
Tech & Main Presents
By Shaun St.Hill


NIST Cybersecurity Framework for Nonprofits | Shaun St.Hill
This episode was created in Notebook LM using a NIST based cybersecurity framework I created that focuses on nonprofits. This document outlines a cybersecurity framework for nonprofits, based on the NIST framework. It prioritizes the protection of various data types (member, donor, employee) and assets, emphasizing cybersecurity training and insurance. The framework addresses five core cybersecurity functions: identify, protect, detect, respond, and recover. Each function is mapped to specific organizational objectives and categorized by risk level (high, medium, low, or not applicable). The ultimate goal is to provide a structured approach to managing cybersecurity risks within nonprofit organizations.
For more information please email me at info@techandmain.com or visit www.techandmain.com.

Using AI to Revive The Art of Product Management with Grant Elliott of SimplAI
Today's episode finds us speaking with my good friend, Grant Elliott. Grant will be sharing his background and the new venture he's working on, SimplAI Product. SimplAI Product (pronounced “Simply Product”) integrates advanced AI into each critical phase of product development, simplifying and streamlining processes from concept through to launch and beyond. By leveraging AI-driven insights for discovery, design, planning, and performance tracking, SimplAI Product empowers teams to make smarter, faster decisions with less overhead. Our approach enhances efficiency, reduces errors, and optimizes workflows, allowing product teams to focus on innovation and customer impact. With SimplAI Product, companies of all sizes can unlock their full product potential, adapting quickly to market needs and ensuring a seamless, effective path from idea to successful product launch.
Connect with Grant Elliott:
- Website: https://www.simplaiproduct.com/
- LinkedIn: https://www.linkedin.com/in/grantelliott

Gamifying Cybersecurity: Insights from Hacker Rangers' CEO, Vinicius Perallis
In this episode of Tech & Main Presents, we sit down with Vinicius Perallis, a trailblazer in the world of cybersecurity and the CEO of Hacker Rangers. Vinicius has pioneered the use of gamification to instill robust cybersecurity practices within businesses, having trained over 500 companies across Brazil and worldwide. His unique approach combines innovation, passion, and extensive experience from his time at IBM and other leading tech firms.
Join us as Vinicius shares:
- His journey: From his early days in technology to founding Hacker Rangers.
- The excitement of daily work: What fuels his passion and keeps him inspired.
- Cybersecurity awareness for business leaders: Practical advice for fostering a security-first mindset within organizations.
- Career guidance for aspiring cybersecurity professionals: Tips for young people looking to break into the field.
- Personal insights: Fun answers about his favorite musician, hobby, vacation spot, and the teacher who shaped his path.
- Life lessons: The advice he’d give his 18-year-old self.
If you're interested in the intersection of cybersecurity, education, and gamification—or simply want to hear from a visionary in the field—this episode is a must-listen.
Connect with Vinicius Perallis:
- LinkedIn: https://www.linkedin.com/in/vperallis
- Website: https://hackerrangers.com

Medical Device Cybersecurity for Engineers and Manufacturers, Part 2

Modern Web Pentesting | Rafay Baloch
In today's episode, we will be talking for a 2nd time with our good friend, Rafay Baloch. He is an internationally renowned ethical hacker and security researcher known for his discovery of vulnerabilities on the Android operating system. He has been featured and known by both national and international media and publications like Forbes, BBC, The Wall Street Journal, and The Express Tribune.
We do a deep dive into his recently released book "Web Hacking Arsenal: A Practical Guide to Modern Web Pentesting". You can connect with Rafay in the following ways:
Book Purchase: https://www.amazon.com/Web-Hacking-Arsenal-Practical-Pentesting/dp/1032447192/
Website: https://redseclabs.com/
Twitter: @rafaybaloch
At Tech & Main, we want to be YOUR technology partner. Let our 20+ years of expertise help you achieve the outcomes that are best for your business: cybersecurity. We have engineers and project managers available to assist you. Call our office at 678-575-8515, email us at info@techandmain.com or visit us at www.techandmain.com. Thanks for listening!

CISO to CRO: A New Era of Resilience | Kris Lovejoy
In this episode, we delve into the transformative role of the Chief Resilience Officer (CRO) and explore how it can better address today's complex cybersecurity challenges. Our guest, Kris Lovejoy, Global Security and Resilience Leader at Kyndryl, shares her insights on the motivation behind the shift from CISO to CRO, the key responsibilities of this emerging role, and the strategies for building resilience in the face of evolving threats.
We discuss the importance of secure software development, the risks associated with third-party relationships, the integration of business continuity planning and disaster recovery, and the skills necessary for CISOs to transition to a CRO mindset. Through real-world examples, we explore the impact of a CRO approach on organizational security and the future direction of cybersecurity and enterprise risk management. This episode offers valuable guidance for organizations considering this strategic shift and provides a comprehensive understanding of the CRO's role in building a more resilient and secure future.
For more information on Kris Lovejoy, please go to https://www.linkedin.com/in/klovejoy or kris.lovejoy@kyndryl.com. For more information on Tech & Main and how we can help you in your cybersecurity journey, please go to www.techandmain.com. Thanks for listening!

Conversation with Boxx Insurance
Great conversation with Hilario Itriago and Neal Jardine of Boxx Insurance (boxxinsurance.com). For more information about the cybersecurity services offered by Tech & Main, please check us out on the web at www.techandmain.com. Thanks for listening!

Privacy Conversation With A Packers Fan | Tim Jensen
In today's episode, we will be talking with our good friend, Tim Jensen. Tim is a privacy advocate, fellow podcaster and die-hard Green Bay Packers fan. Listen in as we discuss privacy, security and a host of other topics. You can connect with Tim in the following ways:
YouTube: @IntentionallyInconvenient
Email for booking inquiries: ii@timjensen.email
Social Media: https://www.linkedin.com/in/timothy-jensen-86880027/
At Tech & Main, we want to be YOUR technology partner. Let our 20+ years of expertise help you achieve the outcomes that are best for your business: cloud, SD-WAN, data center, security or anything else. We have engineers and project managers available to assist you. Call our office at 678-575-8515, email us at info@techandmain.com or visit us at www.techandmain.com. Thanks for listening!

Review of YL Venture's CISO Report | David Strom
In today's episode, we will be talking again with our good friend, David Strom. David is a world-known expert on networking and communications technologies. Listen in as we discuss the contents of the CISO Report from YL Venture (https://www.ylventures.com/wp-content/uploads/2024/07/2024_CISO-Circuit-Report-FINAL.pdf). You can connect with David in the following ways: Website: https://www.strom.com/ and LinkedIn: http://linkedin.com/in/davidstrom. At Tech & Main, we want to be YOUR technology partner. Let our 20+ years of expertise help you achieve the outcomes that are best for your business: cybersecurity, cloud, SD-WAN, data center, or anything else. We have engineers and project managers available to assist you. Call our office at 678-575-8515, email us at info@techandmain.com or visit us at www.techandmain.com. Thanks for listening!

Managing Cloud Risk At Scale | Fausto Lendeborg
Lendeborg began his career 20 years ago when his self-made entrepreneur father mentioned that cybersecurity would be the most in-demand industry in the next millennium, and his mother's career at Cisco provided him with an excellent learning resource as well. At the age of 14, Fausto became fascinated with the inner workings of computers, networks, and hacking. Fausto's uncle even invited him to his computer engineering seminars at Miami Dade College, so he's a natural-born technology enthusiast who's been polishing his talent for decades. You can contact Fausto here: www.linkedin.com/in/faustolendeborg/ and secberus.com/

Cybersecurity As Organizational Asset | Kevin Dominik Korte

Security and the Asset Inventory | Huxley Barbee
Huxley Barbee is a Security Evangelist at runZero (formerly Rumble Network Discovery), a company founded by Metasploit creator HD Moore that helps companies discover unmanaged devices for asset inventory.
Huxley previously worked for Cisco, Sparkpost, and most recently, Datadog – where he formulated the Datadog Cloud Security Platform. During his time there, he established a new security market presence & enabled the global sales force to grow sales by 482%.
Huxley spent over 20 years as a software engineer and security consultant. He attended his first DEF CON in 1999 and holds both CISSP and CISM certifications. On top of that, he’s also an organizer of BSidesNYC.
He has a passion for bringing value to those around him and understanding what drives individuals and groups.
In 2016, he founded a consulting practice at Cisco providing security automation and orchestration to Fortune 500 customers.
Four years later, he brought Datadog’s Cloud Security Platform to market. Now at runZero, he’s helping organizations build comprehensive asset inventory.
He resides in New York where he spends time trying to keep up with his children.
You can connect with Huxley here: https://www.linkedin.com/in/jhbarbee/

Cyber Freestyle Volume 1 | Duane Lafflote and Patrick Hynds
Patrick Hynds is the CEO and Founder of DTS and Pulsar Security. He is a recognized technology leader with expertise in Microsoft technologies, software development, network architecture, and enterprise security. Patrick has spent two decades as a Microsoft Regional Director, frequently speaking at technical events throughout the world, and is a graduate of West Point and a decorated Gulf War veteran.
Duane Laflotte is Chief Technology Officer of Pulsar Security. He works to resolve complex technical issues for the team and its partners. Duane is an expert technologist in the areas of cryptography, exploit development, networking, programming, and enterprise data storage.
Together, they host the podcast Security This Week. Connect with them at www.pulsarsecurity.com/.

Removing Complexity For The Developer Community | Vlad A. Ionescu

API Security For Today’s World | Jeremy Snyder

A Frank Conversation about Chatbots and Infosec | David Strom

MSP Franchise That Builds Community | Shane Mishler

Mobile Messaging Security, Private Equity and Quantum Computing | Paul Ruppert

Protecting Against The Known and Unknown | Aviv Grafi
Prior to co-founding Votiro, Grafi served in an elite intelligence unit of the IDF, nurturing his passion for finding simple solutions to complex security issues. His areas of expertise span the cyber product lifecycle—from strategy and development, through go-to market—along with network security, IDS/IPS/firewall internals, defensive programming, enterprise security penetration testing, vulnerability research, and virtualization. For more information, visit www.linkedin.com/in/aviv-grafi-63426b1/ or votiro.com/.

Managed Cloud and The Art of Resourcefulness | Sagi Brody

The Rise of DevSecOps | Andre Keartland
He has been working professionally in the IT industry for almost 30 years, during which time he has performed almost every imaginable IT job description. Since 2000 he has been a consultant and architect at Inobits Consulting, which merged into Netsurit in 2016. There he has participated in or led major projects on five continents.
As a solutions architect, his role is to design and implement solutions for enterprise customers. Although he tried very hard to be technology agnostic, he has become recognised as an authority on the Microsoft solution stack. He implemented a wide range of the Microsoft on-premises products and solutions, but in the past decade he has increasingly focused on cloud solutions, including Azure and Microsoft 365, especially in the field of hybrid cloud security.
He has frequently done work for Microsoft on several initiatives, including development of technical white papers, training material and exam content.
In his spare time, he loves to hike and read non-fiction (especially history).
For more information visit netsurit.com/en-us/ or www.linkedin.com/in/andrekeartland/

The World of Canauri | Greg Edwards

Constructive and Destructive Algorithms | Mike Logic

The Myth of Automation | Grant Elliott

Cybersecurity and Multi-cloud Solutions | Brian Smith
In 2000, together with Marc Willebeek-LeMair, Brian founded TippingPoint Technologies (acquired by 3Com), and in 2009 he founded Click Security (acquired by Alert Logic). Prior to TippingPoint, Brian received his Ph.D. in Computer Science from the University of California at Berkeley in 1994 and was the Xerox Professor of Computer Science at Cornell University until 1998. He now holds 13 patents and is a fellow of the Alfred P. Sloan Foundation.
Connect with Brian: www.linkedin.com/in/brian-smith-07a4191/ and www.spyderbat.com/

The Education Strategist | Tom Ashley

Security and Resilience | Kris Lovejoy
Kris was the president at Acuity Solutions and served at IBM, starting as the VP of security strategy for three years, followed by the VP for iT risk/ CISO, and then the GM for OBM security services division for over four years.
As a leader in cybersecurity, she extended
her knowledge of consul risk management as the CTO, CIO, and VP of support and services.
Prior to that, Kris worked as the VP of security assurance services at TruSecure for five years.
Kris has expertise in security, risk, compliance, and governance and was featured in the top
25 CTO in the InfoWorld list. Moreover, she was among the top 25 most influential security executives by the Security magazine and was among the top woman in security by eWeek.
Kris has the United States and European Union's patent for object-oriented risk management models and methods. She was named the top woman technology leader by Consulting magazine in 2020. To learn more go to linkedin.com/in/klovejoy.

Smart Things Vulnerable | Mikko Hypponen

Business Intelligence For The Way You Work | Jay Bartot

MSSPs and Cyber Resilience | Scott McCrady

Cybersecurity Leadership From An Academic Perspective | Dr. Darrell Burrell

Heartland Community College, PYSA, Bitsight and KnowB4 | Ryan Chapman

The Serverless Blockchain Platform | Shruthi Rao

What’s the BigID? | Dimitri Sirota

Automated Security and Compliance Expertise Volume 2 | Matt Cooper

The K-12 Tech Protector Vol. 2 | Andy Lombardo

Unphishable | Phillip Dunkelberger

Operations, Processes and Technology | Brandi Bennett

AI Powered Secure Mobile Communication | Amit Modi

Democratizing ERP | Nick Foy

Risk Centered Vulnerability Management | Venu Rao

My Take on Cybersecurity | Shaun St.Hill

Understanding Passkeys | David Strom

The Extraordinary Entrepreneur With A Passion For Education | Dave Walens

Security Compliance, AI, Sailing and Outkast | Justin Beals

Military Grade Cybersecurity Training | Jacob Hess

Driving Digital Transformation | Matt Kestian

Software and the Blended Lifestyle | Dan Bruder

The Fastest Way to Get to Data-Driven | Tarush Aggarwal
