combsandco


Feature Friday with Will Hunt

How You’re Being Hacked

“Hackers are breaking the systems for profit. Before, it was about intellectual curiosity and pursuit of knowledge and thrill, and now hacking is big business.” Kevin Mitnick

2021:23

Not a day goes by now where you don’t read about some sort of cyberattack and how the motive was profit for the hackers.  But what do hackers do with a stolen database of encrypted passwords?  How do they breach systems to launch ransomware or bots or other exploitative software?  Glad you asked.

Will Hunt has been professional hacker for almost a decade (he’s been working in tech even longer).  He’s hired to break into companies’ systems to find vulnerabilities that can be walled off to make the company more secure.  On this episode of Did You Know That? we discuss the cyber world from a hacker’s point of view.  Little behind the curtain look at this burgeoning business.

You can learn about Will and In.security via the below:

Website: https://in.security

Email: contact@in.security

LinkedIn: https://www.linkedin.com/in/will-hunt/

Twitter: @Stealthsploit

If you’re interested in learning more about the mechanics of hacking, In.security also offers training sessions:

Hacking Enterprises – https://www.blackhat.com/us-21/training/schedule/index.html#hacking-enterprises—-edition-21889

Defending Enterprises – https://www.blackhat.com/us-21/training/schedule/#defending-enterprises-218911617901814

Music: “Night Rider” by Ian Post via Artlist



Feature Friday – Top 10 TV Shows!

“I liken actors and movies and TV shows to football teams. We all have our favorite ones.” Kristoffer Polaha

2021:22

The boob tube.  The idiot box.  The small screen.  Whatever you call it, the inanimate TV is not always looked upon in a favorable light.  Well, that doesn’t mean the shows that stream through the telly haven’t impacted us in favorable ways.  So that’s what we’re focused on during this episode of Did You Know That?

Stephanie Rodin makes a celebrated return to the channel (first repeat guest) to talk about her – and my – top 10 TV shows of all time.  Like all lists we’ve talked about, this is subject to change, but you should expect that by now.

So how do our lists (below) compare to yours?  Where do you agree/disagree/have no idea?  Let us know if any these would make your list or put your own list in the comments.

Just a reminder about what Stephanie does when she’s not watching TV, check out the contact points below.

Website: https://rodinlegal.com/

LinkedIn: https://www.linkedin.com/in/stephanierodin/

Twitter: @Rodinlegal

Music: “Easy Money” by Rex Banner via Artlist

Stephanie’s List

1. The West Wing

2. Sons of Anarchy

3. Six Feet Under

4. The Golden Girls

5. All In The Family

6. Quantum Leap

7. The Carol Burnett Show

8. The Daily Show with John Stewart

9. House

10. Dallas

Sean’s List:

1. M*A*S*H

2. Buffy/Angel/Firefly

3. The Carol Burnett Show

4. The Six Million Dollar Man

5. Person of Interest

6. Seinfeld

7. The Expanse

8. Cosmos (Carl Sagan)

9. Bosch

10. Mission:Impossible



Feature Friday with Andy Schulkind
July 2, 2021, 4:49 pm
Filed under: Uncategorized | Tags: , , ,

“One good thing about music, when it hits you, you feel no pain.”  Bob Marley

2021:21

Live concerts.  That’s what I missed most during the COVID pandemic.  The keyboard on which I type this is more musical inclined than I am, but music… music inspires a reaction in me unlike any other medium.  And that’s what I find so mysterious about music – it’s simply vibrations in the air.  But all human cultures have some form of music or rhythm.  The combination of those vibrations can perform magic.

This Top 10 episode of Did You Know That? – musical acts – was the toughest list for me to generate, as it was for my guest, Andy Schulkind.  In fact, as you’ll find out in this episode, Andy was the genesis of this Top 10 series.

We’ve given you our lists (see below); what say you?  Where do you agree/disagree/have no idea?  Let us know if any these would make your list or put your own list in the comments.

If you’re curious what Andy does when not opining on music, check out the below.

Website: https://www.andigo.com/resources/

LinkedIn: https://www.linkedin.com/in/andrewschulkind/

Twitter: @AndrewSchulkind

Music: “Easy Money” by Rex Banner via Artlist

Andy’s List

1. The Who

2. Paul Simon

3. Thelonious Monk

4. John Coltrane

5. Dave Brubeck

6. Abby Lincoln

7. B.B. King

8. The Style Council

9. Frank Zappa

10. Chet Atkins

Sean’s List:

1. Maynard James Keenan (Tool/A Perfect Circle/Puscifer)

2. David Bowie

3. Rush

4. The Police

5. Silversun Pickups

6. Godsmack

7. The Beatles

8. Duran Duran

9. Guns N Roses

10. VNV Nation

#music #top10music #top10list #andigo #didyouknowthat #indulgeyourcuriosity #youtubechannel



Feature Friday with David Temple & Sean O’Rourke
June 18, 2021, 6:03 am
Filed under: Uncategorized | Tags: , , , ,

“So many books, so little time.” Frank Zappa

2021:20

This might just be me, but I’ve often thought, the best reason to integrate a computer with my brain is so I could read 100 books a day.  But then I think, that would defeat the whole purpose of the experience.  While I don’t read as many physical books as I used to (Kindle & audio predominate), turning pages is still a joyful accomplishment.

David Temple and I met in 1996.  Our friendship grew over talks about books, movies, TV, music, writing, etc., etc., etc.  So there’s no one I wanted to kick off the Top 10 List of Did You Know That? episodes than him.  David, being the author of many a novel, gets books.

Our lists are below (the episode highlights why we chose these).  Let us know if any these would make your list or put your own list in the comments.

You can learn all about David and his works via the various channels below.  His latest novel, “The Impostor,” will be released on July 1, 2021.

Books: https://geni.us/DavidTempleBooks

Podcast: https://davidtemplebooks.com/podcasts/naked-monday (or wherever you get your podcasts)

LinkedIn: https://www.linkedin.com/in/davidetemple/

Twitter: @davetemple

Instagram: davidtempleauthor

Music: “Easy Money” by Rex Banner via Artlist

David’s List:

1. The Four Agreements (Don Miguel Ruiz & Janet Mills)

2. The Force (Don Winslow)

3. Into the Black Nowhere (Meg Gardiner)

4. On Writing (Stephen King)

5. The War of Art (Steven Pressfield)

6. The Silence of the Lambs (Thomas Harris)

7. The Power of Now (Eckhart Tolle)

8. Savage Son (Jack Carr)

9. The Chain (Adrian McKinty)

10. Falling (T. J. Newman)

Sean’s List:

1. The Bourne Identity (Robert Ludlum)

2. The Road (Cormac McCarthy)

3. Alexander Hamilton (Ron Chernow)

4. Muhammed Ali (Thomas Hauser)

5. Days of Grace (Arthur Ashe)

6. Jurassic Park (Michael Crichton)

7. Arkham Asylum: A Serious House on Serious Earth (Grant Morrison & Dave McKean)

8. Man’s Search for Meaning (Viktor Frankel)

9. Into Thin Air (Jon Krakauer)

10. The Fountainhead (Ayn Rand)



Feature Friday with DYKT? Snippets

“Fall down seven times, stand up eight.” Japanese Proverb

Resilience is a foundational component of human nature and business.  The ability to get up sometimes is all that separates the successful from the also-rans, because getting knocked down is unavoidable in many instances.  Like cyber.

The phrase du jour about cyber is, it’s not if but when you’ll experience a cyber event.  Unfortunately, this is not hyperbole; it’s 99.782% fact, especially for businesses.  So what’s a business to do?  Get resilient.

DYKT? Snippets Ep. 3 touches on cyber resiliency, cyber risks, and where cyber insurance fits into the picture.  The five videos take less than 20 minutes but could prove invaluable in preparing your business for the inevitable.

Music: “Camaro” by Oliver Michael via Artlist



Feature Friday with Jay Shifman
May 14, 2021, 5:35 am
Filed under: Uncategorized | Tags: , , , ,

“The attempt to escape from pain, is what creates more pain.” Gabor Maté

2021:18

Addiction.  I think it’s a topic misunderstood by all but the addict themselves.  So who better to talk about addiction, misuse/abuse, and the road to recovery than someone who has lived it?

Jay Shifman’s story isn’t entirely unique or salacious.  In some ways, it’s the typical roller coaster associated with addiction and recovery.  But Jay Shifman’s view of his addiction, recovery, and how he helps others struggling with his former demons is very different from the common broadcasts around the topic.  That’s why he’s joining me on this episode of Did You Know That?

You can reach out to Jay via his myriad of contact points:

Website: https://campsite.bio/cys_jay

Instagram: jayshifman

LinkedIn: https://www.linkedin.com/in/jayshifman/

Twitter: @CYS_Jay

Music: “Everybody Get Up” by Ian Post via Artlist



Feature Friday with Rebecca Rakoski

“No longer are technology and cyber issues confined to tech geeks in some backroom. In the digital age, IT issues are front and center.”  Will Hurd

2021:17

During my 25+ years in and around technology, the most common refrain from those on the business side of a company when it came to cyber was, “It’s an IT problem.”  That is not the case any longer.  Your IT folks have to be involved in the discussion, but cyber is most definitely a business problem now.  Don’t believe me?  Maybe my next guest on Did You Know That? can convince you.

Rebecca Rakoski is a founding partner of XPAN Law Partners, a practice primarily dedicated to their client’s cyber welfare.  Our conversation focuses on what that means for businesses; some best practices required to stay in “compliance;” and a host of other elements of a cyber program.

Website: https://xpanlawpartners.com/

LinkedIn (personal): https://www.linkedin.com/in/rebecca-rakoski-esq-1460b116/

LinkedIn (firm): https://www.linkedin.com/company/xpan-law-partners/

Twitter: @XPANLawPartners

Email: rrakoski@xpanlawpartners.com



Feature Friday with James Mottola!

The United States Secret Service was established in 1865 to combat counterfeiting.  In 1901, the agency was charged with protecting America’s political leaders, their families, and visiting heads of state or government.

2021:16

James Mottola is a frequent collaborator of mine on the Everything Cyber playlist, as well as other engagements revolving around cybersecurity and cyber liability.  What some of you may not know is that Jim spent 20+ years in the United States Secret Service.  That’s where he was indoctrinated into the world of cyber.

We’re taking this episode of Did You Know That? to explore Jim’s time with the Secret Service, talk about the agency’s mission, and discuss how it prepared him for the work he does today.  While Jim doesn’t reveal any agency secrets, you will get a better idea of how it’s disparate mandates are handled and why there is intense competition among all government agencies.

You can learn more about Jim and his current job by visiting the sites below:

Porzio Compliance Services: https://porziocomplianceservices.com/

LinkedIn: https://www.linkedin.com/in/jamesmottola/

Music: “Come Get Yours – Instrumental” by Bunker Buster via Artlist



Feature Friday with DYKT? Snippets

“The five most efficient cyber defenders are: Anticipation, Education, Detection, Reaction and Resilience. Do remember: Cybersecurity is much more than an IT topic.” Stephane Nappo

And now Part 2 of the 2-part premiere of DYKT? Snippets.  We’re closing out the conversation about the New York State Department of Financial Services (NYSDFS) Part 500 cyber regulations.  Be sure to watch Part 1 before diving into these videos.

For context, here are some links for the regulations & the actual requirements:

Who NYSDFS Supervises: https://www.dfs.ny.gov/who_we_supervise

NYSDFS Industry Definitions: https://www.dfs.ny.gov/institution_definition

NYSDFS Cybersecurity Resource Ctr: https://www.dfs.ny.gov/industry_guidance/cybersecurity

Regulation Sections:

500.02 – Cybersecurity Program

500.03 – Cybersecurity Policy

500.04 – Chief Information Security Officer (exempt)

500.05 – Penetration Testing & Vulnerability Assessments (exempt)

500.06 – Audit Trail (exempt)

500.07 – Access Privileges

500.08 – Application Security (exempt)

500.09 – Risk Assessment

500.10 – Cybersecurity Personnel and Intelligence (exempt)

500.11 – Third Party Service Provider Security Policy

500.12 – Multi-Factor Authentication (exempt)

500.13 – Limitations on Data Retention

500.14 – Training and Monitoring (exempt)

500.15 – Encryption of Nonpublic Information (exempt)

500.16 – Incident Response Plan (exempt)

500.17 – Notices to Superintendent

Music: “Camaro” by Oliver Michael via Artlist



Feature Friday with DYKT? Snippets

“The five most efficient cyber defenders are: Anticipation, Education, Detection, Reaction and Resilience. Do remember: Cybersecurity is much more than an IT topic.” Stephane Nappo

We’re shaking things up here at Did You Know That?  We’re always looking to bring you informative conversations that could better your business and sometimes, your life.  But that doesn’t always have to be in long-form interviews.  So, may we present, drumroll please…

DYKT? Snippets.

DYKT? Snippets will be episodes featuring a collection of short videos on a particular topic.  What that topic may be will always be a surprise.  For this kickoff event, we’re going big with a 2-part premiere episode.

In 2017, the New York State Department of Financial Services (NYSDFS) Part 500 cyber regulations went live.  These regulations apply to certain businesses licensed by the NYSDFS to operate in New York.  While the regulations have their shortcomings, in the scope of state-backed cyber laws, they’ve proven to be quite reasonable.  Episodes 1 & 2 will feature videos that outline how businesses can utilize these requirements to get their cyber houses in order.

For context around the videos, here are some links for the regulations & the actual requirements:

Who NYSDFS Supervises: https://www.dfs.ny.gov/who_we_supervise

NYSDFS Industry Definitions: https://www.dfs.ny.gov/institution_definition

NYSDFS Cybersecurity Resource Ctr: https://www.dfs.ny.gov/industry_guidance/cybersecurity

Regulation Sections:

500.02 – Cybersecurity Program

500.03 – Cybersecurity Policy

500.04 – Chief Information Security Officer (exempt)

500.05 – Penetration Testing & Vulnerability Assessments (exempt)

500.06 – Audit Trail (exempt)

500.07 – Access Privileges

500.08 – Application Security (exempt)

500.09 – Risk Assessment

500.10 – Cybersecurity Personnel and Intelligence (exempt)

500.11 – Third Party Service Provider Security Policy

500.12 – Multi-Factor Authentication (exempt)

500.13 – Limitations on Data Retention

500.14 – Training and Monitoring (exempt)

500.15 – Encryption of Nonpublic Information (exempt)

500.16 – Incident Response Plan (exempt)

500.17 – Notices to Superintendent

Music: “Camaro” by Oliver Michael via Artlist