Podcasts about forescout

The demand for AI services is driving more growth in public cloud platforms, Amazon, Microsoft, and Google have all continued investment in the public cloud platforms to keep up with generative AI. Andy Jassy highlighted triple-digit growth in AI revenues, Microsoft has committed to 40% more capacity in Europe, and Google is investing $17 Billion in cloud infrastructure.Time Stamps: 0:00 - Welcome to the Tech Field Day News Rundown1:13 - Amazon Internet from Space in 20263:07 - Palo Alto Networks buys Protect AI5:44 - Forescout and NVIDIA Team Up for Operational Technology8:29 - Cloud Costs are Higher than Expected, Value to the Business is Even Higher11:24 - Chatbots aren't Giving Good Health Advice14:18 - Huawei AI chips to take on NVIDIA and beat US controls17:13 - AI Growth Driving Cloud Provider Investment21:27 - The Weeks Ahead22:21 - Thanks for WatchingHosts: Tom Hollingsworth: https://www.linkedin.com/in/networkingnerd/Stephen Foskett: https://www.linkedin.com/in/sfoskett/Alastair Cooke: https://www.linkedin.com/in/alastaircooke/Follow Tech Field Day: Website: https://techfieldday.com/ LinkedIn: https://www.linkedin.com/company/tech-field-day/X/Twitter: https://x.com/TechFieldDay Bluesky: https://bsky.app/profile/techfieldday.com

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 60: Hacking Solar Power InvertersPub date: 2025-04-15Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationSolar power systems are rapidly becoming essential elements of power grids throughout the world, especially in the US and EU. However, cybersecurity for these systems is often an afterthought, creating a growing risk to grid stability and availability. Daniel de Santos, Head of Research at ForeScout, talks about his recent research into vulnerabilities associated with solar panel investors, how they might affect the power grid or the end-user, and what we can do about it. The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Solar power systems are rapidly becoming essential elements of power grids throughout the world, especially in the US and EU. However, cybersecurity for these systems is often an afterthought, creating a growing risk to grid stability and availability. Daniel de Santos, Head of Research at Forescout, talks about his recent research into vulnerabilities associated with solar panel investors, how they might affect the power grid or the end-user, and what we can do about it.

In this conversation, Dr. Chase Cunningham and Barry Mainz, CEO of Forescout, discuss the pressing issues surrounding cybersecurity, particularly in critical infrastructure, legacy systems, and the importance of a zero trust approach. They critique the Netflix series 'Zero Day' for its portrayal of cybersecurity threats and explore the current state of security in various sectors, including healthcare and airports. The discussion emphasizes the need for compliance, business continuity, and the integration of cybersecurity into business strategies. They also touch on the future of cybersecurity investments and the importance of considering schools as critical infrastructure.TakeawaysThe portrayal of cybersecurity in media can be exaggerated.Critical infrastructure is vulnerable and requires investment in security.Zero trust principles should be applied to OT and IoT systems.Legacy systems pose significant challenges for cybersecurity.Compliance requirements for OT and IoT are lacking compared to other sectors.Business continuity is a key driver for cybersecurity investments.Cybersecurity discussions should focus on business impacts, not just technical details.Heterogeneous environments require flexible security solutions.Airports vary in their cybersecurity readiness based on age and investment.Healthcare cybersecurity often reacts to breaches rather than preventing them.

The IRISSCERT Cyber Crime Conference (IRISSCON) returns on November 6th at the Aviva Stadium, where global cybersecurity leaders will explore AI's revolutionary role in defending against, and contributing to, cyber threats. As Ireland's longest-standing cybersecurity conference, IRISSCON 2024 will dive into AI's impact on how it both enhances security and enables cybercriminals to scale and automate attacks. With generous support from diamond sponsors ESET, Symantec, and BH Consulting, the event will highlight cutting-edge AI strategies while equipping attendees with insights into managing AI-driven threats. IRISSCON 2024 will examine AI's role in threat detection, response automation, and defence optimisation, while exploring the risks posed by adversarial AI applications, such as automated phishing, impersonation through deepfakes, and highly targeted attacks. Featured speakers from top organisations, such as the Irish National Cyber Security Centre (NCSC), An Garda Siochana, ESET, Symantec, ForeScout, and Trend Micro, will share their expertise on how organisations can anticipate and counter AI-powered cyber threats. "AI holds immense promise as both a powerful defense tool and a potential threat amplifier," said Brian Honan, founder of IRISSCERT. "This year's IRISSCON will enable cybersecurity professionals to better understand how to leverage AI in protecting their organisations, while also preparing for the risks posed by AI fuelled attacks. We're incredibly grateful for the support of our sponsors ESET, Symantec, and BH Consulting, who make this important event possible." IRISSCON 2024 will also cover topics in cyber regulation such as NIS2, global cooperation, and best practices for preventing, detecting, and responding to cybersecurity attacks. See more stories here.

Check out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on June 27, 2022. Forgepoint Capital's Co-Founder and Managing Director, Alberto Yépez, explains what the current economic challenges mean for innovation and the future of the cybersecurity market. Hear his perspective on what security investments, as well as mergers and acquisitions, will look like throughout the next 12-18 months, and how responsible companies are staying the course amidst layoffs and budget cuts in order to turn uncertainty into a strategic path forward. Segment Resources: Forgepoint's new CISO security priorities model: https://forgepointcap.com/news/forgepoint-capital-builds-first-ever-ciso-security-priorities-model/ Recent exits that Forgepoint supported: - Forescout acquires Cysiv on June 6, 2022(release: https://www.cysiv.com/news/forescout-announces-intent-to-acquire-cysiv and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-partha-panda-ceo-of-cysiv/) SentinelOne acquires Attivo Networks on May 4, 2022 (release: https://www.sentinelone.com/press/sentinelone-completes-acquisition-of-attivo-networks/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/attivo-networks-why-we-invested/) LexisNexis Risk Solutions Acquires BehavioSec on May 3, 2022 (release: https://risk.lexisnexis.com/about-us/press-room/press-release/20220503-behaviosec and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-neil-costigan-of-behaviosec/ ) Cloudflare acquires Area 1 Security on April 1, 2022 (release: https://www.cloudflare.com/press-releases/2022/cloudflare-completes-acquisition-of-area-1-security/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/area-1-security-why-we-invested/ ) Show Notes: https://securityweekly.com/vault-bsw-9

Check out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on June 27, 2022. Forgepoint Capital's Co-Founder and Managing Director, Alberto Yépez, explains what the current economic challenges mean for innovation and the future of the cybersecurity market. Hear his perspective on what security investments, as well as mergers and acquisitions, will look like throughout the next 12-18 months, and how responsible companies are staying the course amidst layoffs and budget cuts in order to turn uncertainty into a strategic path forward. Segment Resources: Forgepoint's new CISO security priorities model: https://forgepointcap.com/news/forgepoint-capital-builds-first-ever-ciso-security-priorities-model/ Recent exits that Forgepoint supported: - Forescout acquires Cysiv on June 6, 2022(release: https://www.cysiv.com/news/forescout-announces-intent-to-acquire-cysiv and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-partha-panda-ceo-of-cysiv/) SentinelOne acquires Attivo Networks on May 4, 2022 (release: https://www.sentinelone.com/press/sentinelone-completes-acquisition-of-attivo-networks/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/attivo-networks-why-we-invested/) LexisNexis Risk Solutions Acquires BehavioSec on May 3, 2022 (release: https://risk.lexisnexis.com/about-us/press-room/press-release/20220503-behaviosec and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-neil-costigan-of-behaviosec/ ) Cloudflare acquires Area 1 Security on April 1, 2022 (release: https://www.cloudflare.com/press-releases/2022/cloudflare-completes-acquisition-of-area-1-security/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/area-1-security-why-we-invested/ ) Show Notes: https://securityweekly.com/vault-bsw-9

Check out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on June 27, 2022. Forgepoint Capital's Co-Founder and Managing Director, Alberto Yépez, explains what the current economic challenges mean for innovation and the future of the cybersecurity market. Hear his perspective on what security investments, as well as mergers and acquisitions, will look like throughout the next 12-18 months, and how responsible companies are staying the course amidst layoffs and budget cuts in order to turn uncertainty into a strategic path forward. Segment Resources: Forgepoint's new CISO security priorities model: https://forgepointcap.com/news/forgepoint-capital-builds-first-ever-ciso-security-priorities-model/ Recent exits that Forgepoint supported: - Forescout acquires Cysiv on June 6, 2022(release: https://www.cysiv.com/news/forescout-announces-intent-to-acquire-cysiv and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-partha-panda-ceo-of-cysiv/) SentinelOne acquires Attivo Networks on May 4, 2022 (release: https://www.sentinelone.com/press/sentinelone-completes-acquisition-of-attivo-networks/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/attivo-networks-why-we-invested/) LexisNexis Risk Solutions Acquires BehavioSec on May 3, 2022 (release: https://risk.lexisnexis.com/about-us/press-room/press-release/20220503-behaviosec and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-neil-costigan-of-behaviosec/ ) Cloudflare acquires Area 1 Security on April 1, 2022 (release: https://www.cloudflare.com/press-releases/2022/cloudflare-completes-acquisition-of-area-1-security/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/area-1-security-why-we-invested/ ) Show Notes: https://securityweekly.com/vault-bsw-9

Check out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on June 27, 2022. Forgepoint Capital's Co-Founder and Managing Director, Alberto Yépez, explains what the current economic challenges mean for innovation and the future of the cybersecurity market. Hear his perspective on what security investments, as well as mergers and acquisitions, will look like throughout the next 12-18 months, and how responsible companies are staying the course amidst layoffs and budget cuts in order to turn uncertainty into a strategic path forward. Segment Resources: Forgepoint's new CISO security priorities model: https://forgepointcap.com/news/forgepoint-capital-builds-first-ever-ciso-security-priorities-model/ Recent exits that Forgepoint supported: - Forescout acquires Cysiv on June 6, 2022(release: https://www.cysiv.com/news/forescout-announces-intent-to-acquire-cysiv and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-partha-panda-ceo-of-cysiv/) SentinelOne acquires Attivo Networks on May 4, 2022 (release: https://www.sentinelone.com/press/sentinelone-completes-acquisition-of-attivo-networks/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/attivo-networks-why-we-invested/) LexisNexis Risk Solutions Acquires BehavioSec on May 3, 2022 (release: https://risk.lexisnexis.com/about-us/press-room/press-release/20220503-behaviosec and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-neil-costigan-of-behaviosec/ ) Cloudflare acquires Area 1 Security on April 1, 2022 (release: https://www.cloudflare.com/press-releases/2022/cloudflare-completes-acquisition-of-area-1-security/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/area-1-security-why-we-invested/ ) Show Notes: https://securityweekly.com/vault-bsw-9

The Internet of Things remains a top priority. Market research firm IoT Analytics says IoT remains a top-three corporate technology priority even AI has taken over as the top technology priority. In surveys from PWC, KPMG, and BCG, respondents ranked IoT second or third after AI in terms of investment prioritization for emerging technologies, with AI coming in first across the board.In the Asimily report, IoT Device Security in 2024: The High Cost of Doing Nothing, it was concluded that breach tactics continue to evolve, that routers have become the favourite attack vector accounting for 70% of IoT infections, and manufacturing continues to be the top target among industries.In this PodChats for FutureIoT, we revisit the topic of how to reduce IoT risks. Joining to discuss the matter is Barry Mainz, CEO at Forescout.1.       Can you give the key points of The Enterprise of Things Security Report by Fourscout Research Labs?a.       What do we don't know already about the insecurity of IoT devices and technologies?2.       There are those that claim that breaches can occur by way of unsecured IoT devices. Can you confirm or elaborate on this?3.       Given the rising level of awareness of the risks associated with enterprise IoT, what is being done? And if none, why?4.       Where are the areas of IoT that present the greatest risks?5.       Name 3 questions CIOs/heads of OT and security, need to ask as part of an IoT deployment.6.       Recapping: Our topic is reducing IoT risks. Given what we know about IoT adoption trends, evolving cyber threat landscape specific to IoT, and innovations in areas like machine learning and artificial intelligence, do we have any hope of reducing IoT risks, and can you name three action items for whoever should be responsible for securing enterprise IoT?7.       You mentioned about Fourscout coming in to look at an organisation's asset to check for possible vulnerabilities. How receptive are businesses to this approach?

Warm Start: ·       GridEx VII Report Highlights Further Action to Enhance Grid Resilience ·       US electric grid growing more vulnerable to cyberattacks, regulator says ·       CISA's ‘Cyber Storm' will help it update National Cyber Incident Response Plan   Main Topics: ·       US Environmental Protection Agency hack exposes data of 8.5 million users. ·       Sophos - Unpatched Vulnerabilities: The Most Brutal Ransomware Attack Vector.   ·       Bomb threats follow Libs of TikTok's campaign against Planet Fitness o   Bomb threats reported at Planet Fitness locations in Northern Va. amid transgender controversy o   No threat found after several Planet Fitness locations in Jacksonville received bomb threats o   Alabama Planet Fitness locations receive bomb threats, evacuated by FBI o   Planet Fitness bomb threats in Connecticut spark concerns o   Police: Planet Fitness locations evacuated after bomb threats o   Planet Fitness locations in Daphne, Fairhope, and Mobile receive bomb threats   ·       Furry hackers spend stolen church funds on inflatable sea lions after pastor calls out Biden.   ·       Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023. The U.S. Department of Homeland Security released the Cyber Safety Review Board's (CSRB) findings and recommendations following its independent review of the Summer 2023 Microsoft Exchange Online intrusion. o   Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023.pdf o   Cyber board says Chinese hack of US officials was 'preventable' o   Microsoft faulted for ‘cascade' of failures in Chinese hack   ·       CSU: Forecast for 2024 Hurricane Activity. “We anticipate that the 2024 Atlantic basin hurricane season will be extremely active.”    Info Ops:  o   Russian trolls target U.S. support for Ukraine, Kremlin documents show o   New effort to "inoculate" U.S. voters against AI misinformation o   AI-generated story that Iran had fired missiles at Tel Aviv were amplified by X's own systems o   Microsoft: China tests US voter fault lines and ramps AI content to boost its geopolitical interests   Quick Hits: ·       CISA Publishes New Webpage Dedicated to Providing Resources for High-Risk Communities.   ·       DHS: Mitigating Harm from Violent Visual Content: CP3 Prevention Resource. ·       FTC Announces Impersonation Rule Goes into Effect Today (01 Apr) ·       FBI Atlanta gate crash: Man tries to breach security by tailing employees ·       Suspect arrested after vehicle crashes into gate at Atlanta FBI field office ·       The Surprising Intelligence Community Outreach to Russia ·       Why Russian intelligence dismissed US warnings of terror threat ·       Germany announces military overhaul with eye on cyber threats ·       “All your base are belong to us” – A probe into Chinese-connected devices in US networks ·       Forescout research finds surge in Chinese-manufactured devices on US networks, including critical infrastructure ·       Risky Biz News: Backdoor found in 92k D-Link NAS devices ·       Omni Hotels experiencing nationwide IT outage since Friday ·       A Quantitative Analysis of the Security Ratings of the S&P 500 ·       How a steel ball protected Taiwan's tallest skyscraper in an earthquake ·       Rotterdam teen arrested for plotting a terror attack, prosecutors say ·       ‘Reverse' searches: The sneaky ways that police tap tech companies for your private data ·       The Unification Church Infiltrated Japan's Government. Now Its Sights Are Set on the U.S. ·       India rescues 250 citizens enslaved by Cambodian cybercrime gang ·       Targeted Phishing Linked to 'The Com' Surges ·       GenAI: The next frontier in AI security threats ·       ChatGPT jailbreak prompts proliferate on hacker forums ·       Threat Actors Deliver Malware via YouTube Video Game Cracks ·       7 Types of Business Email Compromise (BEC) Attacks ·       SEO Poisoning  

Oh boy the ZScaler super ZT AI powered SD-WAN SASE blah blah. Wow. Some good research from Forescout on what you should prioritize from the attacker perspective. Key findings from 2023 that show us what the adversaries are focusing on. And the MOAB (Mother of All Breaches), should we be concerned. Enjoy this one.

Using data to break down silos, reverse engineer outcomes, and identify emerging threats like WormGPT.According to recent report from Trellix, 31 percent of CISOs identified a lack of buy-in and use of cyber tools as one of their leading challenges. Additionally, of those who have experienced a large security incident, significant stress to the SecOps team and major attrition from these teams were identified as the most significant impacts of a cyber attack – outranking network downtime and data loss. These findings seem to indicate how important processes, and not just tools, have become in defending an ever-expanding threat landscape.Our guest for this episode is Daniel Trivellato, Vice President of Product & Engineering at Forescout – a leading provider of tools and solutions focused on increasing SOC efficiency. He's all too familiar with these dynamics and offers some interesting takes on how to address them.The report Daniel references can be found here.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you'd like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector's New Battlefield, click here.

Daniel dos Santos, Forescout's Head of Security Research is sharing insights from a recent exercise his team conducted on AI-assisted attacks for OT and unmanaged devices. Using ChatGPT, Forescout's research team converted an existing OT exploit developed in Python to run on Windows to demonstrate how easy it is to create an AI-assisted attack that converts the original exploit into alternative programming languages. The research states "our goal was to convert an existing OT exploit developed in Python to run on Windows to the Go language using ChatGPT." This would then allow it to run faster on Windows and run easily on a variety of embedded devices. The research can be found here: AI-Assisted Attacks Are Coming to OT and Unmanaged Devices – the Time to Prepare Is Now

Daniel dos Santos, Forescout's Head of Security Research is sharing insights from a recent exercise his team conducted on AI-assisted attacks for OT and unmanaged devices. Using ChatGPT, Forescout's research team converted an existing OT exploit developed in Python to run on Windows to demonstrate how easy it is to create an AI-assisted attack that converts the original exploit into alternative programming languages. The research states "our goal was to convert an existing OT exploit developed in Python to run on Windows to the Go language using ChatGPT." This would then allow it to run faster on Windows and run easily on a variety of embedded devices. The research can be found here: AI-Assisted Attacks Are Coming to OT and Unmanaged Devices – the Time to Prepare Is Now Learn more about your ad choices. Visit megaphone.fm/adchoices

Podcast: Control Loop: The OT Cybersecurity Podcast (LS 33 · TOP 5% what is this?)Episode: Adding some color to incident response.Pub date: 2023-02-22Dragos has released its ICS/OT Cybersecurity Year in Review for 2022, finding a rise in ransomware attacks targeting industrial organizations. Forescout discloses two vulnerabilities affecting the Unity line of Schneider Electric's Modicon programmable logic controllers. Dozens of vulnerabilities in industrial internet-of-things (IIoT) devices. Tim Starks from the Washington Post's Cybersecurity 202. discusses the upcoming White House National Cyber Strategy and its possible effects on critical infrastructure. In the Learning Lab, Dragos' VP Product & Industry Market Strategy Mark Urban begins his two-part discussion about the importance of incident response planning with Vern McCandlish, who is a Principal Industrial Incident Responder at Dragos.Control Loop News Brief.Dragos releases its ICS/OT Cybersecurity Year in Review for 2022.2022 ICS/OT Cybersecurity Year in Review (Dragos)Russian-linked malware was close to putting U.S. electric, gas facilities ‘offline' last year (Politico)Schneider PLC vulnerabilities.Deep Lateral Movement in OT Networks: When Is a Perimeter Not a Perimeter? (Forescout)The return of ICEFALL: Two critical bugs revealed in Schneider Electric tech (The Record)Wireless IIoT devices at risk from vulnerabilities.Industrial Wireless IoT - The direct path to your Level 0 (Otorio)Control Loop Interview.The interview is with Tim Starks from the Washington Post's Cybersecurity 202 discussing the upcoming White House National Cyber Strategy and its possible effects on critical infrastructure.Control Loop Learning Lab.In Part 1 of 2, Dragos' VP Product & Industry Market Strategy Mark Urban speaks with Vern McCandlish, Principal Industrial Incident Responder at Dragos, about the importance of incident response planning. Industrial Cyber Threat Intel & Collective Intelligence links: Neighborhood Keeper in the Broader Context of Cyber Threat Intelligence Using Trend Analysis to Operationalize OT Threat Intelligence with Neighborhood Keeper Control Loop OT Cybersecurity Briefing.A companion monthly newsletter is available through free subscription and on the CyberWire's website.The podcast and artwork embedded on this page are from N2K Networks, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Dragos has released its ICS/OT Cybersecurity Year in Review for 2022, finding a rise in ransomware attacks targeting industrial organizations. Forescout discloses two vulnerabilities affecting the Unity line of Schneider Electric's Modicon programmable logic controllers. Dozens of vulnerabilities in industrial internet-of-things (IIoT) devices. Tim Starks from the Washington Post's Cybersecurity 202. discusses the upcoming White House National Cyber Strategy and its possible effects on critical infrastructure. In the Learning Lab, Dragos' VP Product & Industry Market Strategy Mark Urban begins his two-part discussion about the importance of incident response planning with Vern McCandlish, who is a Principal Industrial Incident Responder at Dragos. Control Loop News Brief. Dragos releases its ICS/OT Cybersecurity Year in Review for 2022. 2022 ICS/OT Cybersecurity Year in Review (Dragos) Russian-linked malware was close to putting U.S. electric, gas facilities ‘offline' last year (Politico) Schneider PLC vulnerabilities. Deep Lateral Movement in OT Networks: When Is a Perimeter Not a Perimeter? (Forescout) The return of ICEFALL: Two critical bugs revealed in Schneider Electric tech (The Record) Wireless IIoT devices at risk from vulnerabilities. Industrial Wireless IoT - The direct path to your Level 0 (Otorio) Control Loop Interview. The interview is with Tim Starks from the Washington Post's Cybersecurity 202 discussing the upcoming White House National Cyber Strategy and its possible effects on critical infrastructure. Control Loop Learning Lab. In Part 1 of 2, Dragos' VP Product & Industry Market Strategy Mark Urban speaks with Vern McCandlish, Principal Industrial Incident Responder at Dragos, about the importance of incident response planning.  Industrial Cyber Threat Intel & Collective Intelligence links: Neighborhood Keeper in the Broader Context of Cyber Threat Intelligence Using Trend Analysis to Operationalize OT Threat Intelligence with Neighborhood Keeper Control Loop OT Cybersecurity Briefing. A companion monthly newsletter is available through free subscription and on the CyberWire's website.

Cyber insurance is a must-have, but organizations are finding that cyber insurance premiums are more costly, policies are more difficult to obtain, and policies attach more limitations and exclusions than before. We will discuss cyber insurance's role in risk management and trends.   Segment Resources: https://www.forrester.com/report/q-and-a-cyber-insurance/RES178563?ref_search=3185990_1675109251447 https://www.forrester.com/report/tech-execs-guide-to-cyber-insurance/RES178564?ref_search=3185990_1675109251447 https://www.forrester.com/blogs/whos-responsible-for-cyber-insurance-policy-misrepresentations-it-depends/?ref_search=3185990_1675109251447   Insiders - employees, contractors, and partners - are responsible for almost a quarter of data breaches. Reducing insider risk requires a dedicated approach, including user monitoring. But be careful, Forrester predicts that a C-level executive will be fired for their firm's use of employee monitoring in 2023.   Segment Resources: https://www.forrester.com/blogs/predictions-2023-security/?ref_search=3092262_1675290315432 https://www.forrester.com/blogs/apply-critical-thinking-and-culture-to-reduce-insider-risk/ https://www.forrester.com/blogs/practice-empathy-to-reduce-insider-risk/ https://www.forrester.com/blogs/pandemic-fallout-creates-perfect-conditions-for-insider-threat/     In the Enterprise News: There's lots of executive shuffling going on! Saviynt gets a new CEO and $205M in funding, Forescout appoints its 4th CEO in as many years, and Mudge finds a place at Rapid 7. We've got some interesting trends, like more focus on securing small businesses, and more cybersecurity startups pairing technology with cyber insurance. It seems like only yesterday, we were shocked to hear that Microsoft was running a $10B security business, but Microsoft has apparently now grown security revenue to $20 BILLION DOLLARS. Also, Tyler explains what Herman Miller chairs have to do with spotting market trends, we note the 20 year anniversary of SQL Slammer, and discuss why consumers don't want smart appliances shoved down their throats!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/esw304

Cyber insurance is a must-have, but organizations are finding that cyber insurance premiums are more costly, policies are more difficult to obtain, and policies attach more limitations and exclusions than before. We will discuss cyber insurance's role in risk management and trends.   Segment Resources: https://www.forrester.com/report/q-and-a-cyber-insurance/RES178563?ref_search=3185990_1675109251447 https://www.forrester.com/report/tech-execs-guide-to-cyber-insurance/RES178564?ref_search=3185990_1675109251447 https://www.forrester.com/blogs/whos-responsible-for-cyber-insurance-policy-misrepresentations-it-depends/?ref_search=3185990_1675109251447   Insiders - employees, contractors, and partners - are responsible for almost a quarter of data breaches. Reducing insider risk requires a dedicated approach, including user monitoring. But be careful, Forrester predicts that a C-level executive will be fired for their firm's use of employee monitoring in 2023.   Segment Resources: https://www.forrester.com/blogs/predictions-2023-security/?ref_search=3092262_1675290315432 https://www.forrester.com/blogs/apply-critical-thinking-and-culture-to-reduce-insider-risk/ https://www.forrester.com/blogs/practice-empathy-to-reduce-insider-risk/ https://www.forrester.com/blogs/pandemic-fallout-creates-perfect-conditions-for-insider-threat/     In the Enterprise News: There's lots of executive shuffling going on! Saviynt gets a new CEO and $205M in funding, Forescout appoints its 4th CEO in as many years, and Mudge finds a place at Rapid 7. We've got some interesting trends, like more focus on securing small businesses, and more cybersecurity startups pairing technology with cyber insurance. It seems like only yesterday, we were shocked to hear that Microsoft was running a $10B security business, but Microsoft has apparently now grown security revenue to $20 BILLION DOLLARS. Also, Tyler explains what Herman Miller chairs have to do with spotting market trends, we note the 20 year anniversary of SQL Slammer, and discuss why consumers don't want smart appliances shoved down their throats!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/esw304

In the Enterprise News: There's lots of executive shuffling going on! Saviynt gets a new CEO and $205M in funding, Forescout appoints its 4th CEO in as many years, and Mudge finds a place at Rapid 7. We've got some interesting trends, like more focus on securing small businesses, and more cybersecurity startups pairing technology with cyber insurance. It seems like only yesterday, we were shocked to hear that Microsoft was running a $10B security business, but Microsoft has apparently now grown security revenue to $20 BILLION DOLLARS. Also, Tyler explains what Herman Miller chairs have to do with spotting market trends, we note the 20 year anniversary of SQL Slammer, and discuss why consumers don't want smart appliances shoved down their throats!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw304

In the Enterprise News: There's lots of executive shuffling going on! Saviynt gets a new CEO and $205M in funding, Forescout appoints its 4th CEO in as many years, and Mudge finds a place at Rapid 7. We've got some interesting trends, like more focus on securing small businesses, and more cybersecurity startups pairing technology with cyber insurance. It seems like only yesterday, we were shocked to hear that Microsoft was running a $10B security business, but Microsoft has apparently now grown security revenue to $20 BILLION DOLLARS. Also, Tyler explains what Herman Miller chairs have to do with spotting market trends, we note the 20 year anniversary of SQL Slammer, and discuss why consumers don't want smart appliances shoved down their throats!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw304

Nuestra ciberpíldora versa sobre MASTODON, el monográfico sobre la Doble Barrera de FW. Viene al estudio IRENE RODRÍGUEZ DE TORRES, responsable de IT de la Fundación del Secretariado Gitano. Con: Rafa Tortajada, Manuela Muñoz, Carlos Valerdi y Javier Soria Dirige: Carlos Lillo Gracias a Forcepoint, Allot, Trend Micro y Forescout. clickciber.com --- Send in a voice message: https://podcasters.spotify.com/pod/show/clickcibernews/message

Nuestra ciberpíldora versa sobre MASTODON, el monográfico sobre la Doble Barrera de FW. Viene al estudio IRENE RODRÍGUEZ DE TORRES, responsable de IT de la Fundación del Secretariado Gitano. Con: Rafa Tortajada, Manuela Muñoz, Carlos Valerdi y Javier Soria Dirige: Carlos Lillo Gracias a Forcepoint, Allot, Trend Micro y Forescout clickciber.com --- Send in a voice message: https://podcasters.spotify.com/pod/show/clickcibernews/message

Join 24x7 Chief Editor Keri Stephens as she talks to Daniel dos Santos—head of security research at cybersecurity provider Forescout—about the riskiest medical devices in enterprise networks. The podcast, which follows Forescout's Vedere Labs' “2022 Riskiest Devices in Enterprise Networks Report,” reveals into what healthcare providers need to know about the security of the devices they house. Hint: Patient monitors are especially problematic from a cybersecurity perspective. Dos Santos also discloses how medical devices can be a key entry point for a hospital-wide cyberattack and why cybercriminals target legacy equipment, in particular. Finally, he shares why everyone—from device manufacturers to those configuring the equipment—has a role to pay in medical device cybersecurity.

VIDEO - Primer programa de la Temporada 10. ¿Qué es ChatGPT?. Usos de imágenes satelitales Invitado: José Miguel Parejo, GESTAMP Con: Alfonso Calvo, Davi Vaquero, Joan Massanet, Javier Soria y Carlos Valerdi. Dirige: Carlos Lillo Gracias a ALLOT, TREND MICRO, FORCEPOINT y FORESCOUT clickciber.com --- Send in a voice message: https://podcasters.spotify.com/pod/show/clickcibernews/message

Primer programa de la Temporada 10. ¿Qué es ChatGTP?. Usos de imágenes satelitales Invitado: José Miguel Parejo, GESTAMP Con: Alfonso Calvo, Davi Vaquero, Joan Massanet, Javier Soria y Carlos Valerdi. Dirige: Carlos Lillo Gracias a ALLOT, TREND MICRO, FORCEPOINT y FORESCOUT clickciber.com --- Send in a voice message: https://podcasters.spotify.com/pod/show/clickcibernews/message

Nos acompaña Dani López, director comercial de CODEE, para hablar de la supercomputación y la optimización de código. Con: Rafa Tortajada, Carlos Valerdi y Patricia Cobo. Dirige: Carlos Lillo clickciber.com Gracias Allot, Forescout, Forcepoint, Pentera y TrendMicro --- Send in a voice message: https://anchor.fm/clickcibernews/message

Nos acompaña Dani López, director comercial de CODEE, para hablar de la supercomputación y la optimización de código. Con: Rafa Tortajada, Carlos Valerdi y Patricia Cobo. Dirige: Carlos Lillo clickciber.com Gracias Allot, Forescout, Forcepoint, Pentera y TrendMicro --- Send in a voice message: https://anchor.fm/clickcibernews/message

Los Coches Autónomos son una realidad, hoy Alfonso Calvo junto con su invitado Manuel Jacinto Martínez nos hablan de sus posibilidades y riesgos. Los Ingenieros Preventas son uno de los puestos de trabajo en los que hay mayor demanda de perfiles. Nuestro invitado, Javier Pascual como Director de Preventa y Provisión dentro de Telefónica de España es quien nos cuenta su visión de estos puestos tan solicitados. Como siempre, completamos con nuestras Noticias, las Tecnoefemérides y el Concurso semanal. Con: Alfonso Calvo, Carlos Valerdi y Javier Soria. Dirige: Carlos Lillo. Colaboran: Allot, TrendMicro, Pentera, Forescout y Forcepoint. --- Send in a voice message: https://anchor.fm/clickcibernews/message

El Black Friday representa el ecosistema perfecto para los ciberdelincuentes. Damos pistas de como evitarlos. También contamos las 7 fases de la KILL CHAIN, esquema seguido por muchos ciberataques. Además tenemos el placer de contar con el CEO de TALENTFY, empresa española que utiliza la Inteligencia Artificial para ayudar a empresas a conseguir los mejores candidatos para cubrir vacantes de Tecnología. Gracias a: ALLOT, FORESCOUT, FORCEPOINT, PENTERA y TREND MICRO. Con: Carlos Valerdi, Joan MassanetDirige: Carlos LilloProducción: ClickRadioTV

El Black Friday representa el ecosistema perfecto para los ciberdelincuentes. Damos pistas de como evitarlos. También contamos las 7 fases de la KILL CHAIN, esquema seguido por muchos ciberataques. Además tenemos el placer de contar con el CEO de TALENTFY, empresa española que utiliza la Inteligencia Artificial para ayudar a empresas a conseguir los mejores candidatos para cubrir vacantes de Tecnología. Gracias a: ALLOT, FORESCOUT, FORCEPOINT, PENTERA y TREND MICRO. Con: Carlos Valerdi, Joan Massanet Dirige: Carlos Lillo Producción: ClickRadioTV --- Send in a voice message: https://anchor.fm/clickcibernews/message

El Black Friday representa el ecosistema perfecto para los ciberdelincuentes. Damos pistas de como evitarlos. También contamos las 7 fases de la KILL CHAIN, esquema seguido por muchos ciberataques. Además tenemos el placer de contar con el CEO de TALENFY, empresa española que utiliza la Inteligencia Artificial para ayudar a empresas a conseguir los mejores candidatos para cubrir vacantes de Tecnología. Gracias a: ALLOT, FORESCOUT, FORCEPOINT, PENTERA y TREND MICRO. Con: Carlos Valerdi, Joan Massanet Dirige: Carlos Lillo Producción: ClickRadioTV --- Send in a voice message: https://anchor.fm/clickcibernews/message

Forescout's recent Icefall report documents 56 new OT vulnerabilities, many in certified "secure" industrial equipment. Daniel Dos Santos, Head of Security Research, joins us to look at the vulnerabilities and at what they mean for industrial security.

Forescout's recent Icefall report documents 56 new OT vulnerabilities, many in certified "secure" industrial equipment. Daniel Dos Santos, Head of Security Research, joins us to look at the vulnerabilities and at what they mean for industrial security.

Forgepoint Capital's Co-Founder and Managing Director, Alberto Yépez, explains what the current economic challenges mean for innovation and the future of the cybersecurity market. Hear his perspective on what security investments, as well as mergers and acquisitions, will look like throughout the next 12-18 months, and how responsible companies are staying the course amidst layoffs and budget cuts in order to turn uncertainty into a strategic path forward.   Segment Resources: - Forgepoint's new CISO security priorities model: https://forgepointcap.com/news/forgepoint-capital-builds-first-ever-ciso-security-priorities-model/ Recent exits that Forgepoint supported: - Forescout acquires Cysiv on June 6, 2022(release: https://www.cysiv.com/news/forescout-announces-intent-to-acquire-cysiv and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-partha-panda-ceo-of-cysiv/) - SentinelOne acquires Attivo Networks on May 4, 2022 (release: https://www.sentinelone.com/press/sentinelone-completes-acquisition-of-attivo-networks/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/attivo-networks-why-we-invested/) - LexisNexis Risk Solutions Acquires BehavioSec on May 3, 2022 (release: https://risk.lexisnexis.com/about-us/press-room/press-release/20220503-behaviosec and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-neil-costigan-of-behaviosec/ ) - Cloudflare acquires Area 1 Security on April 1, 2022 (release: https://www.cloudflare.com/press-releases/2022/cloudflare-completes-acquisition-of-area-1-security/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/area-1-security-why-we-invested/ )   Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw267

Forgepoint Capital's Co-Founder and Managing Director, Alberto Yépez, explains what the current economic challenges mean for innovation and the future of the cybersecurity market. Hear his perspective on what security investments, as well as mergers and acquisitions, will look like throughout the next 12-18 months, and how responsible companies are staying the course amidst layoffs and budget cuts in order to turn uncertainty into a strategic path forward.   Segment Resources: - Forgepoint's new CISO security priorities model: https://forgepointcap.com/news/forgepoint-capital-builds-first-ever-ciso-security-priorities-model/ Recent exits that Forgepoint supported: - Forescout acquires Cysiv on June 6, 2022(release: https://www.cysiv.com/news/forescout-announces-intent-to-acquire-cysiv and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-partha-panda-ceo-of-cysiv/) - SentinelOne acquires Attivo Networks on May 4, 2022 (release: https://www.sentinelone.com/press/sentinelone-completes-acquisition-of-attivo-networks/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/attivo-networks-why-we-invested/) - LexisNexis Risk Solutions Acquires BehavioSec on May 3, 2022 (release: https://risk.lexisnexis.com/about-us/press-room/press-release/20220503-behaviosec and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-neil-costigan-of-behaviosec/ ) - Cloudflare acquires Area 1 Security on April 1, 2022 (release: https://www.cloudflare.com/press-releases/2022/cloudflare-completes-acquisition-of-area-1-security/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/area-1-security-why-we-invested/ )   Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw267

In this week's Source Code podcast, Forescout researchers discuss the impact of 56 vulnerabilities that they discovered in operational technology (OT) devices, and Cisco Talos researchers talk about the top takeaways from a recently exposed AvosLocker ransomware campaign. 

A daily look at the relevant information security news from overnight - 21 June, 2022Episode 249 - 21 June 2022ToddyCat Tracked- https://www.bleepingcomputer.com/news/security/new-toddycat-apt-group-targets-exchange-servers-in-asia-europe/ NTLM Relay Attack - https://thehackernews.com/2022/06/new-ntlm-relay-attack-lets-attackers.htmlOT Insecure by Design- https://www.securityweek.com/basecamp-icefall-secure-design-ot-makes-little-headwayMicrosoft Re-Arms Windows - https://www.zdnet.com/article/microsoft-this-out-of-band-windows-security-update-fixes-microsoft-365-sign-in-issues-for-arm-devices/Beware Zombie Bugs - https://www.theregister.com/2022/06/21/apple-safari-zombie-exploit/Hi, I'm Paul Torgersen. It's Tuesday June 21st, 2022, and from Chicago this is a look at the information security news from overnight. From BleepingComputer.comA new APT group dubbed ToddyCat has been targeting Microsoft Exchange servers throughout Asia and Europe. According to the Kaspersky researchers, it looks like they have been in action since at least December of 2020. Kaspersky has also found a previously unknown passive backdoor they named Samurai and new trojan malware dubbed Ninja Trojan. Both malware strains allow the attackers to take control of infected systems and move laterally within the victims' networks. From TheHackerNews.com:A new Windows NTLM relay attack dubbed DFSCoerce has been uncovered that leverages the Distributed File System: Namespace Management Protocol to seize control of a domain. This follows a similar method called PetitPotam that abuses Microsoft's Encrypting File System Remote Protocol to coerce Windows servers into authenticating with a relay under an attacker's control. To mitigate NTLM relay attacks, Microsoft recommends enabling Extended Protection for Authentication, SMB signing, and turning off HTTP on AD CS servers. From SecurityWeek.com:Ten years after project Basecamp, Forescout has conducted an updated project, dubbed OT:Icefall, to gauge the current state of Security By Design in OT products. They found 56 insecure by design problems stemming from ten manufacturers. Forescout says the flaws are not programming error vulnerabilities, but rather flaws in the protocols, authorizations, and certifications built into the designs. Seems not enough has changed in the last 10 years. From ZDNet.com:Microsoft has issued an out-of-band update for Windows 11 and Windows 10 to fix an issue that emerged with Arm devices after their latest Patch Tuesday update. It seems some users were prevented from signing into applications including VPN connections, Microsoft Teams, and Microsoft Outlook. The issue only affects Windows devices that use Arm processors; machines using other processors are not affected. If that is you and you have not yet applied the June 14 updates, you should use this out of band update instead. And last today, from TheRegister.comBeware of zombie vulnerabilities. The Safari browser had a vulnerability that was completely patched by Apple back in 2013 when it was discovered. Unfortunately that fix was regressed in 2016 during some code refactoring. That same bug was found being exploited earlier this year. It is unsure for how many of those five years the de-patched bug was being exploited in the wild. See the details and a link to the Google Project Zero research in the article. That's all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.

Daniel dos Santos, head of security research with Forescout, talks about a set of over 50 vulnerabilities discovered in operational technology (OT) devices from 10 different vendors, and why patching levels are so low for OT.

In this episode I had the pleasure of talking with Jonathan Jesse about medical device security.  Jonathan is a Senior Systems Engineer for Forescout.  In fact, he has been working for the same information security company for over 6 years!  That is pretty unheard of nowadays in the security vendor space.What prompted this interesting discussion you say? Well Forescout recently acquired CyberMDX.  They are company that specializes in medical device security protection.  Since I have to work protecting medical devices sometimes as part of my 'real job'.  I have several different business use cases to discuss.  Including one around a urinalysis device.  Intrigued yet?Talking Points:Brief overview of why Forescout acquired CyberMDXWhat is Device Centric Risk Management?How to 'fingerprint' different medical devices that may be from the same manufacturer?Compliance and Governance - Are medical manufacturers still using FDA regulations as an excuse not to patchWhat are some good preventative measures? Episode Sponsor: I want to thank Forescout for sponsoring this episode.  They are a network security solutions vendor based out of San Jose California.  Part of the proceeds from this sponsorship will be going towards Youth Mental Health programs here in Michigan!

On today's episode of The Daily Scoop Podcast, a new Cybersecurity Maturity Model Certification (CMMC) is on the way. Eric Crusius, Partner at Holland & Knight, explains what impact the new model will have on defense contractors. The Army is on the hunt for a new log-in solution. Dean Hullings, Global Defense Solutions Strategist, Forescout and former Chief, Cyber Requirements Division, Air Force Space Command, explains what a new ICAM solution could look like. Rob Hankinson, Acting Director of the State Department's Office of Information Technology, talks about the push to zero trust architecture going on at the agency. This interview is part of FedScoop's “Zero Trust Begins With Smarter Password Protection” series, sponsored by Keeper Security. The Daily Scoop Podcast is available every weekday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast on Apple Podcasts, Google Podcasts, Spotify and Stitcher. And if you like what you hear, please let us know in the comments.

Sunil Varkey has over 26 years of Security leadership experience, with large global corporates in banking, telecoms, ITES, software and manufacturing. Sunil is a CTO at Forescout for its EMEA & Asia-Pacific regions, prior to this he led Cyber Security Assessment and Testing for HSBC, he also worked with Symantec as CTO and Strategist, at Wipro as Global CISO, as Head of Security and Privacy at Idea Cellular, and in GE, Barclays and SABB. He has participated in various advisory forums globally and published and presented various articles sessions related to the information assurance domain. Multiple patent applications of him, on Information security are currently in consideration with patent offices. Conference details Day of Shecurity - October 28th & 29th, 2021 Registration link - dayofshecurity.com/registration c0c0n 2021 - November 10th - 13th, 2021 Registration link - https://www.townscript.com/e/copy-of--c0c0n-2021

Malware Victim Selection Through WiFi Identification https://isc.sans.edu/forums/diary/Malware+Victim+Selection+Through+WiFi+Identification/26910/ New Treck IP Stack Vulnerabilities https://treck.com/vulnerability-response-information/ Detecting Treck IP Stack https://github.com/Forescout/project-memoria-detector

Take a Network Break! Global espionage tensions ratchet up between the United States and China, the CIA is revealed to have owned a company that sold doctored cryptography systems to allies and adversaries, VMware adjusts its licensing, and more tech news. Guest analysts Keith Townsend and Ned Bellavance step in for a vacationing co-host.

Take a Network Break! Global espionage tensions ratchet up between the United States and China, the CIA is revealed to have owned a company that sold doctored cryptography systems to allies and adversaries, VMware adjusts its licensing, and more tech news. Guest analysts Keith Townsend and Ned Bellavance step in for a vacationing co-host.

Take a Network Break! Global espionage tensions ratchet up between the United States and China, the CIA is revealed to have owned a company that sold doctored cryptography systems to allies and adversaries, VMware adjusts its licensing, and more tech news. Guest analysts Keith Townsend and Ned Bellavance step in for a vacationing co-host.

Forescout, the network security company that has been publicly traded since 2017, announced today it was going private again. Private equity firms Advent International and Crosspoint Capital are acquiring the company in an all-cash purchase of $1.9 billion. The two private equity firms will pay $33 per share, which represented a premium of 30% over the company's closing price of $25.45 on October 19, 2019. The stock hit $39.

I'm talking about Forescout after receiving a briefing during Tech Field Day 20.

I'm talking about Forescout after receiving a briefing during Tech Field Day 20.

I'm talking about Forescout after receiving a briefing during Tech Field Day 20.