Podcasts about incident response

  • 597PODCASTS
  • 1,375EPISODES
  • 37mAVG DURATION
  • 5WEEKLY NEW EPISODES
  • Jun 2, 2025LATEST

POPULARITY

20172018201920202021202220232024

Categories



Best podcasts about incident response

Show all podcasts related to incident response

Latest podcast episodes about incident response

PEBCAK Podcast: Information Security News by Some All Around Good People
Episode 210 - UK Retailer Had No Incident Response Plan, Violence-as-a-service Used in Crypto Thefts, AI Turns to Blackmail, Rise of Skilled Trades

PEBCAK Podcast: Information Security News by Some All Around Good People

Play Episode Listen Later Jun 2, 2025 51:51


Welcome to this week's episode of the PEBCAK Podcast!  We've got four amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast   Please share this podcast with someone you know!  It helps us grow the podcast and we really appreciate it!   Marks & Spencer had no IR plan when hit with cyber attack https://www.bleepingcomputer.com/news/security/mands-says-customer-data-stolen-in-cyberattack-forces-password-resets/ https://www.bleepingcomputer.com/news/security/marks-and-spencer-faces-402-million-profit-hit-after-cyberattack/   Crypto thefts using violence on the rise https://x.com/vxunderground/status/1926357024461263002  https://www.wsj.com/finance/currencies/crypto-industry-robberies-attacks-32c2867a  https://xkcd.com/538/   AI model turns to blackmail https://techcrunch.com/2025/05/22/anthropics-new-ai-model-turns-to-blackmail-when-engineers-try-to-take-it-offline/   Rise of skilled trades https://www.wsj.com/lifestyle/careers/skilled-trades-high-school-recruitment-fd9f8257     Dad Joke of the Week (DJOW)   Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Ben - https://www.linkedin.com/in/benjamincorll/

@BEERISAC: CPS/ICS Security Podcast Playlist
Lessons Learned From Incident Response [The Industrial Security Podcast]

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later May 24, 2025 50:41


Podcast: The Industrial Security Podcast (LS 36 · TOP 3% what is this?)Episode: Lessons Learned From Incident Response [The Industrial Security Podcast]Pub date: 2025-05-20Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationHow did they get in? How did we find them when they got in? What can we do in future to clean up the mess faster? Chris Sistrunk reflects on a decades' industrial cyber incident response experience at Mandiant (Google).The podcast and artwork embedded on this page are from PI Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

The Industrial Security Podcast
Lessons Learned From Incident Response [The Industrial Security Podcast]

The Industrial Security Podcast

Play Episode Listen Later May 20, 2025 50:41


How did they get in? How did we find them when they got in? What can we do in future to clean up the mess faster? Chris Sistrunk reflects on a decades' industrial cyber incident response experience at Mandiant (Google).

כל תכני עושים היסטוריה
Lessons Learned From Incident Response [The Industrial Security Podcast]

כל תכני עושים היסטוריה

Play Episode Listen Later May 20, 2025 50:41


How did they get in? How did we find them when they got in? What can we do in future to clean up the mess faster? Chris Sistrunk reflects on a decades' industrial cyber incident response experience at Mandiant (Google).

Software Engineering Daily
Security at Coinbase with Philip Martin

Software Engineering Daily

Play Episode Listen Later May 15, 2025 48:31


Cryptocurrency exchanges face unique security challenges that require specialized threat assessments and planning. Coinbase is a cryptocurrency exchange based in the United States. It was founded in 2012 and has evolved alongside cryptocurrency as a technology. Philip Martin is the Chief Security Officer at Coinbase. Prior to Coinbase, Philip built and led the Incident Response The post Security at Coinbase with Philip Martin appeared first on Software Engineering Daily.

HRM-Podcast
Cybersecurity ist Chefsache: Alte Anlagen, neue Gefahren: OT-Pentests als Schlüssel zur sicheren Produktion

HRM-Podcast

Play Episode Listen Later May 12, 2025 82:54


Erweitere dein Wissen über industrielle Cybersicherheit mit "Cybersecurity ist Chefsache".In dieser spannenden Episode spricht Nico Freitag mit Sebastian Froede, Geschäftsführer bei Pentaris Security GmbH, über OT-Pentests und die wahren Herausforderungen in der Absicherung industrieller Steuerungsanlagen.Sebastian teilt seine Erfahrungen aus über einem Jahrzehnt OT-Security, erklärt den Unterschied zwischen IT- und OT-Pentests und warum klassische Tools wie Nmap in der Produktion verheerende Folgen haben können. Er zeigt auf, warum Verfügbarkeit das höchste Gut in OT-Umgebungen ist – und was das für das Sicherheitsdesign bedeutet.Folgende Themen werden behandelt:✅ Legacy-Systeme und deren Herausforderungen: 30 Jahre alt, keine Updates möglich, aber dennoch schützenswert✅ OT-Fernwartung: Warum Lösungen wie TeamViewer ein Sicherheitsrisiko darstellen✅ Angriffsszenarien aus der Praxis – von falschen Sensorwerten bis zur manipulierten HMI-Anzeige✅ Unterschiede zwischen IT- und OT-Pentests – und warum Blackbox-Ansätze hier nicht funktionieren✅ Wie Unternehmen OT-Netze absichern können: Segmentierung, Protokollkontrolle, sichere Fernzugriffe✅ Schulungen, Awareness und Fehlerkultur: Warum auch OT-Teams fit gemacht werden müssen✅ Incident Response in OT-Netzen: Warum Forensik nicht die höchste Priorität hat – sondern schnelle Wiederherstellung✅ Der Hype um ESP32 und Flipper Zero: Was wirklich dran ist und wie man fundiert damit umgeht

Cyber Talks
Tackling People, Process, and Perception in Cybersecurity

Cyber Talks

Play Episode Listen Later May 9, 2025 33:47


In this episode of Cyber Talks, we speak with Craig Peppard, CISO at Ivari Canada, about why people and processes - not just technology - are the real frontline in cybersecurity. The conversation unpacks the limitations of traditional security awareness training, explores how to move beyond blame to address systemic process failures, and highlights the growing importance of soft skills like empathy and storytelling in security leadership. They also dive into the evolving role of the CISO, the rise of embedded security roles like CISOs, and why mentoring and inclusive hiring practices are essential for building future-ready security teams.--Have a question for us? Reach out: hello@esentire.com---About Cyber TalksFrom ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges.About eSentireeSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

iTunes - Insurance Journal TV
RIMS RISKWORLD 2025: Patrick Thielen on Cyber Risk Evolution, Policy Alignment, and Incident Response

iTunes - Insurance Journal TV

Play Episode Listen Later May 5, 2025 3:16


Andrea Wells from Insurance Journal reports from RIMS RISKWORLD 2025, where she speaks with Patrick Thielen, Global Head of Cyber at Liberty Mutual Insurance. They discuss the evolving … Read More » The post RIMS RISKWORLD 2025: Patrick Thielen on Cyber Risk Evolution, Policy Alignment, and Incident Response appeared first on Insurance Journal TV.

Trust Issues
EP 6 - Incident Response POV: 2025 Emerging Threats

Trust Issues

Play Episode Listen Later Apr 30, 2025 36:41


In this episode of Security Matters, host David Puner, dives into the world of evolving cyberthreats with Bryan Murphy, Senior Director of CyberArk's Incident Response Team. Imagine a scenario where an attacker uses AI-generated deepfakes to impersonate your company's VP of finance, gaining unauthorized access to your environment. Bryan Murphy shares insights on how these sophisticated attacks are turning identity into the attack surface and why your first line of defense might be as simple as a video call. Learn about the latest trends in social engineering, credential tiering and the importance of visual verification in incident response. Don't miss this eye-opening discussion on how to protect your organization from the ever-evolving threat landscape.

Cloud Security Podcast by Google
EP222 From Post-IR Lessons to Proactive Security: Deconstructing Mandiant M-Trends

Cloud Security Podcast by Google

Play Episode Listen Later Apr 28, 2025 35:19


Guests: Kirstie Failey @ Google Threat Intelligence Group Scott Runnels @ Mandiant Incident Response   Topics: What is the hardest thing about turning distinct incident reports into a fun to read and useful report like M-Trends? How much are the lessons and recommendations skewed by the fact that they are all “post-IR” stories? Are “IR-derived” security lessons the best way to improve security? Isn't this a bit like learning how to build safely from fires vs learning safety engineering? The report implies that F500 companies suffer from certain security issues despite their resources, does this automatically mean that smaller companies suffer from the same but more? "Dwell time" metrics sound obvious, but is there magic behind how this is done? Sometimes “dwell tie going down” is not automatically the defender's win, right? What is the expected minimum dwell time? If “it depends”, then what does it  depend on? Impactful outliers vs general trends (“by the numbers”), what teaches us more about security? Why do we seem to repeat the mistakes so much in security? Do we think it is useful to give the same advice repeatedly if the data implies that it is correct advice but people clearly do not do it? Resources: M-Trends 2025 report Mandiant Attack Lifecycle EP205 Cybersecurity Forecast 2025: Beyond the Hype and into the Reality EP147 Special: 2024 Security Forecast Report  

Security Unfiltered
Browser Security Unveiled: John Carse on SquareX & Cyber Career Insights

Security Unfiltered

Play Episode Listen Later Apr 27, 2025 48:22 Transcription Available


Send us a text In this episode, Joe sits down with John Carse, Field CISO at SquareX, to dive into the often-overlooked world of browser security and the evolving landscape of cybersecurity. Recorded despite a 12-hour time difference (Singapore to the US!), John shares:The Browser Security Gap: Why 85% of user time in browsers is a growing risk for SaaS and cloud environments .SquareX's Solution: How SquareX acts as an EDR for browsers, detecting and responding to threats like polymorphic extensions .Career Journey: From early IT days to field CISO, John reveals how foundational IT skills (help desk, field services) make better cyber professionals .Real-World Insights: Lessons from working with the US Navy and the importance of understanding IT systems for effective cybersecurity . Check Your Browser Security: Visit SquareX Browser Security to assess your controls. Learn More About SquareX: Explore their solution at sqrx.com. Connect with John: Find him on X @JohnCarseChapters00:00 Introduction and Time Zone Challenges02:54 John Carse's Journey into IT06:05 Transitioning to Cybersecurity08:46 The Importance of Customer Service in IT11:36 Formative Experiences in Help Desk and Field Services14:35 Understanding IT Systems for Cybersecurity23:51 The Interplay Between IT Skills and Cybersecurity24:41 The Role of Security Engineers in IT28:43 Understanding the Complexity of Cybersecurity29:33 Exploring the Field CISO Role32:55 The Browser as a Security Frontier42:07 Challenges in SaaS Security46:20 The Importance of Browser Security AwarenessSubscribe for more cybersecurity insights and career tips! Share your thoughts in the comments—how are you securing your browser? Digital Disruption with Geoff Nielson Discover how technology is reshaping our lives and livelihoods.Listen on: Apple Podcasts SpotifySupport the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast

@BEERISAC: CPS/ICS Security Podcast Playlist
#101: Why Should You Talk About Incident Response? | Part 4

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Apr 26, 2025 24:03


Podcast: Energy TalksEpisode: #101: Why Should You Talk About Incident Response? | Part 4Pub date: 2025-04-24Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationLearn about containment, eradication and recovery in cybersecurity incident response Welcome to the fourth episode of our Energy Talks miniseries titled, Why Should You Talk About Incident Response? Join OMICRON cybersecurity consultant Simon Rommer as he explores the different process steps involved in cybersecurity incident response alongside other experts from the power industry. In this episode, Simon speaks with Stephan Mikiss, who is Head of Managed Security Services at SEC Consult and a SANS-certified forensics analyst based in Vienna, Austria. Simon and Stephan discuss the steps of containment, eradication and recovery in the incident response process and highlight the need for collaboration between IT and OT teams to effectively manage cybersecurity incidents. Simon and Stephan also explore the iterative nature of incident response, the unique challenges posed by OT environments, and the necessity of understanding both the business model and the attacker's motives to make informed decisions during a crisis. If you haven't already listened to Part 1, Part 2 and Part 3 of this miniseries, be sure to check them out: #85: Why Should You Talk About Incident Response? | Part 1 - OMICRON #95: Why Should You Talk About Incident Response? | Part 2 - OMICRON #97: Why Should You Talk About Incident Response? | Part 3 - OMICRON Learn more about OMICRON's approach to advanced cybersecurity in OT environments. We welcome your questions and feedback. Simply send us an email to podcast@omicronenergy.com. Please join us to listen to the next episode of Energy Talks.The podcast and artwork embedded on this page are from OMICRON electronics GmbH, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Energy Talks
#101: Why Should You Talk About Incident Response? | Part 4

Energy Talks

Play Episode Listen Later Apr 24, 2025 24:03


Welcome to the fourth episode of our Energy Talks miniseries titled, Why Should You Talk About Incident Response? OMICRON cybersecurity consultant Simon Rommer speaks with Stephan Mikiss, who is Head of Managed Security Services at SEC Consult and a SANS-certified forensics analyst. Together they discuss the steps of containment, eradication and recovery in the incident response process.

The Social-Engineer Podcast
Ep. 301 - Security Awareness Series - Leadership Relationships and Becoming a CISO with Travis Farral

The Social-Engineer Podcast

Play Episode Listen Later Apr 21, 2025 30:16


Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Travis Farral. Travis has been working in information security since the 90s at places such as Nokia, ExxonMobil, and XTO Energy. He is currently VP & CISO at Archaea Energy, a bp owned, renewable natural gas company based in Houston, Texas. He has spoken at events around world on topics such as Cyber Threat Intelligence, MITRE ATT&CK, and Incident Response. Notable activities during his career include everything from programming logic controllers, building and leading SOCs, driving forklifts, standing up cybersecurity teams, developing threat intelligence programs, and handling responses to incidents, among many other things over the last few decades. [April 21, 2025]   00:00 - Intro 00:18 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                02:08 - Travis Farral Intro 02:58 - A Different Path than Today 05:25 - Healthy Hacking 08:08 - Anything Can Be Weaponized 10:54 - Questionable Behavior 14:31 - Smash That Report Button!!! 18:58 - Improving Our Odds 21:00 - You Have to Keep It Simple 22:25 - Letters to a Young CISO 24:20 - Find Travis Farral online -          LinkedIn: linkedin.com/in/travisfarral 25:01 - Mentors -          Shawn Edwards -          Jay Leek 27:02 - Book Recommendations -          R. E. Lee: A Biography  - Douglas Southall Freeman 29:34 - Wrap Up & Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org

Five by Five
Positive Rate Episode 50: Critical Incident Response Program

Five by Five

Play Episode Listen Later Apr 21, 2025 22:32


In the latest episode of our “Positive Rate” podcast, Communications Committee Deputy Chair FO Melissa Monahan talks with FO Ken Hagan, Aeromedical Committee Deputy Chair-Critical Incident Response Program (CIRP). CIRP's mission is to lessen the psychological impact of on-the-job accidents and incidents on crewmembers and their families and to accelerate normal recovery from those events before harmful stress reactions damage job performance, careers, families, and health. FO Hagan details how the positive steps taken before and after a critical accident or incident will affect both short- and long-term physiological and psychological health. Each episode of “Positive Rate” features APA subject-matter experts working on the membership's behalf. The podcast is available through popular streaming services, including Apple Podcasts, Stitcher, and Spotify. You can search for “Positive Rate” or “Allied Pilots Association” on your platform of choice to subscribe and download. Your first opportunity to listen will be via AlliedPilots.org/Podcasts.

ITSPmagazine | Technology. Cybersecurity. Society
From Phishing to Full Compromise in Under an Hour: Automation Is Fueling the Next Wave of Cyber Threats | A LevelBlue Brand Story with Kenneth Ng

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Apr 18, 2025 36:02


LevelBlue's latest Threat Trends Report pulls no punches: phishing, malware, and ransomware attacks are not just continuing—they're accelerating. In this episode of ITSPmagazine's Brand Story podcast, hosts Sean Martin and Marco Ciappelli are joined by Kenneth Ng, a threat hunter and lead incident responder on LevelBlue's Managed Detection and Response (MDR) team, to unpack the findings and recommendations from the report.Phishing as a Service and the Surge in Email CompromisesOne of the most alarming trends highlighted by Kenneth is the widespread availability of Phishing-as-a-Service (PhaaS) kits, including names like RaccoonO365, Mamba 2FA, and Greatness. These kits allow attackers with little to no technical skill to launch sophisticated campaigns that bypass multi-factor authentication (MFA) by hijacking session tokens. With phishing attacks now leading to full enterprise compromises, often through seemingly innocuous Microsoft 365 access, the threat is more serious than ever.Malware Is Smarter, Simpler—and It's Spreading FastMalware, particularly fake browser updates and credential stealers like Lumma Stealer, is also seeing a rise in usage. Kenneth points out the troubling trend of malware campaigns that rely on basic user interactions—like copying and pasting text—leading to full compromise through PowerShell or command prompt access. Basic group policy configurations (like blocking script execution for non-admin users) are still underutilized defenses.Ransomware: Faster and More Automated Than EverThe speed of ransomware attacks has increased dramatically. Kenneth shares real-world examples where attackers go from initial access to full domain control in under an hour—sometimes in as little as ten minutes—thanks to automation, remote access tools, and credential harvesting. This rapid escalation leaves defenders with very little room to respond unless robust detection and prevention measures are in place ahead of time.Why This Report MattersRather than presenting raw data, LevelBlue focuses on actionable insights. Each major finding comes with recommendations that can be implemented regardless of company size or maturity level. The report is a resource not just for LevelBlue customers, but for any organization looking to strengthen its defenses.Be sure to check out the full conversation and grab the first edition of the Threat Trends Report ahead of LevelBlue's next release this August—and stay tuned for their updated Futures Report launching at RSA Conference on April 28.Learn more about LevelBlue: https://itspm.ag/levelblue266f6cNote: This story contains promotional content. Learn more.Guest: Kenneth Ng, threat hunter and lead incident responder on LevelBlue's Managed Detection and Response (MDR) team | On LinkedIn: https://www.linkedin.com/in/ngkencyber/ResourcesDownload the LevelBlue Threat Trends Report | Edition One: https://itspm.ag/levelbyqdpLearn more and catch more stories from LevelBlue: https://www.itspmagazine.com/directory/levelblueLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

We Get Work
We get Privacy for work: Why you Need a Cybersecurity Incident Response Plan Now

We Get Work

Play Episode Listen Later Apr 17, 2025 21:27


As states increasingly introduce legislative requirements for how companies respond to cybersecurity threats, it is more important now than ever for organizations to have a plan in place to address data breaches if and when they occur.   Chapters 00:00 Introduction to We get Privacy for work 01:39 Understanding Incident Response Plans 03:05 Key Components of an Incident Response Plan 08:45 The Importance of Preparedness and Practice 12:00 Creating Usable and Effective Plans 16:11 Actionable Steps During an Incident 19:03 Reviewing and Updating the Incident Response Plan

Breaking Badness
DFIRside Chat: Lessons from the Frontlines of Incident Response

Breaking Badness

Play Episode Listen Later Apr 16, 2025 42:36


In Part 1 of this special two-part panel, the Breaking Badness podcast gathers leading cybersecurity experts to explore the foundations of DFIR - Digital Forensics and Incident Response. Featuring Daniel Schwalbe (DomainTools), Lesley Carhart (Dragos), David Bianco (Splunk), and Sarah Sabotka (Proofpoint), the panel dives into what makes an effective incident response program, why preparation is often overlooked, and how to bring technical and human elements together during high-stakes security events.

Talking Cloud with an emphasis on Cloud Security
74-Talking Cloud Podcast-with Steve Winterfeld, Advisory & Fractional CISO, Cyber Vigilance Advice (CVA) LLC

Talking Cloud with an emphasis on Cloud Security

Play Episode Listen Later Apr 14, 2025 46:29


Episode #74 features a great discussion with Steve Winterfeld, Advisor, and Fractional CISO with Cyber Vigilance Advice (CVA) LLC. Steve is passionate about cybersecurity. He served as CISO for Nordstrom Bank, Director of Cybersecurity for Nordstrom, and Director of Incident Response and Threat Intelligence at Charles Schwab. Steve also published a book on Cyber Warfare and holds CISSP, ITIL, and PMP certifications. We discussed a variety of topics, and during our conversation, Steve offered these resources: On finding job: Lessons Learned on Finding a Cybersecurity Job After a Layoff - Security Boulevard On starting / managing a career: Creating a Roadmap for Your Dream Cybersecurity Career - Security Boulevard 

Cyber Talks
In Conversation With Alexander Feick, VP of eSentire Labs

Cyber Talks

Play Episode Listen Later Apr 14, 2025 79:34


In today's episode of the Cyber Culture Café series, Andy and John speak to Alexander Feick, VP of our eSentire Labs team. As the VP of Labs, Alex Feick leads a team responsible for fostering innovations from security professionals on our platform and integrating new technologies into the company's services. Over the past year, his efforts have centered on Generative AI security and enabling the company to leverage the technology more effectively internally. --Cybersecurity isn't just about platforms and processes—it's about people. If relationships matter in cybersecurity, this is where they begin. So, we're introducing a new, breakout series from the eSentire Cyber Talks Podcast – the Cyber Culture Café series! In this series, John Moretti and Andy Lalaguna will sit down for a candid conversation with one of the key players behind the eSentire customer experience. This series is all about pulling back the curtain and putting the spotlight on the people who power eSentire's world-class cybersecurity services.Join us for a relaxed and revealing discussion covering day-to-day challenges, personal motivation, industry observations, and the unique value each guest brings to the eSentire mission. Get to know the voices behind the protection—and why our people are at the core of everything we do.--Have a question for us? Reach out: hello@esentire.com---About Cyber TalksFrom ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges.About eSentireeSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

The CyberWire
Using AI to sniff out opposition.

The CyberWire

Play Episode Listen Later Apr 8, 2025 37:23


Is DOGE using AI to monitor federal employees? Google's latest Android update addresses two zero-days. Scattered Spider continues its phishing and malware campaigns. Ransomware's grip is slipping. ToddyCat exploits a critical flaw in ESET products. Oracle privately confirms a legacy system breach. Over 5,000 Ivanti Connect Secure appliances remain exposed online to a critical remote code execution vulnerability. CISA confirms active exploitation of a critical vulnerability in CrushFTP. In our Industry Voices segment, we are joined by Matt Radolec, VP of Incident Response at Varonis, on turning to gamers to to Build Resilient Cyber Teams. AI outphishes human red teams.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest In our Industry Voices segment, we are joined by Matt Radolec, VP of Incident Response, Cloud Operations & SE EU from Varonis, as he is discussing research on “From Gamer to Leader: How to Build Resilient Cyber Teams.” Catch Matt's keynote at RSAC 2025 on April 30th.  Selected Reading Exclusive: Musk's DOGE using AI to snoop on U.S. federal workers, sources say (Reuters) Tariff Wars: The Technology Impact (BankInfo Security) Google Patched Android 0-Day Vulnerability Exploited in the Wild (Cyber Security News)  Scattered Spider adds new phishing kit, malware to its web (The Register) Ransomware Underground Faces Declining Relevance (BankInfo Security) ESET Vulnerability Exploited for Stealthy Malware Execution (SecurityWeek) Oracle Confirms that Hackers Broke Systems & Stole Client Login Credentials (Cyber Security News)  Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk (SecurityWeek) CISA Warns of CrushFTP Vulnerability Exploitation in the Wild (Infosecurity Magazine) AI Outsmarts Human Red Teams in Phishing Tests (GovInfo Security) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Cyber Talks
Introducing the Cyber Culture Cafe Series with Andy Lalaguna and John Moretti

Cyber Talks

Play Episode Listen Later Apr 4, 2025 33:24


Cybersecurity isn't just about platforms and processes—it's about people. If relationships matter in cybersecurity, this is where they begin. So, we're introducing a new, breakout series from the eSentire Cyber Talks Podcast – the Cyber Culture Café series! In this series, John Moretti and Andy Lalaguna will sit down for a candid conversation with one of the key players behind the eSentire customer experience. This series is all about pulling back the curtain and putting the spotlight on the people who power eSentire's world-class cybersecurity services.Join us for a relaxed and revealing discussion covering day-to-day challenges, personal motivation, industry observations, and the unique value each guest brings to the eSentire mission. Get to know the voices behind the protection—and why our people are at the core of everything we do.--Have a question for us? Reach out: hello@esentire.com---About Cyber TalksFrom ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges.About eSentireeSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Security Unfiltered
From Special Forces to Cybersecurity: Ricoh Danielson's Journey to CISO and Digital Forensics

Security Unfiltered

Play Episode Listen Later Mar 31, 2025 48:12 Transcription Available


Send us a textIn this episode, host Joe sits down with Ricoh Danielson, a former Special Forces operator turned cybersecurity expert and CISO. Ricoh shares his incredible journey—from nine combat rotations overseas to law school, and eventually a career pivot into IT and digital forensics. Discover how military discipline, resilience, and adaptability shaped his path to leadership in incident response and ransomware negotiation. Packed with insights on cybersecurity careers, leadership mentality, and the future of satellite warfare, this conversation is a must-listen for aspiring security professionals and military transitioners. Connect with Ricoh at firstresponder.us or on Instagram @rico_danielson_. Subscribe for more inspiring stories!00:00 - Introduction to Ricoh Danielson02:17 - Military Background and Special Forces Transition06:40 - Career Pivot to IT and Cybersecurity16:58 - Leadership Lessons in Cyber35:40 - Digital Forensics and Ransomware Insights47:56 - How to Connect with RicohSupport the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast

TrustedSec Security Podcast
7.13 - Oops I Clicked It Again: Business Email Compromise Explained

TrustedSec Security Podcast

Play Episode Listen Later Mar 24, 2025 30:46


How has email security evolved over the years? What challenges do organizations face in protecting against sophisticated phishing attacks? Find out on this episode of Security Noise! Business Email Compromise (BEC) attacks are becoming increasingly common and sophisticated. In this episode, Geoff and Skyler speak with Incident Response Security Consultant Olivia Cate and Director of Advisory Innovation Rocky Brockway about BEC and what you can do to prepare your organization. We discuss which types of organizations are most vulnerable, the increasing rate of BEC attacks, and the methods used by attackers. Find out more about our Incident Response services on our website.  About this podcast: Security Noise, a TrustedSec Podcast hosted by Geoff Walton and Producer/Contributor Skyler Tuter, features our cybersecurity experts in conversation about the infosec topics that interest them the most. Hack the planet! Find more cybersecurity resources on our website at https://trustedsec.com/resources.

Resilient Cyber
Resilient Cyber w/ Sergej Epp - Cloud-native Runtime Security & Usage

Resilient Cyber

Play Episode Listen Later Mar 19, 2025 32:13


In this episode, we sit with security leader and venture investor Sergej Epp to discuss the Cloud-native Security Landscape. Sergej currently serves as the Global CISO and Executive at Cloud Security leader Sysdig and is a Venture Partner at Picus Capital. We will dive into some insights from Sysdig's recent "2025 Cloud-native Security and Usage Report."Big shout out to our episode sponsor, Yubico!Passwords aren't enough. Cyber threats are evolving, and attackers bypass weak authentication every day. YubiKeys provides phishing-resistant security for individuals and businesses—fast, frictionless, and passwordless.Upgrade your security:https://yubico.comSergj and I dove into a lot of great topics related to Cloud-native Security, including:Some of the key trends in the latest Sysdig 2025 Cloud-native Security Report and trends that have stayed consistent YoY. Sergj points out that while attackers have stayed consistent, organizations have and continue to make improvements to their securitySergj elaborated on his current role as Sysdig's internal CISO and his prior role as a field CISO and the differences between the two roles in terms of how you interact with your organization, customers, and the community.We unpacked the need for automated Incident Response, touching on how modern cloud-native attacks can happen in as little as 10 minutes and how organizations can and do struggle without sufficient visibility and the ability to automate their incident response.The report points out that machine identities, or Non-Human Identities (NHI), are 7.5 times riskier than human identities and that there are 40,000 times more of them to manage. This is a massive problem and gap for the industry, and Sergj and I walked through why this is a challenge and its potential risks.Vulnerability prioritization continues to be crucial, with the latest Sysdig report showing that just 6% of vulnerabilities are “in-use”, or reachable. Still, container bloat has ballooned, quintupling in the last year alone. This presents real problems as organizations continue to expand their attack surface with expanded open-source usage but struggle to determine what vulnerabilities truly present risks and need to be addressed.We covered the challenges with compliance, as organizations wrestle with multiple disparate compliance frameworks, and how compliance can drive better security but also can have inverse impacts when written poorly or not keeping pace with technologies and threats.We rounded out the conversation with discussing AI/ML packages and the fact they have grown by 500% when it comes to usage, but organizations have decreased public exposure of AI/ML workloads by 38% since the year prior, showing some improvements are being made to safeguarding AI workloads from risks as well.

Security Unfiltered
Security Data Strategy: Lessons from the Equifax Breach with Justin Borland and Aqsa Taylor

Security Unfiltered

Play Episode Listen Later Mar 17, 2025 53:34 Transcription Available


Send us a text In this episode, we dive into the critical world of security data strategy with experts Aqsa Taylor and Justin Borland, authors of the upcoming book Applied Security Data Strategy: A Leader's Guide. Justin, a veteran of the Equifax breach, shares firsthand lessons from one of the biggest security incidents in history, while Aqsa explores her journey from electrical engineering to cloud security and the role of governance in data management. Together, they unpack the challenges of handling massive security data, the power of real-time analytics, and how Abstract Security's platform transforms data strategy with deduplication, normalization, and tiered storage. Perfect for CIOs, CSOs, and security pros looking to future-proof their organizations. Subscribe for more cybersecurity insights!Key Points Covered:Introduction to Aqsa Taylor and Justin Borland, emphasizing their expertise and new book.Justin's Equifax experience as a compelling narrative hook.Aqsa's background and insights on governance and cloud security.Abstract Security's innovative approach to data strategy (deduplication, real-time analytics, etc.).Target audience callout (CIOs, CSOs, security professionals) and a subscription prompt.Why this description? It's concise, highlights the episode's value, and uses action-oriented language to engage viewers. It balances technical appeal with accessibility for a broad cybersecurity audience. Support the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast

Podcast | PreparedEx
Why Your Cyber Incident Response Will Fail – And How to Fix It 

Podcast | PreparedEx

Play Episode Listen Later Mar 13, 2025 13:10


Your cyber incident response will fail if you:    ✅ Don't train your team regularly    ✅ Don't stress-test your plan with tabletop exercises    ✅ Don't remediate weaknesses after real incidents or simulations    The good news? These failures are entirely preventable. The organizations that train, test, and improve are the ones that survive—and even thrive—when an attack […]

CISO Stories Podcast
Breach by the Dozen: Incident Response Lessons from the Field - Mike Miller - CSP #210

CISO Stories Podcast

Play Episode Listen Later Mar 10, 2025 31:29


In this episode of the CISO Stories Podcast, we're joined by Mike Miller, a seasoned penetration tester and audit and compliance SME, to explore the real-world impact of incident response controls. From technical to managerial and physical safeguards, Mike shares eye-opening stories from the field—including how he once penetrated a network with nothing more than a dozen doughnuts. We dive into the importance of layered security approaches and practical tips for strengthening incident response frameworks. Don't miss this blend of humor, insight, and actionable advice for cybersecurity leaders. Visit https://cisostoriespodcast.com for all the latest episodes! Show Notes: https://cisostoriespodcast.com/csp-210

Irish Tech News Audio Articles
Securing Ireland's Talent Pipeline in Cybersecurity

Irish Tech News Audio Articles

Play Episode Listen Later Feb 28, 2025 5:19


eSentire, a leading global Managed Detection and Response (MDR) cybersecurity services provider, has announced that it has awarded the annual "Sean Hennessy Bursary" to Munster Technological University (MTU)computer science student, James Spillane. This year, eSentire is also celebrating the 10-year anniversary of the opening of its international headquarters and Security Operations Centre (SOC) in Cork, Ireland. eSentire established the Sean Hennessy Bursary award in 2021, in collaboration with the Department of Computer Science at MTU, in response to Ireland's growing cybersecurity skills shortage. According to Cyber Ireland's 2024 Security Snapshot Report, the cybersecurity industry employs approximately 8,000 professionals in Ireland, an increase of 8% since 2022. The Sean Hennessy Bursary provides college financial aid, as well as the opportunity to participate in a nine-month internship with eSentire. The scholarship is named in honour of the late Sean Hennessy, a former eSentire team member who was instrumental in establishing and managing eSentire's Global SOC in Cork in 2015. Sean Hennessy passed away in 2016. This is the fourth year that the Sean Hennessy Bursary has been awarded to a MTU student. Impressively, the three previous recipients of the award are all currently employed with eSentire's Global SOC in Cork, Ireland. Each of them has reached various stages of eSentire's Career Development Program, which fosters and supports security analysts' growth through attainment of internal and external certifications, mentoring and progression. "I am delighted and honoured to have been selected as this year's recipient of the Sean Hennessy Bursary," said James Spillane, 2025 eSentire Sean Hennessy Bursary winner. "I would like to sincerely thank everyone at eSentire for this incredible opportunity to further explore the fascinating world of cybersecurity, which is a passion and interest of mine. I am also grateful to MTU for their support and guidance through my studies. Receiving this award is an honour and a fulfilling achievement, I want to thank everyone involved for this prestigious opportunity." eSentire has been protecting organisations from known and unknown cyber threats for 20+ years, providing complete attack surface coverage on premises and in the cloud. With 2000+ customers in 80+ countries, eSentire provides Exposure Management, Managed Detection and Response, and Digital Forensics and Incident Response services designed to build an organisation's cyber resilience and prevent business disruption. eSentire protects the world's most targeted organisations, with 65% of its global base recognised as critical infrastructure, vital to economic health and stability. eSentire operates the largest SOC in the Southwest region of Ireland, and as a global leader in providing award-winning cybersecurity solutions, eSentire has contributed to the broader development of the Cork region and its security analysts are highly trained experts on the frontlines of cybercrime. "The 10-year anniversary of the opening of our Global SOC and headquarters in Cork is an important milestone for us," said Ciaran Luttrell, Vice President of eSentire's Global Security Operations. "We have grown our operations and currently employ over 50 staff members, we have completed over 25 SOC analyst internships, and this is the fourth year of our special bursary program honouring the memory of Sean Hennessy." "Reflecting on our ten years in Cork, we are especially proud to have led the way in contributing to the growth of the cybersecurity community," continued Luttrell. "It is through programs such as the annual bursary, our work as Chapter Leads with Cyber Ireland, the sponsorship of CorkSec, a Cork-based Def Con meetup group; and most recently, our partnership with Cyber Innovate, an incubator program supporting cybersecurity start-up companies, which launched in 2024. We could not have accomplished all these achievements without our strong ...

ITSPmagazine | Technology. Cybersecurity. Society
Zero Trust in Action: Revolutionizing Incident Response | A Zero Trust World Conversation with Art Ocain | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Feb 25, 2025 14:04


At ThreatLocker Zero Trust World 2025 in Orlando, Art Ocain, VP of Cybersecurity & Incident Response at Airiam, shared valuable insights into applying zero trust principles to incident response. The conversation, hosted by Marco Ciappelli and Sean Martin, highlighted the critical role of zero trust in preparing for and managing security incidents.The Zero Trust Mindset in Incident Response Ocain discussed how zero trust methodology—embracing the principles of "assume breach" and "always verify, never trust"—can significantly enhance incident response strategies. Instead of merely securing the perimeter or endpoints, his approach involves identifying and protecting core systems through micro-segmentation and robust identity management. By securing each component individually, organizations can minimize the impact of potential breaches.For example, Ocain described a scenario where segmenting a SQL server from an application server could prevent data loss during an attack. Even if an application server is compromised, critical data remains secure, allowing quicker recovery and continuity of operations.Dynamic Containment Strategies Ocain emphasized the importance of dynamic containment when responding to incidents. Traditional methods, such as using Endpoint Detection and Response (EDR) tools, are effective for forensic analysis but may not stop active threats quickly. Instead, he advocated for an "allow list only" approach that restricts access to systems and data, effectively containing threats while maintaining critical business functions.In practice, when Ocain is called into a crisis, he often implements a deny-by-default solution to isolate compromised systems. This strategy allows him to perform forensics and bring systems back online selectively, ensuring threat actors cannot access recovered systems.Balancing Security with Business Needs A significant challenge in adopting zero trust is gaining executive buy-in. Ocain noted that executive teams often push back against zero trust measures, either out of a desire for convenience or because of misconceptions about its impact on business culture. His approach involves demonstrating real-world scenarios where zero trust could mitigate damage during breaches. By focusing on critical systems and showing the potential consequences of compromised identities or systems, Ocain effectively bridges the gap between security and business priorities.A Cultural Shift Toward Security The discussion also touched on the cultural shift required to fully integrate zero trust into an organization. Zero trust is not just a technological framework but a mindset that influences how every employee views access and security. Through scenario-driven exercises and engaging executive teams early in the process, Ocain helps organizations transition from a "department of no" mentality to a collaborative, security-first culture.Listen to the full episode to explore more strategies on implementing zero trust in incident response and how to align security initiatives with business goals.Guest: Art Ocain, VP of Cybersecurity & Incident Response at Airiam | On LinkedIn: https://www.linkedin.com/in/artocain/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaRegister for Zero Trust World 2025: https://itspm.ag/threat5mu1____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
Strengthening Cybersecurity Through Zero Trust | A Conversation with Adam Fuller at Zero Trust World 2025 | A Zero Trust World 2025 On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Feb 22, 2025 11:16


Zero Trust World 2025: Strengthening Cybersecurity Through Zero TrustZero Trust World 2025 has come to a close, leaving behind a series of thought-provoking discussions on what it truly means to build a culture of security. Hosted by ThreatLocker, the event brought together security professionals, IT leaders, and decision-makers to explore the complexities of Zero Trust—not just as a concept but as an operational mindset.A Deep Dive into Windows Security and Zero Trust

Cloud Security Podcast
Cloud Incident Response in Microsoft Azure

Cloud Security Podcast

Play Episode Listen Later Feb 20, 2025 54:15


In this episode, we dive deep into Azure security, incident response, and the evolving cloud threat landscape with Katie Knowles, Security Researcher and former Azure Incident Responder. We spoke about common Azure incident response scenarios you need to prepare for, how identity and privilege escalation work in Azure, how Active Directory and Entra ID expose new risks and what security teams need to know about Azure networking and logging.Guest Socials: ⁠⁠⁠⁠⁠⁠⁠⁠⁠Katie's LinkedinPodcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠⁠⁠If you are interested in AI Cybersecurity, you can check out our sister podcast -⁠⁠⁠⁠⁠⁠⁠ AI Cybersecurity PodcastQuestions asked:(00:00) Introduction(02:27) A bit about Katie(03:17) Domain Admin in Azure(07:03) Common causes of incidents in Azure(08:53) Identities in Azure(11:44) Third Party Identities in Azure(17:34) Azure Networking and Incident Response(22:35) Common Incidents in Azure(26:53) AI specific incidents in Azure(28:45) Privilege escalation in Azure(39:37) Where to start with Azure Research?(48:20) The Fun Questions

ITSPmagazine | Technology. Cybersecurity. Society
Building a Community and a Culture of Security Education and Operations | A Zero Trust World Pre-Event Kick-Off | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Feb 18, 2025 6:13


Zero Trust World 2025 is officially underway, and the conversation centers around what it means to build a culture of security. Hosted by ThreatLocker, this event brings together security professionals, IT leaders, and decision-makers to explore the complexities of Zero Trust—not just as a concept but as an operational mindset.Defining Zero Trust in PracticeSean Martin and Marco Ciappelli set the stage with a key takeaway: Zero Trust is not a one-size-fits-all solution. Each organization must define its own approach based on its unique environment, leadership structure, and operational needs. It is not about a single tool or quick fix but about establishing a continuous process of verification and risk management.A Focus on Security OperationsSecurity operations and incident response are among the core themes of this year's discussions. Speakers and panelists examine how organizations can implement Zero Trust principles effectively while maintaining business agility. Artificial intelligence, its intersection with cybersecurity, and its potential to both strengthen and challenge security frameworks are also on the agenda.Learning Through EngagementOne of the standout aspects of Zero Trust World is its emphasis on education. From hands-on training and certification opportunities to interactive challenges—such as hacking a device to win it—attendees gain practical experience in real-world security scenarios. The event fosters a culture of learning, with participation from help desk professionals, CIOs, CTOs, and cybersecurity practitioners alike.The Power of CommunityBeyond the technical discussions, the event underscores the importance of community. Conferences like these are not just about discovering new technologies or solutions; they are about forging connections, sharing knowledge, and strengthening the collective approach to security.Zero Trust World 2025 is just getting started, and there's much more to come. Stay tuned as Sean and Marco continue to bring insights from the conference floor, capturing the voices that are shaping the future of cybersecurity.Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaRegister for Zero Trust World 2025: https://itspm.ag/threat5mu1____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Out of the Woods: The Threat Hunting Podcast
S3 Ep19: [Bonus Episode] From Curiosity to Cybersecurity: Matt Scheurer on Incident Response, Mentorship, and Career Growth

Out of the Woods: The Threat Hunting Podcast

Play Episode Listen Later Feb 11, 2025 30:24


In this episode of Out of the Woods, Scott Poley sits down with Matt Scheurer at the Information Security Summit in Cleveland to discuss his journey into cybersecurity, from early tech fascination to leading incident response teams. Matt shares insights on breaking into the field, the challenges of asset management and alert fatigue, and the importance of mentorship and professional networking. He also highlights key lessons from incident response, the value of cross-team collaboration, and how security teams can stay ahead of evolving threats. Whether you're new to cybersecurity or a seasoned professional, this conversation offers valuable takeaways on building a successful career in security. Connect with Matt: https://www.linkedin.com/in/mattscheurer/ ---- Stay in Touch! Twitter: https://twitter.com/Intel471Inc LinkedIn: https://www.linkedin.com/company/intel-471/ YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg Discord: https://discord.gg/DR4mcW4zBr Facebook: https://www.facebook.com/Intel471Inc/

Corrosion Chronicles
Failure Analysis and Incident Response

Corrosion Chronicles

Play Episode Listen Later Feb 5, 2025 46:07


In this episode, Gary Whittaker, retired Engineering Fellow from Eastman Chemical and MTI Fellow, sits down with co-hosts Heather Allain and Marc Cook to recount some past failures he was involved in failure analysis on. They chat about: an API storage tank that leaked and contaminated a nearby river, some Nickel-Chrome-Moly alloy piping with stress cracking found due to indications on an associated clad vessel, and some Nickel-Moly alloy piping with stress cracking.   Corrosion Chronicles is produced by Association Briefings.

Cloud Security Podcast
Cloud Security Detection & Response Strategies That Actually Work

Cloud Security Podcast

Play Episode Listen Later Feb 4, 2025 57:58


We spoke to Will Bengtson (VP of Security Operations at HashiCorp) bout the realities of cloud incident response and detection. From root credentials to event-based threats, this conversation dives deep into: Why cloud security is NOT like on-prem – and how that affects incident response How attackers exploit APIs in seconds (yes, seconds—not hours!) The secret to building a cloud detection program that actually works The biggest detection blind spots in AWS, Azure, and multi-cloud environments What most SOC teams get WRONG about cloud security Guest Socials: ⁠⁠⁠⁠⁠⁠⁠Will's Linkedin Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠ If you are interested in AI Cybersecurity, you can check out our sister podcast -⁠⁠⁠⁠⁠ AI Cybersecurity Podcast Questions asked: (00:00) Introduction (00:38) A bit about Will Bengtson (05:41) Is there more awareness of Incident Response in Cloud (07:05) Native Solutions for Incident Response in Cloud (08:40) Incident Response and Threat Detection in the Cloud (11:53) Getting started with Incident Response in Cloud (20:45) Maturity in Incident Response in Cloud (24:38) When to start doing Threat Hunting? (27:44) Threat hunting and detection in MultiCloud (31:09) Will talk about his BlackHat training with Rich Mogull (39:19) Secret Detection for Detection Capability (43:13) Building a career in Cloud Detection and Response (51:27) The Fun Section

Stats On Stats Podcast
Blake Regan: Cybersecurity, Incident Response & Blue Team Con

Stats On Stats Podcast

Play Episode Listen Later Feb 3, 2025 50:21


In this episode of Stats On Stats, we sit down with Blake Regan, a cybersecurity expert specializing in incident response and digital forensics. Blake shares his journey from carpentry to cybersecurity, discussing how his past experiences shaped his approach to problem-solving in tech. Guest Connect LinkedIn: https://www.linkedin.com/in/blakeregan  For the latest in cybersecurity news every Monday, check out 'Talkin' Bout [infosec] News' with Black Hills Information Security https://www.youtube.com/@BlackHillsInformationSecurity  Checkout the first annual cybersecurity conference focused on Defenders - Blue Team Con in Chicago https://blueteamcon.com  Up your knowledge on hacker culture and important events in cybersecurity history Darknet Diaries Podcast Series https://darknetdiaries.com/  Training to up your knowledge and sharpen your skillset Check out Antisyphon Training for on demand and live cybersecurity training, including Pay What You Can options https://www.antisyphontraining.com/  The ultimate resource for Active Directory hacking and defense content - AD Security by Sean Metcalf (@pyrotek3) https://adsecurity.org  Stats on Stats Resources Merch: https://www.statsonstats.io/shop  LinkTree: https://linktr.ee/statsonstatspodcast  Stats on Stats Partners & Affiliates IntelliCON 2025 Website: https://www.intelliguards.com/intellic0n-speakers  Register: https://www.eventbrite.com/e/intellic0n-2025-tickets-1002600072807  Use Discount Code for 20% off Tickets: STATSONSTATS Path AI Website: https://yourpath.ai  Discount Code: Join our Discord community for access! Antisyphon Training Website: https://www.antisyphontraining.com  MAD20 Training Website: https://mad20.io  Discount Code: STATSONSTATS15 Ellington Cyber Academy: https://kenneth-ellington.mykajabi.com  Discount Code: STATSONSTATS Kevtech Academy Website: https://www.kevtechitsupport.com  Dream Chaser's Coffee Website: https://dreamchaserscoffee.com  Discount code: STATSONSTATS Podcasts We Like DEM Tech Folks Website: https://linktr.ee/developeverymind  YouTube: https://www.youtube.com/@demtechfolks  IntrusionsInDepth Website: https://www.intrusionsindepth.com  YouTube: https://www.youtube.com/@IntrusionsInDepth   Elastic DoD Architects YouTube: https://www.youtube.com/@elasticdod  ----------------------------------------------------- Episode was shot and edited at BlueBox Studio Tampa https://blueboxdigital.com/bluebox-studio/

AWS for Software Companies Podcast
Ep076: Incident Response in the Age of Personal CISO Liability with Suresh Vasudevan of Sysdig

AWS for Software Companies Podcast

Play Episode Listen Later Jan 28, 2025 34:20


Suresh Vasudevan, CEO of Sysdig, discusses the evolving challenges of cloud security incident response and the need for new approaches to mitigate organizational risk.Topics Include:Cybersecurity regulations mandate incident response reporting.Challenges of cloud breach detection and response.Complex cloud attack patterns: reconnaissance, lateral movement, exploit.Rapid exploitation - minutes vs. days for on-prem.Importance of runtime, identity, and control plane monitoring.Limitations of EDR and SIEM tools for cloud.Coordinated incident response across security, DevOps, executives.Criticality of pre-defined incident response plans.Increased CISO personal liability risk and mitigation.Documenting security team's diligence to demonstrate due care.Establishing strong partnerships with legal and audit teams.Covering defensive steps in internal communications.Sysdig's cloud-native security approach and Falco project.Balancing prevention, detection, and response capabilities.Integrating security tooling with customer workflows and SOCs.Providing 24/7 monitoring and rapid response services.Correlating workload, identity, and control plane activities.Detecting unusual reconnaissance and lateral movement behaviors.Daisy-chaining events to identify potential compromise chains.Tracking historical identity activity patterns for anomaly detection.Aligning security with business impact assessment and reporting.Adapting SOC team skills for cloud-native environments.Resource and disruption cost concerns for cloud agents.Importance of "do no harm" philosophy for response.Enhancing existing security data sources with cloud context.Challenges of post-incident forensics vs. real-time response.Bridging security, DevOps, and executive domains.Establishing pre-approved incident response stakeholder roles.Maintaining documentation to demonstrate proper investigation.Evolving CISO role and personal liability considerations.Proactive management of cyber risk at board level.Developing strong general counsel and audit relationships.Transparency in internal communications to avoid discovery risks.Security teams as business partners, not just technicians.Sysdig's cloud security expertise and open-source contributions.Participants:· Suresh Vasudevan – CEO, SysdigSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon/isv/

Cyber Security Weekly Podcast
Episode 440 - ZTW25 - Zero Trust World - Revolutionizing Incident Response

Cyber Security Weekly Podcast

Play Episode Listen Later Jan 22, 2025 13:39


In the lead up to Zero Trust World 2025 we speak with Rob Allen, Chief Product Officer, ThreatLocker.ThreatLocker protects endpoints and data from zero-day malware, ransomware, and other malicious software, and provides solutions for easy onboarding, management, and eliminates the lengthy approval processes of traditional solutions. Visit https://www.threatlocker.com/why-threatlockerZTW provides plenty of opportunity to learn, develop your skills, and network. Visit https://ztw.com/ #ztw #ztw25Rob Allen is a seasoned IT professional with over two decades of experience helping businesses embrace technology while navigating its evolving challenges. His career began with a strong technical foundation—working as a system administrator, technician, and engineer—which gave him a unique understanding of both the technical and operational needs of businesses.Rob spent his early career with an Irish-based MSP, where he served as a trusted advisor to hundreds of small and medium enterprises across diverse industries. During this time, he gained invaluable insight into the challenges faced by many businesses, particularly in the realms of security and cyber resilience.Joining ThreatLocker in 2021 as VP of Operations for EMEA, Rob's deep technical expertise and commitment to customer success fueled the company's expansion across the region. Rob currently serves as ThreatLocker Chief Product Officer, driving the development and delivery of innovative security solutions, empowering businesses to safely operate in an increasingly complex threat landscape. Now a recognized expert in cyber and ransomware remediation, Rob has been on the frontlines helping organizations recover from attacks and implement proactive defenses to secure their futures.#mysecuritytv

Cyber Talks
From Critical Alerts to Business Context: Why CTEM is the Future of Cybersecurity

Cyber Talks

Play Episode Listen Later Jan 21, 2025 41:00


In this episode of Cyber Talks, Tia Hopkins, Chief Cyber Resilience Officer & Field CTO at eSentire, and Roselle Safran, Founder & CEO at KeyCaliber, discuss the evolution of Continuous Threat Exposure Management (CTEM) and its role in modern cybersecurity. They explore the practical application of CTEM, its benefits for business context in security, and how it integrates with Managed Detection and Response (MDR) to enhance resilience. Key takeaways include: The difference between CTEM as a platform, tool, and technology and the 5 key stages of CTEM (per Gartner) Current challenges and limitations of CTEM adoption, such as gaining full visibility, prioritizing vulnerabilities, and cross-team alignment How MDR integrates with CTEM to provide real-time threat detection and response with the ultimate goal of building cyber resilience Emerging trends and technologies to look out for within CTEM -- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Hashtag Realtalk with Aaron Bregg
Episode 107 - Rethinking Threat Intelligence in 2025

Hashtag Realtalk with Aaron Bregg

Play Episode Listen Later Jan 15, 2025 37:57


In this first episode of 2025, I picked a topic that is one of the few areas of security that is both 'hype' and 'real'. Threat Intelligence. It is an area that you can get great information for free but also overpay for what you get.I wanted to take a different approach to discussing this one, so I contacted a well-respected colleague of mine, Justin Lentz. Who happens to  work in the SMB Threat Intel space to come on the podcast and share his experiences and thoughts.Talking Points:How do you approach a smaller client when it comes to TI?What is different when it comes to a client that has some experience with TI?What are some pitfalls when you look at the different TI providers out there?What happens when you run into data that is not relevant to your company's process?Asking clients what is the problem that you are trying to solve?What do you do when you have a low or limited budget?What is his experiences running into this type of project (open source tools, using Azure, etc.)What does it look like a year later?SaaS platformPartnering with different groups, agencies, etc.The 'addiction' on wanting to get more dataCreating a Circle of Trust to share valuable informationEpisode Charity:Corewell Health's Blue Envelope Student Suicide Prevention ProgramEpisode Sponsor:Solis Security is a cyber security managed service provider specializing in Threat Intelligence and Incident Response.  

Cyber Work
Incident response: What I learned from a hands-on project | Guest Gamuchirai Muchafa

Cyber Work

Play Episode Listen Later Jan 13, 2025 33:02


Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastWatch the video here: https://www.youtube.com/watch?v=OSZ1Qi-tzSEToday on Cyber Work, we welcome Gamuchirai Muchafa from Africa's CyberGirls program to discuss her journey in cybersecurity. Muchafa shares the rigorous application process for this mentorship program, her transition from a healthcare assistant to an IT professional and the importance of documentation in cybersecurity. We delve into her experiences with incident response challenges and her hands-on project involving an automated incident detection and response system. Muchafa also reflects on her aspirations and offers advice for aspiring cybersecurity professionals.00:00 - Introduction 02:29 - Muchafa's journey into cybersecurity05:43 - CyberGirls program07:03 - Programming without a laptop08:06 - CyberGirls fellowship projects13:07 - Incident response problem walkthrough20:53 - Advice for cybersecurity students24:57 - Future plans 30:27 - Support for CyberGirls fellowship31:37 - OutroAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

Autonomous IT
CISO IT – Great Security Begins With Great IT: CISO IT's Best of 2024, E14

Autonomous IT

Play Episode Listen Later Dec 26, 2024 15:17


Hacking Humans
incident response (noun) [Word Notes]

Hacking Humans

Play Episode Listen Later Dec 17, 2024 7:50


Please enjoy this encore episode of Word Notes. A collection of people, process, and technology that provides an organization the ability to detect and respond to cyber attacks.

Word Notes
incident response (noun)

Word Notes

Play Episode Listen Later Dec 17, 2024 7:50


Please enjoy this encore episode of Word Notes. A collection of people, process, and technology that provides an organization the ability to detect and respond to cyber attacks. Learn more about your ad choices. Visit megaphone.fm/adchoices

ITSPmagazine | Technology. Cybersecurity. Society
Data Sovereignty and Security Challenges in the APAC Region: Simplifying Security with Zero Trust and AI-Driven Solutions | An Australian Cyber Conference 2024 in Melbourne Conversation with Abbas Kudrati | On Location Coverage

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Nov 29, 2024 24:27


Guest: Abbas Kudrati, Asia's SMC Regional Chief Security, Risk, Compliance Advisor, Microsoft [@Microsoft]On LinkedIn | https://www.linkedin.com/in/akudrati/On Twitter | https://twitter.com/askudratiHosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesDuring the On Location series at AISA Cyber Con 2024 in Melbourne, a significant conversation unfolded between Sean Martin, Marco Ciappelli, and Abbas Kudrati about key cybersecurity themes and strategies relevant to the Asia-Pacific region.Abbas Kudrati, a seasoned cybersecurity professional and cloud advocate, shared insights into the state of cybersecurity in the region. He highlighted that ransomware remains one of the top threats, particularly in Asia and Australia. This persistent issue underscores the importance of robust data governance and access control. Abbas emphasized that organizations must establish strong security foundations, including data classification and access management, to prepare for the complexities introduced by AI. Without these measures, companies risk exposing sensitive information when leveraging generative AI solutions.The discussion also touched on data sovereignty, a critical topic for governments and defense organizations in Australia. Abbas noted the growing number of localized data centers built by major cloud providers to meet sovereignty requirements. While private sector organizations tend to be less stringent about data location, government entities require data to remain onshore. Frameworks like IRAP and Essential Eight are instrumental in ensuring compliance and guiding organizations in implementing consistent security practices.Zero Trust emerged as a transformative concept post-pandemic. According to Abbas, it simplified cybersecurity by enabling secure remote work and encouraging organizations to embrace cloud solutions. He contrasted this with the rise of generative AI, which has introduced both opportunities and challenges. AI's potential to streamline processes, such as analyzing security alerts and automating vulnerability management, is undeniable. However, its unbounded nature demands new strategies, including employee education on prompt engineering and responsible AI use.Sean Martin and Marco Ciappelli explored how AI can revolutionize operations. Abbas pointed out that AI tools like security copilots are making cybersecurity more accessible, allowing analysts to query systems in natural language and accelerating incident response. He stressed the importance of using AI defensively to match the speed and sophistication of modern attackers, noting that attackers are increasingly leveraging AI for malicious activities.The conversation concluded with a forward-looking perspective on AI's role in shaping cybersecurity and the importance of maintaining agility and preparedness in the face of evolving threats. This dynamic exchange provided a comprehensive view of the challenges and advancements influencing cybersecurity in the Asia-Pacific region today.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More

Windows Weekly (MP3)
WW 909: Shaved Toasted and Charred - Spreading light, MSFS 2024 issues, Recall (Preview)

Windows Weekly (MP3)

Play Episode Listen Later Nov 27, 2024 159:38


Windows Recall and Click to Do arrive in Preview and the world doesn't implode. Sorry, haters Snapdragon X Copilot+ PCs only - and dear God, please follow Paul's advice Look at how facile the complaints are now This week in 24H2, unreliability problems. Certain Ubisoft games are causing issues Beta: New taskbar-based continuity features Microsoft is getting rid of ONE OneDrive folder backup nag. The beginning of the end, or the end of the beginning? HP and Dell earnings The PC refresh cycle keeps getting delayed, now to second half of 2025 Google will reportedly merge Chrome OS into Android. Complexity won. Is this a good idea? Microsoft 365 Big outage kept customers off Microsoft 365 for better part of a day this week AI, antitrust, corporate Microsoft debunks reports that it is using customer data in Microsoft 365 to train AI This kind of thing keeps happening. There were reports a month ago about Microsoft secretly enabling Recall on PCs that was complete BS Amazon expands Anthropic investment to $8 billion, or 73 percent of MSFT/OpenAI Brave Search adds a chat mode to ask follow-ups to AI results DOJ, Google make final arguments in Google ad monopoly case in US Google testing changes to search to meet DMA needs Intel secures $7.6 billion in CHIPS funding. Qualcomm is apparently no longer interested Xbox Flight Simulator 2024 is a cluster$%^@ so Xbox is issuing fixes Microsoft is adding a mini Edge browser to Game Bar Xbox gamers can make private Discord calls now Microsoft is shutting down Xbox Avatar Editor because no one uses it Like Microsoft, PlayStation is looking at mobile gaming hardware again, still years away Tips and Picks Tip of the week: We live in a new era of misinformation App pick of the week: Opera GX is almost all-new, Firefox goes to 133 RunAs Radio this week: Incident Response with Mandi Walls Brown liquor pick of the week: Kavalan Solist Vinho Barrique Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: uscloud.com e-e.com/twit flashpoint.io

All TWiT.tv Shows (MP3)
Windows Weekly 909: Shaved Toasted and Charred

All TWiT.tv Shows (MP3)

Play Episode Listen Later Nov 27, 2024 159:38 Transcription Available


Spreading light, MSFS 2024 issues, Recall (Preview) Windows Recall and Click to Do arrive in Preview and the world doesn't implode. Sorry, haters Snapdragon X Copilot+ PCs only - and dear God, please follow Paul's advice Look at how facile the complaints are now This week in 24H2, unreliability problems. Certain Ubisoft games are causing issues Beta: New taskbar-based continuity features Microsoft is getting rid of ONE OneDrive folder backup nag. The beginning of the end, or the end of the beginning? HP and Dell earnings The PC refresh cycle keeps getting delayed, now to second half of 2025 Google will reportedly merge Chrome OS into Android. Complexity won. Is this a good idea? Microsoft 365 Big outage kept customers off Microsoft 365 for better part of a day this week AI, antitrust, corporate Microsoft debunks reports that it is using customer data in Microsoft 365 to train AI This kind of thing keeps happening. There were reports a month ago about Microsoft secretly enabling Recall on PCs that was complete BS Amazon expands Anthropic investment to $8 billion, or 73 percent of MSFT/OpenAI Brave Search adds a chat mode to ask follow-ups to AI results DOJ, Google make final arguments in Google ad monopoly case in US Google testing changes to search to meet DMA needs Intel secures $7.6 billion in CHIPS funding. Qualcomm is apparently no longer interested Xbox Flight Simulator 2024 is a cluster$%^@ so Xbox is issuing fixes Microsoft is adding a mini Edge browser to Game Bar Xbox gamers can make private Discord calls now Microsoft is shutting down Xbox Avatar Editor because no one uses it Like Microsoft, PlayStation is looking at mobile gaming hardware again, still years away Tips and Picks Tip of the week: We live in a new era of misinformation App pick of the week: Opera GX is almost all-new, Firefox goes to 133 RunAs Radio this week: Incident Response with Mandi Walls Brown liquor pick of the week: Kavalan Solist Vinho Barrique Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: uscloud.com e-e.com/twit flashpoint.io

Radio Leo (Audio)
Windows Weekly 909: Shaved Toasted and Charred

Radio Leo (Audio)

Play Episode Listen Later Nov 27, 2024 159:38 Transcription Available


Spreading light, MSFS 2024 issues, Recall (Preview) Windows Recall and Click to Do arrive in Preview and the world doesn't implode. Sorry, haters Snapdragon X Copilot+ PCs only - and dear God, please follow Paul's advice Look at how facile the complaints are now This week in 24H2, unreliability problems. Certain Ubisoft games are causing issues Beta: New taskbar-based continuity features Microsoft is getting rid of ONE OneDrive folder backup nag. The beginning of the end, or the end of the beginning? HP and Dell earnings The PC refresh cycle keeps getting delayed, now to second half of 2025 Google will reportedly merge Chrome OS into Android. Complexity won. Is this a good idea? Microsoft 365 Big outage kept customers off Microsoft 365 for better part of a day this week AI, antitrust, corporate Microsoft debunks reports that it is using customer data in Microsoft 365 to train AI This kind of thing keeps happening. There were reports a month ago about Microsoft secretly enabling Recall on PCs that was complete BS Amazon expands Anthropic investment to $8 billion, or 73 percent of MSFT/OpenAI Brave Search adds a chat mode to ask follow-ups to AI results DOJ, Google make final arguments in Google ad monopoly case in US Google testing changes to search to meet DMA needs Intel secures $7.6 billion in CHIPS funding. Qualcomm is apparently no longer interested Xbox Flight Simulator 2024 is a cluster$%^@ so Xbox is issuing fixes Microsoft is adding a mini Edge browser to Game Bar Xbox gamers can make private Discord calls now Microsoft is shutting down Xbox Avatar Editor because no one uses it Like Microsoft, PlayStation is looking at mobile gaming hardware again, still years away Tips and Picks Tip of the week: We live in a new era of misinformation App pick of the week: Opera GX is almost all-new, Firefox goes to 133 RunAs Radio this week: Incident Response with Mandi Walls Brown liquor pick of the week: Kavalan Solist Vinho Barrique Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: uscloud.com e-e.com/twit flashpoint.io

The CyberWire
A “must patch” list in the making.

The CyberWire

Play Episode Listen Later Oct 15, 2024 36:23


CISA adds a Fortinet flaw to its “must patch” list. Splunk releases fixes for 11 vulnerabilities in Splunk Enterprise. ErrorFather is a new malicious Android banking trojan. New evidence backs secure-by-design practices. CISA warns that threat actors are exploiting unencrypted persistent cookies. The FIDO Alliance standardizes passkey portability. Cybercriminals linger on Telegram. On our Industry Voices segment today, our guest is Matt Radolec, Vice President, Incident Response and Cloud Operations at Varonis, discussing how AI amplifies the need for data privacy regulation and opens doors for abuse. We mark the passing of the co creator of the BBS. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment today, our guest is Matt Radolec, Vice President, Incident Response and Cloud Operations at Varonis, discussing how AI amplifies the need for data privacy regulation and opens doors for abuse. Selected Reading Tens of thousands of IPs vulnerable to Fortinet flaw dubbed 'must patch' by feds (CyberScoop) Fortinet FortiGuard Labs Observes Darknet Activity Targeting the 2024 United States Presidential Election (Fortinet) Splunk Enterprise Update Patches Remote Code Execution Vulnerabilities (SecurityWeek) Cerberus Android Banking Trojan Deployed in New Multi-Stage Malicious Campaign (Infosecurity Magazine) Organizations can substantially lower vulnerabilities with secure-by-design practices, report finds (CyberScoop) Eight Million Users Download 200+ Malicious Apps from Google Play (Infosecurity Magazine) TrickMo malware steals Android PINs using fake lock screen (Bleeping Computer) CISA: Hackers abuse F5 BIG-IP cookies to map internal servers (Bleeping Computer) FIDO Alliance is Standardizing Passkey Portability (Thurrott) So far, cybercriminals appear to be just shopping around for a Telegram alternative (The Record) Ward Christensen, BBS inventor and architect of our online age, dies at age 78 (Ars Technica) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices