Resilient Cyber

Chris Hughes
  • 4.9(16則評分)
  • 科技
  • 每週更新

Resilient Cyber brings listeners discussions from a variety of Cybersecurity and Information Technology (IT) Subject Matter Experts (SME) across the Public and Private domains from a variety of industries. As we watch the increased digitalization of our society, striving for a secure and resilient ecosystem is paramount.

  1. 2 小時前

    Resilient Cyber w/ Mitch Herckis - Securing the Public Sector

    In this episode, I sit down with Mitchel Herckis, Global Head of Government Affairs at cloud security leader Wiz.  We will be discussing all things public sector and cybersecurity, including the evolution of the FedRAMP program, modernizing vulnerability management, and the future of Continuous ATO (cATO). We covered a lot of ground, including: Mitch’s background, both at Wiz and inside Government at roles such as OMBHow Wiz is working with Federal agencies and Defense Industrial Base (DIB) partners on Cloud Security, including the long-needed overhaul of FedRAMP with FedRAMP 20x’s efforts.The move towards real Continuous Monitoring (ConMon) with real-time visibility of cloud environments, as well as the need for machine-readable artifacts, automations, and streamlined security control assessments.The modernization of vulnerability management, including factors such as attack paths, reachability, exploitability, known exploitation, and the importance of focusing on real risks versus noise.Moving away from paper-based compliance exercises and bridging the gap between security and compliance.Wiz’s role as a CVE Numbering Authority (CNA) and the broader CVE program, including its importance for both the Government and industry when it comes to vulnerability management.To evolving usage of SBOMs and broader supply chain security.Disjointed efforts around the Government at both the Federal at State levels when it comes to Continuous ATO (cATO) and how we can move towards a more cohesive approach to modern system assessment and authorization.The importance of Government Affairs and bridging the divide between industry and Government, including bringing in tech leaders into Government, influencing policy, and improving outcomes for citizens and warfighters alike.The dual-edged sword that is AI adoption in the public sector.

    39 分鐘

  2. 10月6日

    Resilient Cyber w/ Kenny Scott - Following the Future of FedRAMP

    In this episode of Resilient Cyber, I sit down with Founder & CEO of Paramify, Kenny Scott, to unpack the evolution of the FedRAMP program, FedRAMP 20x, and discuss what the public sector cloud compliance looks like moving into the future. Kenny and I dove into a lot of topics, including: What FedRAMP is and why it mattersWhat FedRAMP 20x is and what longstanding challenges associated with FedRAMP and public sector cloud and compliance it is addressingThe various aspects of FedRAMP 20x, including its phased rolloutChanges via FedRAMP 20x when it comes to Key Security Indicators (KSI), and how they differ from “controls”FedRAMP’s modern vulnerability management approach and how it changes from the way vulnerability was historically handled under FedRAMPThe importance of automated assessments, machine-readable artifacts, real Continuous Monitoring (ConMon), and more for practical GRC EngineeringThe role of GRC platforms when it comes to modernizing GRCWhat are the implications of FedRAMP 20x for other public sector compliance programs, such as DoD’s SWFT, SRG, and RMF Subscribe now

    42 分鐘

  3. 10月3日

    Resilient Cyber w/ Snehal Antani - AI and Autonomous Pen Testing

    In this episode of Resilient Cyber, I sit down with repeat guest Snehal Antani, who serves as the Co-Founder & CEO of Autonomous Pen Testing leader Horizon3.ai. We will discuss the latest developments in AI and Autonomous Pen Testing, as well as the tremendous growth and success of Horizon3.ai, as Snehal balances technical topics with business-centric hard won wisdom of growing an industry leading organization.

    39 分鐘

  4. 9月26日

    Resilient Cyber w/ Alon Jackson - Enterprise Agentic Security

    In this episode of Resilient Cyber, I sit down with Astrix Security Co-Founder and CEO Alon Jackson to discuss the need for secure agentic adoption across the enterprise.  This includes Astrix’s approach, which involves enabling enterprises to discover, secure, and deploy AI agents responsibly at scale.

    19 分鐘

  5. 9月24日

    Resilient Cyber w/ Emre Tinaztepe - Forensics at the Frontline

    In this episode of Resilient Cyber, I sit down with Binalyze Founder/CEO Emre Tinaztepe. We will discuss how AI and automation are impacting the future of the SOC and the role that forensics-level data can play in incident response and recovery, as well as proactive threat hunting.

    21 分鐘

  6. 9月15日

    Resilient Cyber w/ Andy Ellis - Effective Cyber Marketing, Sales & Leadership

    In this episode, I sit down with Andy Ellis, a longtime industry security leader who has turned investor, advisor, and mentor. We will discuss how security vendors can build effective marketing and sales teams and Andy's experience identifying and investing in industry-leading security startups.  Don't miss this chance to hear from an industry legend who has worn multiple hats and excelled as an operating, investor, and overall security leader.

    45 分鐘

  7. 9月10日

    Resilient Cyber w/ Cory Michal (AppOmni) - Unpacking the SaaS Security Supply Chain Landscape

    - One of the biggest SaaS security incidents recently of course is the Salesloft Drive/Salesforce incident, which impacted hundreds of organizations and involved compromised OAuth tokens. Can you tell us a bit about the incident and the fallout? - In an AppOmni blog on the incident, you all discuss attackers taking advantage of persistent OAuth access, over-permissive access, limited monitoring, and unsecured secrets. Why do these problems continue to plague organizations despite incidents like this? This is part of a broader trend of increased SaaS supply chain attacks. What makes these attacks so enticing for malicious actors and challenging for organizations to prevent entirely? You recently published your State of SaaS Security Report, which projects SaaS to grow 20% YoY between 2025 and 2032. This is despite 75% of organizations reporting a SaaS security incident in the past year. Why do you think we're seeing continued growth in adoption but still lagging in SaaS security to accompany the adoption? The report discusses the rise of NHIs and GenAI and how this will exacerbate problems around SaaS Access and incidents. Can you unpack that for us? I was shocked to see the report find that just 13% of organizations use SSPM tooling despite SaaS's widespread adoption. When you talk to enterprises, for example, nearly everyone is doing some CSPM activity for IaaS. Why are so many neglecting hygiene and posture for their SaaS footprint?

    25 分鐘

  8. 9月6日

    Resilient Cyber w/ Rob T. Lee - Navigating AI's Impact on Cyber & the Workforce

    In this episode of Resilient Cyber, I sit down with the SANS Institute's Chief of Research (COR) & Chief AI Officer (CAIO), Rob T. Lee to discuss AI's impact on cybersecurity and the workforce.  We will discuss SANS Critical AI Security Guidelines, the opportunities and obstacles AI presents for cybersecurity, and how practitioners should navigate AI's impact on the workforce.

    39 分鐘
顯示全部 (185)

評分與評論

4.9
(滿分 5 顆星)
16 則評分

簡介

Resilient Cyber brings listeners discussions from a variety of Cybersecurity and Information Technology (IT) Subject Matter Experts (SME) across the Public and Private domains from a variety of industries. As we watch the increased digitalization of our society, striving for a secure and resilient ecosystem is paramount.

資訊

  • 創作者
    Chris Hughes
  • 活躍年代
    2021年 - 2025年
  • 集數
    185
  • 年齡分級
    兒少適宜
  • 版權
    © 2025 Resilient Cyber
  • 節目網站
    Resilient Cyber

你可能也會喜歡