role in an information security organisation!"

David Hoelzer — SANS SEC503 Instructor

Related SANS courses: SEC503 (GCIA Certification) and SEC401 (GSEC Certification)

21: IoT/Critical Infrastructure Security Director

A crucial role within today's world where cyber attacks to our critical infrastructure are increasing in risk. In an age where almost every devise or piece of machinery can be connected to the internet, they too are at risk of being hacked. The Internet of Things (IoT) has evolved so quickly that managing its security has become a minefield. When we look broadly into the matter, Critical Infrastructure is at risk to foul play. Power grids, chemical plants, and transportation systems are being attacked by hackers. In a report by Business Insider, ?A new front in cybersecurity', investigations found that companies operating critical infrastructure reported 295 cyber attacks in 2015. While technology is consistently evolving, so too will attacks to this industry.

The role of security director to IoT and Critical Infrastructure is invaluable - some might say indispensable.

Related SANS courses: All SANS ICS Courses and Certifications, plus MGT512 (GSLC Certification), MGT514 (GSTRT Certification) and MGT525 (GCPM Certification)

https://www.sans.org/security-trends/2019/08/29/20-coolest-cyber-security-jobs