Enterprise Security Weekly (Audio‪)‬ Security Weekly

Bob Ackerman argues that, from an investment perspective, cybersecurity is like life sciences - a complex, nuanced field that is difficult field to invest in part-time. So his firm, Allegis Cyber, became one of the first to focus exclusively on investing in cyber startups. In this segment, we'll discuss one of Allegis's recent investments, SixMap, and Bob's other investment/accelerator vehicle, Data Tribe. Data Tribe sources investments from national intelligence, with examples like Dragos that came through this program.
This week in the enterprise news, we explore the harsh realities of the startup world with a look at recent failures and shutdowns, investigating the factors leading to these setbacks. Meanwhile, Carbon Black makes headlines by breaking away from VMware in what seems like a divestiture within an acquisition, raising questions about the future of the company. We'll also discuss the European Space Agency's venture into cybersecurity for the space industry, revealing that even the vastness of outer space isn't immune to digital threats. Tune in for all this and more!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
 
Show Notes: https://securityweekly.com/esw-342

While non-profit doesn't mean "no budget" when it comes to cybersecurity, a lot of smaller to mid-sized non-profits operate on a shoestring, with little to no money for cybersecurity talent or spending. This is where Sightline Security steps in. Sightline's founder and CEO, Kelley Misata joins us today to explain how her own non-profit helps other non-profits improve their cybersecurity posture.
As with any category of trends, the success rate of cybercrime ebbs and flows. As Russia seems be a safe haven for cybercriminals, it seemed for a while that the war in Ukraine might disrupt this activity. It did, but only for a short while.
Keith Jarvis walks us through the latest types, tactics, and trends in cybercrime. Secureworks' latest State of the Threat report reveals a disturbing dichotomy: how is it we understand our adversaries' so well, but continue to fail to stop them? In this interview, we aim to understand what needs to happen to tilt the odds a bit back in our favor.
Segment Resources:
Secureworks State of the Threat Report Press Release Segment description coming soon!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/esw-341

High School students represent the very beginning of the pipeline for the Cyber industry. What are the attitudes and perspectives of these young people? How can we attract the best and brightest into our industry?
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/vault-esw-5

Once again, Theresa Lanowitz joins us to discuss Edge Computing, but with a twist this time, as Mani Keerthi Nagotu from SentinelOne joins us as well! As a field CISO, Mani knows all too well the struggles security leaders are going through, given the current market and threat landscape:
Maybe not less budget, but more pressure to produce results and justify spending Security leaders being held personally accountable for performance Potential layoffs, and the need to achieve the same goals with less labor and tool overhead Segment Resources
https://cybersecurity.att.com/insights-report This segment is sponsored by AT&T Cybersecurity. Visit https://securityweekly.com/attcybersecurity to learn more about them!
We regularly cover significant breaches on this podcast, but it is rare that we have enough information about a major breach to cover in enough detail to devote an entire segment to. Today, we dive into lessons learned from the breach of Okta's customer support system that targeted some other major security vendors.
This is part of a troubling trend, where the target of an attack only serves as a jumping off point to other organizations. China's 2023 attack of Microsoft is an example of this. It was easier to attack Microsoft 365, one of the world's largest business SaaS platforms, than to go after each of the 25 individual targets these Chinese actors needed access to.
Traditionally, we've thought of lateral movement as something that happens within a network segment, or even within a single organization. Now, we're seeing lateral movement between SaaS platforms, between clouds, from third party vendors to customer, and even from open source project to open source adopters.
In this segment, we'll cover five key lessons learned from Okta's breach, from information shared by Okta and three of its customers: 1Password, Cloudflare, and BeyondTrust.
Protect Your Session Tokens Monitor for Unusual Behavior SaaS Vendors Are Common Targets Zero Trust Principles Work MFA Isn't a Binary (on or off) Control Segment Resources
https://www.valencesecurity.com/resources/blogs/five-lessons-learned-from-oktas-support-site-breach Finally, in the enterprise security news,
Lots of new security startups with early stage funding SentinelOne picks up Chris Krebs and Alex Stamos’s consulting firm PE firm picks up ActiveState - a company I haven’t thought about since I last downloaded ActiveState Perl 1000 years ago Microsoft announces the limited release of Security Copilot Semgrep releases a secrets scanner AGI predicted to come much sooner than you might expect NY State doubles down on cybersecurity regulations to protect its hospitals the young hackers behind Mirai, one of the biggest botnets ever Ransomware groups snitch on businesses to the SEC Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/esw-340

Today, we discuss the state of attack surface across the Internet. We've known for decades now that putting an insecure service on the public Internet is a recipe for disaster, often within minutes. How has this knowledge changed the publicly accessible Internet? We find out when we talk to Censys's Aidan Holland today.
We've reached an inflection point in security. There are a handful of organizations regularly and successfully stopping cyber attacks. Most companies haven't gotten there, however. What separates these two groups? Why does it seem like we're still failing as an industry, despite seeming to collectively have all the tools, intel, and budget we've asked for?
Kelly Shortridge has studied this problem in depth. She has created tools (https://www.deciduous.app/), and written books (https://www.securitychaoseng.com/) to help the community approach security challenges in a more logical and structured way. We'll discuss what hasn't worked for infosec in the past, and what Kelly thinks might work as we go into the future.
During the news today, we went deep down the rabbithole of discussing security product efficacy. Adrian still doesn't believe in enterprise browsers beyond Google Chrome, but can't deny that Talon got a pretty favorable exit considering the state of the market. We see the first major exit for cybersecurity insuretechs, and discuss a few notable funding rounds.
We discuss Kelly Shortridge's essay on the origins and nature of the term "security" and what it means. Stephen Schmidt suggests 6 questions every board should ask their CISO, we explore Cyentia Labs' meta analysis of MITRE ATT&CK techniques, and Phil Venables shares some hilarious takes on infosec stereotypes.
 
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/esw-339

In this segment, we discuss the current state of the market recovery with Hank Thomas, founder of Strategic Cyber Ventures.
We've got market questions, like:
What has changed in the last year? Are IPOs coming back any time soon? How large is the cybersecurity death pool? What do early and mid-sized startups need to do to survive in the current market? There is little to no organization of data within companies in 2023. We're all guilty of this at some level. The download folders and desktops on our personal machines are a mess. File servers, and cloud storage services are a mess. In Microsoft's recent data leak, AI researchers even had PC backups stored along side machine learning models for whatever reason.
Data is hard to classify, organize, and monitor. By designing for convenience, we've created convenience debt that now has to be paid down. In this segment we talk to Jackie McGuire about what needs to happen to accomplish this, at the enterprise level, and at scale.
Even if we can one day address the challenge of tracking and labeling data, we'll still have the challenge of addressing data integrity and resilience, which we'll also discuss if we have time!
Segment Resources: https://www.darkreading.com/risk/it-s-time-to-assess-the-potential-dangers-of-an-increasingly-connected-world-
Oh, the HARror! Sanitizing HAR files is not as easy as some might lead you to believe. CISA funds Cyber.org for K-12 cyber education and ORNL creates a Center for AI Security Research (CAISER). Cloudflare creates a tool out of spite, and CISA creates a tool you shouldn't use in production? Biden's EO on "Safe, Secure, and Trustworthy AI" and the Top Five Things you need to know about how GenAI is used in Security Tools.
Five lessons learned form Okta's latest breach, should ransom payments be illegal, and why ransomware victims can't stop paying ransoms. We discuss the impact of the charges made against Solarwinds and its CISO by the SEC, the 2023 ISC2 Cybersecurity Workforce Survey, and Microsoft's latest open letter on security.
Finally we wrap up discussing a delicious $8M Series A for better bagels!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/esw-338