Protecting data remains a high priority with FSI’s as high-profile threats portraying complex supply chain attacks, such as the Solarwinds continue to make the headlines. Taking advantage of how organisations move digital assets remains an evergreen attack vector for cybercriminals. Take a listen to Sean Devaney, vice president at CGI and David Martin, Partner Manager at Progress Software as they converse with FSTech around some of these topics as well as some possible solutions to this digital dilemma.

Expert in implementing new critical infrastructure for businesses, Jimmy Jones of Positive Technologies, joins the podcast to discuss the legal and security implications of adopting 5G for critical infrastructure. 

Alex Oliveri, Director of Professional Services at Progress, joins the Defrag This podcast to discuss the intricacies of continuous integration and development in a DevOps environment.

Nat Meron of C2A Security joins the podcast to discuss the advancements in automotive technology, connected cars, autonomous vehicles, and the implications this new tech has on security and compliance in the auto industry. 

In this episode of Defrag This, Chris Hickman of Keyfactor joins the podcast to discuss how IT should approach a corporate M&A (merger and acquisition). 

John O’Shaughnessy, Infrastructure Architect and Senior Consultant at Insight Cloud + Data Center Transformation, joins the podcast to discuss the budget issues plaguing IT teams during the pandemic. 

In this episode, Arun Vishwanath joins the podcast to discuss the rise in phishing scams and social engineering during the pandemic and ways that host Greg Mooney has almost been phished over the past few months. 

Progress (formerly Ipswitch) released a new version of their managed file transfer product, MOVEit 2020. The release includes a new mobile app that allows the ability to send and receive sensitive data on mobile devices. 

Ted Kim, CEO of Private Internet Access, joins the podcast to chat about VPNs, privacy online, and how the cybersecurity threat landscape has changed during the COVID-19 pandemic. 

Ben Niernberg, Executive VP of MNJ Tehcnologies, joins the podcast to discuss how IT teams are dealing with hardware shortages, price gouging, and the new normal of supporting a remote workforce. 

Jason Rader, who is the National Director of Network and Cloud Security at Insight Enterprises, joins the podcast to discuss the issues and solutions of supporting employees who are working from home during the COVID-19 crisis. 

Ask any digital forensics team or security researcher, and they will agree that data that is seemingly wiped from a hard drive is not lost forever. John Shegerian, the co-founder of ERI, a leading eWaste company, discusses the implications of eWaste in terms of security and compliance. 

Dr. Arun Vishwanath, a technologist in the field of cybersecurity, joins the podcast to discuss what cyber hygiene is and why people don't treat it the same way as personal hygiene. How can we change how people perceive technology in a way that is secure?

Companies who don’t have their systems up to date are to this day running into variants of WannaCry ransomware taking over business-critical systems. Most of these businesses are not even the intended target for these types of advanced persistent threats. So what do we know and how can we better protect ourselves from these attacks?

Shadow IT usually is the crux of IT teams. It creates an issue of visibility within the IT stack that leaves IT in the dark, hence the name. Often, when shadow IT happens though, it’s because IT is not allowing for fast workflows or certain operations are a hindrance to agility in the workplace. Uri Haramati joins the Defrag This podcast to discuss his take on shadow IT.

On the phone today, we have someone who is helping IT and Security teams do just that. Alex Bauert has more than 25 years of IT experience, with 15 of those years spent in architecture and application security leadership roles. He has built and enhanced application security programs at several large and medium enterprises across various industries. In addition, Bauert is a localization and internationalization engineer for hardware and software products.

IT professionals join the Defrag This podcast to tell the spookiest stories of their careers.

Greg Mooney and Jeff Edwards discuss a new report released by Osterman Research and sponsored by Progress about how Information Governance is often overlooked when it comes to IT operations cost savings.

In the case of network performance management, what are the most important metrics? Also, which tools are IT teams using to get this data to support the business infrastructure? The answer is “many” depending on who you ask.

In this latest Have You Met? podcast series, Greg Mooney chats with Daniel Hotz about manage file transfer solutions and how QBits is implementing manage file transfer tools in Switzerland, Germany, and Austria.

In this latest Have You Met? podcast, Greg Mooney chats with L8 Solutions on their continued success as an Ipswitch partner and how they are providing stellar IT solutions and services to their clients in the UK.

We're bringing you March's security and IT news!

If your company isn’t developing software, just wait five minutes.   Many companies that never dreamed they’d be developing their own software are having to “roll their own.” Sometimes it’s an internal use only, as a custom layer over an existing platform like Salesforce, sometimes as a product they’re selling.   All this development means having to create your own development operations team. Development Operations (DevOps) has brought IT operations and development teams a lot closer than ever before. Both sides are using network monitoring and other IT tools in some capacity, but how is DevOps taking over functions that used to be in IT's wheelhouse? To find out, I spoke with Sean Kenworthy, Senior Manager of Development Operations and Release Engineering here at Ipswitch. We discuss: What is DevOps? How Does DevOps Use Network Monitoring? If There is a Problem Who Fixes It, DevOps or IT? Under Attack: How Network Monitoring Detected A Stealth DDOS

Log Management is a hot topic these days, especially in the way it pertains to organizational data security. So in this episode of Defrag This your host Mark Towler sits down with Jim Cashman to quiz the latter on his sysadmin experience with Log Management. This discussion covers what logs an admin should be collecting, why to focus on those logs and what specifically to look for. It’s a great answer to the sysadmin who sets up a Log Management solution, watches the logs roll in and then asks “Ok, so now what?”

In this episode of Defrag This, we’re taking a look back at one of the most monumental events in hacker history—the 2007 hack of TJX companies, which was, at the time, the biggest breach of consumer data in the history of the United States.        

Automated systems are not always AI, but AI is an automated system. It’s easy to get the two terms confused because they both run off the same thing—data. However, the differences are far reaching and it’s important to know the differences between AI and Automation. Security Operations teams, or SecOps, are increasingly using AI along with automation to tackle advanced persistent threats, but what are the differences?

With Brexit in limbo and the GDPR already handing out fines to companies in noncompliance, companies who work in the confines of the EU and UK are left with little details as to how to navigate the minefield that is compliance. We talked to a lawyer who is an expert in GDPR compliance to learn more on how the GDPR is sizing up.      

Well-known PowerShell expert and Ipswitch contributer Adam Bertram, AKA Adam the Automator, discusses leaving his day job to start Techsnips.io, an e-learning platform for IT professionals.

Enterprise companies are coming under increasing scrutiny for their data security practices, or lack thereof depending on who you are talking about. Last month we looked at what transpired over the past year in data security news, but today we are going to take a look into the future of 2019.

Cybercrime has only increased and GDPR has yet to be effective. More and more, traditional crime is moving online to the internet because it’s far easier to get away with. The laws in place to help regulate society, such as Money Laundering and CCTV Regulations, just aren’t on the internet. That’s why at the end of the day, the internet is the New Frontier: It’s the Wild, Wild West, where the rules don’t apply. Luckily, a hero comes proverbially roaring in to save the digital-day! Chris Payne, Managing Director at Advanced Cyber Solutions over in the UK, joins me in a conversation to discuss GDPR’s effectiveness, (or lack thereof), and what we in our businesses can do about it to protect our customers’ personal data.

How do you ensure the security of a third of America’s web traffic? By comprehensively understanding the different attack vectors around the cloud at the API level, specifically AWS (Amazon web services). And being prepared to react fast. I recently got together with Will Bengtson, a security researcher with over a decade of experience in cybersecurity who works at Netflix. “The biggest thing for me is that we have a lot of accounts, a lot of instances, a lot of change in our environment. So monitoring for us has to be just a continuous game,” Will said. So since your cloud provider isn’t going to hold your hand on this one, you need to know about these three tools Will uses.

Too many IT professionals believe that cloud platforms, such as AWS or Google Cloud, handle any cloud-related security. Unfortunately, far too many are caught off guard when they learn that the security of these web services is limited. Yes, you are purchasing a service from them, but the truth is, IT security within a shared API is a shared responsibility. Brad Geesaman sees it far too often. He’s been in IT security and infrastructure for over 15 years, working with Symantec, Blackfin, and others. He’s worked as an ethical hacker, teaching others how to root our security threats within their networks, and he’s currently providing private IT security consulting. He spoke at the Black Hat USA conference in Las Vegas, and after I heard him speak, I knew I had to have Brad on our DeFrag_This podcast. He came on the show and shared his expertise on how IT professionals can better protect their assets running on shared cloud platforms. You don’t want to miss this.

Case studies show that more than half of the traffic on the dark web is illicit, and even the anonymized licit data has no place on the company network. In this episode we talked with Mark Towler, Senior Product Marketing Manager at Ipswitch, and Jim Cashman, Principal Product Manager at Ipswitch and Product Owner of WhatsUp Gold, about the challenges of dark web traffic and how a new feature of WhatsUp Gold gives IT teams a tool to address this problem.

How would you like to walk into an HIPAA audit? Most will go in wondering - or worrying - if the security measures in place reflect their company’s due diligence to protect their ePHI (electronic protected health information). Others will have the forethought to be proactive in their situation and know they have done what is necessary to protect the information for which they are responsible. We want you to be the latter.

The European Union GDPR laws went into effect May 25th. The U.S. is not far behind, and just last week California passed its own group of privacy protection laws meant to protect California residents from the mishandling of their personal information. As companies like Facebook and Equifax who have been front and center for the mismanagement of personal information for millions of people, what do new privacy laws mean for individuals and businesses? In this episode Greg and Jeff speak with Kevin Conklin, the Head of Product Marketing at Ipswich, about the steps the U.S. is taking to address privacy protection and what a state-by-state enactment may look like.

In episode 29 of the Defrag This podcast, we consider what it takes to be a cyber security professional.

Do the headlines about data breaches and information hacks have you worried, but you don’t know where to turn? If you’re afraid of having a cybersecurity “guru” take your money without delivering on their outlandish claims, there are some steps you can take to weed out the snake oil salesmen from the real cybersecurity experts.

We're bringing you April's security and IT news!

Hate seeing that troubleshoot error pop up? Wouldn’t it be a lot less taxing when you have the problem identify itself with solutions, instead of you scrambling to fix the issue. Reactive mode can be a stressful operation mode that no company wants to work in, but what if we can go from reactive to predictive mode.

Are you guilty of having one of your passwords set to “Password123” or something similar? Well you’re not alone. Having these easy to guess passwords is what allowed the Iranian hackers to gain over 13 billion pages of information. Phishing attacks are becoming inevitable, but as a preventative measure - we need to learn what our risk factors are and make it harder for hackers to log into our accounts.

Nothing frustrates and cripples IT more than individuals in varying departments going rogue. Joe from marketing thinks the company-approved internet is slow, so he sets up his own WiFi off network. Sara from finance uses non-approved cloud storage for personal info of employees, exposing the data. Then Larry uses his own home laptop because the work computer has too many restrictions. All this and more causes headache after headache for IT. The problems abound, causing security threats and bogging down the IT department when they could be focused on bigger tasks? Two IT pros, Adam Fowler and Billy York, join us today to share their frustrations, and solutions, on Shadow IT.

We're bringing you March's security and IT news!

In this one we do some mythbusting.

We're bringing you February's security and IT news!

We're bringing you January's security and IT news right as it happens!

With so many available languages, knowing which one to choose for automation can be overwhelming. In this interview with Eric Chou from A10 Networks, we learn advantages of using Python Networking to automate tasks as engineers.

The cryptocurrency market is always changing. Is it a reliable investment, and who should be investing in it? In this episode Defrag This host Greg Mooney, and guest Adam Bertram, an IT industry expert, discuss the current cryptocurrency trend and what some of the downsides are to investing.

We're bringing you this week's security and IT news right as it happens!

In this episode of Defrag This, we're looking back on the year.

New regulations always mean a flurry of activity for affected companies, and the European Union’s new General Data Protection Regulation is no exception. The bill passed in 2016, but it gave companies two years to fall in line. That means the deadline of May 2018 is looming for companies with consumer data interests in the EU. Not making that deadline could mean fines and civil suits. And then there’s the possibility of cultivating a bad reputation for not caring enough about the protection of personally identifiable data of consumers.

On this special episode of Defrag This, we're sharing the ribbon cutting ceremony for our new office. Hurray!

Can we ever be completely safe when it comes to wifi security? No. Cue the panic. Just kidding. We really can’t be 100% safe using wifi, but that doesn’t mean we should just throw caution to the wind and neglect any attempts at security whatsoever. There are security protocols available to help keep things more secure. But what are the differences and why do those differences matter? In this episode, Brad Call, wi-fi expert and consultant for Internal IT, gives us a breakdown of the three security protocols and how they can help or hurt your wi-fi security.

Fake news had been all over the news for months. Some people don’t believe it’s a real thing, and others believe that it is lurking behind every meme and Facebook ad. As usual, the truth is somewhere in the middle.The recent senate hearings related to the possibility of Russian interference in the American election have shined an even brighter spotlight on this issue. Outside interference from other nations is very real. It’s not exactly a new issue, but as our technology continues to leap forward faster than legislation can pin it down, this issue may be more dangerous than previous incarnations. In this episode, Mary Manjikian, professor and author of Cybersecurity Ethics: An Introduction, discusses how ethics in technology and cybersecurity is more important than ever as the law struggles to catch up.

Internet comment sections are often either amusing or horrifying places. There’s generally little in-between. This is particularly true in the computer programming world where some programmers can be almost slavishly devoted to their chosen deity… er… scripting language. Debates between users of different languages can be heated as everyone tries to defend their personal favorite as “the best.” It’s not necessarily clear what could objectively make one scripting language “better” than another overall, though. One language that gets more flak than it likely deserves is PowerShell. Proponents of Python can be especially brutal in their ridicule, but they aren’t the only naysayers regarding the scripting language created specifically for Windows systems. In this episode, Adam Bertram, PowerShell guru and author of The Pester Book, explains what he believes is the main reason behind the PowerShell vs. Python vs. “insert scripting language here” debate. Find a breakdown of this episode here.

A weekly rollup of everything in the news relating to cyber security. Check in every week for breaking news in the cyber security spectrum. 

Have you ever had a doctor give you a pill to cure whatever ails you without first finding out what your symptoms are? Of course not. That would be unprofessional and reckless. Yet, that’s the equivalent of what many IT professionals are doing when they send their users training videos about how to avoid things like phishing scams. These videos or other one-size-fits-all anti-phishing training materials work to a point, but they aren’t nearly as effective as they could be with a little more understanding of the patient, erm, I mean, user. In this episode, Arun Vishwanath, cybersecurity expert and Associate Professor at the State University of New York at Buffalo, explains how the disease of phishing can only be cured by correctly diagnosing the symptoms in each user.

Have you ever had a doctor give you a pill to cure whatever ails you without first finding out what your symptoms are? Of course not. That would be unprofessional and reckless. Yet, that’s the equivalent of what many IT professionals are doing when they send their users training videos about how to avoid things like phishing scams. These videos or other one-size-fits-all anti-phishing training materials work to a point, but they aren’t nearly as effective as they could be with a little more understanding of the patient, erm, I mean, user. In this episode, Arun Vishwanath, cybersecurity expert and Associate Professor at the State University of New York at Buffalo, explains how the disease of phishing can only be cured by correctly diagnosing the symptoms in each user.

The healthcare industry is at a crossroads when it comes to technology. Mobile devices and the IoT has given new and innovative ways to stay on top of our health from Fitbits to smartphone pedometers, but the vast amount of data these apps collect on our health is a blessing and a curse. Stephen Wu, a technology lawyer at Silicon Valley Law Group and the author of A Guide to HIPAA Security and the Law, knows that if healthcare data is not handled properly, patients risk having their information lost or stolen, which means healthcare providers risk compliance mishaps and hefty fines.

It’s the bane of our existence—after printers, that is. Today at Cisco Live with Ryan Lewis, we will be talking about video conferencing. As we all know, the IT guy is always working his butt off behind the scenes to make sure that video conferencing is working right for his clients and that they don’t have any hiccups when they’re giving an important presentation or running an important meeting. Lewis is going to tell us what he’s using for video conferencing, why he’s using it, and the challenges he’s overcome to make sure his users can do video conferencing quickly, efficiently, and without all the hassle.

As if doing taxes weren’t bad enough, now cybercriminals have used an update to a Ukrainian tax software to spread malware to computers in multiple companies both in Ukraine and around the world. The infectious code looks like the ransomware Petya at first glance, but after a double-take, it looks more like a malware that is decidedly more sophisticated and is definitely NotPetya. Many are comparing it more accurately to the WannaCry attacks in May. In this episode of Defrag This, Scott Foote, cybersecurity expert and CEO of Protinuum, dives deep on the recent NotPetya malware attacks and gives us a peek at what future cyberattacks could look like.

This week’s episode takes place at Cisco Live near Rick Graziani’s book signing at the Cisco store. So that makes us even more famous now. It’s true that some industries have struggled to adapt to IPv6—but Graziani can easily explain why businesses shouldn’t be happy to stay with IPv4. “The mobile market has been going IPv6 for a while,” Graziani said. “They’d have to.” Verizon, T-Mobile, Comcast—IPv6 is the only thing that can handle the sheer number of addresses out there. For a breakdown of this episode, click here.

Defrag This has covered machine learning and AI at a higher level—but never before have we had the chance to dive into how autonomous applications work by design. Today is our lucky day, because our guest is AI designer Jeff Smith, data scientist, developer, and author of Reactive Machine Learning Systems, available in Fall 2017. After a couple of years as an AI architect over at x.ai, Smith recently launched a new startup called John Done, an AI that makes telephone calls for you. “Pretty much everything I’ve ever built is a tool that augments someone else’s intelligence,” Smith said.

Episode 12 of the Defrag This podcast.

Episode 11 of the Defrag This podcast.

Episode 10 of the Defrag This podcast.

Episode 9 of the Defrag This podcast.

In episode 8 of Defrag This, IT expert Missy Januszko, discusses the recent PowerShell and DevOps Global Summit 2017 and what exactly a public key infrastructure is.

If you’re sending personally indentifiable information (PII) via basic FTP then your business is at risk. FTP servers do not provide the protections that are needed for today’s threat landscape. The recent FBI Private Industry Notice to healthcare providers warns of criminals strategically targeting basic FTP servers. But the issue doesn’t just effect the healthcare industry. The banking and finance industry are also a major target for cyber criminals. In this episode of Defrag This, Kevin Conklin, VP of Product Marketing at Ipswitch discusses why FTP is not appropriate for sending sensitive data and how upgrading your file transfer infrastructure with an secure managed file transfer solution can protect your business.

In this episode of Defrag This, we discuss the nuances of IT networks in dangerous industries.

In this episode of Defrag This, we're joined by Microsoft PowerShell MVP, Adam Bertram, as we pick his brain on what the big deal is about PowerShell and the test automation framework, Pester. If you are maintaining a business infrastructure, chances are you are working in a windows environment. If that’s the case then you have, at least in small doses, used PowerShell to automate some process.

In this episode of Defrag This, we share stories from the trenches of IT and how we found unlikely solutions to troubleshoot business networks.

In this episode of Defrag This, we share stories from the trenches of IT and how we found unlikely solutions to troubleshoot business networks.

George Orwell’s book 1984, which he wrote in 1948, depicts a dystopian future of mass surveillance and misinformation. Much of what he imagined is very true today. Are we living in a data dystopia? Have we passed the point of no return in this brave new world of data? There is data on all of us whether we like it or not, and that data can be used against us much of the time. Our data is on the black market, whether it is relevant or not. If you are working in IT, you may not be entirely concerned with how your users protect their personal data, but you should be. Many people use the same passwords for personal use that they use to log into their business networks. For instance, maybe one of your users is using the same password that they have used for their Yahoo account for the past 10 years. To them it is a matter of convenience; to you it is a matter of a serious security breach.

George Orwell’s book 1984, which he wrote in 1948, depicts a dystopian future of mass surveillance and misinformation. Much of what he imagined is very true today. Are we living in a data dystopia? Have we passed the point of no return in this brave new world of data? There is data on all of us whether we like it or not, and that data can be used against us much of the time. Our data is on the black market, whether it is relevant or not. If you are working in IT, you may not be entirely concerned with how your users protect their personal data, but you should be. Many people use the same passwords for personal use that they use to log into their business networks. For instance, maybe one of your users is using the same password that they have used for their Yahoo account for the past 10 years. To them it is a matter of convenience; to you it is a matter of a serious security breach.

Businesses in healthcare struggle with double standards, highly complex security infrastructure that is disjointed and redundant. Lawmakers have a real hard time understanding and the terminology that is needed to enact laws around technology. A perfect example is how “encryption” is labeled as something that is “addressable” vs. “required” under HIPAA. Congress saying that encryption is not a requirement does a serious disservice to those who need to make decision for their company. Encryption is a HIPAA requirement despite what the law says because there is no circumstance in which ePHI should not be encrypted. If your business is breached and you didn’t have the proper security controls such as encryption in place, your business is open to fines into the millions of dollars as well as nasty civil suits by those affected by a breach. But encrypting everything is easier said than done.

Defrag This host, Greg Mooney, and the VP of Security Solutions at Ipswitch, Rich Allen, discuss specifically how these attacks impact the healthcare industry. What do IT professionals need to be aware of when it comes to IoT devices, and which devices you may not be considering that are still potential healthcare attack vectors? From the Anthem breach which effected almost 80 million people last year to the more recent Krebs on Security attack that took advantage of the IoT, overall businesses need to be more vigilant.