The Perfect Storm podcast

 

stormy-seashore

A monthly podcast for business executives and information security professionals, industry veterans Michael Markulec and Matthew Webster chat with guests about the latest cyber news, threats, and trends impacting small and medium businesses. Harbor’s proactive rather than reactive solutions help our clients develop the cybersecurity program necessary to take their organization to the next level. Harbor's innovative processes are based on industry-standard frameworks that are tailored to meet the needs of small and medium-sized businesses. 

 

Spotify

 

Apple Podcasts

.

Google Podcasts

 

The list of all the beaches and eateries mentioned on our podcast.

Google Earth map of our guests' favorite beaches and eateries around the world.

 

RISK MANAGEMENT AND INSURANCE

Michael meets with VP of Hub International, Jeremy M. Deck, MBA, on this episode of The Perfect Storm. With Jeremy’s vast experience as a Veteran, Consultant, Advisor, and Subject Matter Expert, he discusses risk management and how his company, Hub International, helps clients manage risk across commercial, benefits, and personal risk insurance products. They also talk about cybersecurity insurance and the different ways companies are protecting themselves from cyber attacks. 

 

Episode 47: Jeremy M. Deck 

Screen Shot 2024-04-25 at 8.17.40 PM
 

SECURING CYBERSECURITY SERVICES

Matthew meets with Mary-Beth Macaluso, the CEO of Paynela, a company determined to stop the cost of medication from being a barrier of access for patients. Being a company founded just under a year ago, they discuss challenges and tips for starting a company in the cybersecurity sector, including the importance of finding a good partner to team up with and rely on.

 

Episode 46: Mary Beth Macaluso 

Mary_guest
 

MANAGED SECURITY SERVICES

Michael meets with Chris Hale, an IT expert and co-founder of Technology Response Team in Colorado. They discuss the importance of SMBs taking the steps to transition from managed services to managed security services. They also talk about staying ahead of emerging technologies being implemented by bad actors and Chris shares his thoughts on some tips to follow during October’s Cybersecurity Awareness Month.

 

Episode 45: Chris Hale 

Chris Hale
 

CYBERSECURITY AWARENESS MONTH- 20th Anniversary

Michael and Matthew meet to discuss the 20th year of Cybersecurity Awareness Month in October. They mention four simple steps individuals and businesses can take to stay cyber-safe. They discuss recommendations including using multi-factor authentication, implementing a password manager, and giving tips on creating strong passwords.

 

Episode 44: Michael & Matthew

Matt & Michael
 

INFORMATION SECURITY

Michael talks with David Abodunrin, who is the Cybersecurity Project Manager/Enterprise Agile Coach at Cybarik in Manchester, UK. They discuss all things information security, such as the cost of security, but also how essential it is to a business and how important awareness training is for every single employee at a company. They also explain why it’s not solely businesses that are susceptible to cyber-attacks- individuals are just as vulnerable on their personal devices.

 

Episode 43: David Abodunrin

 

David Abodunrin
 

CYBERSECURITY & SOFTWARE

Michael talks with Laura Bell Main, an Application Security Specialist and the CEO of Safestack Academy. Safestack Academy works to educate software developers on how to incorporate security into their systems. In this episode, Michael and Laura discuss how often software teams should be testing their security and how implementing security can protect and benefit companies, individual employees, and clients. Laura also offers advice for companies wanting to keep their information secure with new technology emerging.

 

Episode 42: Laura Bell Main

Laura Bell Main
 

FRACTIONAL CIO & CTO

Michael talks with Kingsley Hill, the Regional Director at Freeman Clarke. They delve into the role of fractional CIOs and CTOs in mid-market companies. They discuss how these technology experts provide valuable insights into understanding technological challenges and the emergence of new technologies like AI and increased computing power. They also talk about how to mitigate cyber risks for remote employees.

 

Episode 41: Kingsley Hill

Kingsley Hill
 

CMMC COMPLIANCE

In this episode, Matthew is joined by Nishat Azam, Director of Compliance at Cypher LLC. They discuss a small business' journey to achieving CMMC compliance and becoming a C3PAO. Nishat provides valuable insights into the steps businesses must take to prepare for a CMMC audit and achieve certification and general advice on navigating cybersecurity compliance.

 

Episode 40: Nishat Azam

Nishat Azam
 

LLM & ChatGPT

In this podcast, Matthew interviews Nathan Hamiel, the Senior Director of Research at Kudelski Security, where they discuss various topics surrounding AI. They cover the areas of security, LLMs, and the social language of ChatGPT. Their discussion also includes privacy concerns such as intellectual property versus personal property and Nathan's thoughts on how AI technology can be utilized in the short and long-term.

 

Episode 39: Nathan Hamiel

Nathan Hamiel
 

CYBER INSURANCE

Michael meets with Mark Phander, the Risk Adviser at CBIZ Borden Perlman. They talk about the rise in cyber insurance coverage for businesses, how cyber insurance and cybersecurity practices have evolved at CBIZ, and how clients and businesses have reacted in recent years to cyber policy changes. Mark describes why Multi-Factor-Authentication (MFA) is essential nowadays and which types of devices and accounts should be protected through MFA. They also talk about protecting your Personal Identifying Information (PII) and the process and importance of educating yourself on safe cyber practices.

 

Episode 38: Mark Phander

Mark Phander
 

zero trust

Matthew talks to Nicholas Blank, the CEO of NBConsult, and Chris Goosen, Technology Consultant and Microsoft MVP about Zero Trust. They discuss its guiding principles, including what to do if a vendor contacts your business regarding Zero Trust. They also talk about the importance of using complex passwords, enabling MFA for Cloud Services, and Privilege Account Management as a business.

Check out the related links below with topics discussed in this episode:

Zero Trust Guidance SMBs

Zero Trust Rapid Modernization Plan

 

Episode 37: Nicholas Blank & Chris Goosen

Nicholas Blank & Chris Goosen
 

2023 Cybersecurity Trends

Michael and Matthew are back after a holiday break to continue The Perfect Storm Podcast in 2023. They discuss possible upcoming trends in cybersecurity this year and current news circulating in the cyber field. They give advice about how to best protect your business’s data by choosing the right companies for insurance and third-party risk management. They also bring up AI chatbots becoming more popular and the importance of staying up to date on compliance certifications.

 

Episode 36: Michael & Matthew

Matt Webster & Michael Markulec
 

Cybersecurity & Remote Work

Matthew meets with security expert Lisa Lorenzin, a former Field CTO-AMS at Zscaler. They discuss the evolution of the modern workplace over the last few years, especially with the increase in remote workers. They focus on a variety of topics in the history and current state of remote work, including cloud-based security services, secure web gateway and proxy, and firewall and remote access VPNs, to name a few. They also talk about the future of remote work with the help of new cybersecurity technology.

 

Episode 35: Lisa Lorenzin

Lisa Lorenzin
 

CYBERSECURITY AT SCHOOLS

Matthew talks with Richard Shapiro, the Chief Financial and Operating Officer at Sierra Canyon School in California. They discuss why it is vital to educate students and teachers on security practices and describe a class offered at Sierra Canyon that teaches students how to be cyber-safe. They also talk about how cybersecurity differs at schools from other organizations as well as the cost and benefit of implementing a security system to protect sensitive information.

 

Episode 34: Richard Shapiro

Richard Shapiro
 

Firewall Rules & Cyber Threat Maps

Matthew meets with David Lennon, the Director of Enterprise Solutions at FireMon. They talk about managing firewall rules, cyber threat maps, and the importance of having good cyber hygiene. They also discuss Firemon’s move to cloud security operations, specifically focusing on access control for users.

 

Episode 33: David Lennon

David Lennon
 

Endpoint Attacks

Matthew meets with Matt Hagovsky, the North American Sales Engineering VP for Cybereason. They discuss how Cybereason approaches endpoint attacks by distilling all alerts into one to help users map out their cyber vulnerabilities in a quicker and more useful way. They also talk about how detection endpoint response has advanced over the years and how cyber companies with different resources have adapted to these technologies. They mention the differences between MDR (Managed Detection & Response) and EDR (Endpoint Detection & Response) and how they could affect your choice of MSP (Market Service Provider).

 

Episode 32: Matt Hagovsky

David Lennon
 

SOC 2 Reports

Mike DeKock returns, in his third episode with The Perfect Storm Podcast, to discuss with Matthew what to look for in a SOC 2 report. They talk about requirements for SOC 2 that customers should be sure they include and go into further detail about each step of creating a SOC 2 report. Mike also explains how it could help customers to consider doing research on their auditor to be sure they include all the right information in their report.

 

Episode 31: Mike Dekock

Mike DeKock
 

CYBERSECURITY & WEAK PASSWORDS

Michael meets with Scott Schober, the President, and CEO of Berkeley Varitronics Systems. Scott is an expert in wireless security technology and is a best-selling author of numerous books on cybersecurity. They discuss Scott's role at the company in educating businesses on the importance of cybersecurity and how BV Systems is constantly developing tools and technologies to keep consumers and businesses safe from threats. They also talk about the fundamental issue of weak passwords.

 

Episode 30: Scott Schober

Scott Schober
 

IT DEPARTMENT CHALLENGES

Michael talks with Erick Burd, who is a Network Engineer at a large NJ University and Chairperson of the Hopewell Twp. Board of Fire Commissioners. Erick discusses the challenges faced within the IT department, such as the pandemic and budget limitations. They also talk about how security is part of all aspects of IT in Erick's workplace and bring up other topics like the Internet of things (IoT).

 

Episode 29: Erick Burd

Erick Burd
 

MUNICIPALITIES & IT

Michael meets with Jean-Guy R. Lauture MPP, CG-CIO, the Assistant Township Administrator in the Technology Department for Bloomfield Township, NJ. Jean-guy talks about many of the projects within the township that the IT Department takes on. They discuss how different projects in the municipality require the help of IT, including keeping systems up-to-date and cyber-safe through phishing tests, and other specifics involving the private sector.

Episode 28: Jean-Guy Lauture

Jean-Guy Lauture
 

PENETRATION TESTING

Matthew speaks with Luke Wegryn, the Co-founder of Pensive Security, about the company and how he started it. They discuss the main services provided, including cybersecurity penetration testing on web, mobile, and cloud devices. They also talk about when it is important to perform a pen test and mention Pensive Security's other consulting services that provide help to SMBs.

 

Episode 27: Luke Wegryn

Luke Wegryn
 

SOC 2 PREP & AUDIT CERTIFICATION

Matthew and Mike DeKock, the CEO of MJD Advisors, meet a second time to discuss preparation for SOC 2 (Service Organization Control 2) and audit certification. In this episode, they discuss cost, the differences between SOC type 1 and SOC type 2, and more about the certification process.

 

Episode 26: Mike DeKock

Mick DeKock
 

COMPORTSECURE

Michael meets with Matt Burch, the VP of ComportSecure. They talk about some of the services ComportSecure provides, including IT Solutions, Managed Services, and Cloud Services. They also discuss other cybersecurity topics such as BaaS (Backup as a Service), ransomware, and EDR solutions (Endpoint Detection and Response).

 

Episode 25: Matt Burch

Matt Burch
 

PCI COMPLIANCE

Matthew talks with Tim Erlin, the former VP of Tripwire and long-time security expert, about compliance with PCI (Payment Card Industry). They describe the importance of PCI compliance and how it can help protect against attacks such as credential theft. They also discuss the concept of zero-trust and Tim's future career in the security business.

Episode 24: Tim Erlin

Tim Erlin
 

SOC 2 PROCESS

Matthew meets with Mike DeKock, the Founder and CEO of MJD Advisors to talk all about SOC 2 (Service Organization Control 2). As his company specializes in SOC 2, Mike talks about how MJD Advisors helps explain the service to clients and how he guides them through the process. They also discuss how often some organizations should be doing a SOC 2 report versus the standard.

Episode 23:  Mike DeKock

Mike DeKock
 

GOALSETTER

Matthew meets with Deborah Rose, the COO at Goalsetter. She explains how Goalsetter was founded, and how it helps teach children and families how to be financially healthy. They also talk about how that connects to cybersecurity and how banks and fintech differ.

 

Episode 22: Deborah Rose

Deborah Rose
 

CYBER INSURANCE

Matthew talks with Alex Clark, the VP Cyber Solutions Leader at Hylant, about cyber insurance. They discuss risk transfer programs and the importance of an incident response plan. They also mention the human risk factor and how employees can impact businesses, specifically through ransomware.

 

EPISODE 21: Alex Clark

Alex Clark
 

SPRINGBOARD IT  

Michael meets with Elaine Evans, the Chief Strategy Officer at Springboard IT, part of Springboard Media. They talk about how Springboard IT outsources help for businesses with Mac and iOS IT support. They also discuss other services Springboard IT provides as an MSP (Managed Service Provider), especially during the pandemic.

 

Episode 20: Elaine Evans

Elaine Springboard
 

CMMC 

Matthew meets with Lynn Burns, President of NCMS, a nonprofit organization. They discuss how NCMS volunteers support and educate its 7,000 members on CMMC (Cybersecurity Maturity Model Certification) to protect CUI (controlled unclassified information). They talk about contractor security tips for government workers and the importance of protecting paper documents as well as digital.

 

Episode 19: Lynn Burns

Lynn Burns
 

Cyber Encryption and Cyber safety training

Matthew talks with Matt Cerny, the Director of Information Security at Integra Life Sciences and a long-time cyber expert. They discuss cyber encryption and the importance of educating employees on cyber safety. They also talk about being approachable cyber professionals so that employees feel comfortable asking for help.

 

Episode 18: Matt Cerny

Harbor Podcast Logo
 

Cybersecurity Insurance & Coverage Types

Matthew talks with Julian Sylvestro, the Director of Insurance and Legal Verticals at Secureworks. They discuss the need for cybersecurity insurance and different types of coverage. They also talk about the assistance that Secureworks provides for its customers.

 

Episode 17: Julian Sylvestro

Julian Sylvestro
 

IT & HEALTHCARE

Matthew meets with Jim Cavanagh, the Owner and Principal Consultant of Executive Healthcare Consulting. Jim talks about his extensive career in IT and healthcare consulting and the challenges that healthcare workers have been facing during the pandemic. They also bring up the rise in ransomware and the use of cryptocurrency.

 

Episode 16: Jim Cavanagh

Jim Cavanagh
 

CLOUD SECURITY

Matthew meets with Lee Sult, the General Manager at Corvid CyberDefense to discuss cloud computing and cloud security. They also talk about the shared security model that cloud providers, such as Amazon Web Services (AWS), around the world implement in their security.

 

Episode 15: Lee Sult

lee-sult-corvid-defense
 

CYBERSECURITY TRENDS 2022

Matt and Michael chat about cybersecurity trends over the last year and discuss upcoming trends to look out for in 2022. They talk about the future of CMMC, risk management, and security awareness training. They also mention Apache Log4j and its vulnerabilities in 2021 that could continue to cause issues in the new year.

 

Episode 14: Matt & Michael

podcast_logo main(1)
 

IT MARKETING 

Michael meets with Loredana Niculae, the CEO of NNC Services, which is a marketing company that provides strategies for IT companies and professional service companies. They discuss a few marketing strategies, such as marketing businesses to a specific persona and understanding your buyer. Loredana also explains how creating a space for a community of professionals to get together can benefit everyone and give opportunities to collaborate in a similar field.

 

Episode 13: Loredana Niculae

Loredana
 

CYBERSECURITY & SALES TRAINING

Michael talks with David Trapani, the owner of sales and training organization, Sandler Training. They discuss how changes in technology and cybersecurity regulations have affected sales processes. David also brings up the benefits of reinforcement training through security awareness.

 

Episode 12: David Trapani

Screen Shot 2021-12-02 at 11.50.36 AM
 

CMMC vs. NIST 800-171

Matthew talks with John Britton about CMMC updates in John’s second episode of the Perfect Storm. John is the Technical Director for Corvid Cyberdefense, a partner of Harbor TG. They detail the changes in CMMC, from version 1.3 to the new 2.0 version, and discuss each level within the new version of the certification. John also describes CMMC versus NIST 800-171, and gives tips to small businesses about cybersecurity and preparing for cybersecurity certification.

 

Episode 11: John Britton

 

Screen Shot 2021-09-09 at 12.55.31 PM
 

AWARENESS TRAINING

Michael talks with Evan Kennedy, a security consultant here at Harbor Technology Group, about his nearly two years working at Harbor. They discuss Harbor’s approach to awareness training, including the two-prong curriculum for simulated phishing. Evan also details the difference between vulnerability scanning versus ethical hacking penetration testing and gives tips for SMBs on how to respond to simulated phishing emails.

 

Episode 10: Evan Kennedy

Screen Shot 2021-10-27 at 6.45.23 PM
 

XDR, EDR & MDR SECURITY SOLUTIONS

Matthew has a discussion with Johnny Lieberman and Zack Miller of Worklyn Partners, an investing and operating company they co-founded. They discuss how they created the company and their plan for creating a one-stop-shop provider of cybersecurity services for mid-market and SMB customers. With Matthew, they detail the many different security solutions advertised in the market -- XDR (Extended Detection and Response), EDR (Endpoint Detection and Response), and MDR (Managed Detection and Response) – and comment on trends they are seeing in the M&A market, especially with private equity firms growing more interested in the space.

 

Episode 9: Johnny Lieberman & Zack Miller

podcast_logo_Worklyn (1)
 

IT AND THE HYBRID WORK ENVIRONMENT

Matthew has a discussion with Anton Major, the Director of Technology at VelocIT about what his job is like managing an organization’s IT as a Managed Service Provider (MSP). They talk about changes in the company and its clients during the pandemic, specifically how a hybrid work environment affects IT. Anton also brings up other topics such as VPNs and cloud services and gives tips for staying safe while working remotely.

 

Episode 8: Anton Major

anton_guest
 

CYBERSECURITY & SMBs

Matthew has a discussion with John Verry, the CISO and Solutions Director at Pivot Point Security, about a number of services that Pivot Point Security provides. Some of the services they mention include individual IoT device penetration tests, full organization vulnerability assessments, and ISO 27000 certification. John explains the positives of working with smaller businesses and the importance of meeting with a cybersecurity professional in order to be sure each organization is well-protected.

 

Episode 7: John Verry

Screen Shot 2021-09-22 at 6.32.18 PM
 

CMMC

Matthew talks with John Britton, the Technical Director at Corvid Cyberdefense to discuss a number of topics surrounding CMMC. John explains his role at Corvid and the company’s approach to helping their clients find the best time to implement a plan for CMMC as well as providing them with a strong and affordable cyber defense team.

 

Episode 6: John Britton

podcast_corvid_britton
 

SUPPLY CHAIN CYBER PROTECTION

Michael meets with Tommy McDowell, the General Manager at Celerium. They talk about Celerium and its focus on supply chain cyber protection. Tommy gives tips for identifying sensitive information and protecting it through different security measures. Lastly, they discuss how CMMC has changed in the last couple of years and how Celerium can help prepare organizations to meet the new requirements.

 

Episode 5: Tommy McDowell

 

podcast_logo tommy (1)
 

CYBERSECURITY PREPARATION

Matthew meets with William Compton, the CIO at Integra Life Sciences, to talk about how Integra adapted to remote work during the pandemic. They also discuss the importance of being prepared both as an individual and as an organization for security testing, specifically email trust and being cyber-safe on social media.

 

Episode 4: William Compton

Screen Shot 2021-08-12 at 1.02.44 PM
 

CYBERSECURITY AWARENESS TRAINING

Michael talks with Craig Sandman, the President and Founder at Symbol Security about security awareness training for employees. They discuss how to avoid email phishing and malware attacks, credential theft, and other ways to avoid ransomware attacks and scams using Symbol Security’s training.

 

Episode 3: Craig Sandman

podcast_logo_craig
 

PHISHING ATTACKS

Matthew meets with Harbor's first guest, Steve Budd, the COO at MC3 to discuss employee phishing attacks, “evil-ware," and how virtual experiences at a small business have changed during the pandemic.

 

Episode 2: Steve Budd

podcast_stevebudd
 

MANAGING CYBER RISK

Cyber experts Michael and Matthew give an introduction to the podcast, as well as a description of Harbor Technology Group's services. They explain a range of services from cyber risk advisory to vCISO consulting to meet specific security requirements without putting a strain on your IT budget. Additionally, they talk about how these can allow businesses to make informed, fact-based decisions and manage cyber risk.

 

Episode 1: Intro to the perfect storm podcast

podcast_logo main(1)