Today, we discuss the state of attack surface across the Internet. We've known for decades now that putting an insecure service on the public Internet is a recipe for disaster, often within minutes. How has this knowledge changed the publicly accessible Internet? We find out when we talk to Censys's Aidan Holland today.
Show Notes: https://securityweekly.com/esw-339
Oh, the HARror! Sanitizing HAR files is not as easy as some might lead you to believe. CISA funds Cyber.org for K-12 cyber education and ORNL creates a Center for AI Security Research (CAISER). Cloudflare creates a tool out of spite, and CISA creates a tool you shouldn't use in production? Biden's EO on "Safe, Secure, and Trustworthy AI" and the Top Five Things you need to know about how GenAI is used in Security Tools.
Five lessons learned form Okta's latest breach, should ransom payments be illegal, and why ransomware victims can't stop paying ransoms. We discuss the impact of the charges made against Solarwinds and its CISO by the SEC, the 2023 ISC2 Cybersecurity Workforce Survey, and Microsoft's latest open letter on security.
Finally we wrap up discussing a delicious $8M Series A for better bagels!
Show Notes: https://securityweekly.com/esw-338
There is little to no organization of data within companies in 2023. We're all guilty of this at some level. The download folders and desktops on our personal machines are a mess. File servers, and cloud storage services are a mess. In Microsoft's recent data leak, AI researchers even had PC backups stored along side machine learning models for whatever reason.
Data is hard to classify, organize, and monitor. By designing for convenience, we've created convenience debt that now has to be paid down. In this segment we talk to Jackie McGuire about what needs to happen to accomplish this, at the enterprise level, and at scale.
Even if we can one day address the challenge of tracking and labeling data, we'll still have the challenge of addressing data integrity and resilience, which we'll also discuss if we have time!
Segment Resources: https://www.darkreading.com/risk/it-s-time-to-assess-the-potential-dangers-of-an-increasingly-connected-world-
Show Notes: https://securityweekly.com/esw-338
In this segment, we discuss the current state of the market recovery with Hank Thomas, founder of Strategic Cyber Ventures.
We've got market questions, like:
Show Notes: https://securityweekly.com/esw-338
This week, we discuss Island's raise, unicorn status, and what that means for both the enterprise browser market and the cybersecurity market in general. We discuss Censys and the state of the external attack surface management market, or what they're trying to call, "exposure management". We discuss the details of the Okta breach in depth, and why we're worried about the larger impact it could have on the industry and vendor trust in general. Finally, we wrap up with some fun squirrel stories.
Show Notes: https://securityweekly.com/esw-337
In the age of remote and hybrid work, employees are now spending most of their time in the browser or virtual meetings, making the browser an increasingly important part of an enterprise's security strategy. According to Gartner, “By 2030, enterprise browsers will be the core platform for delivering workforce productivity and security software on managed and unmanaged devices for a seamless hybrid work experience.”
Learn more about:
Segment Resources:
This segment was sponsored by Google Chrome Enterprise. Visit https://securityweekly.com/chromeenterprise to learn more!
Show Notes: https://securityweekly.com/esw-337
In this interview, we talk to Chad Cardenas about why he created The Syndicate Group, which operates very differently from the typical VC firm with LPs and a collective fund to draw from. We'll discuss how the investor/startup relationship differs, and what the advantages of this model are.
Show Notes: https://securityweekly.com/esw-337
This week, in the enterprise security news,
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-336
One of the biggest challenges in security today is organizations' reluctance to share attack information. Perhaps legal teams are worried about liability, or maybe execs are just embarrassed about security failures. Whatever the reason, this trend makes it difficult for organizations to help each other. CrowdSec's mission is to make this process automated, anonymized, and seamless for security teams.
We talk to Phillip Humeau, one of CrowdSec's founders, about what it's like to build a such an unconventional cybersecurity business - one based around crowdsourcing and open source software.
Show Notes: https://securityweekly.com/esw-336
Today we interview Shane Sims, CEO of Kivu Consulting. We'll be talking about the current state of cybercrime and insights from incidents his consulting firm has recently worked. We'll discuss some of the latest stats and trends related to ransomware, as well as thoughts on future cybercrime trends. Shane will also share some stories from his time as an FBI agent, working undercover as a cybercriminal.
Segment Resources: Report - Mitigating Ransomware Risk: Determining Optimal Strategies for Business
Show Notes: https://securityweekly.com/esw-336
As long as there are profits to be made, cybercriminals will continue to monetize enterprise assets—whether they be devices, applications, data, or users. It only takes one weak or unknown asset to compromise an entire organization. Brian will discuss why enterprises need to move away from assumption-based approaches to asset data and decision making to evidence-based asset intelligence to secure their environments quickly, easily, and at scale.
This segment is sponsored by Sevco Security. Visit https://www.securityweekly.com/sevcoisw to learn more about them!
In this ISW interview, CRA's Bill Brenner catches up with Kevin Johnson of Secure Ideas for a chat about application security.
In this segment from ISW, Dakota State COO and General Counsel Stacy Kooistra talks to Bill Brenner about the university's effort create more cyber warriors.
Show Notes: https://securityweekly.com/esw-335
The world of AI is exploding, as excitement about generative AI creates a gold rush. We've already seen a huge number of new GenAI-based startups, products, and features flooding the market and we'll see a lot more emerge over the next few years. Generative AI will transform how we do business and how we interact with businesses, so right now is an excellent time to consider how to adopt AI safely.
Pamela Gupta's company literally has "trust" and "AI" in the name (Trusted.ai), so we couldn't think of anyone better to come on and have this conversation with.
Interview Resources:
Show Notes: https://securityweekly.com/esw-335
There's a lot of talk about AI, especially with the rise of apps like ChatGPT. Despite there being a huge amount of hype, there are legitimately practical applications for leveraging AI concepts in meaningful ways to improve the efficiency and effectiveness of your cybersecurity program. We'll discuss a few examples and show you some ways to bring AI out of the hype and into a proper tool to empower your security and risk program.
This segment is sponsored by Tenable. Visit https://www.securityweekly.com/tenableisw to learn more about them!
Threat actors don’t think in silos and neither should cybersecurity solutions. In this fireside chat with Uptycs’ newly appointed CRO, Mike Campfield, learn why organizations need to adopt a consolidation approach to win in cyber security, why it’s important to “shift up,” and what Mike is most excited about in his new role.
This segment is sponsored by Uptycs. Visit https://www.securityweekly.com/uptycsisw to learn more about them!
Deidre Diamond, founder & CEO of CyberSN, talks about her efforts to address InfoSec burnout and the skills shortage impacting the industry.
Show Notes: https://securityweekly.com/esw-335
Each employee serves as a potential gateway to their organization, and the personal information of your workforce is readily accessible and exposed on the internet, making the organization susceptible to threats. DeleteMe is the solution that locates and eliminates personal data from the open web, safeguarding your organization.
This segment is sponsored by DeleteMe. Visit https://www.securityweekly.com/deletemeisw to learn more about them!
With all of the fancy tools, equipment, and logos most organizations are unable to understand where their data is and how it can be accessed. In the world of work from wherever and whenever orgs need a better handle on what this means. Ridge has worked to curate a set of solutions to meet and implement this need!
This segment is sponsored by Ridge IT Cyber. Visit https://www.securityweekly.com/ridgeitisw to learn more about them!
Why are we seeing a re-emergence of the demand for packet and flow-based forensic data in cloud environments? In this session, we’ll discuss three reasons why IT leaders still need the same if not even better visibility in the cloud than they have in their data centers.
We’ll also discuss the growing demand for Threat Exposure Management (TEM). Why does a leading analyst describe this as a transformation technology and how can you quickly visualize your environment the way the attackers do?
Segment Resources: https://www.viavisolutions.com/en-us/ptv/solutions/threat-exposure-management https://www.viavisolutions.com/en-us/ptv/solutions/high-fidelity-threat-forensics-remediation
This segment is sponsored by VIAVI Solutions. Visit https://www.securityweekly.com/viaviisw to learn more about them!
Show Notes: https://securityweekly.com/esw-334
On this week's news segment, we go down a bit of a rabbit hole on data lakes and have a GREAT conversation about where security data wrangling might or might not go in the future. We also discuss Nord Security's funding and $3B valuation, try to figure out what Synqly is doing, and discuss IronNet's demise.
We also find out which email solution is more secure (at least, according to insurance claim data), Google or Microsoft!
We wrap up, learning that forms of CAPTCHAs are apparently broken now, $3800 gets you a gaming PC in the shape of a sneaker, and someone has created the DevOps equivalent of dieselgate!
Show Notes: https://securityweekly.com/esw-334
In this segment, we'll explore some of the most useful lessons and interesting insights to come out of the last year's worth of breaches and data leaks! We'll explain why we will NOT be covering MGM in this segment. The breaches we will be covering include:
Show Notes: https://securityweekly.com/esw-334
This week, we changed things up a bit for the news segment and Allie Mellen joins us as a surprise guest host! We discuss Cisco's Splunk acquisition and what it means for Splunk customers, and "The Blob" - Allie's term describing the negative forces responsible for much of the overhyped marketing, silly trends, and substandard products we see in the industry.
Segment Resources:
Allie's blog on Cisco/Splunk: https://www.forrester.com/blogs/splunk-is-good-for-cisco-but-cisco-needs-to-convince-splunk-customers-that-cisco-is-good-for-them/
Allie's blog on The Blob: https://www.forrester.com/blogs/the-blob-is-poisoning-the-security-industry/
Show Notes: https://securityweekly.com/esw-333
The concept of Edge computing has evolved over the years and now has a distinct role alongside public cloud. Theresa Lanowitz, from AT&T Cybersecurity, and Chris Goettl from Ivanti join us to discuss what edge computing means for the market and for cybersecurity. Specifically, we'll discuss how:
This segment is sponsored by AT&T Cybersecurity. Visit https://securityweekly.com/attcybersecurity to learn more about them!
Show Notes: https://securityweekly.com/esw-333
We ALL use SaaS. It has become ubiquitous in both our personal and professional lives. Somehow, the SaaS Security market has only recently began to emerge. Today's interview with Yoni Shohet, co-founder and CEO of Valence Security, aims to understand why it has taken so long for SaaS Security products to come to market, what that market currently looks like, and what a SaaS Security product actually does.
Show Notes: https://securityweekly.com/esw-333
This week we talk about finding, acquisitions and the state of the market. If you're interested in cybersecurity market discussion, this is the episode for you.
We also discuss what makes a cybersecurity influencer.
Show Notes: https://securityweekly.com/esw-332
If you've ever played Dungeons & Dragons, you probably know that the quality of the experience depends on how prepared, experienced, and talented the Dungeon Master is.
Today, we'll talk to InfoSec DM and practitioner extraordinaire Ryan Fried about some of the key elements that separate a good cybersecurity tabletop exercise from a bad one! This is literally his day job at Mandiant, and it doesn't hurt to have one of the world's largest libraries of attacker TTPs and the collective lessons learned from thousands of actual incident response experiences.
Show Notes: https://securityweekly.com/esw-332
Forrester Research releases a few annual reoccurring cybersecurity reports, but one of the biggest that covers the most ground is the Security Risk Planning Guide, which was recently released for 2024. One of the report's 17 authors, and research director, Merritt Maxim, will walk us through the report's most interesting insights and highlights. This is going to be considerably interesting considering some of this year's trends impacting security teams:
Show Notes: https://securityweekly.com/esw-332
In this news segment, we start off by discussing funding, acquisitions, and Ironnet's unfortunate demise. We discuss Gmail's new, extra verifications for sensitive actions and Lockheed Martin's Hoppr SBOM and software supply-chain utility kit. We get into CISA's roadmap to help secure open source software, and their offer to run free vulnerability scans for the United States' 150,000+ water utilities. Then, discussion turns back to some more negative items with Brazil's self-inflicted $11 billion dollar data leak, and the MGM/Caesar's ransomware attacks, which seem like they could have a common attacker and initial attack vector (a shared IT support company, perhaps). We also discuss Microsoft's post mortem on the Storm-0558 attack. Kelly Shortridge wants to know, "why are you logging into production hosts", someone is submitting garbage CVEs, and Mozilla finds that privacy policies from auto manufacturers are a privacy TRAIN WRECK. Finally, we wrap up discussing tools that can detect deepfake audio, as well as the likelihood that this will be the start of a game of leapfrog, as deepfakes get increasingly better over time. And we discuss Delphi's offer to create a 'digital clone' of you that could live on forever, haunting your descendants.
Show Notes: https://securityweekly.com/esw-331
We talk to Chris Sanders today, who has been steeped in the world of SecOps and detection/response for many years. After many years of writing books and training folks in the cybersecurity industry, he started delving into cognitive psychology and educational effectiveness. He leverages this knowledge in the training classes he builds and delivers. Today we'll discuss why it seems like defenders are still failing, despite the security industry largely (and arguably) receiving the resources it has been requesting.
Show Notes: https://securityweekly.com/esw-331
Discussing ways to ensure client success with MDR and discuss the ways organizations hurt MDR efficacy with overly broad global exclusions, poor deployment practices, and poor policy hygiene.
This segment is sponsored by Sophos. Visit https://securityweekly.com/sophos to learn more about them!
Show Notes: https://securityweekly.com/esw-331