Cover image of SECTION 9 Cyber Security
(14)
Education
Technology
How To

SECTION 9 Cyber Security

Updated 5 days ago

Education
Technology
How To
Read more

Information Security is the name of the game. Don't let the hackers win!

Read more

Information Security is the name of the game. Don't let the hackers win!

iTunes Ratings

14 Ratings
Average Ratings
7
5
1
0
1

Cyber Security?

By Eyomudda - Aug 15 2018
Read more
I’ve listened to the last 3 episodes, fairly basic IT Podcast, didn’t make a connection with cyber security though. May be misnamed.

Perfect

By bsubronco - Sep 01 2017
Read more
Exactly what I've been looking for in a IT podcast. Something informative without the overarching condescension of most IT podcasts. Great at presenting valuable information from a beginners and experts perspective.

iTunes Ratings

14 Ratings
Average Ratings
7
5
1
0
1

Cyber Security?

By Eyomudda - Aug 15 2018
Read more
I’ve listened to the last 3 episodes, fairly basic IT Podcast, didn’t make a connection with cyber security though. May be misnamed.

Perfect

By bsubronco - Sep 01 2017
Read more
Exactly what I've been looking for in a IT podcast. Something informative without the overarching condescension of most IT podcasts. Great at presenting valuable information from a beginners and experts perspective.
Cover image of SECTION 9 Cyber Security

SECTION 9 Cyber Security

Latest release on Feb 24, 2020

The Best Episodes Ranked Using User Listens

Updated by OwlTail 5 days ago

Rank #1: #74 Synology, Palo Alto, Yubikey, & Network Design

Podcast cover
Read more

We're getting ready to move our network to Dorothy's new computer room. This will be a lot of work. We talk about the equipment, some planning and things we need to work on.

LIST OF EQUIPMENT

1. Palo Alto PA-220 Firewall

2. 3 Cisco 8 port 3560 switch's 

3. Synology Disk Station - DS218+

4. Raspberry Pi Stack

5. Gigabyte server - Gigabyte Mini Intel Core i7-3537U 2GHz Compact PC Barebone (GB-XM1-3537)

Aug 06 2018

Play

Rank #2: Security Audits Require Good Company Culture - 140

Podcast cover
Read more

This episode is about PlexTrac, security audits and company culture. We had planned to do security audits for others as part of our business. How can we do a security audit if we can’t even produce a podcast properly? Some of our show’s have been published with the wrong information. Not a big deal, but it is a sign that we’re doing things wrong.

We need a company culture that includes things like procedures. A company culture that promotes best practice. We’re working on it.

LINKS

1. PlexTrac

FIND US ON

1. Facebook

2. Twitter - DamienHull

Dec 23 2019

22mins

Play

Rank #3: Security Solutions & Process - 131

Podcast cover
Read more

Are fancy security solutions like Palo Alto firewalls, ExtraHop or LogRhythm going to keep you secure? By them selves, no. It doesn’t matter what the vendor says. There’s no such thing as a security solution that magically saves the day. A good solid security process and best practice is the key to any security program.

FIND US ON

1. Facebook

2. Twitter - DamienHull

Oct 07 2019

15mins

Play

Rank #4: What do you do when you find a vulnerability? - 126

Podcast cover
Read more

We found a couple of vulnerabilities during our weekly patch review. According to Automox, we needed to update Google Chrome and Microsoft’s .NET framework. This lead to a discussion about patching early. Don’t panic. Make a plan before you do anything. Patching early could break something.

CORRECTION

1. Google Chrome versions prior to 76.0.3809.132 are vulnerable

LINKS

1. Chrome Vulnerability

FIND US ON

1. Facebook

2. Twitter - DamienHull

Sep 02 2019

27mins

Play

Rank #5: 97 - Testing PlexTrac & Nessus Pro

Podcast cover
Read more

Dorothy and I had to get some last minute projects done. We had to finish testing PlexTrac, management software for security assessments. This testing required us to install and test Nessus Pro. Not only did we get these projects done, but Dorothy was able to do some work on my new workstation.

Links

1. PlexTrac - Security assessment tool

2. Nessus Pro - Vulnerability Scanner

Feb 11 2019

21mins

Play

Rank #6: 109 - The First 3 Critical Security Controls Are Tough To Implement

Podcast cover
Read more

The first three critical security controls might seem simple, but they’re not. For those that have a hand full of devices, they can be simple. For those that have more than a hand full, they can be difficult to implement.

LINKS

1. CIS Introduces V7.1 of CIS Controls Featuring New Implementation Groups

May 06 2019

25mins

Play

Rank #7: 101 - The Risk Assessment Process

Podcast cover
Read more

We take a look at the risk assessment process. What is a risk assessment? How Does it reduce risk? We’re using a NIST risk assessment process. It can be long and complicated. We also do a quick risk assessment on two factor authentication. Once you understand risk assessments, they don’t have to be long and complicated.

Now that we know what some of our risks are, we can begin plugging the holes.

LINKS

1. NIST Small Business Information Security: The Fundamentals - This is the risk assessment process we’re using.

Mar 11 2019

29mins

Play

Rank #8: 112 - The Verizon Data Breach Report

Podcast cover
Read more

I finally took a look at the Verizon Data Breach Report. If you haven’t read it, do it now. This report helps you understand how the hackers are getting in. You need to know how they get in if you want to plan for prevention and detection.

LINKS

1. The Verizon Data Breach Report

2. The Summary - The important parts of the Verizon Data Breach Report

May 27 2019

22mins

Play

Rank #9: Secure Configurations With CIS Benchmarks - 128

Podcast cover
Read more

Time to start securing systems and software. To do that, we’re using the CIS benchmarks. These are configuration guides for things like Windows 10 and BIND 9. The two things we’re focusing on. We have to start somewhere.

LINKS

1. What are CIS Benchmarks?

2. CIS Benchmarks - All of them

FIND US ON

1. Facebook

2. Twitter - DamienHull

Sep 16 2019

26mins

Play

Rank #10: Azure Active Directory Domain Services- 133

Podcast cover
Read more

Time to learn about Azure. Last episode we talked about Azure Active Directory Federated Services. What we really want is Azure AD DS.

LINKS

1. What is Azure Active Directory Domain Services?

2. Tutorial: Create and configure an Azure Active Directory Domain Services instance - This is the tutorial we’re using

FIND US ON

1. Facebook

2. Twitter - DamienHull

Oct 28 2019

19mins

Play

Rank #11: 119 - Our Patch Management Process

Podcast cover
Read more

We’ve got a patch management process. It isn’t perfect, but It’s a start. That’s way better than some organizations. What’s next? Testing it on Patch Tuesday.

FIND US ON

1. Facebook

2. Twitter - DamienHull

Jul 15 2019

20mins

Play

Rank #12: Azure AD FS and Operational Issues - 132

Podcast cover
Read more

We’re looking into new technology like Azure AD FS. Before we can start new projects, we need to get the operational side of things in order. We’ve done a good job of clearly defining a patch management process. It’s time to work on change, incident and project management.

LINKS

1. Deploying AD FS

2. Azure AD Connect

3. What is ITIL Incident Management?

4. Change Management

FIND US ON

1. Facebook

2. Twitter - DamienHull

Oct 21 2019

30mins

Play

Rank #13: 123 - Using Our Simple Patch Management Process

Podcast cover
Read more

It’s official! We can say we’ve double checked our patch process. It’s quick and easy. We still have to double check our 3rd party apps. We’re hoping to start that process before the end of the month.

Remember, patching is one of the most important things you can do for your overall security. When wast the last time you double checked your patch process?

FIND US ON

1. Facebook

2. Twitter - DamienHull

Aug 12 2019

16mins

Play

Rank #14: 100 - What is Cyber Security?

Podcast cover
Read more

This is our 100th episode. Hard to believe we’ve made it this far. For this episode Dorothy and I want to answer what might seam to be a simple question. It isn’t. We also talk about the things we want to learn, future plans and how they relate to cyber security.

Mar 04 2019

33mins

Play

Rank #15: Our Windows 10 Baseline

Podcast cover
Read more

We have a baseline for our Windows 10 systems. One that maps to the first 4 critical security controls. This is a big step in the right direction.

LINKS

1. us-cert.gov

2. Bulletins - Weekly list of vulnerabilities on us-cert.gov

Jan 28 2019

21mins

Play

Rank #16: #76 Basic Linux Server Administration

Podcast cover
Read more

iTunes | Google | Stitcher | Spotify

Once Dorothy's network is up and running, she will have to take on the role of Linux administrator. We talk about basic Linux server administration. This includes basic commands and baselines for services and log files. This is a big step for Dorothy. A little planning will make the job a lot easier. 

Aug 20 2018

Play

Rank #17: #91 2FA With Duo Security & LastPass

Podcast cover
Read more

In this episode we take a look at two factor authentication with Duo Security and LastPass. We tried to use the Yubikey for 2FA, but that didn’t work out for us. In our case, Duo security might be a better option. Now that we have a good 2FA solution, we can focus on a better password management process.

LINKS

1. Duo Security

2. LastPass

Dec 17 2018

13mins

Play

Rank #18: 96 - Planning For a New Workstation & Switch

Podcast cover
Read more

Time to go back to some unfinished projects. Dorothy is working on my new workstation. Something she bought for me a while ago. I’m in the process of finding a new switch for our network. Something I should have done a long time ago.

We’re using the Cisco network lifecycle for this process. We’re also using Monday.com and a few other solutions to help manage our projects. This seems to be working for us.

LINKS

1. 24 port Ubiquiti UniFi Switch - This is L2 only. We need an L3 switch.

2. Cisco WS-C3560CX-12PC-S - This is the switch we would like to get. Used its about $2,000 for 2 plus Cisco SmartNet support.

3. Cisco WS-C3560CX-12PC-S - New on cdw.com its almost $1,300.

Feb 04 2019

21mins

Play

Rank #19: #92 8 Strategies to Mitigate Cyber Security Incidents

Podcast cover
Read more

Instead of 20 Critical Security Controls, we’re going to talk about the Essential 8. These are 8 things you can do to keep your organization secure. This list comes from the Australian Cyber Security Center.

LINKS

1. Essential Eight Explained

Dec 24 2018

20mins

Play

Rank #20: 108 - A Security Program For Everyone

Podcast cover
Read more

As the title says, we’ve come up with a security program that works for everyone. For some, this is it. For others, this is a place to start.

We’re basing this on the first three CIS controls. We’re also using the new implementation groups in version 7.1. These implementation groups are awesome. Total game changer.

LINKS

1. CIS Introduces V7.1 of CIS Controls Featuring New Implementation Groups

Apr 29 2019

20mins

Play