Last Week As A vCISO
Subscribe
Sign in
Home
Notes
Cybersecurity For Startups
vCISO Lite
Work With Ayman
Archive
New
Top
Discussion
9 Ways You’re Doing MFA All Wrong
As we witnessed in the MGM attack recently, you may have MFA setup correctly, but it may not be effective as you think in securing your account. 🤔
Oct 9, 2023
•
Ayman Elsawah
1
Share this post
9 Ways You’re Doing MFA All Wrong
lastweekasavciso.substack.com
Copy link
Facebook
Email
Note
Other
September 2023
Root Cause of MGM Hack, and How It Could Have Been Prevented
A simple phone call, globally available Okta login, and pervasive IAM permissions possibly made this attack extremely pervasive.
Sep 17, 2023
•
Ayman Elsawah
2
Share this post
Root Cause of MGM Hack, and How It Could Have Been Prevented
lastweekasavciso.substack.com
Copy link
Facebook
Email
Note
Other
5 Problems With Startup Security
Startups don't really care about security. They're just looking to survive and grow. With cybersecurity scrutiny coming from everywhere now, they can no…
Sep 4, 2023
•
Ayman Elsawah
1
Share this post
5 Problems With Startup Security
lastweekasavciso.substack.com
Copy link
Facebook
Email
Note
Other
August 2023
DEF CON 31 Recap
SO MUCH happened (and didn't happen!) this year at #DEFCON31. Here's a snippet of what you may have missed.
Aug 27, 2023
•
Ayman Elsawah
Share this post
DEF CON 31 Recap
lastweekasavciso.substack.com
Copy link
Facebook
Email
Note
Other
Oppenheimer, CISO's, And The Politics of Cybersecurity
CISO's are under fire and are scared. Oppenheimer was a brilliant scientist, but not a politician. Lessons learned from his security hearing.
Aug 8, 2023
•
Ayman Elsawah
1
Share this post
Oppenheimer, CISO's, And The Politics of Cybersecurity
lastweekasavciso.substack.com
Copy link
Facebook
Email
Note
Other
July 2023
DEF CON: A Beginner's Guide Part II (Updated 2023)
DEF CON is an experience, not a conference. With 30+k attendees, it's HUGE and can be overwhelming. Here's a guide to help you navigate.
Jul 30, 2023
•
Ayman Elsawah
Share this post
DEF CON: A Beginner's Guide Part II (Updated 2023)
lastweekasavciso.substack.com
Copy link
Facebook
Email
Note
Other
Who Is This?
Every once and awhile we get a message from a number that we don't recognize. How do we authenticate them? How do we authenticate our users?
Jul 25, 2023
•
Ayman Elsawah
1
Share this post
Who Is This?
lastweekasavciso.substack.com
Copy link
Facebook
Email
Note
Other
June 2023
Bug Out Planning: Preparing for Disaster in Cybersecurity and the Real World
How to Stay Calm and Handle Cybersecurity Threats Like a Pro
Jun 29, 2023
•
Ayman Elsawah
1
Share this post
Bug Out Planning: Preparing for Disaster in Cybersecurity and the Real World
lastweekasavciso.substack.com
Copy link
Facebook
Email
Note
Other
From Overbearing Moms to Poorly Run Security Teams: The Danger of Not Seeking Input
How to Shift from Mom Mode to Friend Mode in Cybersecurity
Jun 12, 2023
•
Ayman Elsawah
1
Share this post
From Overbearing Moms to Poorly Run Security Teams: The Danger of Not Seeking Input
lastweekasavciso.substack.com
Copy link
Facebook
Email
Note
Other
May 2023
Getting Started With Appsec for SMBs
If you’re a product or engineering manager at a startup, you’re probably not focused everyday on security issues. However, as is life, things come up…
May 29, 2023
•
Ayman Elsawah
2
Share this post
Getting Started With Appsec for SMBs
lastweekasavciso.substack.com
Copy link
Facebook
Email
Note
Other
April 2023
A Beginner’s Guide To BSidesSF
Someone asked me recently what kind of conference was BSidesSF... so this is what my answer would be in 10 minutes...
Apr 22, 2023
•
Ayman Elsawah
2
Share this post
A Beginner’s Guide To BSidesSF
lastweekasavciso.substack.com
Copy link
Facebook
Email
Note
Other
A SOC 2 Fairytale... (w/voiceover)
Once upon a time ago... there was a startup, and they wanted to get SOC 2.
Apr 17, 2023
•
Ayman Elsawah
Share this post
A SOC 2 Fairytale... (w/voiceover)
lastweekasavciso.substack.com
Copy link
Facebook
Email
Note
Other
This site requires JavaScript to run correctly. Please
turn on JavaScript
or unblock scripts