Vancord CyberSound
CyberSound is a podcast built by and for business owners and professionals. Tune in as our cybersecurity experts cover the latest news regarding IT security, the most recent and relevant threats organizations are facing today, and provide tips to keep your business safe.
Vancord CyberSound
100 - Securing a Century: Reflecting on 100 Episodes of CyberSound
In the landmark 100th episode of CyberSound, Jason, Steve, and Michael reflect on the podcast's growth and evolution over two years. The team celebrates the journey by reflecting on notable episodes, highlighting honorary guests, and discussing recent expansion into video and broader topics beyond cybersecurity. With humor and enthusiasm, the team underscores CyberSound's mission: to inform, educate, and engage with integrity while helping listeners navigate the ever-evolving landscapes of business and cybersecurity.
______________
Stay up to date on the latest cybersecurity news and industry insights by
subscribing to our channel and visiting our blog at https://www.vancord.com/💻.
Stay Connected with us 🤳
LinkedIn: https://www.linkedin.com/company/vancord
Facebook: https://www.facebook.com/VancordCS
Instagram: https://www.instagram.com/vancordsecurity/
Twitter: https://twitter.com/VancordSecurity
Steven Maresca 00:02
This is CyberSound, your simplified and fundamentals-focused source for all things cybersecurity.
Jason Pufahl 00:10
Welcome to CyberSound. I'm your host, Jason Pufahl, with mainstays, Steve Maresca and Michael Grande. So, exciting episode for us. 100 episodes. This is the 100th episode.
Steven Maresca 00:23
Does not seem impossible.
Jason Pufahl 00:24
Yeah. Two years, we've been working on this, on this project. That's squarely what it feels like. You know, we've grown top 5% podcasts globally, which is, which is a big deal. I know, you're smirking, because, you know, what do those numbers really mean? But you know, it means people are listening, ultimately.
Michael Grande 00:46
And 2 years ago, we were in the 0%. We went from 95% progression.
Steven Maresca 00:53
Well, you know, parents and siblings are fantastic listeners.
Jason Pufahl 00:57
Well, since we added Michael too, right, he's got a robust following, so we definitely get some some feedback there. So we have grown a lot, though. But the first podcast that we ever did was two or three USB mics, attached to a PC with Audacity. I think and I think we pretty much realized after one recording session that that wasn't going to work really well. We've had Eric who nobody can see on camera, right. But Eric has helped produce two years worth of podcasts. We're going to include a picture of the pod, of the room, of our recording studio. Maybe this is a good time to do that when we're editing it to throw that in there. But, it's really grown. You know, we're at a point now where we've got equipment over there. I'm not even sure what it does, mixers, for sure. I think video inputs, we've got three cameras, we've got a giant giant, we've got lights everywhere, everywhere, right, it's 140 degrees in here.
Michael Grande 00:57
They are. Soundproofing, sound boards, you name it.
Jason Pufahl 01:57
Yeah, I mean, it feels real. The sound is great. We've incorporated video. One of the, you know, we're talking about some of the historic podcasts, podcast that we liked. The Fraud in Higher Education one, that's Episode 83. That included Maurice Simpkins, and he talked about the essentially fraudulent applications in higher ed, right, it's a great episode.
Maurice Simpkins 02:20
Higher education, in recent times has become pretty much the number one target for fraud and for scamming activity. And so as we've seen this uptick in this major swing across the nation, not just in community colleges, or in large institutions, you have Ivy League schools, you have some of the more prestigious schools that are still having these issues, you know, various face. And so when we knew that it was a identifiable problem, ourself, and our team went to work and the Safe platform is what we brought to market and we're having great success with it thus far.
Jason Pufahl 02:56
The reason I chose that as one of the ones for me to, to sort of focus on was, that was our transition to into video, it was the first one we had published, purely zoom, we actually had a little a little webcam, we're simply in there as part of the Zoom video. But it was our first attempt at saying, well, do we want to do this? And do we want to make investments? And and we ultimately obviously have, so
Steven Maresca 03:17
Visual makes everything easier. Yeah, whether you're listening or participating in conversation at the end of the day.
Michael Grande 03:23
And it's, I've noticed the positive trend, with the YouTube videos being posted now and being able to jump to different sections, people pointed out, hey, this, you know, this part of the video, I really enjoyed it, whereas before, it's really just sort of the cadence of the, of the, of the discussion. So there's, it's a lot more in depth for the, for the audience.
Jason Pufahl 03:47
And you know, we, I guess maybe a plug for YouTube to some degree as well, that our data is better. So it is easier to understand, you know, how, how much are people listening? You know, is there a spot where people are dropping off? And can we address that, like, it actually gives us now, the ability to tailor these to more what people want, which I think is a big deal, but that'll get us to the top 4% or 3%? Right? This is the goal. Right? So, so that was my first episode. I'm not sure. What do you guys want to show?
Steven Maresca 04:13
I don't know, just speaking generally. This podcast is our way of expressing our philosophy for engaging with the world, our customers, security as a discipline. And I think it does come through, it matters a lot. Yeah, there's a lot of, you know, selling a fear out there. We try not to do that. And I do hear positive feedback from a lot of customers from a lot of other people that you know, it's appreciated. So I think it's working.
Michael Grande 04:41
There's a sort of there was a there's a, there's a term in banking, that that went around, and it's still applicable very much today, but I think it sort of works and you know, know your customer, right? If you're familiar with your customer and what's happening, you know, the trends and you know, sort of what to expect. This is a little bit of a flip on that right? It's a little bit about, you know, know who your service provider is, and get to know a little bit more about them and have a great history of understanding both their relationships that we have with a lot of different people and our perspectives. And I think to your point, right, well, how do we approach things? What are our core values? And, you know, what do we stick to? And what do we try to deliver it for every engagement and beyond that, right, because we bring in a lot of folks who maybe are in the competitive space, we're open to those things in partnerships. So it's been great.
Jason Pufahl 05:27
But so and we just had that two day planning session that we worked on. And one of the words that came out during that was everybody, we feel like everybody has a lot of virtue, right? Virtuous company, we care a lot about the way we engage with clients. It's interesting, as I have some, frankly, sales discussions with people now when we talk about our desire to be impactful to educate, etcetera, you can refer to something like this, right? And it just drives home, that idea of being virtuous, like, not only are we saying, hey, if we have a conversation it's going to be informative, it's going to be educative. And we're not necessarily pushing hard on the sales side. And by the way, here's things that we do that demonstrate our commitment to the education process, which is important to me.
Steven Maresca 06:08
I feel being able to refer to this, you know, even a year and a half ago has enabled us to engage with people that might have, you know, had questions. You know, it's a way to sort of see what you're getting.
Jason Pufahl 06:22
So I know, I know that what Steve's favorite, favorite themes without a doubt, are the holiday the holiday themes. Oh, without a doubt, what do you call them?
Steven Maresca 06:33
I call them the goofball, groan-worthy, I don't know,
Jason Pufahl 06:37
I saw I loved the I put Tech in a Top Hat as one of the things I think that that sort of recent one around AI, I just got a kick out of personally,
Steven Maresca 06:47
You know, Frosty first came around maybe in the 1950s. And you have to remember, the military industrial complex after World War Two was idle, it needed a lot of support. They had to transition somehow. This was a skunkworks project. And if you don't know about a skunkworks project, it's really, you know, kind of a dark research opportunity. It's where your YouTube planes were developed. Frosty is one of them. He's a weapon. Yeah, absolutely. Well, it depends how you look at it. Right? You know, the public record, may present one visible, he seems like a good natured, right. He's bringing joy, hey, propaganda is a really strong thing. You have to present an outward positive image.
Jason Pufahl 07:35
But you know, going back even further, we had the, the Santa Claus is Coming to Town. And that was the first attempt at saying, hey, let's do something fun for Christmas. I think we've done a couple of Christmas episodes, Valentine's Day, Independence Day, right? Those are fun. Honestly, I think they're just fun.
Steven Maresca 07:52
I really enjoyed the, How Does Santa REALLY Know What to Bring You? That was, could have gone off the rails, but it was OK.
Jason Pufahl 08:01
I mean, and I think, you know, I'll say maybe you weren't so enthusiastic with the Santa episode way back when, but you brought your A game for Tech in a Top Hat, right and your thinking around, and we'll probably play a snippet of the thinking around Frosty as part of like a government conspiracy.
Michael Grande 08:01
And I think I took a lot of guidance. I would say from that episode, in our most one of our very recent Valentine's Day episodes, where, you know, when you really start to apply some thought to when you want to know a lot about your significant other? Well, there's a lot of ways to do that. So I felt a little sinister after, I was great. Love weapon from a military industrial complex.
Jason Pufahl 08:47
We're a serious business.
Michael Grande 08:49
And we've had some really great guests also, especially, you know, over the last, really guests throughout, but we've learned so much from them and some of the services they offer, you know, from, you know, the state senators talking about AI and legislation to, you know, open banking with a company as large as MasterCard, all the way to more local considerations with CBIA and Christi Vatima joining us, it's just been, you know, it's been great to have some flavor and some, you know, additional light outside of just paid strictly cybersecurity issues, right. How are things affecting different lines of business?
Steven Maresca 09:33
And we're not the experts in everything. We want to actually engage with the people who are and have them heard.
Jason Pufahl 09:38
Yeah, yeah. You know, one of my one of my takeaways because we have, you know, Bill Roberts that we talked about, right, sort of that legal side, ManufactureCT will be coming up. From a format standpoint, we expect to do more guest speaking. I think what I didn't expect when we started this was how everybody kind of wants to participate in a podcast. I think generally, when we ask people the response is, hey, that sounds, that sounds neat. I'd like to join. And I think that's a fun aspect of this, getting to meet people that you otherwise might not have sort of some of these conversations.
Michael Grande 10:12
Having some conversations that, you know, are probably, as you just said, sort of outside of our normal comfort zone, learning, and bringing that to our audience.
Steven Maresca 10:20
I think it's also enjoyable to share stories in an expertise with people who understand that we are curious, yes. And recognize that they are experts in the field, because they just want to share with others and guide and do exactly what we're trying to do too, it kind of resonates mutually.
Jason Pufahl 10:40
Yeah, but it's a complex space. So, anything we can do to help, right. The maybe another one that I wanted to call out, here honestly might not be the most exciting episode we ever did. But we did it twice, which was the security fundamentals. And, you know, we certainly talked about patching and vulnerability management. Basically, totally free, a lot of this stuff is actually built right into your, your operating system. So the systems you run, discuss, have conversations around security threats, right security awareness training internally, it can be made complicated, it can be really easy. If you just have some basic conversations, focus a little bit on phishing, make sure folks understand data privacy requirements for sure. Talk about credential management, password management, look at multi factor two factor, right, there's a variety of ways to describe that. Really, I think two factors become such a standard now that we want people to utilize that. Obviously, backup your data, I think the idea of having a business impact analysis, even if it's a discussion around the conference room table with the people who know something about the business, do that and take steps accordingly. And then look at your AV or or EDR. Right. EDR being the gold standard, if you can potentially afford it. The reason I thought that that was kind of an important one to speak to was it's just so relevant still, I listened to it. And in preparation for this and everything we talked about two years ago, and then basically one year ago, for many businesses still applies today. And it's just, it's got takeaways, right I really like,
Steven Maresca 12:16
I mean, security fundamentals, or even well expressed in a mature organization, things that need nurturing, they compensate, erode, you know, people change, staff rotates, technology shift, it never really ends. I think we'll revisit it again, candidly.
Jason Pufahl 12:34
Yeah. Yeah. Probably. And maybe they'll maybe we'll add one to that.
Steven Maresca 12:37
Sure, I really enjoyed talking about finding privacy in public data.
Jason Pufahl 12:44
Be informed, understand. In this case, right, we're not talking about private sites, right, understand how data in the public domain is created and stored and what you might be, what might be out there about you, and, and kind of, you'll find your comfort level, because I think you do have some recourse if you do want to get if you do want to ask for some of it to be expanded, perhaps, but determine what your comfort level is, and make some decisions around the data that you have out there.
Steven Maresca 13:10
There's, there's something enjoyable about trying to translate things that are just out of reach for the average person. You know, everyone that, you know, in your social sphere probably has made a comment like, hey, you know, I got an advertisement on my phone. I was talking about it just before that, but, but how does that happen? You know, talking about some of that, and revealing whether that's a true, a true thing, or if it's more of a serendipitous alignment of data, I don't know. But that was a good episode, because we gave some pointers about how to regain control over your personal data, how to clamp down on, you know, some of the stuff that people don't know about unless they're guided to it. Right.
Michael Grande 13:54
And just the recently, the 23andMe episode regarding Privacy and Disclosure and sort of where the position a large company may take that may be divergent from what you'd expect, in some cases. You know, that was, was enlightening for me participating in that, you know, one of the other areas, and I think it's just been trending, obviously, everywhere, right? Is is AI, and I don't know the number. It's gotta be three, four or five episodes that we've done?
Jason Pufahl 14:22
We're gonna record another one on AI Privacy soon.
Steven Maresca 14:25
Even some prior to that, that we didn't call AI but were more machine learning.
Michael Grande 14:29
Right. Yeah, it's just it's it's, it's expanded. It's in the public purview. And it's amazing to think that in November of 2023, maybe October, I don't know that it was as commonly discussed in general circles. And then, you know, that release comes out of ChatGPT. And what's happening, and then it's just been an onslaught since then.
Steven Maresca 14:51
It's true. Yeah.
Jason Pufahl 14:52
Yeah. And that actually, that's one of the hard things about this podcast, because if we really go back, you mentioned machine learning. We did have a podcast where we do you, me and Matt really sort of said, AI? You know, it's kind of just machine learning. We weren't quite as bullish, as I'd say two years later.
Steven Maresca 15:09
All the same, I don't feel that the statements made them.
Jason Pufahl 15:13
Totally appropriate.
Steven Maresca 15:14
I think they're still accurate today. It's a matter of understanding the technology and whether it's applicable or useful, and trying to interpret reality from marketing.
Jason Pufahl 15:26
In this, in this kind of format, like what you say, you know, it stays there for two years. And people can say, well, it's true. Two years ago, they said this, and now they're saying this,
Steven Maresca 15:33
But looking back, I don't feel that we missed the mark, even even if we shifted the terminology to what, you know, became a common subject of generative AI.
Jason Pufahl 15:43
With maybe a little more enthusiasm, at least on my part, I'll say that, yeah.
Steven Maresca 15:46
At the time, in the market, things were a little more immature. Yeah, sure. Things changed.
Michael Grande 15:51
Now, one of the key aspects of our business, one of our capabilities, and I think something that was brought in was, you know, experiencing a breach or an attack. And I think we had an episode. You know, what, you know, what the first 48 hours was like?
Jason Pufahl 16:07
Yeah. I think that one of the things that we've see so often is when incidences begin, nobody's really sure what the what the correct next steps always are, right. And in my opinion, often tend to wait a little too long, kind of hoping things might resolve themselves, or maybe they can deal with them on that case by case basis. You know, a lot of times we see them just sort of grow in complexity and ultimately turn to that bigger event.
Matt Fusaro 16:32
Or it's the knee jerk reaction on everything had shut off. Right. Yeah. Which is, I mean, it's worth noting, it's tried to avoid that if you if you are feeling very nervous about something that's happened. Unplugging network cables, that's probably okay. We like to keep machines on if you don't turn it off, so that when you do have someone come in, we there's something for us to look at.
Steven Maresca 16:54
And I enjoyed that episode quite a bit. We've done a lot of incident response, people in that moment, panic, and there's real urgency in trying to regain calm and control and be collected and make decisions in a clean, informed way. That episode, I think, did a really decent job about outlining the steps that our organization should take to produce a good outcome, in what what could be an otherwise unpleasant event really,
Michael Grande 17:23
It really outlined are what you refer to it like our core philosophy.
Steven Maresca 17:26
Yeah, in that episode, you know, just to restate it here, if others haven't heard it comes from us performing incident response many, many, many, many, many times.
Jason Pufahl 17:38
Yeah, but I think so we're, we're avoiding those episodes, you don't really like a few of them. But I actually think we have fewer of them now. I feel like if I were to look back, there were definitely a handful, for sure you and I walked out saying hopefully that one resonates, we're not sure. And I think we've got better now at understanding who's reasonable guests to bring on, what reasonable topics are, probably broadened things a little bit. We had the episode, I forget what we call it about with Darren that was kind of more of like business and financial protection, licensed insurance. Yeah, we've gotten further afield from pure security to more risk management stuff, which, which I also think is really good. Yeah.
Michael Grande 18:13
And it was sort of expanding our scope. And again, bringing different layers of what could be complex subject matters to art to the audience. You know, I think that might be a good segue, just to think about, you talked about the evolution of the show, certainly, technically, we've done a lot. But the people, I mean, there's a lot of people participating in this process outside of us. And shout out to Matt Fusaro, who isn't available for our episode today. Yeah, it was too bad. But certainly a core a core member of what we've been able to do with CyberSound. But you know, it's been, it's expanded, you know, sort of like a little bit of a production. We've got our own production.
Steven Maresca 18:54
I think there's somewhere in the neighborhood of 12 people who are involved in some capacity on a regular basis.
Jason Pufahl 19:01
Finding topics, producing. We've got internal support with Olivier now doing some recording. I mean, we're adding we're adding people internally now to help, it's a labor of love. Ultimately, I think we've talked a couple of times around you, it's fair amount of effort. And every time we roll in, it's alright, we've got we've got work to do. Yeah, we're here because we like doing it. And I and, you know, I think one of the things that if I were gonna say, maybe more in closing, we really do care to make this a useful podcast for people, right. And we want people to get the value out of it. They're putting 15, 20, 25 minutes into it. We want them to get value out of it. So topic ideas, we're wide open. Yeah. You know, if you think you want to join, let us know. We're happy to chat with you on that. But our goal is to make this valuable, continue making it valuable continuing to improve it. I think we've we've done a lot to mature it. Maybe from production, the only thing I would say is maybe a bigger room by people. So we didn't know I'd have to say, right. But otherwise, we've come a long way.
Michael Grande 20:04
Yeah. Well, I'll extend some thanks to both of you, Jason for for I think, coming up, the idea came out somewhere.
Steven Maresca 20:13
We talked about it for a good 10 years.
Jason Pufahl 20:15
I mean, this was a, this was a New Park, our marketing company that we work with suggested doing it. And I said, oh, that sounds great. And I don't know if I knew what I was getting into.
Michael Grande 20:24
A trial balloon. Yeah. No, but both of you. And of course, Matt, sort of building the setting the building blocks of what we have now and are really fantastic guests that we've been able to bring in. And we have a lot more coming, which is really exciting. A lot of cool topics on the agenda. So it'll be really exciting. Another 2024, 2025 and on. Yeah, 100 episodes, we're gonna look back on that.
Jason Pufahl 20:50
Top 2% of 200 episodes. So that means you gotta have goals. So well, I want to thank both of you for participating. Because it is work for sure. Yeah. But I think it's good work. And, you know, we're getting enough people now to watch it that I think we're I'm feeling some amount of like recognition, frankly.
Steven Maresca 21:07
And thanks also to anyone who has provided feedback. I mean, most importantly, I've received it from many. I appreciate that.
Michael Grande 21:14
Thanks to the audience. And always we were supposed to say like, hit the like button.
Jason Pufahl 21:20
That was what Brian said. Smash that like button!
Michael Grande 21:23
Although we're not surprised, maybe we're not supposed to.
Jason Pufahl 21:25
I don't know. I got I got a lot of play internally. That's exactly, yeah. Yeah, of course. Thanks, everybody, for listening. We appreciate it. We're all ears for topics, feedback, good and bad. Anything we can do to improve. Alright, thanks, guys.
21:41
We'd love to hear your feedback. Feel free to get in touch at Vancord on LinkedIn. And remember, stay vigilant, stay resilient. This has been CyberSound.