Podcast
Socializing Security
Hosted by Socializing Security · EN
A podcast that socializes security, compliance, and related topics to make them more approachable and understandable. Each week we’ll discuss a topic, usually with an expert in the area, with the goal of learning along with you. We’re here to socialize security!
24episodes
Episodes
Newest firstAll episodes
E099 - Security Foundations - Logging and Monitoring
2w ago00:39:08Tap to summarizeIn this next episode in our occasional Security Foundations series, fractional CISO Steve Sims returns to discuss the importance of logging, monitoring, and effective detection strategies to enhance security posture and compliance. Learn how to tune logs, leverage AI, and build a mature security program. Previous Security Foundations series episodes: - Asset Management: 📹https://youtu.be/GdiVzP2mby0 🎧https://www.socializingsecurity.com/e/e012-security-foundations-champions-of-asset-management/ - Vulnerability Management: 📹https://youtu.be/n0KVn89FUn0 🎧https://www.socializingsecurity.com/e/e063-security-foundations-plugging-holes-with-asset-management Steve Sims on LinkedIn: https://www.linkedin.com/in/steve-sims-cissp/ Chapters 00:00 Introduction to Security Basics 02:45 Understanding Logging and Its Importance 05:30 Tuning Logs for Effective Monitoring 12:33 Compliance and Logging: A Critical Connection 14:34 Metrics for Success in Logging and Monitoring 18:24 The Tools of the Log Digestion Trade 24:21 The Role of Compliance With Logging and Security 28:33 The Markers of Logging and Monitoring Success 32:32 The Role of AI in Log Analysis 35:24 Setting Up a Security Program 37:17 Conclusion 38:36 Outro
Transcribe →E098 - Brian Rants: Cybersecurity and Submarines
3w ago00:33:03Tap to summarizeThis week, Brian explores cybersecurity through the analogy of a submarine, highlighting parallels in defense, compartmentalization, threat detection, and team coordination. This episode offers a unique perspective on cybersecurity strategies and the importance of teamwork and adaptability that most people should be able to understand. Chapters 00:00 Introduction to Cybersecurity and Submarines 04:29 The Importance of a Strong Exterior 07:49 Zero Trust and Compartmentalization 12:58 Stealth and Threat Detection 19:15 Teamwork and Adaptability in Cybersecurity 28:47 Conclusion and Feedback Request
Transcribe →E097 - The Art of Tabletop Exercises
4w ago00:29:21Tap to summarizeRecorded live at RSAC 2026, this episode explores the importance of risk management, tabletop exercises, and incident response planning. Learn how to prepare your team for real-world scenarios and improve your organization's resilience through structured communication events. Project Zero Trust: https://www.amazon.com/Project-Zero-Trust-Strategy-Aligning/dp/1119884845/ref=asc_df_1119884845 Chapters 00:00 Looking Ahead: Insights from RSA Conference 00:37 Understanding Risk Management 02:54 Scenario-based Planning 05:21 The Frequency and Variability of Tabletop Exercises 06:46 Planning for Cyber Attacks 11:13 Team Communication Exercises 16:55 Annual Exercises 17:35 The Role of Non-Technical Teams in Incidents 19:09 Creating Actionable Improvement Plans 20:21 The Importance of In-person Table Top Exercises 22:42 Personal Experiences with Tabletop Exercises 24:28 Tabletop Exercises as Training 26:36 Learnings From Project Zero Trust 27:47 Planning for Future Security Tests 28:50 Outro
Transcribe →E096 - HERS Conference: Fireside Chat with Start-up Founders
May 1901:00:23Tap to summarizeRecorded live at the HERS Conference comes a panel discussion about Humans in Security. This panel features experts in data security, privacy, AI governance, and startup strategy discussing how to stay secure as a startup, the importance of community, decision-making, and the ongoing fight for privacy and security in the digital age. Tech Auntie's Podcast 📹 https://www.youtube.com/@TechAuntiesPodcast/videos 🎧 https://open.spotify.com/show/3EFJc29Ql18NwhRxerS7NS Panelists Milou Lammers - https://www.linkedin.com/in/milou-lammers/ Gina Rosenthal - https://www.linkedin.com/in/gminks/ Marian Newsome - https://www.linkedin.com/in/mariannewsome/ Gene Holloway - https://www.linkedin.com/in/gene-holloway-ph-d-pmp-516803154 Karen Lopez - https://www.linkedin.com/in/karen-lopez-195921b4 Chapters 00:00 Introduction to the Panelists 05:24 Navigating Security as a Startup 14:37 Challenges in Data Management and Compliance 25:03 The Importance of Collaboration and Networking 27:19 The Balancing Act of Entrepreneurship 37:47 Looking Out for Mental Health and Community 55:04 Privacy vs. Security in Today's World
Transcribe →E095 - Lawyers Creating Content
May 1200:55:36Tap to summarizeRecorded live at the HERS Conference comes a panel discussion with Kameron Monet and Alexandra L. Mack about what it means to be a lawyer and content creator online. They discuss how each of them started posting, how their content has evolved, and how social media can create community, mentorship, and new professional opportunities. The conversation also covers the risks of posting as a lawyer, including negative comments, political topics, professional boundaries, and the importance of making clear that educational content is not legal advice. Chapters 00:00 Introduction to Non-Traditional Legal Careers 03:00 The Evolution of Content Creation in Law 05:52 Navigating Social Media as Lawyers 08:51 The Impact of Personal Branding on Legal Professionals 11:40 Challenges and Rewards of Being a Content Creator 14:45 The Intersection of Law and Social Media 17:39 Handling Feedback and Criticism Online 26:10 Navigating Legal Content Creation Risks 27:48 Building Community Through Social Media 29:41 The Power of Representation in Law 31:41 Content Creation: Balancing Expertise and Audience 33:45 Authenticity in Content Creation 35:32 The Evolution of Community Building 41:46 The Role of Platforms in Community Engagement 47:42 Personal Growth Through Content Creation
Transcribe →E094 - May the Security Be With You: Security Lessons from Star Wars
May 500:37:19Tap to summarizeIn this May the 4th inspired episode, Brian uses scenes from Star Wars: A New Hope to draw analogies with cybersecurity concepts, emphasizing data protection, supply chain risks, social engineering, and internal security measures. A fun and insightful way to understand complex security topics through pop culture. Credit to George Lucas and Lucasfilm for a great movie we could dissect. Previous episode on authentication: 📹https://youtu.be/uLewnRK65qI 🎧https://www.socializingsecurity.com/e/e087-a-password-primer Chapters 00:00 Introduction to Star Wars and Cybersecurity 04:26 Data Loss Prevention: The Death Star Plans 09:05 Supply Chain Risks: The Droids on Tatooine 16:49 Jedi Mind Tricks Are Advanced Social Engineering 21:31 Stopping Rebels with Intrusion Detection 25:57 Zero Trust: Security That Should've Been Inside the Death Star 30:43 The Exhaust Port Vulnerability 35:13 The Importance of Analogies and Wrap-up
Transcribe →E093 - HERS Conference: Risk Summit, Part 3
Apr 2800:29:22Tap to summarizeRecorded live at the HERS Conference comes a panel discussion about Humans in Risk. This episode features a detailed discussion on cybersecurity risks, especially phishing, and risk management strategies in startups and organizations. Experts share real-world examples, mitigation tactics, and the importance of a proactive risk culture. Make sure you catch up on the previous two episode for the first and second parts of this three-part Risk Summit from the HERS Conference. 🎧 Risk Summit, Part 1: https://www.socializingsecurity.com/e/e091-hers-conference-risk-summit-part-1 🎧 Risk Summit, Part 2: https://www.socializingsecurity.com/e/e092-hers-conference-risk-summit-part-2 Guests: Paul Lammers Sophie Lammers: https://www.linkedin.com/in/sophie-lammers Chapters 00:00 Understanding Risk Management 03:31 Intro to CEO Phishing Risk 04:28 Scenario 4: CEO Phishing Scam 05:50 Assessing and Scoring the Risk of CEO Phishing 08:15 Assessing the Impact and Harm of CEO Phishing 09:18 Controlling For Phishing Risks 12:21 A Personal Anecdote of a Scam 14:56 Introducing Sophie Lammers 16:13 Scenario 5: Startup Funding Failure 17:19 Assessing and Scoring the Risks of Startup Failure 21:28 Assessing the Harms of a Startup Failure 22:47 Mitigating the Risks of a Startup Failure 25:47 Saying Goodbye to Sophie Lammers and the Risk Summit 27:22 Reflecting on the Risk Summit 28:51 Outro
Transcribe →E092 - HERS Conference: Risk Summit, Part 2
Apr 2100:34:46Tap to summarizeRecorded live at the HERS Conference comes the continuation of a panel discussion about Humans in Risk. This episode features an in-depth discussion on cloud infrastructure risks, weather-related outages, and insider threats introduced through hiring, with expert insights from Robert Hug and Eliza White-Blum. See how the process to assess, mitigate, and prepare for critical risks in data center management and cybersecurity plays out. Make sure you catch up on the previous episode for the first part of this three-part Risk Summit from the HERS Conference. 🎧 https://www.socializingsecurity.com/e/e091-hers-conference-risk-summit-part-1 FBI alert: https://www.fbi.gov/investigate/cyber/alerts/2025/north-korean-it-worker-threats-to-u-s-businesses Guests: Robert Hug: https://www.linkedin.com/in/roberthug/ Eliza White-Blum: https://www.linkedin.com/in/eliza-white-blum/ Chapters 00:00 Introduction 02:36 Introduction to Cloud Data Center Risk 06:16 Assessing the Risks of Outages 11:40 Evaluating Financial Harm of Data Center Risks 13:13 Scoring the Data Center Outage Risk 15:42 Closing Out with Robert Hug 17:02 Introduction to HR Risks and Data Breaches 21:30 Mitigating Risks in Remote Hiring 22:59 Assessing Likelihood and Impact of HR Risks 27:59 Enhancing Hiring Processes for Security 30:54 Legal Risks and Compliance in Hiring 32:39 Closing Out With Eliza White-Blum 33:16 Reflecting on Part 2 of the Risk Summit 34:14 Outro
Transcribe →E091 - HERS Conference: Risk Summit, Part 1
Apr 1400:31:11Tap to summarizeRecorded live at the HERS Conference comes a panel discussion about Humans in Risk. This episode is the first of three from the Risk Summit, and starts with Milou introducing risk management in general, focusing on risk assessment, scoring, and mitigation strategies. It also contains the first scenario where Brian joins Milou to discuss assessing the risks of zero day vulnerability. Watch for parts 2 and 3 in the next two weeks! Chapters 00:00 Introduction 02:54 Introducing Risk Management 05:50 The Role of Risk Officers 08:02 Conducting a Risk Assessment Summit 11:09 Risk Scoring Methodology 14:18 Introducing the Risk Summit Guests 16:01 Scenario 1: A Zero-Day Vulnerability 17:12 Assessing Business Impact 19:36 Evaluating How to Treat the Risk 22:41 Assessing the Financial Impact 27:21 Calculating the Initial Risk Score 30:40 Outro
Transcribe →E090 - HERS Conference: Ending Workplace Abuse
Apr 701:02:16Tap to summarizeRecorded live at the HERS Conference comes a panel discussion about Humans in Equity. This session dives deep into workplace abuse, focusing on how employees can recognize, document, and address toxic environments. Featuring experts Kim Williams, Dr. Gene Holloway, and Eliza White-Blum, the conversation covers legal protections, internal reporting, and fostering healthier workplace cultures. Kim Williams - https://www.linkedin.com/in/kimberly-e-williams Gene Holloway - https://www.linkedin.com/in/gene-holloway-ph-d-pmp-516803154 Eliza White-Blum - https://www.linkedin.com/in/eliza-white-blum Links to our previous episode with Kim Williams about the End Workplace Abuse Movement: Video: https://youtu.be/4fBxQkf5Zjs Audio: https://www.socializingsecurity.com/e/e056-toxic-isn-t-just-a-buzzword-let-s-talk-workplace-abuse Chapters 00:00 Introduction to Workplace Abuse and Panelists 01:59 The Role of HR and Organizational Culture 06:45 Personal Experiences with Toxic Work Environments 10:08 Dealing with Toxic Bosses and Organizational Retaliation 19:02 The Courage to Speak Up and Accountability 23:17 Engaging HR and Internal Resources Effectively 25:22 Handling Difficult Bosses and Toxic Leadership 31:36 Documenting Incidents and Legal Strategies 35:52 Whistleblower Protections and External Support 41:08 Fostering a Healthy Workplace Culture 53:27 Preventative Measures and Building Resilience
Transcribe →