The Next Phase of Cybersecurity EM360

Applications are a double-edged sword for businesses. On one hand, they are a modern necessity to drive business success. However, on the other, they come with a host of security problems that need special attention.
Joining Bob Tarzey to outline the considerations specific to application security is Jeff Williams, Co-Founder and CTO at Contrast Security. In particular, Jeff details the threat posed by the fact that we simply aren’t very good at writing vulnerability-free software, and why this is the case. As well as this, they discuss the role of DevOps, and specifically, DevSecOps, in software development. Finally, Jeff delves into self-protecting software and how it works.

The advent of DevOps was hailed as a means to have all aspects of application deployment handled by one single team. However, over time, concerns surrounding security have begun to arise. Many feel that security should be more of a priority for Development & DevOps teams, particularly in regard to applications. On the one hand, apps are a modern necessity to drive business success. However, on the other hand, they come with a host of security problems that need special attention, necessitating DevSecOps in turn.
Joining us to lend his expertise on this matter is Jeff Martin, Senior Director of Product at WhiteSource. Firstly, Jeff explains whose responsibility AppSec actually is and how organisations ultimately create DevSecOps. He then demonstrates what the typical ‘DevSecOps’ workflow should look like. Finally, he outlines the benefits of open source tools and how important security procedures are for businesses and their DevOps efforts.

As security requirements evolve, so must the policies surrounding them. Today, businesses are responsible for updating policies consistently across all relevant security devices regardless of function and supplier. Given the sheer volume, a manual approach would be too impractical. Thus, organisations must turn to specialist products that harness automation as a means to cover more diverse security requirements and enhance security analytics and intelligence.
In this podcast, Bob Tarzey speaks with Andrew Lintell, Vice President and Managing Director, EMEA at FireMon. Andrew introduces the FireMon brand and how diverse the devices are that such vendors cater for. He also details the role that vendors like FireMon play in SecDevOps. As well as this, Andrew explains how FireMon helps in ensuring that organisations’ security systems are compliant and how it can prove this to the relevant regulatory bodies.

Manual incident response processes, insufficient workflows and difficulty hiring security personnel leave security operations teams struggling to keep up with the growing volume of alerts. SOAR solutions combine automated data gathering, security automation, case management and analytics to provide organisations the ability to speed up the incident response process.
In this podcast, Bob Tarzey speaks with Cody Cornell, Co-founder and CEO at Swimlane, a U.S. based independent SOAR solution provider. Cody introduces how businesses are adopting SOAR tools and explains the ease in which they are deployed. He also provides some use cases for the type of workflows that SOAR enables that were previously hard to achieve. Finally, Cody details how different sized enterprises can access and use SOAR effectively and how he sees Swimlane evolving and contributing to the industry over the coming years.

Keeping your business safe requires a proactive analysis of potential online threats. This requires more than details of latest malware and software vulnerabilities. Intelligence is also required about what is happening in cyberspace that may represent a specific threat to your business. The deepest recesses of the web need probing to gathering this intelligence. Not just the clear web, the websites that we all use on a day-to-day basis, but also the dark and, where possible, deep web.
In this podcast, Bob Tarzey speaks with Charity Wright, Cyber Threat Intelligence Advisor and Etay Maor, Chief Security Officer at IntSights. Firstly, they outline some use cases for external threat intelligence and the types of risks that can be mitigated. Then, they discuss how to probe the dark web in terms of identifying threats but also using analysis effectively. Finally, they explore how IntSights uses this analysis for mitigating threats.

For organisations that want to ensure safe, scalable, and efficient access to their services, effective identity and access management solutions are essential. However, ensuring maximum security and maintaining a smooth user experience is a challenge. The more we move into the digital environment, the more each company must focus on these aspects and construct the identity and access management (IAM) programs with the users in mind.
In this podcast, Kris Imbrechts, Regional Director Northern & Southern Europe at Auth0 explains the business balancing act between user experience and security. To begin with, Kris explains the current state of IAM solutions in the market and how organisations are approaching implementation. Further to this, he outlines the build vs buy strategy and the importance of a seamless and almost invisible IAM solution. Finally, Kris looks at maintaining trust in users and the considerations needed for longevity and safety when implementing apps.