Enterprise Security Weekly (audio)

Infrastructure-as-code (IaC) allows for quick and consistent configuration and deployment of infrastructure components because it’s defined through code. It also enables repeatable deployments across environments. IaC is seeing significant attention in the cloud security space, but why now? This conversation will dig into how Infrastructure-as-code is enabling faster innovation on application development with security built in. Segment Resources: - https://www.lacework.com/solutions/infrastructure-as-code/ - https://www.lacework.com/blog/introducing-secure-automated-iac-deployments-with-terraform/  - https://info.lacework.com/cloud-threat-report.html    We catch up on 2 weeks of news, starting with 18 funding rounds and several new products! Splunk acquires Twinwave Another ASM vendor, Templarbit, gets acquired into the Cyberinsurance industry, InfoSec Layoffs continue in a big way alongside huge cuts at Facebook, Twitter, and Amazon, Microsoft sued for stealing code to train GitHub Copilot, Google sued for

Don’t leave the door open. Modern systems are complex and require you to consider many aspects. Here are some aspects we consider critical: - APIs are the dominant software development direction/trend. Traditional/legacy ways to grant access is not fit for purpose of protecting this new way of delivering products and services. - Customers are demanding better digital experiences. To maintain a competitive edge and drive brand loyalty businesses need to provide great online experiences. - Standards (such as OAuth and OpenID Connect) are important to ensure high-security levels. Also enables scalability and helps future-proof your infrastructure. For example in the financial sector, these standards play a key role in the drive toward open banking. - A modern architecture is a zero trust architecture. In a zero trust architecture, the new perimeter hinges on identity.   Segment Resources: https://thenewstack.io/zero-trust-time-to-get-rid-of-your-vpn/ This segment is sponsored by Curity. Visit https://securitywee

Positive change is coming to cybersecurity. In this segment, John Grancarich, EVP of Strategy at Fortra, explains what it means when we say we’re tenacious in our pursuit of a stronger, simpler future for cybersecurity, and that our advanced threat research and intelligence informs everything we do. This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them!   Gartner recently reported that the RPA software market will reach $2.9 billion by the end of 2022, up 19.5% from 2021. But, despite Airlines adopting it to help with cancellations and retail for inventory management, we’re not talking about the security risk this tech will cause. Alan Radford, Global IAM Strategist at One Identity discusses the truly devastating impact that can occur when an organization leaves its RPA program vulnerable and without any identity and access protection, why realizing that machines have identities too could save us from dangerous RPA breaches in the future, and steps companies can

For many companies, the pretenses of separation between work and home have completely disappeared. This has huge security implications for organizations, but creates some opportunities as well. How should organizations and vendors approach the new paradigm of shared devices and identities?   Economic tides are changing, making profitability and identifying efficiencies a priority for many IT teams. Reducing IT costs by modernizing and migrating identity infrastructure to the cloud is one of those projects to be considered. No more wasted time and effort on maintenance, patching, and upgrades. Join us as VP of Product Management at Ping Identity, Jason Oeltjen, will discuss cloud migration benefits, timelines, and how you can improve TCO by migrating your identity to the cloud as leadership seeks the most critical initiatives to fund. Segment Resources: https://www.pingidentity.com/en/lp/migrate-to-pings-cloud.html   This segment is sponsored by Ping. Visit https://securityweekly.com/ping to learn more about t

Cloud computing’s velocity and dynamism make it hard for security teams to monitor and protect workloads in the cloud without impeding the agility of dev teams. ExtraHop Senior Principal Data Scientist Edward Wu joins ESW to discuss practical deployment approaches and scenarios to facilitate gathering and utilizing network data in cloud environments for improved visibility, detection, and response capabilities. This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop to learn more about them!   The cloud and SaaS were supposed to make things easier, simpler, more scalable. Arguably, they _have_ done all those things, but traditional, legacy networks linger. Migrations are messy and take time. Nearly everything is encrypted in transit by default. Today, we interview Marty Roesch, the creator of Snort and founder of SourceFire, to discuss how things have changed and what defenders can do to catch up and restore some order to the madness. We'll step through some history along the

Finally, in the enterprise security news: Don’t worry! IT and Security funding is OK and we have the proof in the form of 16 funding announcements, Private Equity firms are taking advantage of the dip in valuations to make a few acquisitions: KnowBe4 and ForgeRock Legal Drama! We’ll discuss the Joe Sullivan case, the Splunk/Cribl battle, Crypto Drama! Another week, another Crypto exchange losing half a billion, new insights on breaches and ransomware in two new reports from Cyentia Labs, Cybersecurity leaders have a hard time keeping companies secure, and Cyber Nutrition labels!   Fast-paced business initiatives require applications and workloads to migrate to the cloud. While the data remains the same, there are significant differences between securing on-premises and cloud environments. In this discussion, Dan Neault shares what organizations need to know about securing data in the cloud and how to migrate to the cloud without compromising on security. This segment is sponsored by Imperva. Visit https://sec

Every year, management needs to figure out what initiatives will be prioritized for the upcoming year. This simple, free method uses a quantitative approach based on CIS controls with input from the front-line analysts and engineers. The outcome is an engaging team discussion and clear plan for what the team should prioritize. Segment Resources: https://www.cisecurity.org/controls   It’s CyberSecurity Awareness Month and this year’s theme, set by CISA, is See Yourself in Cyber. We’re going to take some liberties in the interpretation of this to talk about the lines blurring between personal and work accounts and devices. We’ll also discuss MFA risks - what types of MFA are safe to use, and which aren’t in 2022? This segment is sponsored by Tanium. Visit https://securityweekly.com/tanium to learn more about them!   Finally, in the enterprise security news, Cloudflare has 1.25 billion incentives to draw customers away from AWS, NetSPI raises $410M for pen testing? Tines extends their Series B an extra $55M, Det

Cybersecurity is now battling a human problem just as much, if not more, than a technical one. According to Verizon’s 2021 Data Breach Security Report, 85% of successful cyberattacks now involve a human element. Combine that with the fact that even the very best technology can only thwart about 93% of attacks and that leaves a large hole in an organization’s basic security hygiene. This has led to a growing demand for ongoing educational programs that rely on behavioral science to measure and manage cybersecurity risk as a distinctly different solution from generic, one-size-fits-all training programs.   In the enterprise security news, SentinelOne and Crowdstrike reinvest in the security market, Malwarebytes raises $100M, Ox Security raises a $34M Seed round??? Jamf acquires ZecOps, New startups looking to improve Code Reviews…Outsource questionnaires…provide consumer privacy awareness…Federal security funding for state and local governments, New software supply chain attacks, Microsoft Windows slaps your ha

This week, Jonathan Roizin from Flow Security joins to discuss what this new security category is all about and how it differs from the OG, false positive heavy DLP we'd all rather forget! Data Security Posture Management (DSPM) is not your dad's DLP. This new category has emerged to tackle one of the toughest areas of security: protecting data. Then, Based on what we know so far (which is limited and could change), the Uber breach appears to be a classic example of how penetration testers and criminals alike break into large organizations. In this segment, we'll discuss how the attack happened. We'll go over the controls that failed, why they failed, and what Uber could have done to prevent or detect this attack. Then, in the Enterprise Security News, Fortanix raises a $90 series C for data security, Cyrebro raises a $40M series C for MSSP SOC solutions, Dig Security raises a $34M series A (yes, this is a repeat from last week, but we didn’t get a chance to talk about it), Internet 2.0 gets funded??? (probab

Enterprise browsers are a new addition into the endpoint security market. Combining enhanced features not in the existing browsers, with centralized reporting and controls, they're promising to bring a better experience to the users and a more secure delivery of applications to the companies who use them. What's real, what's "vision", and what makes them different than all the other solutions that promise to "secure the browsing experience".   In the Enterprise Security News for this week: Funding rounds are back!, Bitwarden rasies $100M for password management Cymulate raises $70M, and a ton more Series A, Series B, and Seed announcements from vendors just coming out of stealth, Ethereum’s merge completes and moves to proof of stake, Some updates on the Twitterpocalypse, The latest in annoying buzzword innovation, and some Cyber Insurance trends that I promise are interesting!   Attackers have been targeting Active Directory for years and more recently set their sights on Azure AD & Microsoft Office 365.

In the Enterprise Security News This week: more layoff announcements than funding announcements! Krit acquired by GreyNoise, Incident Response in AWS is different, Awesome open source projects for SecOps folks, Tyler Shields can’t wait to talk about Product Led Growth, Forcing open source maintainers to use MFA, Twilio - the breach that keeps on pwning, The US Governments earmarks $15.6 BILLION for cybersecurity and we hear vendors salivating already, & more!   Security training isn't just about anti-phishing and security awareness for employees. When reading through breach details, a similar picture often emerges: the people were there, the tools were in place, but the people didn't know how to use the tools effectively. Every day, security tools catch attacks, but it doesn't matter if a human doesn't notice and tools are in 'monitor only' modes. This segment is sponsored by RangeForce. Visit https://securityweekly.com/rangeforce to learn more about them!   From its origins a decade ago, the grassroots m

The new category of Data Security Posture Management, what is it and why it's important. Discussing real customer stories where DSPM products played a critical role in helping companies secure their data.   Since the dawn of the internet, companies have been fighting cyber vulnerabilities with a myriad of traditional technologies. And assigning cybersecurity training to people without really knowing its effectiveness or being able to tell the difference between knowledge and behavior. This is why AwareGO created the Human Risk Assessment. Designed by behavioral and cybersecurity experts, it allows organizations to measure human risk and resilience across a number of critical cybersecurity threat vectors. It measures cyber risks connected to social media that are not only personal but can affect the workplace as well. It helps assess awareness of secure password handling with multiple interactive experiences and situations. And it allows you to discover how employees would deal with tricky situations around th

Identity management has become a central pillar of many organizations’ security policies and architecture. In this executive interview, Ping Identity Senior Product Marketing Manager Zain Malik analyzes two heavily trending corners of the identity market: passwordless technology and customer identity and access management (or CIAM). This one-on-one session will address topics such as biometrics and QR code-based authentication, and how to determine which customer identity solution is right for each particular consumer touchpoint.   In March 2022, the SEC proposed new rules governing the reporting of cybersecurity incidents. This session will explore how businesses will be affected by this and similar legislation and provide tips to compliance and technical teams alike. S ecurity Weekly listeners save 20% on this year’s InfoSec World Conference by visiting https://securityweekly.com/isw and using the discount code ISW22-SECWEEK20   In 2023, at least five new “rights-based” data privacy laws will become enforce

This week, we start off the show by welcoming Ryan Fried to discuss how Security analysts can move past traditional Indicators of Compromise from threat intel like domains, hashes, URLs, and IP addresses. These indicators typically aren't valid shortly after the incidents happen. Modern threat hunting by doing things like reading recent and relevant security articles, pull out behaviors that attackers are doing like commands such as net group "domain admins" or RDPing from workstation to workstation and translating those to threat hunting queries. Then, Joeseph Carson joins to discuss following in the footsteps of an attacker and uncovering their digital footprints, this episode will uncover an attacker’s techniques used and how they went from zero to full domain admin compromise, which resulted in a nasty ransomware incident. It will also cover general lessons learned from Ransomware Incident Response. Finally, in the Enterprise Security News, Normalyze and Flow Security raise money to protect data, Axio and

In the Enterprise Security News: BlackRock drops $250M into Acronis, Talon raises a massive $100M Series A to make Enterprise Browsers a thing, Cybrary raises $25M, Ghost Security comes out of stealth, Netskope acquires Infiot, Thoma Bravo acquires Ping Identity TLP 2.0, Thought Leadering, And Winamp is back!   The pandemic forced us to rethink our IT environment as office workers went remote, outside the traditional framework of enterprise connectivity and security. This conversation will focus on top security concerns, costs, and containment strategies that 1,100 IT/security workers in 11 countries shared in a global report Infoblox sponsored to understand how organizations are addressing the new workplace. Segment Resources: https://blogs.infoblox.com/security/1100-it-pros-spotlight-the-security-hazards-of-hybrid-work/   Secure Access Service Edge (SASE)/Secure Service Edge(SSE) has quickly become part of day-to-day lexicon. But what exactly is SASE/SSE and will it make enterprise data more secure? How wi

In the Enterprise Security News: Blockchain security startups are still raising tons of money, but not in crypto, since it’s now worthless. Ha! just kidding. Maybe. Am I? Anvilogic, AppViewX, Sotero, Resourcely, and Push Security all raise rounds JUICY RUMORS! Is Crowdstrike buying Orca? Is Akamai getting bought out by a PE shop? HUMAN and PerimeterX join in a rare cybersecurity merger, Are Azure’s vulnerabilities out of control? Zoom brings end-to-end encryption to its cloud phone service, npm says FINE, we’ll add some security, Kaseya’s CEO is just, telling it like it is, man. The problem must be with you. A robot attacks a child, time to add EMP grenades to your EDC! All that and more!   In order to run a successful SOC, security leaders rely on tools with different strengths to create layers of defense. This has led to a highly siloed industry with over 2,000 vendors, each with their own specific function and who very seldom work together. To gain an advantage on attackers, we need to start seeing cyberse

In our research, 85% of security professionals attribute preventable business impacts to insufficient response practices. In this segment, Bill will discuss the key challenges slowing down response times, such as staffing challenges, alert quality, and organizational culture as primary factors slowing down response. This segment is sponsored by Deepwatch. Visit https://securityweekly.com/deepwatch to learn more about them!   This week in the Enterprise News: Lacework lays off approx 300 employees, US Narrows Scope of Anti-Hacking Law Long Hated by Critics, Security Study Plan, DevSecOps Vulnerability Management by Guardrails, StackZone, Cipherloc Acquires vCISO Security Services Provider SideChannel, Broadcom to Buy VMware for $61 Billion in Record Tech Deal, Cyscale raises EUR 3 million in Seed Funding Round, & more!   There are a few IETF standards that make the identity world go 'round. SAML, FIDO and LDAP are ones that we know and love... but there's one particularly un-loved standard that is the glue

Passwordless authentication is all the rage. And rightly so, given its promise of driving engagement and boosting productivity via more secure and frictionless user experiences. However, the path to passwordless often leads to more questions than answers. Don’t fret! We’ll offer a passwordless journey roadmap that delves into leveraging different risk signals like user behavior and device characteristics to make smarter authentication decisions. Segment Resources: https://www.pingidentity.com/en/solutions/business-priority/passwordless.html https://download.pingidentity.com/public/assets/misc/en/3637-workforce-survey-passwordless-future.pdf   This segment is sponsored by Ping. Visit https://securityweekly.com/ping to learn more about them!   Sick Codes hacked all four John Deere Telematics Gateway's, and the John Deere Gen4 Series Display. Without those, it's "just a tractor." However, this is Critical Infrastructure. In fact, without Tractors, Combines & Implements: farmers cannot plant, spray or harve

In the Enterprise Security News, Cyber insurance joins the Unicorn club, Bishop Fox raises a $75M Series B, A dozen more funding rounds, XM Cyber acquires Cyber Observer, Zendesk gets bought by private equity, 5 more rounds of cybersecurity layoffs, Some very interesting new products - both open source and commercial, Survival of the Quickest, And a ransom victim earning money from its payment?? How surreal it is for the industry to return to RSA event in person... what changed or transformed fundamentally ... etc. Specific impacts around the areas of ZTNA, SOC, and OT security. This segment is sponsored by Barracuda Networks. Visit https://securityweekly.com/barracuda to learn more about them!   Merritt Maxim discusses the latest trends on identity access and how organizations should tackle the ever expanding user security challenges.   Connected devices outnumber us humans two to one, a ratio that is on an accelerating growth curve. Risks associated with device counterfeiting and cyberattacks is also growin

Over the past year, we’ve seen more buzz develop around attack surface management. In fact, major analyst firms Forrester and Gartner recently released research about this topic. But what exactly is it? In this segment, join Mark St. John, LookingGlass’s SVP of Product, to learn more about how to define your attack surface, how to manage it, and how it can help your organization improve its cybersecurity. This segment is sponsored by LookingGlass Cyber. Visit https://securityweekly.com/lookingglass to learn more about them!   As the push toward digital transformation continues, every organization is having to choose: Security or experience first? We are entering an era where Security and Identity professionals work together to eliminate tradeoffs and rapidly evolve from technical experts to experience artists. Using solutions that customize, code, and integrate for you while boosting security through MFA, passwordless logins, and risk modernizes your identity experience. This segment is sponsored by Ping. Vis