Category Archives: Blog

🛡️Top Strategies of the Week for IT Business Leaders

Having a strong sense of self-awareness will carry you far in business and in life. Here are a few thought-provoking themes from the previous week.

Weekly Summary

IT Business Leadership, Strategy & Innovation

Offense & Defense Innovation

1.    “The Importance of Personal Branding As A CIO And Business IT Leader.”- Sarah Angel-Johnson, former CIO at Year Up, current CIO at Save the Children, describes how she found her personal brand- being a change agent.

2.    70% of Internet Traffic is Encrypted. What are you Doing to Inspect and Secure it?”- James Crifasi, CTO at RedZone Technologies, on why you need strong SSL security.

3.    “From CIO to Chief Strategy Officer.”- Bill Murphy on the power of CIOs.

4.    “#172: You Are in the Driver’s Seat of Your Own Career.”- Full podcast conversation with Sarah Angel-Johnson, former CIO at Year Up, current CIO at Save the Children.

5.    “ATO Must be Integrated with SSO, MFA, and Conditional Access.” – James Crifasi, CTO at RedZone Technologies, on why you need security in layers.

6.    “#173: Hacking Multifactor Authentication.” – Full podcast conversation with Roger Grimes, Data-Driven Defense Evangelist at KnowBe4.

7.    “Early is on time, on time is late, late is unacceptable.” – Jon Santee, Vice President of IT, on his superpower- time management.

RedZone Technologies specializes in:

•      RedZone MSP and MSSP: ‘On-Demand’ security and trusted advisor programs

•      Co-MITS – Co-Managed IT Security (‘Hands on’ Managed Services)

•      Cloud Security and Secure IT Infrastructure Support

•      Virtual Information Security Operations Programs (IT SecOps and VISO)

Contact us at 410-897-9494 or myteam@redzonetech.net with any questions.

Author of Hacking Multifactor Authentication | Roger Grimes, Data Driven Defense Evangelist with KnowBe4 #173

 

Roger Grimes‘ expertise in the field of computer security is unparalleled. He describes himself as the best in the world when it comes to computer security defense- and he has the credentials to back up this assertion.

He works with Kevin Mitnick who he calls the best Offensive Security guy in the world, but he calls himself the best when it comes to Defense.

As all of you know by now I love Offense and Defense Innovation so this interview falls squarely into the category of Defense Innovation for sure.

With more than 40 computer certifications and twelve books authored or (Co-authored) on computer security, Roger has spent over three decades imparting his knowledge to audiences worldwide.

His current title is Data-Driven Defense Evangelist at KnowBe4. He is the author of the new book, Hacking Multifactor Authentication.

Roger is a 33-year senior computer security architect and cybersecurity veteran specializing in general computer security, identity management, PKI, Windows computer security, host security, cloud security, honeypots, APT, and defending against hackers and malware. He has worked at some of the world’s largest computer security companies, including Foundstone, McAfee, and Microsoft.

In this time of remote workforces and distributed endpoints, Roger advocates for Multi-Factor Authentication. However, MFA is not the end all be all for security. The vast majority of hacking doesn’t care about your MFA. It’s all about reducing your risk, according to Roger.

Throughout his many years in the industry, Roger a universal mission that drives all of his actions- to make the internet a safer place. Roger says if he leaves the Earth without accomplishing that feat, he has failed.

I also provide how you can connect with him on Linkedin. He has over 25k followers.

We’ve been sold by the industry that MFA is a Warm Blanky and Panacea for all security ills.

Learn more deeply about this topic as it is critical to your distributed security architectures moving forward

I’m excited to share this conversation with such a distinguished and world-renowned Security Defense Specialist.
Continue reading

You Are in the Driver’s Seat of Your Own Career | Sarah Angel-Johnson, CIO of Save the Children | Former CIO of Year Up #172

Sarah Angel-Johnson is the CIO at Year Up when this was recorded. She is now the CIO of Save The Children. She was named a 2020 Boston CIO ORBIE Award winner for Non-profit CIO of the Year. She has 20+ years of proven results in being a change agent at scale, starting with coding IBM’s first e-commerce website to digitizing the $860 million Girl Scout Cookie Program for 2.1 million girls and adults. She has led global organizations of 150 managers and employees, provided direction to 25,000 matrix team members, managed 7 global labs, and drove $1.7 billion in revenue.

Sarah has excelled when thrown into new situations and asked to lead change within an organization. She realized early on in her career that she could step in and meld different people, processes, and content together in a way that most leaders couldn’t.

As a leader, the question of how do I bring people together is an important one. Sarah and I answer this question, share stories, and discuss qualities that are important for a leader to have and how to connect with employees at a deeper level.

It’s not enough to simply ask questions. What separates good from great leaders is fundamentally leading with inquiry. Asking open-ended questions, having a genuine interest and curiosity in what motivates people, and having the patience to see everything through are necessary when bringing people together to take action.

In my conversation with Sarah, you will hear how every step in her career has contributed to her overall success and shaped her leadership style. But no matter where her career has taken her, one thing remains the same- a desire to make an impact and help others at scale.

I’m excited for you to hear her story. Let’s take a listen.
Continue reading

70% Of Internet Traffic Is Encrypted. What Are You Doing To Inspect It And Secure It?

Now more than ever, you need strong SSL security.

With the shift to a more remote workforce, we are seeing a few common questions arise: “Now that everybody’s working from home, can we stop trying to do SSL Decryption because it’s a pain” and “If no one is in the office, why do we need it?” Yes, you still need strong SSL security.

Bad actors are using some serious money to buy SSL certificates to make their URLs appear legitimate. Services need to be able to decrypt the SSL. Don’t let the shift in the work environment allow you to let your guard down.

Hacks and phishing attempts can be prevented by just doing the normal SSL Decryption and Outbound Protocol Control.

 

Do You Struggle with Ongoing Continuous Learning? Do You Have Trouble Keeping Up?

At the Murphy dinner table, I have been known to tell my kids that maybe they shouldn’t go to college.
Maybe they should start a business, go travel, volunteer, etc after high school.
They laugh at me.
My parents would have never suggested this.
I was told that if I was not a doctor, lawyer, CPA (yes CPA), or engineer that I was worthless.
Maybe you can relate……
The underlying reality that I am realizing, however, and that I have told them is that no one really knows what will happen to our educational system.
If anyone tells you they know, they are lying
But I reckon (yes I wrote that….and I am from Boston😊) what is most important is that today’s learners (Kids and Adults) are going to have to ‘continuously’ learn.
I think kids will adapt….
Not so much with adults. But why?

I am not sure why. This is outside my paygrade.
However, the most important skill moving forward for IT Business Leaders is going to be to learn.
Most adults resist and struggle with this. Re-tooling, learning new skills, keeping up, etc is not easy.
This is why I believe IT Business leaders and #CIOs must develop #EQ emotional intelligence skills to help you deal with the ‘long game’ of continuous learning.