POPULARITY
This week, Adam and Andy speak with Stealthbits security strategist, Gavin Aston. Gavin wrote the blog "Maersk, me & notPetya" and brings a unique percepective to information security defense as someone who's survived a ransomware attack. Youtube Video Link Documentation: Maersk, me & notPetya Protecting Microsoft 365 from on-premises attacks Contact: Gavin Aston Twitter: @gvnshtn Andy Jaw Twitter: @ajawzero LinkedIn: andyjaw Email: andy@bluesecuritypod.com Adam Brewer Twitter: @ajbrewer LinkedIn: adambrewer Email: adam@bluesecuritypod.com ---------------------------------------------- Twitter: @bluesecuritypod Instagram: @bluesecuritypodcast Facebook: @bluesecpod --- Send in a voice message: https://anchor.fm/blue-security-podcast/message
In this episode Matt Nelson and myself talk with Adam Rosen about Data Privacy and Data Governance. Adam is the VP of Product Strategy for Stealthbits.For this conversation we used the Gartner Data Security Governance Framework as our guide to talk about:Where does a SMB start when it comes to data governance and privacy?What are some of the biggest challenges that SMBs currently face?How automation can help when IT/Security resources may be limitedWhat are some 'Gothcas' when it comes to data privacy?Gartner Reference Link:How to Use the Data Security Governance Framework (gartner.com)This episode was sponsored by Stealthbits. Stealthbits is a data and credentials security company based out of Hawthorne, New Jersey. As always a majority of the proceeds of the podcast go towards 'At Risk' students in the West Michigan area.
In this episode I speak with Martin Cannard about Privilege Access Management for Small and Medium Business. Martin is the Vice President of Product Strategy for STEALTHbits Technologies. Here are some of the questions that we tackled in this session: What is Privileged Access Management and why do you need it?Why is PAM so 'scary'?What the biggest problems that you are seeing in the PAM space?What is wrong with a typical PAM boilerplate? This episode is sponsored by STEALTHbits and, as always, proceeds from this sponsorship will go toward At Risk students in West Michigan.Support the show (https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=BPUXUJ8SWLCR6&source=url)
Spirion (https://www.spirion.com/)—a leader in rapid identification and protection of sensitive data—he’s channeling that passion to make the digital world a safer place. Wielding a unique mix of technical vision, marketing, and business acumen, Gabe is shaping the future of data security and protecting the sensitive personal data of customers, colleagues, and communities around the world. Despite having held a range of leadership positions in security technology— including VP of Product Strategy at STEALTHbits and Director of Research & Products at WhiteHat Security—Gabe considers his most valuable experience to be the time he spent on the ground as a security practitioner. Thanks to his intimate understanding of the real issues security professionals face on the front lines, he’s able to identify the core of the problem and create innovative solutions that push data security technology forward. In this episode, we discuss his early starts with the 2600 meet-ups (https://www.2600.com/meetings), privacy versus security, speaking to executives in their language, cloud security, information security skills shortages, training legal teams for cyber, how to get started in cybersecurity, and so much more. Where you can find Gabe: LinkedIn (https://www.linkedin.com/in/gabriel-gumbs-68323939/) Twitter (https://twitter.com/gabrielgumbs) Spirion Blog & Podcast (https://www.spirion.com/blog/)
This week, we talk Enterprise News, discussing how STEALTHbits releases real-time threat detection and response platform StealthDEFEND 2.2, Bitdefender GravityZone enhanced with new endpoint defense capabilities, Tenable to Secure Enterprise Cloud Environments with Microsoft Azure Integration, and Aqua Security buys CloudSploit to expand into cloud security posture management! In our second segment, we welcome Baber Amin, CTO West at Ping Identity, to discuss Zero Trust Architecture! In our final segment, we welcome Ward Cobleigh, Sr. Product Manager at VIAVI Solutions, to discuss Threat Detection: The Network Scavenger Hunt! Show Notes: https://wiki.securityweekly.com/ESWEpisode161 To learn more about VIAVI, visit: https://securityweekly.com/viavi To learn more about Ping Identity, visit: https://securityweekly.com/ping Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, discussing how STEALTHbits releases real-time threat detection and response platform StealthDEFEND 2.2, Bitdefender GravityZone enhanced with new endpoint defense capabilities, Tenable to Secure Enterprise Cloud Environments with Microsoft Azure Integration, and Aqua Security buys CloudSploit to expand into cloud security posture management! In our second segment, we welcome Baber Amin, CTO West at Ping Identity, to discuss Zero Trust Architecture! In our final segment, we welcome Ward Cobleigh, Sr. Product Manager at VIAVI Solutions, to discuss Threat Detection: The Network Scavenger Hunt! Show Notes: https://wiki.securityweekly.com/ESWEpisode161 To learn more about VIAVI, visit: https://securityweekly.com/viavi To learn more about Ping Identity, visit: https://securityweekly.com/ping Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
STEALTHbits releases StealthDEFEND 2.2, its real-time threat detection and response platform, Tenable to Secure Enterprise Cloud Environments with Microsoft Azure Integration, Aqua Security buys CloudSploit to expand into cloud security posture management, and much more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode161
STEALTHbits releases StealthDEFEND 2.2, its real-time threat detection and response platform, Tenable to Secure Enterprise Cloud Environments with Microsoft Azure Integration, Aqua Security buys CloudSploit to expand into cloud security posture management, and much more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode161
A Their Story interview with Sean Martin Today’s guest is Martin Cannard, Vice President, Product Strategy (Privileged Access Management) at STEALTHbits Technologies. Martin and I look at the past to explore how the world of access control and privileged access management (PAM) has changed, mainly driven mobile, cloud, and the Internet of Things. Martin shares some stories about how organizations are changing the way they define and implement privileged access management solutions, turning the technology—and their operational infrastructure—on its side business to better support business requirements without opening up the gates too wide nor closing them down too much. Ultimately, it’s about finding that “just right” access model that accounts for changes in risk, threat, context. This isn’t an easy task when faced with growing technical complexities, increasingly-demanding business processes, and the need to scale to meet both market and end-user demands. These are some of the points Martin and I discuss during our chat: - Why do we need another (new or different or otherwise) PAM offering? - Where does the current PAM market sit and what’s the back story leading us to this point? - What is fundamentally different from the new way of thinking about PAM solutions? - How do changes in endpoints, servers, applications, VMs, cloud, and mobility change the way organizations deal with access? - It’s easy to open up everything and fail open, risking the loss of authorized access to critical systems and data /// it’s equally easy to lock everything down and risk the loss of business and revenue — how can you fail-safe in most situations while easily managing exceptions at scale? - What elements are required to succeed with a reinvented PAM solution—technology, infrastructure, processes, and team? - What visibility is required to ensure policies and related enforcement rules are working properly? - and so much more… After you listen to this story by STEALTHbits, check to see if your perception of privileged access management has changed—and, if so, how. Learn more about STEALTHbits on ITSPmagazine: www.itspmagazine.com/company-directory/stealthbits
By Marco Ciappelli All right, ladies and gentlemen, it finally happened: Vandana Verma is my distinguished guest on this An InfoSec Life Podcast. For those of you that haven't had the pleasure to meet her in person—Sean and I had this honor in Las Vegas this year—let me tell you, she is as nice as she sounds. In my opinion, there is nothing more valuable to add to someone's professionalism and skills than a big heart. It helps to make them a role model and an inspiration for any just entering—or that are about to enter—their career in the InfoSec community. We like to highlight the fact that, one of the main reasons why we go to conferences, is to see old friends, make new ones, and meet with people that we had the pleasure to host on our podcasts. Even with all this technology that is surrounding and connecting us globally, we're still human, and we need that magic that only an 'in-person' moment can carry. Another thing that we sure need as humans are good stories. Sometimes we need to tell some; other times we need to hear them. This is what we do on our publication: we offer a platform, a few virtual chairs, and a make-believe warm fire to those who wish to share their stories with us and others. Our audience seems to be enjoying this, and so are we. In An InfoSec Life, we like to start the stories right from the beginning; makes sense, right? Because of it, most of the time, the first chapters on this column are about someone’s curiosity, passion for technology, and interest for this industry which inspired and drove them to choose cybersecurity as a career. This time it is no different. Vandana goes back to her past, remembering the moments and the people that made a difference in her career and her life, which, more often than not, are very much inevitably intertwined in this industry. It is a story told with excitement and passion. It is a story that reflects Vandana’s experience and the values that she, now, wants to give back to the community. We also spoke about many other things: Her experience in the AppSec community. The dream that came true when this year she was a speaker and a trainer at Black Hat, Defcon, and Diana Initiative. Her nomination to several industry awards and her wining experience in one of those: the Women's Society Of Cyberjutsu Award. The importance of diversity, minorities, and cultural differences for succeeding in this profession, and the never-ending battle against cybercrime. As we often do, we closed the story with what gives her nightmares and what gives her hope and motivation to get up in the morning and be the best she can be as a cybersecurity professional. Moreover, talking about that, Vandana is a keynote in Washington DC at the Global AppSec event this September, AND she put in her nomination for OWASP Global Board this year. In that role, she wants to be able to contribute more to this community and the whole society. I cannot think of a better person to do this. So if you are an active OWASP Member, maybe you want to think about it and give her your vote. I would if I could. However, you do not have to believe me, judge for yourself; start by listening to this podcast. Enjoy. _________________ Learn more about this column's sponsors: STEALTHbits: www.itspmagazine.com/company-directory/stealthbits Devo: www.itspmagazine.com/company-directory/devo Find more An InfoSec Life stories on ITSPmagazine: https://www.itspmagazine.com/an-infosec-life
Conversations At The Intersection Of Technology, CyberSecurity And Society. Guests Francesco Cipollone | Guamaral Erkhembayar | Dr. Zulfikar Ramzan Hosts Sean Martin | Marco Ciappelli Sponsors ReversingLabs | Bugcrowd | STEALTHbits | RiskSense ITSPmagazine’s Unusual Gatherings XXXII: Exploring The Past, Present, Future of CyberSecurity In this Unusual Gatherings Talk Show, we get to talk about sharing the passion that moves people to choose a career as a cybersecurity professional, what is happening in this industry, and why collaboration at every level looks more and more like the future of cybersecurity. Our guests are two veterans of the industry and a new-comer participating in Hacker Summer Camp for the first time, bringing with her a fresh and inspiring sense of excitement and enthusiasm as she enters the world of InfoSec. Join us as we explore the Past, Present, and Future of CyberSecurity with guests Francesco Cipollone (Head of Security Architecture & Strategy, HSBC), Guamaral Erkhembayar (Student Pursuing a Masters in Cybersecurity), and Dr. Zulfikar Ramzan (Chief Technology Officer at RSA Security). __________ Read the full chronicle here https://www.itspmagazine.com/itspmagazine-unusual-gatherings/unusual-gathering-episode-xxxii __________ This episode is made possible by the generosity of our sponsors. Be sure to visit their directory pages on ITSPmagazine to learn more about them. - Reversing Labs: https://www.itspmagazine.com/company-directory/reversing-labs - Bugcrowd: https://www.itspmagazine.com/company-directory/bugcrowd - STEALTHbits: https://www.itspmagazine.com/company-directory/stealthbits - RiskSense: https://www.itspmagazine.com/company-directory/risksense If you are interested in sponsoring this episode or any other talk show episode, please visit this page on ITSPmagazine: https://www.itspmagazine.com/talk-show-sponsorships We appreciate your support! __________ For more Unusual Gatherings, please visit: https://www.itspmagazine.com/unusual-gatherings ________ Want more from Hacker Summer Camp 2019 in Las Vegas? Follow all of our coverage here: https://www.itspmagazine.com/black-hat-2019-and-defcon-27-event-coverage-las-vegas-usa-news-and-podcasts
A conversation with Sean Martin & Marco Ciappelli Black Hat USA 2019 was a huge success — again. Toward the end of the conference, Sean and Marco connect with Black Hat General Manager, Steve Wylie, to have him give us an overview of what happened throughout the week of trainings, briefings, and micro summits. Listen in and enjoy! ________ We'd like to thank our conference coverage sponsors for their support. Be sure to visit their directory pages on ITSPmagazine to learn more about them. - Reversing Labs: https://www.itspmagazine.com/company-directory/reversing-labs - Bugcrowd: https://www.itspmagazine.com/company-directory/bugcrowd - STEALTHbits: https://www.itspmagazine.com/company-directory/stealthbits - RiskSense: https://www.itspmagazine.com/company-directory/risksense ________ Want more from Hacker Summer Camp 2019 in Las Vegas? Follow all of our coverage here: https://www.itspmagazine.com/black-hat-2019-and-defcon-27-event-coverage-las-vegas-usa-news-and-podcasts Looking for more conversations from Las Vegas? You can find those here: https://itspmagazine.com/itsp-chronicles/chats-on-the-road-to-hacker-summer-camp-black-hat-and-def-con-las-vegas-2019
There are numerous methods available to uncover and identify operational weaknesses and functional vulnerabilities in both software applications and hardware systems. One manner in particular—running a bug bounty—has become one of the more popular methods in recent years as it can quickly scale to the scope of the environment being evaluated [covering breadth] while also matching expert researchers to specific functional areas of the operational environment to ensure the most covert weaknesses are exposed [encompassing depth]. As with most vulnerability testing methods, the goal is to find and fix these issues before a bad actor does it on the company's behalf. Bug bounties—well, application security overall—is a topic near and dear to my heart. I've helped write craft one of the early bug bounty reports, hosted many podcasts and webcasts on this topic, and I’ve even lead a panel at AppSec USA. One more sign that I am deep into this topic area is that I often make this joke (which isn't laughable I suppose): “ Every company is running a bug bounty; many don’t know it and don’t have a formal disclosure process in place. — Sean Martin With this mindset and background in place, you'll understand why I was excited for two things happening during this year's Hacker Summer Camp excursion: 1) An opportunity to meet—in person—someone leading the bug bounty charge for quite some time: Kymberlee Price, Principal Security PM Manager - Microsoft Security Response Center's Community Programs 2) To explore and discuss the dedicated Bug Bounty micro-summit during Black Hat USA 2019 Fortunately, both of these activities came together in a single setting during Black Hat, as Marco and I got to meet Kymberlee not only to discuss the micro summit, but to also hear about her journey in InfoSec and her role in establishing some of the best practices being leveraged by the industry for some time now—specifically via her work at Microsoft, at Bugcrowd, and Microsoft (again). I loved this having conversation and hearing Kymberlee's story. Now it's your turn to hear it. Have a listen. ________ We'd like to thank our conference coverage sponsors for their support. Be sure to visit their directory pages on ITSPmagazine to learn more about them. - Reversing Labs: https://www.itspmagazine.com/company-directory/reversing-labs - Bugcrowd: https://www.itspmagazine.com/company-directory/bugcrowd - STEALTHbits: https://www.itspmagazine.com/company-directory/stealthbits - RiskSense: https://www.itspmagazine.com/company-directory/risksense ________ Want more from Hacker Summer Camp 2019 in Las Vegas? Follow all of our coverage here: https://www.itspmagazine.com/black-hat-2019-and-defcon-27-event-coverage-las-vegas-usa-news-and-podcasts Looking for more conversations from Las Vegas? You can find those here: https://itspmagazine.com/itsp-chronicles/chats-on-the-road-to-hacker-summer-camp-black-hat-and-def-con-las-vegas-2019
Conversations At The Intersection Of Technology, CyberSecurity And Society. Guests Francesco Cipollone | Guamaral Erkhembayar | Zulfikar Ramzan Hosts Sean Martin | Marco Ciappelli Sponsors ReversingLabs | Bugcrowd | STEALTHbits | RiskSense ITSPmagazine’s Unusual Gatherings XXXIII: Celebrating Diversity and Women CyberSecurity Leaders We care deeply and passionately about creating a diverse cybersecurity workforce — not just when it come to gender, but also for background, origin, age, religion, neuro-makeup, and more — essentially anything and everything that makes us unique; makes us human. This should NOT come as a surprise to any of our followers, as this has been a part of our conversations and stories here on the magazine pretty much since its inception 4 years ago. While we prefer to embrace our differences, sometimes it is necessary to celebrate the successes of certain groups — NOT as a means to call out their differences, but with the goal of helping to inspire others such that they may find a role model, a mentor, a peer, and perhaps even a colleague with whom they can work. We should not wash away our differences, rather we should celebrate the great work all of us have done in the face of adversity. With this, we ask you to celebrate with us the successes these cybersecurity leaders have achieved. Sure, we hope to reach a point where we no longer have to shake the box to remind ourselves of the benefits associated with diversity, but until we reach that point, you’ll find us shaking things up at the intersection of technology, cybersecurity, and society. __________ Read the full chronicle here https://www.itspmagazine.com/itspmagazine-unusual-gatherings/unusual-gathering-episode-xxxiii __________ View our coverage of the cybersecurity woman of the year awards gala here: https://www.itspmagazine.com/itsp-chronicles/hacker-summer-camp-event-coverage-cybersecurity-woman-of-the-year-2019-awards __________ We'd like to thank our conference coverage sponsors for their support. Be sure to visit their directory pages on ITSPmagazine to learn more about them. - Reversing Labs: https://www.itspmagazine.com/company-directory/reversing-labs - Bugcrowd: https://www.itspmagazine.com/company-directory/bugcrowd - STEALTHbits: https://www.itspmagazine.com/company-directory/stealthbits - RiskSense: https://www.itspmagazine.com/company-directory/risksense If you are interested in sponsoring any of our talk show episodes, please visit this page on ITSPmagazine: https://www.itspmagazine.com/talk-show-sponsorships We appreciate your support! ________ Want more from Hacker Summer Camp 2019 in Las Vegas? Follow all of our coverage here: https://www.itspmagazine.com/black-hat-2019-and-defcon-27-event-coverage-las-vegas-usa-news-and-podcasts __________ For more Unusual Gatherings, please visit: https://www.itspmagazine.com/unusual-gatherings
Black and blue, and who knows which is which, and who is who? "Us and them" - The Dark Side of the Moon, by Pink Floyd It is a matter of perspective and a matter of time — and given the right knowledge, these usually change together. Don't they? What is at stake and what we are fighting for can change yesterday's foe into tomorrow's best ally. But what about today? I believe that today in technology and InfoSec, we are at the crossroads where Sean and I have been waiting for a few years now. Exactly 4 years ago, when we founded ITSPmagazine, we did it because we wanted to have the conversation that the media, business owners, tech experts, and politicians were not having yet — and, most still don't. We met at the intersection of technology, cybersecurity, and society, and we started to talk amongst ourselves, trying to understand why these conversations were not happening. We invited people from diverse backgrounds to join our fireside chats, and we realized that it was not for lack of interest or will that these were not happening. The problem was the diverse language and the lack of common understanding — something that has been negatively affecting our society for a while now. Maybe everybody thought that it was other people’s job to fix the problem; but the problem is simply way too big to be fixed single-handedly. Luckily, times are changing. That deserted intersection that we claimed back then is now a busy and effervescent crossroads full of people that want to sit down with others and find common ground and solutions — to envision a better future for everyone. OK, now I am letting myself go into my own utopia. But, really, things are better now; not quite there, but much better. Look at this year’s InfoSec conferences. We talk about the human factor without screaming "weakest link," and we think about people and technology, privacy and data; artificial intelligence and human intelligence — all as part of the same picture. Ok, sorry, still a bit utopian? Damn! OK, let's get to the bottom line: what is this podcast about? It is about Policy Makers coming to Defcon, BlackHat, and BSides. You might be surprised that some of them, despite all the politics and all the rhetoric, are actually really excited to learn from experts and get ideas that can help them to take action and start to resolve some of the fundamental problems affecting our society. You might even be more surprised to know that there are also many hackers these days who are getting interested in policy and are willing to be part of the conversation, the solution, the legislation, and the overall plans for the future of our societies. ___ read the full article on ITSPmagazine.com Listen up and join us at the intersection of technology, cybersecurity, and society. ________ We'd like to thank our conference coverage sponsors for their support. Be sure to visit their directory pages on ITSPmagazine to learn more about them. - Reversing Labs: https://www.itspmagazine.com/company-directory/reversing-labs - Bugcrowd: https://www.itspmagazine.com/company-directory/bugcrowd - STEALTHbits: https://www.itspmagazine.com/company-directory/stealthbits ________ Want more from Hacker Summer Camp 2019 in Las Vegas? Follow all of our coverage here: https://www.itspmagazine.com/black-hat-2019-and-defcon-27-event-coverage-las-vegas-usa-news-and-podcasts Looking for more chats on the road to Las Vegas? You can find those here: https://itspmagazine.com/itsp-chronicles/chats-on-the-road-to-hacker-summer-camp-black-hat-and-def-con-las-vegas-2019
First off, a shout out to Tanya Janca for helping us to kick this chats on the road podcast into gear with the introduction to two of our guests today, Erez Yalon and Liora Herman. Of course, our third guest we know very well; it’s always an absolute pleasure to have Jim Manico join us for a conversation! The topic for this chats on the road is the launch of the new AppSec Village at DEF CON. During our conversation, we look at: - Who the Village is designed for (there’s something for everyone interested in coding and/or security and/or applications) - The differences between engineers and hackers; are they (m)any? - The differences between InfoSec and Hackers in the context of application security As noted by Lior during the chat, diversity of the community is important to ensure everyone is writing secure code — and this Village was defined and is being managed with this at the forefront. It’s critical that we have a good balance of representation of the community as a whole: women, men, people from the US, people from abroad—application security spans the globe. “It’s important for society to promote good application security — all roads lead to code." ~Jim Manico It’s also important to recognize that the products and solutions (and applications) we are building a using are comprised of multiple components from all of the place—custom, commercial, and open-source—and from all over the world. At the end of the day, we’re all speaking about code, and we all need to write secure code. Start speaking about it with your peers at the inaugural AppSec Village at DEF CON 27. But first, have a listen to this chat to learn more. ________ We'd like to thank our conference coverage sponsors for their support. Be sure to visit their directory pages on ITSPmagazine to learn more about them. - Reversing Labs: https://www.itspmagazine.com/company-directory/reversing-labs - Bugcrowd: https://www.itspmagazine.com/company-directory/bugcrowd - STEALTHbits: https://www.itspmagazine.com/company-directory/stealthbits ________ Want more from Hacker Summer Camp 2019 in Las Vegas? Follow all of our coverage here: https://www.itspmagazine.com/black-hat-2019-and-defcon-27-event-coverage-las-vegas-usa-news-and-podcasts Looking for more chats on the road to Las Vegas? You can find those here: https://itspmagazine.com/itsp-chronicles/chats-on-the-road-to-hacker-summer-camp-black-hat-and-def-con-las-vegas-2019
There continues to be an increased awareness and focus on ensuring the safety of society by protecting the digital assets of the critical infrastructure that supports our society. Last year, during DEF CON 26, we explored the ins-and-outs of the Car Hacking Village — a core element of the critical infrastructure, for sure. This year, we stick with the transportation theme for this next chat and look under the hood of another new village introduced with this year’s installation of DEF CON 27 — the Aviation Village. To help us understand how multiple parties can (and are) working together to understand the risks, how to mitigate them, and the challenges getting all of the cybersecurity dots connected throughout the entire ecosystem, we connected with one of the leaders of the Aviation Village, Pete Cooper. Pete is a Cyber Strategy Advisor, for the International Air Transport Association (IATA), and a Nonresident Senior Fellow for the Atlantic Council. In addition to these two roles, Pete has done a ton of research and has published works in the area of aviation safety and security. As noted by Pete during our chat: The aviation industry does a great job establishing a culture of physical safety and we (the cybersecurity industry) would like to see a movement towards a similar culture for cybersecurity in the aviation industry. It’s an interesting space to explore, to say the least. Join us for this chat with Pete and then connect with him and the rest of the Aviation Village team during DEF CON 27 in Las Vegas. ________ We'd like to thank our conference coverage sponsors for their support. Be sure to visit their directory pages on ITSPmagazine to learn more about them. - Reversing Labs: https://www.itspmagazine.com/company-directory/reversing-labs - Bugcrowd: https://www.itspmagazine.com/company-directory/bugcrowd - STEALTHbits: https://www.itspmagazine.com/company-directory/stealthbits ________ Want more from Hacker Summer Camp 2019 in Las Vegas? Follow all of our coverage here: https://www.itspmagazine.com/black-hat-2019-and-defcon-27-event-coverage-las-vegas-usa-news-and-podcasts Looking for more chats on the road to Las Vegas? You can find those here: https://itspmagazine.com/itsp-chronicles/chats-on-the-road-to-hacker-summer-camp-black-hat-and-def-con-las-vegas-2019
By Sean Martin and Marco Ciappelli Guest: Chris Cochran, Netflix Welcome to a new episode of An InfoSec Life. Sometimes the decisions we make in life seem to carry an aura of predetermination and finality; feelings that bring so much weight on those moments of a young person's life. It might be the sport we play or the instrument we perform with and into which we pour so much time and energy. Or, it could be the academic path we choose, our friends, our first job, our dates, and our overall our social life. As we progress through life, we often hear or say that if we could foresee the future — "if. I only knew back then what I know now" — we could have been so much more efficient in walking to and through all the milestones leading us toward that ideal happy place for which we all strive. What if, instead, we give a bit more creed to our capacity to be in control of our destiny and take responsibility — and credit — for it. What if we had the luxury of looking ahead to see that, in fact, those hard — sometimes painful — decisions were the input for that specific action we needed to take to find ourself on the path we are on. What may have seemed like a sacrifice at the time could prove to be a blessing in disguise. This view probably isn't different to one that you've heard before; even if it was presented differently. I am not claiming to be a philosopher, but I heard stories, and all of them make me think — in one way or another — and here I challenge you with a slightly different way of thinking about this; here, I am sharing my view for how to live a successful InfoSec Life inspired by this conversation with Chris Cochran as part of our An InfoSec Life podcast series: What if you don't look at loss or trade-offs when making important decisions? What if you look ahead into the direction you are taking and the beauty that the future holds if you keep on that path. Because change is, in the end, the only constant and we need to be ready to welcome and pursue it. We would never be who we are now if anything in the past was even slightly different — yes, a side reference to the butterfly effect. Why not!? Rather than digging deep into what we discussed, I will leave you with this thought and a recommendation to listen in to how Chris has lived his life, how he entered the field of InfoSec from a path that might not sound so typical — but again: what is typical anyway? Chris is doing way more than living his life though; he is giving back to the community in any and every way he can such that everyone with whom he connects can focus on the future … and live without fear or regret —like a happy, healthy, successful, InfoSec professional. This is our wish you all! Enjoy. _________________ Learn more about this column's sponsors: STEALTHbits: www.itspmagazine.com/company-directory/stealthbits Devo: www.itspmagazine.com/company-directory/devo Find more An InfoSec Life stories on ITSPmagazine: https://www.itspmagazine.com/an-infosec-life
Welcome to a new episode of An InfoSec Life. Unless this is the first ITSPmagazine Chronicle you read and the first podcast you hear, you probably know that our conversations ALWAYS take place at the intersection of Technology, Cybersecurity, and Society. Instinctively we may think that such clearly-defined 'location' can only exist in one place—inside our head, of course. Truth is, once we humble ourselves and consider that our culture and point of view is just one of the many possible and plausible ones—one of the many reality that surrounds us—then an entirely new mesmerizing world will manifest right in front of our eyes. While the concept of Technology and CyberSecurity can be considered universal—even if they may present themselves at different stages—the 'Society' piece is the variable that allows this three-way intersection to exist simultaneously in many places that are all somehow different from one another; and yet, all perfectly normal. Once societies and their own cultures are seen and accepted as the main roads at the intersection of many others, the world around us become not only easier to understand, accept and improve, but it automatically makes our life a better and most certainly a much more enriching experience. I went quite philosophical with this intro because I naturally tend to consider the same phenomena from different perspectives, and because the conversation I had with my guest sparked my desire to bring together these thoughts on the subject. It is finally time to present the guest on this podcast. For ITSPmagazine's An InfoSec Life column I had the pleasure to talk with a talented and experienced CyberSecurity professional, an Hacker, a CISO, a 'CyberFeminist' whom, with great passion, supports and promotes women’s and other minorities’ involvement in the InfoSec Community. She is also a business person that makes cultural differences—she speaks seven languages—a key point of her understanding and promotion of cybersecurity model in enterprises and in our everyday life. We spoke about: Her life and how she got involved in Cybersecurity. How her passion for technology, infosecurity, and diversity drives both her business and everyday life. How technology and people are both of fundamental importance for developing effective cybersecurity programs. The fundamental importance of taking into consideration cultural differences when implementing the right security controls—especially when it comes to insider threats. What works in a country is not necessarily going to work in another, and the complexity of the Asian cultural and economic landscape is a perfect example of that. The importance of diversity, inclusion, and unconscious biases and the necessity of more role models that can inspire minorities and women to be part of this industry. The initiative she supports and manages, such as the Women of Security chapter in Singapore and, as part of that, the event that she is organizing: the first capture the flag (CTF) for women event that will take place on the 13th of July 2019. I truly enjoyed this conversation and I am looking forward to many more; starting with the one we will have in Singapore in a few days when Sean and I will cover RSA Conference APJ 2019. Stay tuned for all that related content that is coming to ITSPmagazine as pre-coverage and from the event. But go ahead, you made it here___ it is time to enjoy this podcast. Cheers! __________________ Find more An InfoSec Life stories on ITSPmagazine: https://www.itspmagazine.com/an-infosec-life Learn more about this column's sponsors: STEALTHbits: www.itspmagazine.com/company-directory/stealthbits Devo: www.itspmagazine.com/company-directory/devo
Welcome to a new episode of An InfoSec Life on ITSPmagazine! Today my guest is Sarah Young, Azure Security and Compliance Global Blackbelt at Microsoft, to talk about her non-linear journey into InfoSec. Many people, particularly those who’ve just graduated high school and are told that they need to figure out the whole rest of their life right NOW, can get overwhelmed or confused about getting a job in cybersecurity. That’s not surprising, because there are tons of roles and specialty areas and not every job requires you to be able to code. So anyone who tells you that you need to take a specific path into the security field is not giving you the full story. There are plenty of ways into the industry and almost every background – librarian, English major, psychologist, physician, historian – I even heard of one fellow who came from stand-up comedy – can be an asset. Sarah is one such person. She a history major who worked as a school helper and wound up doing a lot of IT tasks – and that experience led to an eventual career with Microsoft as a Cloud Security and Compliance Specialist. She is a fun and compelling speaker, so listen in for lots of entertaining stories and super helpful nuggets of advice, including mentoring, studying, getting hands-on experience, attending or volunteering at security conferences, networking, etc. Enjoy! Learn more about this column's sponsors: STEALTHbits: https://www.itspmagazine.com/company-directory/stealthbits Devo: https://www.itspmagazine.com/company-directory/devo
Welcome to a new episode of An InfoSec Life on ITSPmagazine! Today’s topic looks at the life of a hacker and the challenges they face from both a liability and legal perspective. We also look at how organizations deal with the research activities they encounter from both cybercriminals and ethical hackers alike. To help me have this conversation, I am delighted to welcome Amit Elazari, Lecturer at UC Berkeley School of Information, and Leonard Bailey, Special Counsel for National Security at the U.S. Department of Justice, Criminal Division where he is Head of Cybersecurity Unit for the DOJ’s Computer Crime & Intellectual Property Section. There are laws to protect companies from cybercriminals. However, those laws— when interpreted as such—also block ethical hackers from researching and looking for exploitable weaknesses. Changes in the acts and laws over the years have made it better, if not easier, for ethical hackers to perform their research and engage in responsible disclosure. The question is: do these changes also make it "better" and/or “easier” for the cybercriminals? “Safe harbor is not a blanket approval of protection from the law." ~ Amit Elazari During our chat, we dig into the many yin yang elements of this topic as we explore some of the details behind responsible disclosure and vulnerability disclosure programs, the related language and frameworks available from the DoJ and Disclose.io, and how those interact with—and often counteract—the Computer Fraud and Abuse Act (CFAA) and the Digital Millennium Copyright Act (DMCA). There’s a lot of work being done to help establish a safe environment for vulnerability research and responsible disclosure to take place. Formal rules surrounding responsible vulnerability are critical in both the legal landscape as well as with ethical business operations—these rules need sorting out quickly if we are going to function in a safe cyber society. Listen in and enjoy! This episode of An InfoSec Life is made possible by the generosity of our sponsors, Devo and STEALTHbits. Click below to learn more about what they can do for you: www.itspmagazine.com/company-directory/devo www.itspmagazine.com/company-directory/stealthbits
In today’s chat, Marco Ciappelli and Sean Martin speak with John Chambers, Founder and Chief Executive Officer at JC2 Ventures, and Former Chairman and Chief Executive Officer at Cisco, and two of his guests: Mike Fong, Founder and CEO at Privoro, and Vijay Balasubramaniyan, CEO at Pindrop. Together, the group discusses their role during RSA Conference, how corporations can balance security innovation with security operations, and the opportunity and impact that new ventures can have on society. “I’ve seen every movie there is to see; every mistake there is to make." ~John Chambers We all agreed that there’s way too much stuff for corporations to look at when it comes to options for solving their cybersecurity challenges; there are too many choices to select from. To this end, we discuss how the market and corporations can balance security innovation with security operation. The group also looks at how they see innovation playing a role in addressing the challenges we face in society. Are we adequately using technology to resolve the problems for the user? Are we doing it in a way that also educates and empowers the user? John also broadens this point by discussing the challenges we face with reaching the whole of society when the bulk of the innovations tend to take place on the West and East coasts of the United States. And, of course, John shares with us what he plans to discuss with Diane Brady during their RSA Conference Keynote — Connecting the Dots for the Future — on Thursday, March 7th from 4:45 PM to 5:30 PM in Moscone West. All our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank edgescan, Bugcrowd, STEALTHbits, Devo, Onapsis, and Nintex for their support and encourage you to have a look at their directory listing on ITSPmagazine to see how they can help you with your risk, security and compliance programs. Edgescan: www.itspmagazine.com/company-directory/edgescan Bugcrowd: www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: www.itspmagazine.com/company-directory/stealthbits Devo: www.itspmagazine.com/company-directory/devo Onapsis: www.itspmagazine.com/company-directory/onapsis Nintex: www.itspmagazine.com/company-directory/nintex For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
All our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank edgescan, Bugcrowd, STEALTHbits, Devo, Onapsis, and Nintex for their support and encourage you to have a look at their directory listing on ITSPmagazine to see how they can help you with your risk, security and compliance programs. Edgescan: www.itspmagazine.com/company-directory/edgescan Bugcrowd: www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: www.itspmagazine.com/company-directory/stealthbits Devo: www.itspmagazine.com/company-directory/devo Onapsis: www.itspmagazine.com/company-directory/onapsis Nintex: www.itspmagazine.com/company-directory/nintex We are now only a few days away from RSA Conference in San Francisco. People all over the world are packing and getting ready for a week full of networking, learning, teaching and exchanging opinions on the floor of the Moscone Center. There are old friends to be seen and new friendships to be made. This is my last podcast for our Chats on the Road to RSA Conference 2019 series. After this we will record literally from the road and from different locations in San Francisco. This podcast is to introduce a friend of ITSPmagazine and her session which is called: Retaining and Growing Cybersecurity Talent: A Proven Model My guest is: Deidre Diamond Your host is: Marco Ciappelli For those of you who do not know Deidre yet, she is the Founder/CEO of the national cybersecurity staffing, research and technology company CyberSN and the Founder of Brainbabe. She is one of those people who, without excuses and without fear, walks the talk. She is extremely passionate about what she does and, above all, let me just say one thing: she rocks. With this in mind, here below are some talking points and more reasons, in case the above is not enough, to attend her presentation. Retaining and Growing Cybersecurity Talent: A Proven Model First of all, let’s all remember that companies are made of people. You can talk about Artificial Intelligence, digital automation, algorithms, robotics, and all the other amazing things happening in our society, but ultimately none of them come from nothing; they all come from the carbon-based unit that we call humans. So, even nowadays if a cybersecurity company — or any company — really cares about growing, that is what matters the most: the workforce they employ. If in particular we look at the cybersecurity industry where there is a talent shortage of over one million, it is more important than ever to retain talent. If you want to attract the right talent you need a good story and if you want to retain them you need to prove that said story is real. Having a plan in place to retain people before you even hire them is key to success. This talk will show how using a common language for cybersecurity projects and tasks can create a role and responsibility career succession plan for organizations and a Fortune 500 case study will be shared. The Learning Objectives Are: How to create a cybersecurity career development plan based on common language projects and tasks. Understand how a cybersecurity program with succession planning and training can improve retention. Learn about the importance of creating a workplace culture that offers psychological safety, which can offer the foundation for creativity, quality, growth, diversity, inclusion, and of course retention. No more excuses. People are always one of your most important investments. Do you want to learn more about Deidre’s presentation? Listen to this podcast and then, if you are at RSA Conference in San Francisco, join us Friday, March 8 | 11:10 A.M. - 12:00 P.M. | Moscone South 304 I will be there. See you soon. For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
In today’s chat, Sean Martin speaks with Paula Januszkiewicz, CEO of CQURE, and Rod Simmons, VP of product strategy at STEALTHbits, to discuss the role of identity, privileged access, and how organizations are — or aren’t — adequately looking at the risk they face from an attacker’s point of view. With this context in mind, Paula gives us a view into the keynote she is giving at RSA Conference, the session she also has there, and the work she is doing with Rod to peel back the onion, if you will, on how attacks look and work. All our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank edgescan, Bugcrowd, STEALTHbits, Devo, Onapsis, and Nintex for their support and encourage you to have a look at their directory listing on ITSPmagazine to see how they can help you with your risk, security and compliance programs. Edgescan: www.itspmagazine.com/company-directory/edgescan Bugcrowd: www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: www.itspmagazine.com/company-directory/stealthbits Devo: www.itspmagazine.com/company-directory/devo Onapsis: www.itspmagazine.com/company-directory/onapsis Nintex: www.itspmagazine.com/company-directory/nintex For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
All our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank edgescan, Bugcrowd, STEALTHbits, Devo, Onapsis, and Nintex for their support and encourage you to have a look at their directory listing on ITSPmagazine to see how they can help you with your risk, security and compliance programs. Edgescan: www.itspmagazine.com/company-directory/edgescan Bugcrowd: www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: www.itspmagazine.com/company-directory/stealthbits Devo: www.itspmagazine.com/company-directory/devo Onapsis: www.itspmagazine.com/company-directory/onapsis Nintex: www.itspmagazine.com/company-directory/nintex This Podcast is to introduce a session called: Cybersecurity Futures 2025 Our guests are: Dawn Thomas and Alan Cohn Your hosts are: Sean Martin and Marco Ciappelli What is this presentation about? Well let’s start with something we should all know by now: Cybersecurity is a global issue. How could it be otherwise considering that technology has connected all of us? Literally connected. It is not just a matter of communication between people far away or making distances much shorter; we are talking about connecting all of us in a way that we would not have thought possible a few decades ago. Technology is somehow part of almost everything we do nowadays, and there is no going back. Sure it is nice to be able to unplug some of our devices here and there, but that is not stopping the future from happening. Despite what some people like to think, for the most part, we do not live in little, or big, bubbles anymore, and even when we consider our homes, towns or countries to be unique, independent or even isolated from the rest of the world, we are still very much connected with each other. The future is a globalized world of technology all connected together, and denying it or ignoring it is quite dangerous. It is an exciting time to be alive with so many incredible scientific and technological advancements in every area of our lives, with states interacting together and cultures mixing in a global boundary-less cyberspace. It is also a dangerous time to be alive in this new technological era where cybersecurity issues encompass every area of our lives and affect geopolitical dynamics, and the way societies evolve. The decisions we are making today about technology interacting with humans are going to affect our society in 2025 and way beyond that time. It is now that we must force ourselves to think about fundamental philosophical questions and come up with good answers and courses of action, because those, or the lack of those, are already affecting us now and will affect us even more in our future. To predict how this future may look, in 2016 The World Economic Forum Global Future Council on Cybersecurity and the UC Berkeley Center for Long-Term Cybersecurity began a collaboration to develop a set of future-looking cybersecurity scenarios. These scenarios are very diverse and, as they may appear like a Sci-Fi movie script, contain elements that exist, or are developing, in our present society. By opening the conversations about technology outside of the technology field, using a multidisciplinary approach, and making the stage the place where these conversations happen, the whole world — instead of just individual nations — might actually succeed in addressing this issue before it is too late. 2025 is not that far away. As far as I am concerned, the future is today because it is today where we shape it. So listen up and if you are at RSA Conference in San Francisco join this engaging and interactive presentation that will take place on March 6, 2019, | 1:30 PM – 2:20 PM | Moscone South #301 But now it is time to listen up. Enjoy. For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
Unusual Gathering | Episode XXII Conversations At The Intersection Of IT Security And Society Guests Edna Conway, Cisco | John Felker, DHS Hosts Sean Martin | Marco Ciappelli This episode: What Could Ever Go Wrong With An Industrial Control System? The concept of trust has been one of the core pillars in any information security program; it remains — perhaps becomes even more relevant — when we cross over from IT to OT and from IT to IoT to IIoT. In today’s Unusual Gathering, we discuss the idea that trust is paramount in this new world we live in. But how do you establish trust and what does trust even look like? What are the systems and devices? Who is in the ecosystem? And what are you allowing them to do with your data? The responsibility surrounding this need to educate doesn’t sit squarely on the shoulders of one person; it is everyone’s responsibility, from citizens, to government, to schools, to the manufacturers of these products and services. Thanks to our episode sponsor, STEALTHbits. Be sure to visit their directory listing on ITSPmagazine: STEALTHbits - https://www.itspmagazine.com/company-directory/stealthbits __________ For more Unusual Gatherings: https://www.itspmagazine.com/unusual-gatherings
In today’s chat, Sean Martin connects with Jason Fruge, CISO at Fossil. Jason and Sean review some of the trends he and his fellow CISOs are discussing, along with some of the things they may not be thinking about. These points lead us to the activities and events in which Jason is participating during RSA Conference, including a panel he is on, session themes he will be investigating, and other topics he will be exploring with his peers also in attendance during the week. All our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank edgescan, Bugcrowd, STEALTHbits, Devo, Onapsis, and Nintex for their support and encourage you to have a look at their directory listing on ITSPmagazine to see how they can help you with your risk, security and compliance programs. Edgescan: www.itspmagazine.com/company-directory/edgescan Bugcrowd: www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: www.itspmagazine.com/company-directory/stealthbits Devo: www.itspmagazine.com/company-directory/devo Onapsis: www.itspmagazine.com/company-directory/onapsis Nintex: www.itspmagazine.com/company-directory/nintex For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
On today’s episode, Selena Templeton and Sean Martin chat with Sylvia Acevedo, CEO of Girl Scouts of the USA, to give us a sneak peek into her RSA Conference talk, called (Girl) Scouting for Talent: The Solution in the Next Generation on Friday, March 8 from 9:50-10:40 a.m. Sylvia is a former Girl Scout herself, and she shares with us how it was there that she first discovered her passion for space and astronomy, which would eventually lead her to a career as a rocket scientist at NASA’s Jet Propulsion Laboratory. In the 100 years that the Girl Scouts has been around, they’ve always had a focus on STEM and other relevant subjects for girls, although never more so than right now. Last year, for example, they released 30 new badges in such areas as cybersecurity, mechanical engineering, space science and robotics. So sit back and listen to our very enjoyable conversation with Sylvia as we chat about some of the Girl Scouts’ latest initiatives like their STEM pledge to add 2.5 million girls to the STEM pipeline by 2025, diversity and inclusion, the technology talent pipeline, and how they’re preparing girls in so many ways, with leadership skills, with curiosity, and with actual technology skills. And by the way, did you know that 60% of the newest elected women in Congress were Girl Scouts, almost every female astronaut in space was a Girl Scout, and every female secretary of state in U.S. history – Madeleine Albright, Condoleezza Rice, and Hillary Clinton – were also Girl Scouts? All our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank edgescan, Bugcrowd, STEALTHbits, Devo, Onapsis, and Nintex for their support and encourage you to have a look at their directory listing on ITSPmagazine to see how they can help you with your risk, security and compliance programs. Edgescan: www.itspmagazine.com/company-directory/edgescan Bugcrowd: www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: www.itspmagazine.com/company-directory/stealthbits Devo: www.itspmagazine.com/company-directory/devo Onapsis: www.itspmagazine.com/company-directory/onapsis Nintex: www.itspmagazine.com/company-directory/nintex For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
In this podcast we spoke with two experts deeply entrenched in the world of industrial control systems and critical infrastructure. Galina Antova and Emily Miller join Sean Martin and Marco Ciappelli to give us a view of the state of security for this slice of society while connecting the dots to their RSA Conference panel, Why Industrial IoT Security Is Really about Saving Lives. All our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank edgescan, Bugcrowd, STEALTHbits, Devo, Onapsis, and Nintex for their support and encourage you to have a look at their directory listing on ITSPmagazine to see how they can help you with your risk, security and compliance programs. Edgescan: www.itspmagazine.com/company-directory/edgescan Bugcrowd: www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: www.itspmagazine.com/company-directory/stealthbits Devo: www.itspmagazine.com/company-directory/devo Onapsis: www.itspmagazine.com/company-directory/onapsis Nintex: www.itspmagazine.com/company-directory/nintex For more Solving Our Cybersecurity Talent Shortage podcasts, please visit: https://www.itspmagazine.com/BetterTogetherSeminarRSAConference2019SanFrancisco For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
In today’s chat, Selena Templeton connects with Carmen Marsh, CEO and Managing Partner at Inteligenca, to get a sneak peek into what she'll be discussing at Solving Our Cybersecurity Talent Shortage during RSA Conference 2019. All our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank edgescan, Bugcrowd, STEALTHbits and Devo for their support and encourage you to have a look at their directory listing on ITSPmagazine to see how they can help you with your risk, security and compliance programs. Edgescan: www.itspmagazine.com/company-directory/edgescan Bugcrowd: www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: www.itspmagazine.com/company-directory/stealthbits Devo: www.itspmagazine.com/company-directory/devo For more Solving Our Cybersecurity Talent Shortage podcasts, please visit: https://www.itspmagazine.com/BetterTogetherSeminarRSAConference2019SanFrancisco For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
In today's chat, Sean Martin is joined by Jim Reavis, founder of the Cloud Security Alliance and host of the CSA Summit held during RSA Conference. Jim and Sean are also joined by two of the Summit’s speakers: Kevin Kiley from OneTrust, and Jason Garbis from Cyxtera. Jim, Kevin and Jason dig into the details of the summit conversations they intend to drive as part of the day-long event taking place on Monday, March 4th, including: innovation, shared responsibility, vendor risk management, cloud audits, vendor guarantees, operationalizing security in the cloud, and privacy with the GDPR/CCPA. All our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank edgescan, Bugcrowd, STEALTHbits, Devo, Onapsis, and Nintex for their support and encourage you to have a look at their directory listing on ITSPmagazine to see how they can help you with your risk, security and compliance programs. Edgescan: www.itspmagazine.com/company-directory/edgescan Bugcrowd: www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: www.itspmagazine.com/company-directory/stealthbits Devo: www.itspmagazine.com/company-directory/devo Onapsis: www.itspmagazine.com/company-directory/onapsis Nintex: www.itspmagazine.com/company-directory/nintex For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
In today’s chat, Selena Templeton and Marco Ciappelli connect with Alicia Jessip, Regional Inclusion & Diversity Manager at TEKsystems and Founder of Denver WIT, to get a sneak peek into what she'll be discussing at Solving Our Cybersecurity Talent Shortage during RSA Conference 2019. All our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank edgescan, Bugcrowd, STEALTHbits, Devo, Onapsis, and Nintex for their support and encourage you to have a look at their directory listing on ITSPmagazine to see how they can help you with your risk, security and compliance programs. Edgescan: www.itspmagazine.com/company-directory/edgescan Bugcrowd: www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: www.itspmagazine.com/company-directory/stealthbits Devo: www.itspmagazine.com/company-directory/devo Onapsis: www.itspmagazine.com/company-directory/onapsis Nintex: www.itspmagazine.com/company-directory/nintex For more Solving Our Cybersecurity Talent Shortage podcasts, please visit: https://www.itspmagazine.com/BetterTogetherSeminarRSAConference2019SanFrancisco For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
In today’s chat, Selena and I connect with Kyla Guru, 16-year-old founder and CEO of Bits N’ Bytes Cybersecurity Education, a non-profit organization dedicated to educating and equipping citizens — young and old — with the cybersecurity skills needed to help prevent future cyber-attacks. During our chat, Kyla shares with us her mission to democratize cybersecurity, her vision for what it looks like to be a leader in cybersecurity, and a sneak peek into her keynote session during RSA Conference entitled Tales of a Teenage Security Supergirl. The session is on Thursday, Mar 07 from 4:25pm to 4:45pm. Once you hear her speak, you’ll understand why we believe we need more people like Kyla in this world; we encourage parents, aunts and uncles to share this podcast with their families and friends. “STEM is going to be the future - but there’s not enough emphasis on cybersecurity education." ~ Kyla Guru It’s time to follow Kyla’s lead and for all of us to take action, beginning with the future generation of InfoSec professionals. Listen in to this Chats on the Road to hear more about Kyla and the amazing work she is doing. All our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank edgescan, Bugcrowd, STEALTHbits and Devo for their support and encourage you to have a look at their directory listing on ITSPmagazine to see how they can help you with your risk, security and compliance programs. Edgescan: www.itspmagazine.com/company-directory/edgescan Bugcrowd: www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: www.itspmagazine.com/company-directory/stealthbits Devo: www.itspmagazine.com/company-directory/devo For more Solving Our Cybersecurity Talent Shortage podcasts, please visit: https://www.itspmagazine.com/BetterTogetherSeminarRSAConference2019SanFrancisco For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
In today’s chat, Selena Templeton and Marco Ciappelli connect with Jim Gordon, GM of Security Ecosystem Strategy & Development at Intel, to get a sneak peek into what he'll be discussing at Solving Our Cybersecurity Talent Shortage during RSA Conference 2019. All our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank edgescan, Bugcrowd, STEALTHbits and Devo for their support and encourage you to have a look at their directory listing on ITSPmagazine to see how they can help you with your risk, security and compliance programs. Edgescan: www.itspmagazine.com/company-directory/edgescan Bugcrowd: www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: www.itspmagazine.com/company-directory/stealthbits Devo: www.itspmagazine.com/company-directory/devo For more Solving Our Cybersecurity Talent Shortage podcasts, please visit: https://www.itspmagazine.com/BetterTogetherSeminarRSAConference2019SanFrancisco For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
In today’s chat Selena and I connect with Ryan Louie, a board-certified Psychiatrist focusing on the psychiatry of entrepreneurship, and the mental health impact of cybersecurity. I was thrilled to meet Ryan during the recent Data Privacy Day event in San Francisco, where he told me about the work he is doing and also about the interactive session he is hosting during the RSA Conference -- the session is entitled Cybersecurity Impact on Mental Health: Managing Stress, Building Resilience. During our conversation, Ryan describes how his session provides a safe on-site environment for people to learn about mental health in cybersecurity -- giving attendees the tools and knowledge to identify, discuss, and deal with stress, fatigue, depression, and more. Additionally, Ryan speaks about this session setting the stage for ongoing conversations beyond the conference itself, enabling individuals, their peers, their managers, and the HR teams that support them - a safe way to continue the work toward a mentally-healthy workforce. All of our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank edgescan, Bugcrowd, and STEALTHbits for their support and encourage you to have a look at their directory listing on ITSPmagazine to see how they can help you with your risk, security and compliance programs. Edgescan: https://www.itspmagazine.com/company-directory/edgescan Bugcrowd: https://www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: https://www.itspmagazine.com/company-directory/stealthbits Devo: https://www.itspmagazine.com/company-directory/devo For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
In today’s chat, Selena Templeton and Marco Ciappelli connect with Elaine Marino, Founder & CEO of Equili, to get a sneak peek into what she'll be discussing at Solving Our Cybersecurity Talent Shortage during RSA Conference 2019. All our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank edgescan, Bugcrowd, STEALTHbits and Devo for their support and encourage you to have a look at their directory listing on ITSPmagazine to see how they can help you with your risk, security and compliance programs. Edgescan: www.itspmagazine.com/company-directory/edgescan Bugcrowd: www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: www.itspmagazine.com/company-directory/stealthbits Devo: www.itspmagazine.com/company-directory/devo For more Solving Our Cybersecurity Talent Shortage podcasts, please visit: https://www.itspmagazine.com/BetterTogetherSeminarRSAConference2019SanFrancisco For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
In today’s chat, Selena Templeton and Sean Martin connect with Claudia Schabel, President of Schabel Solutions, to get a sneak peek into what she'll be discussing at Solving Our Cybersecurity Talent Shortage during RSA Conference 2019. All our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank edgescan, Bugcrowd, STEALTHbits and Devo for their support and encourage you to have a look at their directory listing on ITSPmagazine to see how they can help you with your risk, security and compliance programs. Edgescan: www.itspmagazine.com/company-directory/edgescan Bugcrowd: www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: www.itspmagazine.com/company-directory/stealthbits Devo: www.itspmagazine.com/company-directory/devo For more Solving Our Cybersecurity Talent Shortage podcasts, please visit: https://www.itspmagazine.com/BetterTogetherSeminarRSAConference2019SanFrancisco For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
In today’s chat, Sean Martin connects with all four of the SANS panelists for their RSA Conference keynote panel entitled "The Five Most Dangerous New Attack Techniques and How to Counter Them." This RSA Conference session is always a hit and is again led this year by Research Director and Founder of the SANS Institute, Alan Paller. Alan is joined on stage by Ed Skoudis, Heather Mahalik and Johannes Ullrich — and I chat with all of them to get a sneak peek into what they will be talking about this year with regards to the latest threats, attacks and the methods used to carry them out. All of our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank edgescan, Bugcrowd, STEALTHbits and Devo for their support, and encourage you to have a look at their directory listings on ITSPmagazine to see how they can help you with your risk, security and compliance programs. Edgescan: https://www.itspmagazine.com/company-directory/edgescan Bugcrowd: https://www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: https://www.itspmagazine.com/company-directory/stealthbits Devo: https://www.itspmagazine.com/company-directory/devo For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
In today’s chat, Selena Templeton and Sean Martin connect with Caroline Wong, Chief Security Strategist at Cobalt.io, to get a sneak peek into what she'll be discussing at Solving Our Cybersecurity Talent Shortage during RSA Conference 2019. All our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank edgescan, Bugcrowd, STEALTHbits and Devo for their support and encourage you to have a look at their directory listing on ITSPmagazine to see how they can help you with your risk, security and compliance programs. Edgescan: https://www.itspmagazine.com/company-directory/edgescan Bugcrowd: https://www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: https://www.itspmagazine.com/company-directory/stealthbits Devo: https://www.itspmagazine.com/company-directory/devo For more Solving Our Cybersecurity Talent Shortage podcasts, please visit: https://www.itspmagazine.com/BetterTogetherSeminarRSAConference2019SanFrancisco For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
In today’s chat, Selena Templeton and Sean Martin connect with Vanessa Pegueros, VP & CISO of DocuSign, to get a sneak peek into what she'll be discussing at Solving Our Cybersecurity Talent Shortage during RSA Conference 2019. All our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank edgescan, Bugcrowd, and STEALTHbits for their support and encourage you to have a look at their directory listing on ITSPmagazine to see how they can help you with your risk, security and compliance programs. Edgescan: https://www.itspmagazine.com/company-directory/edgescan Bugcrowd: https://www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: https://www.itspmagazine.com/company-directory/stealthbits For more Solving Our Cybersecurity Talent Shortage podcasts, please visit: https://www.itspmagazine.com/BetterTogetherSeminarRSAConference2019SanFrancisco For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
In today’s chat, Marco Ciappelli and Sean Martin connect with Patrick Heim, Operating Partner and Chief Information Security Officer for ClearSky ventures, and Richard Seiersen, author, startup advisor and former LendingClub CISO, to learn more about this year’s Innovation Sandbox during RSA Conference 2019. All of our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank edgescan, Bugcrowd, and STEALTHbits for their support and encourage you to have a look at their directory listing on ITSPmagazine to see how they can help you with your risk, security and compliance programs. Edgescan: https://www.itspmagazine.com/company-directory/edgescan Bugcrowd: https://www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: https://www.itspmagazine.com/company-directory/stealthbits For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
Welcome to the first episode of Chats on the Road to RSAC 2019 — with guest Karen Worstell, CEO of W Risk Group! This year, RSA Conference has unveiled their new Diversity and Inclusion Initiative (for example, one of the initiatives is the elimination of all-male panels (or “manels,” as I like to call them) on the keynote stages. Kicking off the event week is “Solving Our Cybersecurity Talent Shortage,” an inaugural seminar from creators Karen Worstell, CEO of W Risk Group and founder of MOJO Maker for Women in Tech, and Elaine Marino, CEO of Equili and founder of LadyCoders. This half-day event is focused on solving the cybersecurity talent shortage – and it’s not going to take place in some back room of a Starbucks ten blocks away – it’s going to be at: Moscone Center on Monday, March 4, from 8am to 12 noon. I and my colleagues Marco Ciappelli and Sean Martin had a wonderful conversation with Karen who will tell you all about this exciting new event – who’s involved, what to expect before and during the event, and what she and Elaine are trying to achieve – in this seminar and in the industry. This event is for anyone who is interested in hearing actual success stories from these major brands (United Airlines, Intel, Docusign, SalesForce, Cobalt) and especially for the decision-makers in any company. Be sure to register for this half-day seminar early, as it is going to fill up fast, and make sure you stay for the whole event as you will have the opportunity to speak to the panelists between sessions for networking/information exchange! For more information about this event please visit: https://www.itspmagazine.com/BetterTogetherSeminarRSAConference2019SanFrancisco https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsac-2019-better-together-solving-the-cybersecurity-talent-shortage-at-rsa-conference-2019 All of our RSA Conference coverage, including these chats on the road, is made possible by the generosity of our sponsors. We’d like to thank Wdgescan, Bugcrowd, and STEALTHbits for their support and would encourage you to have a look at their directory listing on ITSPmagazine to see how they can help you with your risk, security, and compliance programs. Edgescan: https://www.itspmagazine.com/company-directory/edgescan Bugcrowd: https://www.itspmagazine.com/company-directory/bugcrowd STEALTHbits: https://www.itspmagazine.com/company-directory/stealthbits For more Chats on the Road to RSA Conference 2019, please visit: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-san-francisco
ITSPmagazine’s John Dasher sat down at Black Hat 2018 with Jonathan Sander of STEALTHbits to chat about unstructured data, protecting credentials, ransomware, machine learning – and Sylvester Stallone. Plus, he explains how STEALTHbits can help protect an organization’s sensitive data from insider threats and automate security and compliance tasks. The number one move in the world of unstructured data and active directory is: delete. Jonathan puts this into perspective by mentioning the Sony hack: one of the things that was exposed was Sylvester Stallone’s social security number from a contract that was 14 years old. It was collateral damage that could’ve been completely eliminated with deletion. They also touch on machine learning, automation and more in the context that there are still 1 million successful ransomware attacks per month.
Michael and Paul interview Gabriel Gumbs from STEALTHbits. They talk about moving from detection to prevention, and protecting your data! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode98
This week, we share a Pre-Recorded interview with Gabriel Gumbs, VP of Product Strategy at STEALTHbits! We talk about moving from detection to prevention, and protecting your data! In Tracking Security Innovation, Imperva acquires app security firm Prevoty, Allstate accelerates expansion into Identity Protection, 100+ startups globally accepted into StackPaths Propel startup program, Kaseya acquires RapidFire Tools, Very Good Security makes data unhackable with Andreessen, and some excellent funding rounds from various companies! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode98 Visit https://www.securityweekly.com/bsw for all the latest episodes! Visit https://www.activecountermeasures/bsw to sign up for a demo or buy our AI Hunter!! →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly
Michael and Paul interview Gabriel Gumbs from STEALTHbits. They talk about moving from detection to prevention, and protecting your data! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode98
This week, we share a Pre-Recorded interview with Gabriel Gumbs, VP of Product Strategy at STEALTHbits! We talk about moving from detection to prevention, and protecting your data! In Tracking Security Innovation, Imperva acquires app security firm Prevoty, Allstate accelerates expansion into Identity Protection, 100+ startups globally accepted into StackPaths Propel startup program, Kaseya acquires RapidFire Tools, Very Good security makes data unhackable with Andreessen, and some excellent funding rounds from various companies! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode98 Visit https://www.securityweekly.com/bsw for all the latest episodes! Visit https://www.activecountermeasures/bsw to sign up for a demo or buy our AI Hunter!! →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly
Gabriel Gumbs is the VP of Product Strategy at STEALTHbits Technologies. With a 16 year tenure in CyberSecurity, he has spent more than a decade of that as a security practitioner at companies like Pfizer before moving into the B2B Security space in 2011 with WhiteHat Security. Full Show Notes: https://wiki.securityweekly.com/ES_Episode97 Visit http://securityweekly.com/esw for all the latest episodes!
Gabriel Gumbs is the VP of Product Strategy at STEALTHbits Technologies. With a 16 year tenure in CyberSecurity, he has spent more than a decade of that as a security practitioner at companies like Pfizer before moving into the B2B Security space in 2011 with WhiteHat Security. Full Show Notes: https://wiki.securityweekly.com/ES_Episode97 Visit http://securityweekly.com/esw for all the latest episodes!
This week, Paul and John interview Gabriel Gumbs, VP of Product Strategy at STEALTHbits! Paul and John will then wrap up with the Enterprise News, and give updates on CyberArk, Demisto, Sophos, and more on this episode of Enterprise Security Weekly! Full Show Notes: https://wiki.securityweekly.com/ES_Episode97 Visit https://www.securityweekly.com/esw for all the latest episodes! →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul and John interview Gabriel Gumbs, VP of Product Strategy at STEALTHbits! Paul and John will then wrap up with the Enterprise News, and give updates on CyberArk, Demisto, Sophos, and more on this episode of Enterprise Security Weekly! Full Show Notes: https://wiki.securityweekly.com/ES_Episode97 Visit https://www.securityweekly.com/esw for all the latest episodes! →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly
Gabriel Gumbs is the VP of Product Strategy at STEALTHbits Technologies. With a 16-year tenure in cybersecurity, Gabriel spent more than a decade as a security practitioner at companies like Pfizer before moving into the B2B Security space in 2011 with WhiteHat Security. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/ES_Episode40 Visit http://securityweekly.com/esw for all the latest episodes!
Gabriel Gumbs is the VP of Product Strategy at STEALTHbits Technologies. With a 16-year tenure in cybersecurity, Gabriel spent more than a decade as a security practitioner at companies like Pfizer before moving into the B2B Security space in 2011 with WhiteHat Security. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/ES_Episode40 Visit http://securityweekly.com/esw for all the latest episodes!
Gabriel Gumbs of STEALTHbits joins us for an interview. In the news, virtualization-based security, the road to Twistlock 2.0, Trend Micro embraces machine learning, and more in this episode of Enterprise Security Weekly!Full show notes: http://wiki.securityweekly.com/wiki/index.php/ES_Episode40 Visit http://www.securityweekly.com for all the latest episodes!
Gabriel Gumbs of STEALTHbits joins us for an interview. In the news, virtualization-based security, the road to Twistlock 2.0, Trend Micro embraces machine learning, and more in this episode of Enterprise Security Weekly!Full show notes: http://wiki.securityweekly.com/wiki/index.php/ES_Episode40 Visit http://www.securityweekly.com for all the latest episodes!