Artwork

Player FM - Internet Radio Done Right
Checked 11M ago
Lagt til four år siden
Innhold levert av Robert Rounsavall, Startup Founder, and BJJ Blue Belt. Alt podcastinnhold, inkludert episoder, grafikk og podcastbeskrivelser, lastes opp og leveres direkte av Robert Rounsavall, Startup Founder, and BJJ Blue Belt eller deres podcastplattformpartner. Hvis du tror at noen bruker det opphavsrettsbeskyttede verket ditt uten din tillatelse, kan du følge prosessen skissert her https://no.player.fm/legal.
Player FM - Podcast-app
Gå frakoblet med Player FM -appen!
icon Daily Deals

One click can make or break whether or not someone ends up in jail -Aaron Weiss from Forensic Recovery

29:30
 
Del
 

Manage episode 272911310 series 2794744
Innhold levert av Robert Rounsavall, Startup Founder, and BJJ Blue Belt. Alt podcastinnhold, inkludert episoder, grafikk og podcastbeskrivelser, lastes opp og leveres direkte av Robert Rounsavall, Startup Founder, and BJJ Blue Belt eller deres podcastplattformpartner. Hvis du tror at noen bruker det opphavsrettsbeskyttede verket ditt uten din tillatelse, kan du følge prosessen skissert her https://no.player.fm/legal.

Most people I've worked with who do incident response and forensics are dealing with a cyber attack of some sort. Perhaps it's ransomware, maybe a malware infection, or data leak issue. Aaron Weiss and his team from Forensic Recovery handle those cases and they also get called in for some really interesting and different cases on the criminal and civil side ranging from employee fraud to child pornography. In this interview, Aaron and I discuss:

How he got started in the field and his path to computer forensics.

"One of the heads of the computer science program, approached me my senior year and said, "Aaron, would you like to take differential equations or do you want to try computer forensics?", and it was the first computer forensics class. I said, "I have no idea what computer forensics is, but I will gladly sign up!"

How he got started by volunteering with the Sheriff's office cyber crimes squad.

How it's different to work a case like child pornography where you can't take the evidence with you over a period of time and have to do work with investigators on the case watching over everything you do. Also what type of evidence and meta data that can be collected to help find out what is important.

"One click can make or break whether someone ends up in jail or not"

Things like collecting evidence on different forms of social media that is always changing... FYI If you are filing a fraudulent slip and fall case against your employer, it's probably not the best time to go skiing and post on social media...

"There may be a new form of chat or social media that there's no tool for, so we have to figure out what's the best way to preserve evidence"

How to get ahead in your career and what causes plateaus.

"I've seen a lot of CVs in expert witness cases on the opposing side where their CV stops 5 years ago because they've been doing the same thing and they haven't spent the time to continue to learn."

Aaron shares some deep knowledge on reasoning for degrees and certifications and what you can do to get ahead if you are a student or earlier in your career. Here are a few cool ideas:

  1. Show up to anything you can locally. Many conferences have FREE or extremely reduced rates for students.
  2. Take advantage of all the tech and security companies offering free webinars. You can learn a ton of things from those. He gives a couple of specific examples on the podcast.
  3. Set up your own network, test and play.

Finally we wrap up talking about improv comedy and how that can help you in your career. Spoiler alert, I agree to take an improv class sometime before the end of the year. I have already found one locally and will eventually jump in and join!

Here are links to some of the things mentioned in the podcast:

BSides

ISSA

SANS Work Study Program

Tools

CelleBrite

Access Data FTK (Forensic Tool Kit)

X-Ways Forensics

Listen to the podcast here:

Spotify iTunes Stitcher Google Play Your Computer

  continue reading

36 episoder

Artwork
iconDel
 
Manage episode 272911310 series 2794744
Innhold levert av Robert Rounsavall, Startup Founder, and BJJ Blue Belt. Alt podcastinnhold, inkludert episoder, grafikk og podcastbeskrivelser, lastes opp og leveres direkte av Robert Rounsavall, Startup Founder, and BJJ Blue Belt eller deres podcastplattformpartner. Hvis du tror at noen bruker det opphavsrettsbeskyttede verket ditt uten din tillatelse, kan du følge prosessen skissert her https://no.player.fm/legal.

Most people I've worked with who do incident response and forensics are dealing with a cyber attack of some sort. Perhaps it's ransomware, maybe a malware infection, or data leak issue. Aaron Weiss and his team from Forensic Recovery handle those cases and they also get called in for some really interesting and different cases on the criminal and civil side ranging from employee fraud to child pornography. In this interview, Aaron and I discuss:

How he got started in the field and his path to computer forensics.

"One of the heads of the computer science program, approached me my senior year and said, "Aaron, would you like to take differential equations or do you want to try computer forensics?", and it was the first computer forensics class. I said, "I have no idea what computer forensics is, but I will gladly sign up!"

How he got started by volunteering with the Sheriff's office cyber crimes squad.

How it's different to work a case like child pornography where you can't take the evidence with you over a period of time and have to do work with investigators on the case watching over everything you do. Also what type of evidence and meta data that can be collected to help find out what is important.

"One click can make or break whether someone ends up in jail or not"

Things like collecting evidence on different forms of social media that is always changing... FYI If you are filing a fraudulent slip and fall case against your employer, it's probably not the best time to go skiing and post on social media...

"There may be a new form of chat or social media that there's no tool for, so we have to figure out what's the best way to preserve evidence"

How to get ahead in your career and what causes plateaus.

"I've seen a lot of CVs in expert witness cases on the opposing side where their CV stops 5 years ago because they've been doing the same thing and they haven't spent the time to continue to learn."

Aaron shares some deep knowledge on reasoning for degrees and certifications and what you can do to get ahead if you are a student or earlier in your career. Here are a few cool ideas:

  1. Show up to anything you can locally. Many conferences have FREE or extremely reduced rates for students.
  2. Take advantage of all the tech and security companies offering free webinars. You can learn a ton of things from those. He gives a couple of specific examples on the podcast.
  3. Set up your own network, test and play.

Finally we wrap up talking about improv comedy and how that can help you in your career. Spoiler alert, I agree to take an improv class sometime before the end of the year. I have already found one locally and will eventually jump in and join!

Here are links to some of the things mentioned in the podcast:

BSides

ISSA

SANS Work Study Program

Tools

CelleBrite

Access Data FTK (Forensic Tool Kit)

X-Ways Forensics

Listen to the podcast here:

Spotify iTunes Stitcher Google Play Your Computer

  continue reading

36 episoder

Semua episode

×
 
In this episode Marvin Wheeler and I discuss the recent merger of Cybraics, an AI company with extremely advanced threat detection technology that came out of a DARPA project and SilverSky, a Managed Detection and Response company. While you normally see big hardware and software companies scooping up companies with unique technology, this was a little different. I think it's a trend that you will continue to see. Marvin has great insight into where things are going in cyber and also what qualities are important to advance your career. Enjoy! Cybraics: https://www.cybraics.com/ SilverSky https://www.silversky.com/ Connect with Marvin on LinkedIn: https://www.linkedin.com/in/marvinwheeler/…
 
People are finding out that moving things into the cloud isn't always the right answer. Tom is an exceptional technologist and we discuss how to take the AI processing to the data when it may not be technically possible or feasible to push it to the cloud. I have wanted to have him on the podcast for months and we were finally able to lock down a time to chat. If you want to know where technology is going, this is a great episode to listen to. Tom and his team are at the very pointy end of solving some really tough and cool compute problems. We didn't talk about it on this episode but whenever we catch up we usually talk about ultra endurance events and running. Tom has been on some crazy endurance adventures that would blow your mind. I'm saving that discussion for another podcast someday... I always learn a ton from these podcasts and I know you will as well. You can find more about Tom here: https://www.linkedin.com/in/tom-mays-b23339a6/ The NodeWeaver website has some great information, worth spending some time there just to see what they are up to! https://nodeweaver.eu/…
 
In recent years, encryption has become an essential tool for cybersecurity and data protection. It’s also one of the most important aspects of any business today - especially when it comes to cloud databases. Encryption will protect your data from being stolen or intercepted by third parties and maintain your privacy by ensuring your information is only accessible by the intended recipient and not by anyone else. There are many different types of encryption methods, but they all use similar principles, which Jon will cover in-depth in this episode. Join the conversation with Jon McLachlan as he shares about encryption in cyber security and data protection to provide you with tools to protect your data in order to avoid potential threats like cybercrime or data breaches. Jon is the co-founder and CEO of Peacemakr and the host of The Security podcast of Silicon Valley, and h e has been in technology, cyber, and startups for a very long time. Tune in! During this episode, you will learn about; [00:06] A bit about Jon’s career background [01:41] Jon’s earliest inclination in tech, software, and security [03:29] Going from traditional computer science programming to security [06:21] Jon’s experience working with Apple as a young graduate [08:48] What is software product security and examples [09:04] Jon’s transition from Apple to his startup company [13:07] Building encryption system for your data protection [16:17] End-to-end encryption keys management system [20:02] Peacemakr and what they do in the encryption space [22:15] Self-driving encryption data security system [23:24] Management of encryptions keys in your applications [26:17] The future of security and the kind of scales to develop today [29:17] Get involved and participate to build your passion [30:13] Jon’s podcast, The Security podcast of Silicon Valley [31:49] How to reach out and connect with Jon Notable Quotes Encryption gives you the power to control who sees your data Building encryption into a product is building a system that controls the distribution and access to its keys. Exploring will help you do your passion justice. We all share something, but we arrive at our destination using different paths. If you want something, go for it, there’s never going to be a right time. Connect with Jon McLachlan Website: https://peacemakr.io/ Email: jon@peacemakr.io LinkedIn: https://www.linkedin.com/company/peacemakr-io Twitter: https://twitter.com/peacemakr4…
 
Thomas is the Director of Post Breach Remediation with Kivu consulting. We have a great discussion about an incident we worked together and what happens after the breach. It's pretty interesting when big attacks happens, it's not always the company names you hear about in the news that are the responding teams. Companies like Kivu are brought in for some of the biggest breaches out there, many times by an insurance company, or outside legal counsel when things are really bad. It was great to catch up with Thomas and in this episode you will learn about how incidents get cleaned up after the attack. You can find Thomas on LinkedIn here: https://www.linkedin.com/in/thomas-longhurst-208b9553/ Kivu Consulting https://kivuconsulting.com/ Thomas recently launched a podcast called The Cyber Zone over on youtube where they make cyber issues understandable to everyone, which is not an easy task! Enjoy! https://www.youtube.com/channel/UCndWz1G-nq6nCj10YBBHiBA…
 
If you are thinking of starting a company or a new founder, you quickly learn that there are lots of things to do that don't involve working on your technology or your big idea. It can quickly become a problem if you don't have the tools that you need to run your startup. Greg Miaskiewicz started Capbase and solved the above problem after being a successful founder and seeing a bunch of issues that other founders have when starting companies. Capbase is a startup building legal/financial tools for founders to setup and build their companies, from incorporation to IPO. Prior to Capbase, Greg built a cybersecurity company using some unique (and funny) methods to capture data, and shared some great knowledge on the podcast. Founders or future founders check out Capbase: https://capbase.com/ Connect with Greg on LinkedIn: https://www.linkedin.com/in/miaskiewicz/ Connect with Robert on LinkedIn: https://www.linkedin.com/in/robertrounsavall/…
 
I was thrilled to chat with Tim from Microshare.io about how he ended up in technology and what they are doing to protect IoT data. He was working on AI before it was a "thing" and has some amazing experience. He talked about why it is a great idea to start out in a support role no matter what type of company you work for, and where the industry is going. Enjoy this episode! Tim's company Microshare.io: https://www.microshare.io/ Follow Tim on Twitter: https://twitter.com/microshare_cto Connect with Tim on LinkedIn: https://www.linkedin.com/in/tpanagos/…
 
Chris has over 20 years of experience in cybersecurity and has worked at some of the biggest companies out there. He works in the Office of the CTO at VMware. I really enjoyed this conversation and know you will too! Chris shares some of the best ways to get into and learn cyber as well as what skills are necessary to work on to get ahead and succeed over time. Connect with Chris on LinkedIn: https://www.linkedin.com/in/christopherdavis/ Connect with Robert on LinkedIn: https://www.linkedin.com/in/robertrounsavall/ If you are an IT auditor, you need to pick up IT Auditing, using controls to protect information assets: https://www.amazon.com/gp/product/B07XPSGGBR Here are all the books Chris has authored or co-authored: https://www.amazon.com/Chris-Davis/e/B001JP175C…
 
You have Operational Technology in your environment and probably need to think about it a little bit. I was lucky to chat with Kunle who is an expert not just in cybersecurity but also in OT Security. In this episode he give great information on the differences between IT and OT and what you need to consider when protecting it. Connect with Kunle: https://www.linkedin.com/in/kunle-adetoro/ Connect with Robert: https://www.linkedin.com/in/robertrounsavall/ Some of the standards and trainings mentioned in the episode: NERC: https://www.nerc.com/pa/Stand/Pages/default.aspx IEC 62443: https://en.wikipedia.org/wiki/Cybersecurity_standards#IEC_62443 SANS ICS Training: https://ics.sans.org/ Fortinet ICS Solutions: https://www.fortinet.com/solutions/industries/scada-industrial-control-systems…
 
Great discussion with John about networking, cyber, and fundamental skills that are required to succeed in the space. We also chatted about Cisco vs Juniper and why you would want to get certified in one vs the other. John is putting out some amazing content on youtube especially for those looking to get into the space. Aside from teaching a ton, he does some really cool stuff like break down job descriptions, and reviews certifications that he is doing. Connect with John here: Youtube: https://www.youtube.com/c/CYBERINSIGHT LinkedIn: https://www.linkedin.com/in/john-breth-730b7755/ Twitter: https://twitter.com/JBizzle703 Twitch: https://www.twitch.tv/cyberinsight Connect with Robert: https://www.linkedin.com/in/robertrounsavall/…
 
Sanders watched the movie Hackers in middle school and knew he wanted to do that for a living. We had a great conversation and discussed some tools that are relevant today that have been around for over 20 years that are still very relevant today and you should learn if you want to improve your security game. As has been a theme with almost all of the people I've interviewed the topic of networking comes up and how it could have saved Sanders years of time in his career. This episode is a winner I know you will love it! Hackers movie trailer: https://www.youtube.com/watch?v=Rn2cf_wJ4f4 Sanders on LinkedIn https://www.linkedin.com/in/sdiaz2018/ Sanders on Twitter https://twitter.com/d43m05 Robert on LinkedIn https://www.linkedin.com/in/robertrounsavall/…
 
In a number of conversations lately writing has been coming up as a critical skill to advance your career. I've been trying to write daily for the last few years and improve that area. I was lucky to have Richard Lowe come on the podcast this week. He went from a tech career to a writing career and has great advice for anyone in technology wanting to move up. You can contact Richard at the links below: Richard Lowe on LinkedIn: https://www.linkedin.com/in/richardlowejr/ Robert on LinkedIn: https://www.linkedin.com/in/robertrounsavall/…
 
If you want to get into cybersecurity, the military is a great route. John went to the Navy, got a ton of training, his masters degree, and worked at Microsoft all while in the Navy! Aside from the opportunity to serve your country, there are some great options available to have a career in cyber. We discuss this and why he jumped out and started Breachbits. His company is enabling organization who can't bring in one of the big consulting firms to do an assessment have ongoing testing done for a fraction of the cost. Lot's of companies need world class penetration testing and assessments for overall security and compliance and they are filling that space very quickly. I love what they are doing and had a great time chatting with John! John's company Breachbits: https://www.breachbits.com/ Connect with John on LinkedIn: https://www.linkedin.com/in/john-lundgren/…
 
It was awesome to spend some time with Bryce Webster-Jacobsen from Groupsense. They are helping companies by finding bad things on the dark web. I love how he took his background in education and transitioned it to be successful in a leading edge cyber security company. You don't have to be a programmer or computer scientist to be successful in cyber and Bryce is a great example of that! Bryce on LinkedIn: https://www.linkedin.com/in/bryce-webster-jacobsen-73553057/ Bryce on Twitter: @BrycexWJ Groupsense: https://www.groupsense.io/ Robert on LinkedIn: https://www.linkedin.com/in/robertrounsavall/…
 
As I was re-listening to this podcast to make sure the audio is ok, I found myself saying over and over, oh that is GREAT information for someone getting into cyber. Mark is the co-founder and COO at Alphawave and has a ton of experience responding to large incidents and running teams that do that. I enjoyed chatting with him about what it takes to succeed in cyber and also why if you are in cyber you should learn jiu-jitsu! Connect with Mark on LinkedIn: https://www.linkedin.com/in/mark-st-john-1058a5a/ Connect with Me on LinkedIn: https://www.linkedin.com/in/robertrounsavall/…
 
In this episode I chat with Derek Cuesta, an amazing security architect for a fortune 500 company. We talk about the skills that are the most important to be successful in the role, and it's not all technical skills! Connect with Derek on LinkedIn https://www.linkedin.com/in/derekcuesta/ Connect with me: LinkedIn: https://www.linkedin.com/in/robertrounsavall/ Instagram: https://www.instagram.com/robrounsavall/…
 
Loading …

Velkommen til Player FM!

Player FM scanner netter for høykvalitets podcaster som du kan nyte nå. Det er den beste podcastappen og fungerer på Android, iPhone og internett. Registrer deg for å synkronisere abonnement på flere enheter.

 

icon Daily Deals
icon Daily Deals
icon Daily Deals

Hurtigreferanseguide

Copyright 2025 | Sitemap | Personvern | Vilkår for bruk | | opphavsrett
Lytt til dette showet mens du utforsker
Spill