10 Questions to Cyber Resilience

Operational resilience vs. Cyber resilience: Cybersecurity challenges for SMBs & Growing talent gap

Assurance IT — Fri, 14 Feb 2025 06:00:00 -0500

In this episode, we sit down with François Guay, Founder of the Canadian Cybersecurity Network and a leader in cybersecurity talent search, to talk about the future of cybersecurity in Canada. But this conversation goes beyond just cyber threats. François dives deep into operational resilience—how businesses can not only defend against cyber risks but also ensure their entire operations stay strong in the face of disruption.

We cover:

✅ The biggest cybersecurity challenges for Canadian SMBs

✅ Key trends shaping the cybersecurity landscape

✅ The growing talent gap and how to bridge it

✅ Why operational resilience is just as critical as cyber resilience

✅ How businesses can future-proof themselves against cyber and operational threats

✅ Predictions for 2025—what’s next for cybersecurity in Canada and beyond

If you’re a business leader, cybersecurity professional, or looking to break into the field, this episode is packed with insights you won’t want to miss!

Resources:

François Guay's LinkedIn:

/ francoisguay

CCN Linkedin: https://www.linkedin.com/company/cana...

Luigi Tiano’s LinkedIn:

/ luigitiano

Assurance IT Website: http://www.assuranceit.co/

About the guest:

François Guay is the founder of Canada’s largest cybersecurity network, the Canadian Cybersecurity Network (CCN), which connects over 44,000 members across various sectors. He also founded Canadian Cybersecurity Jobs, Canada’s dedicated cybersecurity job portal, and launched CyberVoices, a platform driving discussions on key cybersecurity trends in Canada.

François has authored pivotal reports like the State of Cybersecurity in Canada and CyberTowns, shaping how organizations approach cybersecurity. An expert recruiter and consultant, he regularly speaks at conferences and summits, offering strategic insights to global corporations.

Passionate about mentorship, François is committed to developing the next generation of cybersecurity professionals. Outside of work, he enjoys solo adventures exploring Canada’s natural landscapes.

About 10 Questions to Cyber Resilience:

Twice per month, learn about how IT leaders are strengthening their cyber security practices. Every episode comprises of 10 questions that get you one step closer to cyber resilience. Subscribe to stay up-to-date with hot topics in cyber security.

About Assurance IT:

Assurance IT (www.assuranceit.co) specializes in data protection and data privacy for the mid-market since 2011. The Montreal-based company’s unique approach to helping customers become cyber resilient is called the PPR Methodology which stands for Prepare, Protect and Recover. Based on industry best practices, the PPR Methodology is an easier way to achieve cyber security and compliance objectives.

👉 Don’t forget to like, comment, and subscribe for more expert insights!

#Cybersecurity #OperationalResilience #CyberResilience #BusinessContinuity #CyberThreats #CanadianCybersecurity #CyberJobs

How to Outsmart Ransomware: AI, Digital Forensics & Insider Secrets with Andria Delia

Assurance IT — Wed, 29 Jan 2025 06:00:00 -0500

In this episode, we’re joined by Andria Delia, a Cyber Threat Intelligence Expert and a nominee for the Cellebrite Digital Justice Rising Star Award at the C2 Summit. Andria dives into her extensive experience in cybersecurity, sharing valuable insights on the psychology of cyber attackers and how she handles ransomware without paying ransoms. She discusses the real-world application of threat intelligence, the role of law enforcement, and the often-overlooked behaviors of threat hunters.

Andria takes us through the evolution of ransomware attacks, the key steps in responding to a breach, and how attackers adapt in the ever-changing landscape of digital threats. We also explore the role of AI in both facilitating and combating cyber threats, and Andria shares her thoughts on how predictive analytics and behavior analysis can help thwart attacks before they even happen.

She gives an eye-opening perspective on digital forensics, particularly in relation to mobile devices, and highlights the lingering threats in the mobile world. To wrap up, Andria offers practical advice for the general public on staying safe in the digital world.

If you’re interested in learning how threat intelligence works, the psychology behind attacks, or what you can do to protect yourself online, this episode is a must-watch!

Resources:

Andria Delia's LinkedIn: https://www.linkedin.com/in/andriadelia/

Luigi Tiano’s LinkedIn: https://www.linkedin.com/in/luigitiano/

Assurance IT Website: http://www.assuranceit.co/

About the guest:

Andria Delia is a leading expert in cyber threat intelligence, specializing in ransomware mitigation, incident response, penetration testing, and forensics. She is a Certified Cyber Threat Intelligence Expert and has led high-profile engagements, developed response plans, and contributed to digital forensics. With a background in public interest law, Andria has successfully led cases that have shaped case law. Notably, she is one of the few women globally to have mitigated ransomware attacks on major organizations. Additionally, she has expertise in Bitcoin, Blockchain, AI, and machine learning, with research focused on AI’s impact on financial markets. A sought-after speaker and mentor, Andria is dedicated to advancing the field of cybersecurity.

About 10 Questions to Cyber Resilience:

About Assurance IT:

EXPERT DISCUSSION: Chris Catanzaro on Ransomware Defense with Halcyon's Micro-Agent Technology

Assurance IT — Tue, 17 Sep 2024 06:00:00 -0500

Welcome to 10 Questions to Cyber Resilience, presented by Assurance IT. In this bi-monthly series, we dive into the strategies and practices IT leaders use to enhance their cybersecurity. Each episode brings you closer to mastering cyber resilience through engaging interviews with industry experts.

In this episode, we sit down with Chris Catanzaro, Worldwide VP of Channels and MSSP at Halcyon, a leading player in ransomware protection.

Chris shares his insights on Halcyon's innovative approach to cybersecurity, including their unique micro-agent technology and its impact on preventing and recovering from ransomware attacks.

Discover how Halcyon stands out by working in tandem with your existing EDR solutions to enhance protection, and learn about the significant benefits for cyber insurance premiums when using Halcyon's solutions.

Episode Highlights:

- Introduction to Chris Catanzaro and Halcyon’s role in the cybersecurity landscape

- The function and advantages of Halcyon’s micro-agent technology

- How Halcyon supports customers before, during, and after a ransomware attack

- Insights into the relationship between ransomware protection and cyber insurance premiums

About Chris:

/ chris-c-68a3352

With 25+ years in channel sales, Chris Catanzaro drives growth by expanding relationships with resellers, system integrators, and MSSPs. Chris excels in channel strategy, partner ecosystem development, and enablement programs, with notable achievements including the CRN 5-Star Channel Program Award. Fluent in Spanish, he effectively engages with a diverse global partner network.

About Luigi:

/ luigitiano

25 Years of IT Experience: Luigi boasts extensive experience in cyber security, working with Fortune 100 companies. Assurance IT's Edge: At Assurance IT, we manage 1PB+ of data in our certified data center, offering DRaaS and protecting 5000+ endpoints. Collaborative Approach: Luigi collaborates with CISOs to enhance cyber security and minimize risks.

About 10 Questions to Cyber Resilience:

Learn about how IT leaders are strengthening their cyber security practices. Every episode comprises of 10 questions that get you one step closer to cyber resilience. Subscribe to stay up-to-date with hot topics in cyber security.

About Assurance IT:

Assurance IT (www.assuranceit.co) specializing in data protection and data privacy for the mid-market in North America, since 2011. The Montreal-based company’s unique approach to helping customers become cyber resilient is called the PPR Methodology which stands for Prepare, Protect and Recover. Based on industry best practices, the PPR Methodology is an easier way to achieve cyber security and compliance objectives.

Resources Mentioned:

- https://www.halcyon.ai/

Don't miss out on future episodes—subscribe now to stay updated with the latest in cybersecurity resilience.

Subscribe to our channel to catch every episode and stay ahead in the world of cyber resilience!

Evolution of Cybersecurity Threats and Future Challenges

Assurance IT — Fri, 23 Feb 2024 09:00:00 -0500

Join us on our 8th episode of season 2, as Julien and Troy from GoSecure explore the transformation of cybersecurity threats over the years, from traditional phishing attacks to the emergence of sophisticated ransomware campaigns. Gain insights into the role of artificial intelligence and IoT in enhancing security measures, while also introducing new challenges and vulnerabilities.

Looking ahead, our guests discuss the potential impact of deepfakes and quantum computing on cybersecurity, shedding light on the future challenges that organizations may face in safeguarding their digital assets.

Throughout the conversation, Julien and Troy emphasize the importance of continuous learning and staying proactive in the field of cybersecurity. They share valuable advice for aspiring professionals, highlighting the significance of community engagement and understanding the underlying technologies driving the industry forward.

Whether you're an IT leader, cybersecurity enthusiast, or simply curious about the evolving threats in the digital realm, this episode offers a wealth of knowledge and insights to help you navigate the complex world of cybersecurity.

About Julien Turcot:

Julien Turcot, a seasoned professional with over two decades of experience in the dynamic realm of information security, stands as a formidable figure in the industry. Armed with a wealth of expertise in large-scale information security, cyber resilience programs, and risk management, he has been a guiding force for organizations of all sizes in both public and private sectors. Recognized as a preeminent authority, Julien is not just a practitioner; he is a visionary who effortlessly translates intricate technological challenges into tangible, commercially viable solutions. His renowned speaking engagements at international cybersecurity conferences underscore his commitment to knowledge sharing. Driven by a relentless pursuit of results, Mr. Turcot has successfully implemented cutting-edge IT solutions across diverse industry verticals in Canada, significantly enhancing operational efficiency and reducing total cost of ownership for his clients. With a natural flair for leadership and a positive attitude, Julien thrives under pressure, firmly believing that every problem has a solution.

LinkedIn: https://www.linkedin.com/in/julienturcot/

Cybersecurity Executive at GoSecure - Help clients thrive through the darkness of Hackers tyranny

About Troy Vennon:

Troy Vennon, Certified | CISO , GoSecure Security Product Manager, Information Security Expert, Threat Intelligence Tradecraft and Mitre Att&ck Evangelist. Former United States Marine. Real Estate Investor. Firearms Instructor. Wrestling Coach. Ohio State Football and Wrestling Fanatic.

Troy Vennon’s career spans 25 years and focused entirely on Information Security roles across every security domain, beginning in 1998 with the United States Marine Corps as SNCOIC of the Marine Corps Network Operations & Security Center’s (MCNOSC) Marine Computer Emergency Response Team (MarCERT), until he joined the private sector in 2006.

As a Certified Chief Information Security Officer, Troy focuses on coaching CISO’s and security teams in their efforts in building security programs that can rapidly identify effective control coverage strategies for risk identification, risk treatment, and security investment.

LinkedIn: https://www.linkedin.com/in/troyvennon/

GoSecure Website: https://www.gosecure.net/

About Luigi:

25 Years of IT Experience: Luigi boasts extensive experience in cyber security, working with Fortune 100 companies.

Assurance IT's Edge: At Assurance IT, we manage 1PB+ of data in our certified data center, offering DRaaS and protecting 5000+ endpoints.

Collaborative Approach: Luigi collaborates with CISOs to enhance cyber security and minimize risks.

Luigi's LinkedIn: https://www.linkedin.com/in/luigitiano/

About 10 Questions to Cyber Resilience:

About Assurance IT:

Assurance IT (www.assuranceit.ca) specializes in data protection and data privacy for the mid-market in Canada, since 2011. The Montreal-based company’s unique approach to helping customers become cyber resilient is called the PPR Methodology which stands for Prepare, Protect and Recover. Based on industry best practices, the PPR Methodology is an easier way to achieve cyber security and compliance objectives.

AI's Watch: Defending the Enterprise with Paul Baker from Purilock

Assurance IT — Thu, 18 Jan 2024 06:00:00 -0500

On the seventh episode of 10 Questions to Cyber Resilience, Assurance IT welcomes Director of Cybersecurity, Paul Baker, from Purilock, to explore the vital theme of safeguarding AI in the enterprise. With the escalating popularity of AI, especially tools like ChatGPT, join us as we uncover insights from expert Paul Baker on how enterprises are proactively securing themselves against potential risks posed by AI and ensuring a robust and safe integration of these technologies.

In this episode, Paul Baker from Purilock and co-founder of Assurance IT, Luigi Tiano, discuss:

Potential Risks of AI, Specifically ChatGPT
Ethical Considerations in Implementing AI
Measures to Ensure Responsible AI Use
Ensuring Accuracy and Validity of AI Responses
Overview of Purilock's Solution - Prompt Guard
Best Practices for Secure AI Utilization
The importance of education and awareness in AI usage

Resources:

Transcript:

Watch the episode:

Paul Baker's LinkedIn:

Purilock's website:

Luigi Tiano’s LinkedIn:

Assurance IT Website:

About Paul Baker:

Customer-facing manager who collaborates with all levels of stakeholders, from developers and technical staff through to C-Suite executives. Builds solid relationships and quickly becomes the reliable "go-to" person internally and externally. Analytical thinker with a creative edge, who deftly identifies client needs, and assesses both financial and technical viability. Passionate about helping clients discover new possibilities, maximizing investment in technology, and driving revenue for their company. Translates customer requests into detailed requirements, then follows through to delivery and beyond.

About 10 Questions to Cyber Resilience:

Discover the strategies IT leaders employ to fortify their cybersecurity practices in every enlightening episode. Uncover the answers to 10 questions, each bringing you a step closer to achieving cyber resilience. Stay ahead in the ever-evolving landscape of cybersecurity by subscribing and staying up-to-date with the latest insights on hot topics in the field.

About Assurance IT:

Navigating Data Storage: On-Premises vs. Cloud, with Christopher Reily from ExaGrid

Assurance IT — Fri, 15 Dec 2023 06:00:00 -0500

In this episode, Luigi Tiano interviews Christopher Reily from ExaGrid, focusing on topics related to on-premises storage versus the cloud. Christopher introduces himself as the Director of Solutions Engineering for the eastern half of the Americas at ExaGrid.

The conversation covers the challenges, benefits, and strategies around data storage, emphasizing the importance of local backup storage even as more businesses adopt a cloud-first model. They discuss the risks of relying solely on cloud-based storage for backup, touching on cost unpredictability and performance issues during data restoration.

Resources:

Watch the episode: https://youtu.be/uvyskcvyllE

Chris' LinkedIn: https://www.linkedin.com/in/chrisreily/

ExaGrid's website: https://www.exagrid.com/

Luigi Tiano’s LinkedIn: https://www.linkedin.com/in/luigitiano/

Assurance IT Website: http://www.assuranceit.ca/

About Christopher Reily:

25+ year industry professional with a history of holding influential positions in the field of Information Technology. Prior roles include: Principal Consultant, VP Solutions Architecture, University Senior Lecturer, Chief Technology Officer and Managing Director.

About 10 Questions to Cyber Resilience:

About Assurance IT:

Mastering Manufacturing Cybersecurity: Bridging IT and OT for Operational Excellence, with Tom Molden from Tanium

Assurance IT — Fri, 08 Dec 2023 06:00:00 -0500

In this podcast episode, Luigi Tiano interviews Tom Molden from Tanium to delve into the challenges of manufacturing cybersecurity. The conversation explores the convergence of IT and OT, emphasizing the critical need for collaboration between the two domains. Tom emphasizes three key points for manufacturers to enhance their cybersecurity:

Cultural Collaboration: Build a bridge between the IT and manufacturing engineering teams. Establish a collaborative culture that recognizes and utilizes the distinct skill sets present in each domain.
Visibility: Gain comprehensive visibility into all technology assets, from lower-tier OT devices to more IT-like devices. Recognize the importance of modern technology tools to track, monitor, and assess the state of assets in real time.
Hygiene Culture: Introduce a hygiene culture in manufacturing plants, focusing on practices like patching, maintaining cleanliness, and adhering to security best practices. This cultural shift toward cybersecurity resilience is essential for protecting manufacturing environments.

The conversation also touches on the historical perspective of manufacturing security, the challenges posed by legacy systems, and the evolving landscape of cybersecurity in an era of increased connectivity.

Throughout the discussion, Tom emphasizes the potential for operational efficiency gains through the convergence of IT and OT, and he briefly touches on the role of AI in manufacturing, highlighting its potential for preventative maintenance.

Resources:

Watch the episode: https://youtu.be/t07G8fOwUZ8

Tom Molden’s LinkedIn: https://www.linkedin.com/in/tmolden/

Tanium website: https://www.tanium.com/

Luigi Tiano’s LinkedIn: https://www.linkedin.com/in/luigitiano/

Assurance IT Website: http://www.assuranceit.ca/

About Tom Molden:

"I am a versatile technology executive with an international background and a successful leadership track record in IT, Strategy, Finance, and Operations. I have a reputation as a change agent, and a unique combination of business and technology expertise.

I have led growth and transformation strategies, as well as multiple M&A initiatives, in high-tech, semiconductor and automotive. I have built and led high performing teams in large global enterprises as well as in rapidly growing mid-sized companies.

I have an MBA in finance and MIS from the University of Texas, a BA in International Studies from the University of Washington and an Advanced Computer Security Certificate from Stanford University. I also speak French, German and English.

Specialties:

• Strategic Planning - FP&A, M&A deal side, JV’s, short and long-range plans

• IT Strategy and Governance - Portfolio & PMO, budgets, post-merger integration, carve-outs, cybersecurity

• Business/Digital Transformation - Roadmap development, program structuring, organizational design

• Innovation - Data & analytics, ERP, custom development"

About 10 Questions to Cyber Resilience:

About Assurance IT:

Assurance IT (www.assuranceit.ca) specializing in data protection and data privacy for the mid-market in Canada, since 2011. The Montreal-based company’s unique approach to helping customers become cyber resilient is called the PPR Methodology which stands for Prepare, Protect and Recover. Based on industry best practices, the PPR Methodology is an easier way to achieve cyber security and compliance objectives.

Unlocking the Secrets of Manufacturing Cybersecurity, with Tanium's Ashley McGlone

Assurance IT — Fri, 01 Dec 2023 06:00:00 -0500

Dive into the world of manufacturing cybersecurity with an insightful podcast episode featuring Ashley McGlone, a seasoned technology strategist from Tanium. Join your host, Luigi Tiano, as he engages in a riveting conversation with Ashley, unraveling the complexities of Industry 4.0, IoT, and the critical role of cybersecurity in the manufacturing landscape.

In this episode, Ashley shares his wealth of expertise, drawing on decades of experience in the tech industry, including roles at Microsoft, Toyota, and his current tenure at Tanium. The duo delves into the challenges posed by the convergence of IT and OT, exploring the unique cybersecurity concerns faced by manufacturing companies in an era of increased connectivity and automation.

Discover the significance of standards like ISA 62443 and the Purdue model in structuring cybersecurity practices for manufacturing environments. Luigi and Ashley explore the pressing need for visibility and control in OT environments, shedding light on the evolving trends and the potential risks associated with cloud integration.

As the conversation unfolds, Ashley provides valuable insights into the diverse mix of devices in manufacturing and how strategic platform partnerships can be the key to effective cybersecurity. The duo navigates the landscape of resources available for companies venturing into cybersecurity enhancements, with a special spotlight on the SANS Institute's industrial controls training.

Resources:

Watch the episode: https://youtu.be/1u6Ot5s-sXI

Ashley's LinkedIn: https://www.linkedin.com/in/ashleymcglone/

Tanium's website: https://www.tanium.com/

Luigi Tiano’s LinkedIn: https://www.linkedin.com/in/luigitiano/

Assurance IT Website: http://www.assuranceit.ca/

About Ashley McGlone:

Ashley McGlone has spent his life in IT. Between recordings of Tanium Tech Talks he enjoys advocating for customers, getting in the weeds of tech, and savoring a particular retro variety of red licorice. In his role as Technology Strategist he researches and creates vertical-specific guidance for customers to maximize their Tanium experience. He also is a megaphone for customer feedback to the Tanium product teams. As a frequent conference speaker he's always looking for opportunities to share the "Wow Tanium" experience with new audiences. Message him just to say hi or to talk Tanium and tech.

About 10 Questions to Cyber Resilience:

About Assurance IT:

An honest chat about Zero Trust Security, with Paul Baker

Assurance IT — Fri, 17 Nov 2023 06:00:00 -0500

Zero trust is a hot topic, so we invited the Director of Cybersecurity from Plurilock, Paul Baker, to discuss the subject in detail.

In this episode, Paul Baker from Plurilock and co-founder of Assurance IT, Luigi Tiano, discuss:

What is zero trust?
How do you never assume someone is a good actor?
How do you get an enterprise to prioritize zero trust?
Is it easy to calculate the cost to protect a network?
How do you get people to buy into cybersecurity?
What role does zero-trust play in identity access management?
What is continuous authentication? Compared to MFA?
Is continuous authentication safe?
How does a team measure the effectiveness of implementing zero-trust initiatives?
Has zero trust helped you get cyber insurance?
What are the long-term benefits of zero-trust?

Resources:

Watch the episode: https://youtu.be/D5oL9B1-0qw

Paul Baker’s LinkedIn: https://www.linkedin.com/in/paul-baker-uk/

Plurilock website: https://plurilock.com/

Luigi Tiano’s LinkedIn: https://www.linkedin.com/in/luigitiano/

Assurance IT Website: http://www.assuranceit.ca/

About Paul Baker:

A customer-facing manager who collaborates with all levels of stakeholders, from developers and technical staff through to C-Suite executives. Builds solid relationships and quickly becomes the reliable "go-to" person internally and externally. Analytical thinker with a creative edge who deftly identifies client needs and assesses financial and technical viability. Passionate about helping clients discover new possibilities, maximizing investment in technology, and driving revenue for their company. Translates customer requests into detailed requirements, then follows through to delivery and beyond.

About 10 Questions to Cyber Resilience:

Learn about how IT leaders are strengthening their cyber security practices twice a month. Every episode comprises of 10 questions that get you one step closer to cyber resilience. Subscribe to stay up-to-date with hot topics in cyber security.

About Assurance IT:

Breaking down the infamous Uber, Cisco and LastPass breaches, with David Lindstrom

Assurance IT — Wed, 25 Oct 2023 06:00:00 -0500

Assurance IT invited Identify and Deception Specialist, David Lindstrom, from SentinelOne, to chat about how unsophisticated attacks breached high-profile companies like Uber, Cisco, and LastPass.

In this episode, David Lindstrom and co-founder of Assurance IT, Luigi Tiano, answer the following questions:

Do you need someone with high credentials to hack a system?
Is Active Directory good at protecting the enterprise?
Is it possible to understand the full scope of a data breach?
What is a honey pot?
Can you buy credentials on the dark web?
How do you prevent an employee from being a target of social phishing?
Is there a golden rule for creating a safe password?
How do you avoid being the softest target for dark web credentials?
What does it mean to secure your identity in an enterprise?

Resources:

Watch the episode: https://youtu.be/9zs2MzInI50

David Lindstrom's LinkedIn: https://www.linkedin.com/in/davidlindstrom/

SentinelOne's website: https://www.sentinelone.com/

Luigi Tiano’s LinkedIn: https://www.linkedin.com/in/luigitiano/

Assurance IT Website: http://www.assuranceit.ca/

About David Lindstrom:

Passionate cybersecurity sales professional focused on successful security and business outcomes. I’ve had the pleasure of working on behalf of enterprise and educational organizations across industries and have excelled in the role of start-up evangelist, team leader, and practice expert for established companies.

About 10 Questions to Cyber Resilience:

About Assurance IT:

How to Succeed in Ethical Hacking, with Laurent Deslauriers

Assurance IT — Fri, 15 Sep 2023 06:00:00 -0500

Assurance IT invited our favorite ethical hacker, Laurent Desaulniers. In this episode, Laurent Desaulniers, Security Cloud Manager, and co-founder of Assurance IT, Luigi Tiano, discuss:

1. What does ethical hacking really mean?

2. Should pentests be done multiple times per year?

3. Who was Mafia Boy?

4. How did he give ethical hacking a bad name?

5. What will the lack of IT talent result in?

6. The truth behind the ethical hacking community

7. What are some ways to get started in ethical hacking?

8. How do you identify great hacking talent?

9. The #1 question to ask ethical hackers in interviews.

10. How much money you can make as an ethical hacker.

BONUS TOPICS

What schools should really be teaching about tech?

Resources for learning cyber security.

Resources:

Laurent Desaulniers’s LinkedIn: https://www.linkedin.com/in/laurentdesaulniers/

Luigi Tiano’s LinkedIn: https://www.linkedin.com/in/luigitiano/

Assurance IT Website: http://www.assuranceit.ca/

About Laurent Desaulniers:

Laurent Desaulniers combines a strong technical experience with creative thinking to achieve elegant solutions with a passion for security, especially forensic, web and penetration testing.

Laurent Desaulniers is knowledgeable in the following technologies :

- Operating systems: Linux (Ubuntu/Debian) , Windows (2008, 2003 Server, Windows 2000 Server), Cisco IOS

- Programming languages: PHP, Javascript, Python, Java (J2EE, EJB3, Servlet, Swing), JSP, Struts

- Framework: PCI-DSS, ISO-27001, ISO27034, ISO17799, ISO13335, ITIL, COBIT.

- Methodology: OSSTM, OWASP, OCTAVE

- Security: IDS systems, Honeypots, Penetration Testing

Specialties: Forensic, Web application intrusion, Vulnerability Analysis

About 10 Questions to Cyber Resilience:

About Assurance IT:

Is the cloud secure? with CISO from Insurity, Jay Wilson

Assurance IT — Fri, 16 Dec 2022 06:00:00 -0500

Assurance IT invited Insurity's CISO, Jay Wilson to discuss SaaS platform, cloud security and data privacy.

In this episode, Jay Wilson from Insurity and co-founder of Assurance IT, Luigi Tiano, discuss:

Pros and cons of SaaS platforms
Should hardware be back on-prem?
Cloud security: Is it where it needs to be?
Are security risks between cloud and on-prem similar?
How to backup SaaS applications
Difficulty of complying with data privacy regulations from around the world
Are the Data privacy regulations make us better?

Resources:

Watch the episode: https://youtu.be/a8YWmt-QcVU

Jay Wilson’s LinkedIn: https://www.linkedin.com/in/jaywwilson/

Luigi Tiano’s LinkedIn: https://www.linkedin.com/in/luigitiano/

Assurance IT Website: http://www.assuranceit.ca/

About Jay Wilson:

As an experienced technology executive across multiple disciplines and sectors, Jay leads operations, delivery and strategy across global cross-discipline teams to produce and protect innovative products, growth strategies and measurable results.

In his role of Chief Information Security Officer at Mercury Healthcare, he is responsible for advancing the information security and compliance program, ensuring our business operations and client-facing product technologies are safe from attack, exceed regulatory standards and protect the critically important protected health data assets that Mercury Healthcare manages for over 1000 hospitals. Additionally he lead our efforts to align to industry leading compliance and security frameworks, including HITRUST certification of the Mercury Patient Engagement Solution / CRM. Further, he also leads and directs the IT function at Mercury Healthcare to improve the efficacy, efficiency and effectiveness of IT/Helpdesk functions within the organization.

He is CISM, CHP and CSCS certified and has over 20 years of experience in various technology development and leadership roles. Also a graduate of SapientNitro's CMTO University program, with a background as a professional marketing technologist and a consummate student of innovation and psychology, he focuses additional effort on the potential of people in the world of business+technology convergence. He has previously led (at Healthgrades) the Learning Academy program, part of HG's previous leadership development program, to help grow our people in communication, leadership and creating impact.

His experiences in technologies are broad and diverse, but he has had the privilege of working in: Security Infrastructure, Network Engineering, Automation Engineering, Advertising Technologies, Data Engineering, Distributed Computing, Professional Video, Cloud Computing, DevOps, Containers, Front End Web Technologies, Server-side Technologies, Microservices & API Development.

About 10 Questions to Cyber Resilience:

About Assurance IT:

How small companies should get started in cyber security, with Franco Perrotta

Assurance IT — Fri, 11 Nov 2022 06:00:00 -0500

Franco Perrotta is a cyber security consultant at Bell. Over his decade of experience helping businesses with cyber security, he noticed trends he shares in this episode - specifically for small businesses.

In this episode, Franco Perrotta and co-founder of Assurance IT, Luigi Tiano, discuss:

How much budget should you have for cyber security?
How small companies should get started in cyber security
Benefits of being small when attracting IT talent
First step to identifying weal spots in a small business
Can you grow a business and do it prudently?
Cyber insurance for small companies
Use case: helping small business with low budget and one IT person with cyber security

Resources:

Watch the episode: https://youtu.be/mPUy-RoUkrw

Franco Perrotta’s LinkedIn: https://www.linkedin.com/in/francoperrotta/

Luigi Tiano’s LinkedIn: https://www.linkedin.com/in/luigitiano/

Assurance IT Website: http://www.assuranceit.ca/

About Franco Perrotta:

"10+ years experience in IT; this includes hardware, software and client relations. Through my attention to detail and always providing over the top service, I present an excellent addition to any team looking to strengthen their IT security posture."

About 10 Questions to Cyber Resilience:

About Assurance IT:

The Future of Data Privacy in Canada, with Vanessa Henri

Assurance IT — Sat, 22 Oct 2022 06:00:00 -0500

Vanessa Henri has been working in data privacy for 10 years. As a lawyer, she approaches data differently than most of us. So on today's episode of 10 Questions to Cyber Resilience, we wanted to pick her brain about her perspective of data privacy as a lawyer and where Canada is headed in terms of laws and compliance.

In this episode, Vanessa Henri from Henri and Wolf, and co-founder of Assurance IT, Luigi Tiano, discuss:

Using due diligence to grow an organization
The relationship between legal and IT
One strategy to get more cyber security budget
Is Canada behind on data privacy laws?
Defining C27 and what it could mean for Canada
Will C26 and C27 be passed as laws?
How AI fits into new legislation
Why consumers are scared of AI
How to start implementing AI in your business

Resources:

Watch the episode: https://youtu.be/ng2SQk2OBi8

Vanessa Henri’s LinkedIn: https://www.linkedin.com/in/vanessahenri/

Henri & Wolf website: https://henriwolf.law/

Luigi Tiano’s LinkedIn: https://www.linkedin.com/in/luigitiano/

Assurance IT Website: http://www.assuranceit.ca/

About Vanessa Henri:

"I work with emerging growth organizations to help them articulate a data governance strategy taking into consideration data privacy, information security, intellectual property, and ethics. I bring value and a competitive edge to data-driven organizations by helping them to manage their legal risks, enhance consumers trust and fast-forward the adoption of disruptive technologies through trust-by-design. I have an extensive experience negotiating and drafting tech agreements with data governance implications (including data acquisition, derivative data management and contracts involving data analytics and anonymization requirements), and enjoy working with entrepreneurs to build contractual structures that reflect their business strategies. I am fascinated by ethical innovation, the economic value of trust, and nurturing purpose-driven organizations.

Organizations reach out to me to understand the legal impacts of their strategy for managing and securing their information assets, which may include trade secrets, intellectual property and personal information, and for advices on how to improve governance, risk management and decision making regarding such informational assets. I also work with organizations on issues of economic cyber-espionage and national security impacts. The organizations I work with are principally in the field of emerging technologies, cybersecurity and data-driven industries, including IIoT.

I am a member of the Quebec Bar Association, a Certified Data Protection Officer ("CDPO") and a Senior Lead Implementor for ISO 27701 (Privacy Information Management System), with a proven track record of helping organizations of all sizes and industries implementing compliance measures for their informational assets, including through privacy-by-design in emerging technologies. I have experience deploying information management systems for organizations of all sizes by drafting policies, procedures and establishing risk management methodologies. I perform risk assessments and audits to prepare organizations for certification or for new compliance obligations, or for pre-market validation requirements.

I speak frequently in conferences and podcasts, and I contribute to blogs, posts and articles on an ongoing basis. I am involved in the cause of women in cybersecurity and entrepreneurship. I've recently been honored as part of Top 20 Cybersecurity Women Canada."

- Vanessa Henri

About 10 Questions to Cyber Resilience:

About Assurance IT:

The Evolution of Cyber Security, with Mark Salinas

Assurance IT — Fri, 07 Oct 2022 06:00:00 -0500

Assurance IT invited Security Engineer Manager, Mark Salinas, to chat about the evolution of cyber security.

In this episode, Mark Salinas and co-founder of Assurance IT, Luigi Tiano, discuss:

Evolution of networking
Cyber security in 2000 vs 2022
End-users in 2000 vs 2022
The reality of buying cyber security tools
Cyber security vs cyber resilience
Cyber attacks on critical infrastructure
Getting hacked through a clock
What the Googles of the world are doing to mitigate the skillset shortage in IT

Resources:

Watch the episode: https://youtu.be/TUA01zTVbw0

Mark Salinas' LinkedIn: https://www.linkedin.com/in/mark-salinas-75b9363/

Luigi Tiano’s LinkedIn: https://www.linkedin.com/in/luigitiano/

Assurance IT Website: http://www.assuranceit.ca/

About Mark Salinas:

Over 20 years industry experience as a security & network architect and engineer, including: design & installation of: networking, Cloud, Network Security, Firewalls, IDS/IPS, Application Security /Firewall, Application Acceleration, WAN Optimization. WAF and DAM. Cloud Services. PCI & NERC Compliance and GRC. CISSP. Pre-Sales as well as Post Sales Support. Network & Security Architecture designs. Security Audits & reviews. US citizen. Mentor.

About 10 Questions to Cyber Resilience:

About Assurance IT:

Behind the Scenes of a CIO at a $50 million Startup, with Jahn Karsybaev

Assurance IT — Fri, 23 Sep 2022 06:00:00 -0500

Jahn Karsybaev is the CIO at myBasePay - a small startup that raised $60 million in funding and are on their way to closing the year at $50 million in revenue. In today's episode, Assurance IT's co-founder Luigi Tiano asks Jahn about the following topics:

The difficulty attracting IT talent as a startup & how Jahn works around that
Defining cyber resilience
Tips on implementing digital transformation & debunking myths around it
Jahn's best tip to staying up-to-date with the tech industry (we're stealing this one)
What keep's Jahn up at night
What Jahn looks for in a company that potentially acquires myBasePay

Resources:

Watch the episode: https://youtu.be/2wlSQeXbPHQ

Jahn Karsybaev’s LinkedIn: https://www.linkedin.com/in/jahnibek/

myBasePay: https://www.mybasepay.com/

The book about Business experiments Jahn referred to: https://amzn.to/3dyyHN4

Luigi Tiano’s LinkedIn: https://www.linkedin.com/in/luigitiano/

Assurance IT Website: http://www.assuranceit.ca/

About Jahn Karsybaev:

Jahn Karsybaev is a Technology Executive who has led IT teams for Fortune 500 companies. He is currently a Co-Founder and CIO at myBasePay.

Jahn has co-founded, launched, successfully sold as well as successfully failed several start-ups. He is an Angel Investor and sits on Boards of several tech startups. He loves teaching angel investing, growth hacking & fundraising for startups.

Fund-raising is one of Jahn's strengths and passions. Cumulatively, he has successfully raised close to $70MM for the startups he has launched or advised on.

About 10 Questions to Cyber Resilience:

About Assurance IT:

How to apply the 80/20 rule to your cyber security strategy

Assurance IT — Fri, 09 Sep 2022 06:00:00 -0500

Cyber criminals are getting smarter. Protecting your enterprise is getting expense.

Where do you start in your cyber security journey?

The co-founders of Assurance IT discuss the top 5 cyber security tools every enterprise should start with.

In this episode, Luigi Tiano, and Ernesto Pellegrino also discuss:

13 Cyber Secure Measures
Incident Response Plans
Reason to increase cyber security awareness among executives
How the workspace changed over the last two years and how it's affecting IT
#1 cause of cyber attacks
Feedback from cyber security insurance companies
Top 5 things you need to protect against ransomware

Resources:

Watch the episode: https://youtu.be/FejMyQmT9hA

Blog: www.assuranceit.ca/blog/13-parts-of-an-effective-business-continuity-plan-to-protect-against-ransomware

CyberSecure Canada: https://cyber.gc.ca/en/guidance/baseline-cyber-security-controls-small-and-medium-organizations

Ernesto Pellegrino’s LinkedIn: https://www.linkedin.com/in/ernestopellegrino/

Luigi Tiano’s LinkedIn: https://www.linkedin.com/in/luigitiano/

Assurance IT Website: http://www.assuranceit.ca/

About 10 Questions to Cyber Resilience:

About Assurance IT:

10 Burning Questions about the Cyber Security Industry, with Jonathan Victor, from Insurity

Assurance IT — Fri, 19 Aug 2022 06:00:00 -0500

There's a lot going on in the tech world. A huge skill gap, Log4j vulnerabilities, how your cloud strategy is making your security strategy more difficult. It's a lot.

In this episode, we invited Chief Information Officer of Insurity, Jonathan Victor, to discuss the most pressing questions in the field.

Co-founder of Assurance IT, Luigi Tiano, and Jonathan Victor discuss:

How Jonathan became CIO
What happened when John needed surgery during an important project
How a cloud strategy makes a security strategy more difficult
What is cyber resilience mean?
How Log4j affected Insurity
Why companies are still being affected by Log4j
Why enterprises should try security by design
how to improve your cyber resilience with this one thing
How to overcome the skillset gap
Discussion about how we are becoming desensitized to online security

Resources:

Watch the episode: https://youtu.be/5XIN-VttSdk

Jonathan Victor's LinkedIn: https://www.linkedin.com/in/jonathan-victor-65b2b5a/

Insurity website: https://insurity.com/

Luigi Tiano’s LinkedIn: https://www.linkedin.com/in/luigitiano/

Assurance IT Website: http://www.assuranceit.ca/

About Jonathan Victor:

Jonathan Victor is the Chief Information Officer of Insurity. He oversees all of Insurity’s SaaS implementations and manages the build, run, and evolution of the company’s cloud platforms. He came to Insurity as part of the company’s acquisition of Oceanwide, where he began in 2005, and assumed the role of Chief Operating Officer in 2014. Before Oceanwide, Jonathan worked as a consultant at Accenture. Jonathan is a graduate of McGill Desautels Faculty of Management with a major in Management Information Systems and Finance.

About 10 Questions to Cyber Resilience:

Twice per month, learn about how Tech leaders are strengthening their cyber security practices. Every episode comprises of 10 questions that get you one step closer to cyber resilience. Subscribe to stay up-to-date with hot topics in cyber security.

About Assurance IT:

10 Questions to Better Understanding Data Privacy Roles, with Heather Federman from BigID

Assurance IT — Fri, 29 Jul 2022 06:00:00 -0500

On the first episode of 10 Questions to Cyber Resilience, Assurance IT invited Chief Privacy Officer, Heather Federman, from BigID, to chat about the responsibilities and scope of a data privacy role.

In this episode, Heather Federman from BigID and co-founder of Assurance IT, Luigi Tiano, discuss:

The evolution of Heather’s data privacy career
How Heather’s passion for data privacy started in law school
How the CPO fits in with the rest of the IT team
How a CPO interacts with other departments
How not to get overwhelmed with the different data privacy laws
The possibility of a GDPR for the US
Examples of employee protection under different state laws
How BigID plays a part in data privacy
The current demand for experts in data privacy
Privacy laws in Canada

Resources:

Heather Federman’s LinkedIn: https://www.linkedin.com/in/heatherfederman/

BigID website: https://bigid.com/

Luigi Tiano’s LinkedIn: https://www.linkedin.com/in/luigitiano/

Assurance IT Website: http://www.assuranceit.ca/

About Heather Federman:

Heather leads the privacy strategy and program at BigID - focused on internal compliance and data risk, product development, go to market strategy, business development and privacy evangelism.

About 10 Questions to Cyber Resilience:

About Assurance IT: