POPULARITY
Brian Contos is the CSO at Phosphorous. Before joining Phosphorus, he held CSO, Advisor, & leadership roles at companies like ArcSight, Cylance, Jask, and Verodin, to name a few.
The business of cyber security: Mergers & AcquisitionsWhat separates the acquisitions that go well from those that don't?To discuss the business side of security, Robby is joined by Brian Contos; returning guest, fellow podcast host, serial security entrepreneur and CISO & Vice President of Mandiant Security Validation. Mandiant Security Validation, previously known as Verodin, was acquired by Mandiant little over two years ago. In this episode, Brian shares from his experience going through that process, as well as other similar transitions he's been a part of throughout his 25 year long career in security.In their discussions, they go into everything that leads up to an acquisition decision, picking the right company with the right DNA and how to get the two companies to fit together.Brian also shares what he's learned about how to start your own security company, and why he believes there'll be more mergers and acquisitions happening in the security space in the next years than we've seen in the last two decades.Producer: Paul Jæger
A few weeks before baby CISO made his grand entrance, I hosted a live podcast with my good Friend Kevin Gowen, CISO at Synovus and Andrew Barnett, Chief Strategy Officer at Cymulate joined me to discuss how Tech and Security meet and how as partners we need to solve the latest challenges and technology evolutions to the new security challenges. Bio: Andrew Barnett A Cyber Security leader with over 15 years of experience, Andrew has built a career combining business, technical, and sales acumen. As chief strategy officer, he leads Cymulate's go-to-market partnerships, technology alliances and product strategy. Previously, Andrew was a Senior Manager in Deloitte's Cyber Risk Services Practice, leading IT Risk and Security management consulting services for Fortune 500 clients and building Deloitte's Breach and Attack Simulation solutions. Prior roles include serving as VP of Business Development at Verodin (now Mandiant Security), and Senior Director of Portfolio Programs at Optiv where he served as a technical advisor for M&A activities and co-developed security strategies for The Blackstone Group and its investment portfolio. Andrew began his career building networks for companies like McKesson and News Corp and holds his BS in Electrical Engineering from Southern Methodist University. CISO Talk is supported by these great partners please make sure to check them out: Cymulate: For companies that want to assure their security against the evolving threat landscape. Cymulate SaaS-based Continuous Security Validation automates security risk assessments end-to-end, enabling them to challenge, assess and optimize their cyber-security posture simply and continuously. Because security professionals need to know and control their dynamic environment. KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen Here: https://linktr.ee/CISOtalk The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
Devon Goforth has been with Mandiant Security Validation (formerly Verodin) since its early startup days in 2015, and had infused his background of electrical engineering, physics, and math with an interest in cyber security. He shares not only how the company and solutions have changed, but also current influences on the threat ecosystem, risks, and hacker trends.
Devon Goforth has been with Mandiant Security Validation (formerly Verodin) since its early startup days in 2015, and had infused his background of electrical engineering, physics, and math with an interest in cyber security. He shares not only how the company and solutions have changed, but also current influences on the threat ecosystem, risks, and hacker trends.
How can we prove cybersecurity effectiveness?With USD 124 billion being spent worldwide on IT security last year alone, it's no wonder this is a question many would like the answer to. However, finding a quantitative metric to evaluate security investments, outside of positive effects like diminishing risks and reducing the amount of bad things happening, is not straight forward. To help us navigate this question, Robby is joined by someone with a lot of experience making security investments effective. Brian Contos has a long list of merits after his more than two decades of experience working in the cybersecurity field. He has also written several security books and is an award-winning podcaster. Brian is now CISO & VP Technology Innovation in Mandiant Security Validation, also known as Verodin, a business platform for measuring and managing cybersecurity effectiveness.Technical level: 1/5Host: Robby PeraltaProducer: Paul Jægerhttps://mnemonic.no/podcast
Verodin - How Efficient Is Your Security Posture Attack And Breach Part II by Arrow Bandwidth
Verodin - How Efficient Is Your Security Posture Attack And Breach Part I by Arrow Bandwidth
Ursula Cowan, is a Senior Threat Research Analyst at Verodin (a FireEye Company), focusing on researching adversaries' tactics, techniques, and procedures (TTPs), breaking them down to the smallest behaviors, for the purpose of replicating them within the Verodin Security Instrumentation Platform. Ursula's career started as a police detective investigating cyber-crime, death, and online exploitation. She later added computer forensics examiner to her list of responsibilities. Her training in computer forensics was at the U.S. Secret Service's National Computer Forensic Institute (NCFI) she holds a Bachelor of Science in Applied Psychology from the Florida Institute of Technology, and graduates in May '20 with a Master of Science in Digital Forensics from the University of Central Florida
Cybersecurity ROI Brian Contos, CISO & VP of Technology Innovation at Verodin, sat down with our host, Ashwin Krishnan, at RSAC 2020. In their conversation, Brian points out that it’s not enough that CISOs talk business as well as tech to the board. These days they also need to show cybersecurity ROI in terms of dollars […]
The CEO and Co-Founder of Verodin, Chris Key appears on Episode #116 of Task Force 7 Radio to about the use of instrumentation, the quantification of Cyber Risk in financial terms, and why organization's investment in technology controls are only performing at 25%. Mr. Key also spoke about the false assumptions cyber security professionals often make on the technology they implement, how to get business leaders aligned closer with the security mission, and what to expect with talent crisis, migration to the cloud, and election security in 2020. All this and much, much more on Episode #116 of Task Force 7 Radio.
All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-infosec-trends-for-2020/) We're coming to the end of the year and that means it's time to make our predictions for 2020. Mark this episode and check back in one year to see how we did. Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX). Our sponsored guest is Rob Potter, chief revenue officer for Verodin. Thanks to this week’s podcast sponsor, Verodin. The Verodin Security Instrumentation Platform proactively identifies gaps in security effectiveness attributable to equipment misconfiguration, changes in the IT environment, evolving attacker tactics, and more. Learn how Verodin, part of FireEye, has made it possible for organizations to validate the effectiveness of cyber security controls, thereby protecting their reputation and economic value. On this episode of Defense in Depth, you’ll learn: More large scale breaches is not a prediction. At this stage that's an inevitability. ML/AI/Blockchain will continue to be oversold and under-delivered. Most cloud breaches are configuration errors. They are not mastermind attacks. They can't be called a breach if they were never secured properly in the first place. Note that cyber insurance does not pay out unless proper protections were in place. "Better" cloud and Internet of Things (IoT) security is not possible given how far it's been mismanaged up to this point. There are so many insecure nodes out there that it appears an impossibility to create any type of patch protection. There was strong debate as to whether this was a true statement or not. Strongest prediction (and it's already in motion) is the convergence of privacy and security. Privacy will be driven by regulations and as a result more people will be instituting chief privacy officers to avoid being in violation.
Someone believes, or would like others to believe, that Britain’s National Health Service is for sale to the US. There’s no word on whether the US has offered the Brooklyn Bridge in exchange. The “Quantum Dragon” study summarizes Chinese efforts to obtain quantum research results from Western institutions. The FBI says FaceApp is a security threat. PyXie, a Python RAT, has been quietly active in the wild since 2018. An Ethereum developer is accused with aiding Pyongyang. Ben Yelin from UMD CHHS on a bipartisan bill requiring a warrant for facial recognition use. Guest is Earl Matthews from Verodin on the importance of collaboration between state governments and technology vendors to ensure election security. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/December/CyberWire_2019_12_03.html Support our show
All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-cybersecurity-and-the-media/) Cybersecurity and the media. It rides the line between providing valuable information and feeding the FUD cycle. What's the media's role? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX). Our guest for this episode is Dave Bittner (@bittner), producer and host of The CyberWire Podcast, Hacking Humans podcast, and Recorded Future podcast. Thanks to this week’s podcast sponsor, Verodin. The Verodin Security Instrumentation Platform proactively identifies gaps in security effectiveness attributable to equipment misconfiguration, changes in the IT environment, evolving attacker tactics, and more. Learn how Verodin, part of FireEye, has made it possible for organizations to validate the effectiveness of cyber security controls, thereby protecting their reputation and economic value. On this episode of Defense in Depth, you’ll learn: Stop laying blame on the media for negative cybersecurity perceptions. They're acting as a reflection of ourselves, both good and bad. When done right, the media can bring about much needed attention to issues, most often to enlighten those not in the know. A good indicator of media's success in informing us is when our friends and family, who are not as cybersavvy, start asking us our thoughts on big security issues. Disturbing trend is the media referring to an attack as "sophisticated" when it's often a poorly secure server that was just waiting to be breached. Given this trend, many are eager for the media to demystify these supposedly "advanced" attacks demonstrating that the rest of us can protect ourselves even if we're not cyber-sophisticated. Social engineering demos are often done for the purpose of humor rather than showing how dangerous it can be when we let our guard down. Outside of someone like Bruce Schneier, the cybersecurity industry needs the equivalent of a high-profile expert who can speak to the lay person, à la Bill Nye, The Science Guy.
Venu is joined by Jay Leek of ClearSky to discuss his successes as a cybersecurity investor in companies including Demisto, Verodin and BigID. Topics include Jay's background (0:23); how his experiences running security at big corporations prepared him for his role as a VC (1:03); how the life of a CISO has changed in recent years (2:43); what CISO's can do to keep track of the growing security market (4:28); what Jay looks for when making a new investment (8:07); the difference between best-of-breed and all-in-one from a customer adoption and product vendor perspective (9:20); the movement towards DevOps in data security (14:00); ClearSky's investment thesis (18:45); Jay's view on the role people will play in future cybersecurity delivery models (23:30); his anti-portfolio and investments he's passed on and regretted (25:53); and Jay's advice to founders in the cybersecurity space (27:55).
⚫Picus security, Ankara merkezli siber güvenlik ürünü geliştiren bir girişim.Bu bölüm konuğumuz , saldırı simülasyon teknolojilerinin öncüsü olan Picus security kurucu ortakları Hamdi Alper Memiş ve Volkan Ertürk. Picus'un hikayesini Alper ve Volkan'dan dinledik. Earlybird yatırımına uzanan uzun bir süreci anlattılar. Bu güzel sohbet için teşekkür ederiz. İyi ki geldiniz.00.00 – 00.50 Giriş01.45 – 10.30 Picus nasıl kuruldu? Siz nerede tanıştınız ?12.02 – 23.00 İlk müşteriyi nasıl kazandınız?28.00 – 34.41 Bizi motive eden ateşleyen neydi ? 34.42 – 41.30 Satış yapma süreçleri52.46 – 56.00 2018 yılında şirket ne gibi bir değişim yaşadı ? Earlybird yatırımı56.25 – 58.08 Dinleyicilere mesajınız nedir?60.02.00 KapanışBölümde geçen konu linkler :
The moment in the voting booth when you put your pen to your ballot (or put your finger to the electronic touchscreen, as the case may be) is democracy distilled. It’s the act that makes America a republic. But while the casting your vote is critical, it’s everything that happens before, during, and after that moment that makes up the larger election system. And these days there are whole armies of people working to influence and disrupt that system—and opposing armies working to protect it and make it safer and more accessible.In this special Halloween 2019 edition of Soonish, we look at the scary vulnerabilities in the U.S. election system that were exposed after the 2016 presidential election, and we meet a company working to make it possible for everyone to vote securely on their smartphones. We hear from a retired U.S. Air Force major general who’s deeply worried about the lack of good “cyber hygiene” within state election agencies, and national security experts who fear the 2020 presidential vote could once again be manipulated and distorted by social media misinformation and disinformation. And we meet a science fiction author who says democracy is always a work in progress, but argues there’s an urgent need now for better media literacy and clearer thinking about how to strengthen the key beliefs, norms, and institutions behind democracy.Check out the complete show notes, including a full episode transcript, at soonishpodcast.org. Chapter Guide00:00 Hub & Spoke Sonic ID00:13 Opening Theme00:22 A Scary Story from the Senate Russia Report02:49 E-Voting Machines Without Paper Trails03:38 The Nightmare Scenario04:28 Maj. Gen. Earl Matthews on Cyber Hygiene06:33 More Money for Election Security07:23 The Big Question: Can We Achieve Fair Elections?07:52 The Anti-Sikh Riots of 198409:47 Nimit Sawhney at SXSW10:58 The Founding of Voatz13:58 How to Vote on Voatz22:03 Baby Steps and Criticisms24:19 Meet Centenal Cycle Author Malka Older27:58 Elections as Systems, and the Dangers of Disinformation30:59 Adapting to New Communications Platforms32:32 The Fragility of Legitimacy33:45 End Credits, and a Shout-Out to Open SourceNotesThe Soonish opening theme is by Graham Gordon Ramsay.Additional music is from Titlecard Music and Sound.Episode logo photograph by Element5 Digital on Unsplash.Sound effects / foley from Freesound.org.If you like the show, please rate and review Soonish on Apple Podcasts! The more ratings we get, the more people will find the show.Listener support is the rocket fuel that keeps this whole ship going! You can pitch in with a per-episode donation at patreon.com/soonish.Give us a shout on Twitter and sign up for our email newsletter, Signals from Soonish.Please check out Open Source, one of the newest additions to the Hub & Spoke audio collective. Try the episode Do we want democracy or two-day shipping? with Matt Stoller from the Open Markets Institute.
All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-cyber-defense-matrix/) A simple way to visualize your entire security program and all the tools that support it. Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX). Our guest for this episode is Sounil Yu (@sounilyu), creator of the Cyber Defense Matrix and former chief security scientist at Bank of America. Thanks to this week’s podcast sponsor, Verodin. The Verodin Security Instrumentation Platform proactively identifies gaps in security effectiveness attributable to equipment misconfiguration, changes in the IT environment, evolving attacker tactics, and more. Learn how Verodin, part of FireEye, has made it possible for organizations to validate the effectiveness of cyber security controls, thereby protecting their reputation and economic value. On this episode of Defense in Depth, you’ll learn: First, just look at the darn thing and it'll start to make sense. The Cyber Defense Matrix's original purpose was to provide a visual way to see where your gaps are in your technology. Users have found lots more uses for the matrix, such as seeing those same gaps in people, processes, and trying to map out the vendor landscape. By visualizing, you can see also where you have too much and you can actually get rid of technologies. The matrix provides structural awareness of your vulnerabilities. The matrix admittedly gets a little wonky when cloud technologies are introduced. They often bleed across categories, not neatly fitting into any specific buckets.
With all the categories defining the healthcare industry today (e.g. pharmaceuticals, providers, hospitals, etc) and sensitive data flowing between them, it can be hard to know where to start. How do we keep information secure, yet accessible to our doctors and providers? Colby DeRodeff, CTO at Verodin, shares a bit about security in the healthcare community, how far we've come, and where we should go from here.
With all the categories defining the healthcare industry today (e.g. pharmaceuticals, providers, hospitals, etc) and sensitive data flowing between them, it can be hard to know where to start. How do we keep information secure, yet accessible to our doctors and providers? Colby DeRodeff, CTO at Verodin, shares a bit about security in the healthcare community, how far we’ve come, and where we should go from here.
We had a total of 304 funding rounds, $5.7 billion total funding, 129 acquisitions recorded, and a transaction of a total acquisition amount of $32.1 billion. Let’s dive right into the highlights now. Modern Fertility raises $15 million to sell its hormone tests — and gather more fertility data from its users A San Francisco-based company, modern fertility, sells fertility tests directly to consumers, but increasingly, those customers will be educating the company, too. Indeed, the two-year-old startup now plans to develop a database of anonymized data about its largely younger demographic. What do they do? They sell a kit from its website that’s sent to women’s doorsteps and allows them to gauge their levels of eight different reproductive hormones by using a finger prick. More specifically, the startup sends off its customers’ panels to CLIA-certified labs, where the tests are conducted, and most prominently, those tests are looking at the women’s level of AMH, or anti-mullerian hormone. Modern Fertility has now raised $22 million to date. Among its other backers are Maveron and Union Square Ventures as investors. That being said, Fertility startups have been on a fundraising gala recently. The global fertility services market is expected to exceed $21 billion by 2020. Colombian point-of-sale lender ADDI nabs $12.5 million from Andreessen Horowitz ADDI picked up $12.5 million in new financing in April of this year as the company looks to expand its lending services online. Like Affirm, ADDI lets its borrowers apply for credit at the moment of purchase. The company likens its service to the layaway and credit plans that already exist in Colombia — but involve pretty onerous requirements to use. Company co-founder and general partner both commented on how, in some cases, Colombian shoppers have to have three people vouch for a borrower before a store will issue credit or agree to a layaway plan. The difference between an ADDI loan — or any loan — and layaway is that an installment payment plan doesn’t charge interest (and even with the fees that installment plans do charge, they are often still cheaper than taking out a loan). Providing supplemental educational videos for healthcare online nets Osmosis $4 million With over one million YouTube subscribers and 500,000 registered users for its supplemental educational videos, Osmosis, which bills itself as the Khan Academy of healthcare, has raised $4 million in new funding. By reimagining medical education, Osmosis is addressing a critical impending global crisis: the need to develop and retrain tens of millions of healthcare professionals over the next decade to meet growing demand. Using a library of over 1,100 videos produced by the former Khan Academy Health and Medicine team — which were poached by Gaglani — students can get supplemental materials providing tutorials on subjects ranging from basic knowledge to the soft skills required on the job. Vectra lands $100M Series E investment for AI-driven network security Vectra, a seven-year-old company that helps customers detect intrusions at the network level, whether in the cloud or on premises, announced a $100 million Series E funding round led by TCV. Existing investors, including Khosla Ventures and Accel, also participated in the round, which brings the total raised to more than $200 million, according to the company. As company CEO Hitesh Sheth explained, there are two primary types of intrusion detection. The first is end point detection and the second is his company’s area of coverage, network detection and response, or NDR. He says that by adding a layer of artificial intelligence, it improves the overall results. Moving on to mergers and acquisitions, we have Google acquiring analytics startup Looker for $2.6 billion Google made a big splash when it announced it’s going to acquire Looker, a hot analytics startup that’s raised more than $280 million. It’s paying $2.6 billion for the privilege and adding the company to Google Cloud. Google Cloud has been mired in third place in the cloud infrastructure market, and grabbing Looker gives it an analytics company with a solid track record. The last time I spoke to Looker, it was announcing a hefty $103 million in funding on a $1.6 billion valuation. Today’s price is a nice even billion over that. What else caught our eyes last week? Based on data we know that this is the season of Healthcare, Cyber Security and Knowledge Sharing startups bagging fundings. Last week four security companies changed hands. Security stays hot as Imperva grabs Distil Networks. The shopping spree continued this week with CDN company Imperva announcing it was buying bot mitigation startup Distil Networks. The companies did not share the acquisition price. Last week was an incredible M&A whirlwind with four security companies getting acquired over just a three-day period On Tuesday, FireEye bought Verodin, a five-year-old startup that helps measure the effectiveness of your cybersecurity defenses for $250 million. On Wednesday, Palo Alto Networks entered the fray, buying not one, but two Israeli security startups. The big prize was container security company Twistlock for $410 million. It also snagged serveless security company PureSec. Reports in Israeli media pegged that deal at between $60 and $70 million. If that wasn’t enough for you, private equity firm Insight Partners bought 10-year old threat intelligence company, Recorded Future for $780 million. If you’re thinking about starting a technology company, you may want to consider focusing on cybersecurity. I’ll leave you with that thought!
Groupon co-founder Eric Lefkofsky just raised another $200 million for his newest company, Tempus Tempus has built a platform to collect, structure and analyze the clinical data that’s often unorganized in electronic medical record systems. The company also generates genomic data by sequencing patient DNA and other information in its lab. When serial entrepreneur Eric Lefkofsky grows a company, he puts the pedal to the metal. When in 2011 his last company, the Chicago-based coupons site Groupon, raised $950 million from investors, it was the largest amount raised by a startup ever. It was just over three years old at the time, and it went public later that same year. Lefkofsky seems to be stealing a page from the same playbook for his newest company, Tempus. The Chicago-based genomic testing and data analysis company was founded a little more than three years ago, yet it has already hired nearly 700 employees and raised more than $500 million — including a new $200 million round that values the company at $3.1 billion. Password manager maker Dashlane has raised $110 million in its latest round of funding, the company. The company said Sequoia Capital led the Series D round, with partner Jim Goetz joining the board. Dashlane also said Lyft executive Joy Howard was appointed as its new chief marketing officer and will start in August. Dashlane said it will invest its latest funds back into its core product and will focus on addressing the needs of its consumer and business customers. Enterprise cybersecurity startup BlueVoyant raises $82.5M at a $430M+ valuation BlueVoyant — which provides managed security, professional services and, most recently, threat intelligence — has picked up $82.5 million in a Series B round of funding at a valuation in excess of $430 million. the company focuses on three areas of service for its customers: threat intelligence, managed security and professional services (with the latter focused specifically on those related to security implementations and operations). Healthcare data integration startup Abacus Insights lands $12.7M Series A Abacus Insights, an early-stage startup that wants to help coordinate healthcare information across systems, announced a $12.7 million Series A investment today led by CRV. Existing investors 406 Ventures and Echo Health Ventures also participated in the round. The company is trying to make it easier for health insurance companies to share data with various parties in the healthcare system, with the ultimate goal of lowering costs and helping participants across the system, from doctors to pharmacists and other healthcare practitioners, have a better understanding of the overall patient record. Diving into acquisitions, we have Foursquare that bought Placed from Snap Inc. on the heels of $150M in new funding Foursquare just made its first acquisition. The location tech company has acquired Placed from Snap Inc. on the heels of a fresh $150 million investment led by The Raine Group. The terms of the deal were not disclosed. Placed founder and CEO David Shim will become president of Foursquare. Placed is the biggest competitor to Foursquare’s Attribution product, which allows brands to track the physical impact (foot traffic to store) of a digital campaign or ad. Up until now, Placed and Attribution by Foursquare combined have measured more than $3 billion in ad-to-store visits. FireEye snags security effectiveness testing startup Verodin for $250M The startup had raised over $33 million since it opened its doors five years ago, according to Crunchbase data, and would appear to have given investors a decent return. With Verodin, FireEye gets a security validation vendor; that is, a company that can run a review against the existing security setup and find gaps in coverage. What else caught our eyes last week? Just a quick shout out to all the companies that are joining the unicorn bandwagon. You know what? 2019 has already coined 42 new unicorns, like Glossier, Calm and Hims, a number that grows each and every week. For context, a total of 19 companies joined the unicorn club in 2013 when Aileen Lee, an established investor, coined the term. Today, there are some 450 companies around the globe that qualify as unicorns, representing a cumulative valuation of $1.6 trillion. However, with $100 million-plus rounds becoming the norm and billion-dollar-plus funds are standard, Unicorns aren’t rare anymore; and a lot of people are talking about rethinking the unicorn framework. Let’s see where that goes. We’ll definitely keep you updated.
John Strand and Paul Asadoorian discuss how Okta joins forces with Secret Double Octopus, Tenable unveils new innovations for Cyber Exposure analytics, Barracuda launches bot protection feature for firewall offerings, and some acquisition and funding updates from Palo Alto, FireEye, and Verodin! Full Show Notes: https://wiki.securityweekly.com/ES_Episode139 Visit https://securityweekly.com/esw for all the latest episodes!
This week, in the Enterprise News, Paul is joined by John Strand to discuss how Okta joins forces with Secret Double Octopus, Tenable unveils new innovations for Cyber Exposure analytics, Barracuda launches bot protection feature for firewall offerings, and some acquisition and funding updates from Palo Alto, FireEye, and Verodin! In the second segment, we welcome to Ruvi Kitov, CEO and Co-Founder of Tufin to talk about the importance of having a network-wide security policy! In our final segment, we interview Jack Jones, Chief Risk Scientist at RiskLens to talk about Understanding and quantifying cyber risk using FAIR! To learn more about Tufin, visit: https://securityweekly.com/tufin Full Show Notes: https://wiki.securityweekly.com/ES_Episode139 Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, in the Enterprise News, Paul is joined by John Strand to discuss how Okta joins forces with Secret Double Octopus, Tenable unveils new innovations for Cyber Exposure analytics, Barracuda launches bot protection feature for firewall offerings, and some acquisition and funding updates from Palo Alto, FireEye, and Verodin! In the second segment, we welcome to Ruvi Kitov, CEO and Co-Founder of Tufin to talk about the importance of having a network-wide security policy! In our final segment, we interview Jack Jones, Chief Risk Scientist at RiskLens to talk about Understanding and quantifying cyber risk using FAIR! To learn more about Tufin, visit: https://securityweekly.com/tufin Full Show Notes: https://wiki.securityweekly.com/ES_Episode139 Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
John Strand and Paul Asadoorian discuss how Okta joins forces with Secret Double Octopus, Tenable unveils new innovations for Cyber Exposure analytics, Barracuda launches bot protection feature for firewall offerings, and some acquisition and funding updates from Palo Alto, FireEye, and Verodin! Full Show Notes: https://wiki.securityweekly.com/ES_Episode139 Visit https://securityweekly.com/esw for all the latest episodes!
In this episode: Learn about me stalking guest online, why are people's refrigerators attacking CNN, and did you know you can actually rent hackers? Our guests today: Brian Contos, CISO & VP Technology Innovation at Verodin Inc. Learn more about Verodin Inc. Leave a Review Enjoy listening? Support the show by leaving a review in iTunes. Flutura Giveaway Enter here to win! Sign-up for your chance to win a branded Flutura & OGGN Port Authority Cyber Backpack! Monthly Happy Hour Houston Happy Hour - Sponsored by Karbach and HEB. Permian Happy Hour OGGN is always accepting Happy Hour sponsors. If you would like to get your company in front of our large young, professional audience, reach out to our Project Coordinator, Julie McLelland by e-mail. Upcoming Events Oil & Gas Smart Contracts Conference | Launch of Oil and Gas Tech Podcast | May 15, 2019 Mergermarket Energy Forum | May 21, 2019 Golf for Good -- Sponsorship or Attending | June 11th, 2019 Shoot For the Future | July 26th, 2019 NAPE Summer | August 21-22nd, 2019 More Oil and Gas Global Network Podcasts Oil and Gas This Week Podcast | Oil and Gas HS&E Podcast | Oil and Gas Startups Podcast | Oil and Gas Industry Leaders | Oil and Gas Legal Risk | Oil and Gas Onshore | Permian Perspective Engage with Oil and Gas Global Network LinkedIn Group | Facebook | modalpoint Connect with Mark LaCour LinkedIn| E-Mail | Oil and Gas Global Network
This podcast is a continuation of the series of conversations that Dan Woods of Early Adopter Research (EAR) conducted with leaders in the cybersecurity field while at RSA 2019. In this interview, he speaks with Brian Contos, CISO of Verodin. Woods asked Contos his three major cybersecurity questions for the years, as well as exploring Verodin’s place in the cybersecurity marketplace. Their conversation covered: * 4:00 - Can zero trust provide what it promises? * 4:50 - Why aren't companies pruning cybersecurity products? * 9:40 - The need to evaluate cybersecurity through both people and processes * 15:00 - Why CISOs should focus more on dev ops
Cyber threat research is not all created equal – especially in the realm of Security Instrumentation. Mark Bagley, VP of Product at Verodin, highlights the core objectives of the Behavioral Research Team (BRT) and provides direction for scaling your organization’s defenses with improved durability and efficiency in mind.
In the spirit of Ada Lovelace Day coming up on October 9th, host Brian Contos chats with Verodin security analyst Ashley Zaya about her role on the Behavior Research Team (BRT) and the perspective she brings to the industry. Ashley reflects on her career in InfoSec thus far and the experiences she gained working in Boeing's fast-paced SOC. Ashley also shares valuable advice for women entering the field and one of her favorite movie soundtracks jam out to.
In the spirit of Ada Lovelace Day coming up on October 9th, host Brian Contos chats with Verodin security analyst Ashley Zaya about her role on the Behavior Research Team (BRT) and the perspective she brings to the industry. Ashley reflects on her career in InfoSec thus far and the experiences she gained working in Boeing's fast-paced SOC. Ashley also shares valuable advice for women entering the field and one of her favorite movie soundtracks jam out to.
This week, we invite you to meet Major General (Ret) Earl D. Matthews: He spent three decades at the nexus of big budgets and cybersecurity, including stints as Director, Cyberspace Operations and Chief Information Security Officer at HQ, U.S. Air Force, and VP for Enterprise Security Solutions at Hewlett-Packard. In his current role as Senior VP and Chief Strategy Officer at Verodin, Inc., he champions the concept of security instrumentation, a process that continuously validates the effectiveness of each security element in place. During this episode, he'll cover a gamut of cybersecurity issues that include the privacy issues at Facebook, the DNC hack, along with managing your personal privacy at a time when tens of millions of Americans have had their credit reports hacked. Major General Matthews will also reveal two episodes of ID theft that impacted his own family. You'll also hear from tech columnist and former industry analyst Joe Wilcox, who writes for BetaNews. During this episode, Joe will explain why he regards Apple's Siri voice assistant as worse than Microsoft's Skype, despite all the connection glitches with the latter. Will hiring former Google executives help Apple make Siri more responsive and accurate, without sacrificing your security? You'll also hear about Google I/O and Android P, and about all those fake news reports that the iPhone X was unsuccessful. For two quarters straight, however, Apple reported that the iPhone X was not only its best selling smartphone for each week it was on sale, but the hottest selling smartphone on the planet. Gene shares his 20 years experience with the iMac, which began with the original Bondi Blue model that he beta tested for Apple as part of the former Customer Quality Feedback (CQF) program. You'll also hear about the Apple Watch and whether it makes sense for Apple to switch Macs from Intel to ARM CPUs.
This week, we invite you to meet Major General (Ret) Earl D. Matthews: He spent three decades at the nexus of big budgets and cybersecurity, including stints as Director, Cyberspace Operations and Chief Information Security Officer at HQ, U.S. Air Force, and VP for Enterprise Security Solutions at Hewlett-Packard. In his current role as Senior VP and Chief Strategy Officer at Verodin, Inc., he champions the concept of security instrumentation, a process that continuously validates the effectiveness of each security element in place. During this episode, he'll cover a gamut of cybersecurity issues that include the privacy issues at Facebook, the DNC hack, along with managing your personal privacy at a time when tens of millions of Americans have had their credit reports hacked. Major General Matthews will also reveal two episodes of ID theft that impacted his own family. You'll also hear from tech columnist and former industry analyst Joe Wilcox, who writes for BetaNews. During this episode, Joe will explain why he regards Apple's Siri voice assistant as worse than Microsoft's Skype, despite all the connection glitches with the latter. Will hiring former Google executives help Apple make Siri more responsive and accurate, without sacrificing your security? You'll also hear about Google I/O and Android P, and about all those fake news reports that the iPhone X was unsuccessful. For two quarters straight, however, Apple reported that the iPhone X was not only its best selling smartphone for each week it was on sale, but the hottest selling smartphone on the planet. Gene shares his 20 years experience with the iMac, which began with the original Bondi Blue model that he beta tested for Apple as part of the former Customer Quality Feedback (CQF) program. You'll also hear about the Apple Watch and whether it makes sense for Apple to switch Macs from Intel to ARM CPUs.
In this #AskTHAT, I talk to Brian Contos, CISO of Verodin and we dive into cybersecurity. No MOAR excuses, we have to take an active role in our securing our applications. Brian has over two decades of experience in the security industry. He is a seasoned executive, board advisor, security company entrepreneur and author. After getting his start in security with the Defense Information Systems Agency (DISA) and later Bell Labs, Brian began the process of building security startups and taking multiple companies through successful IPOs and acquisitions including: Riptech, ArcSight, Imperva, McAfee and Solera Networks. Brian has worked in over 50 countries across six continents. He is a strategic board advisor for multiple companies including Cylance and Appdome. He has authored several security books, his latest with the former Deputy Director of the NSA, spoken at leading security events globally and is a Distinguished Fellow with the Ponemon Institute. Brian frequently appears in the news and has been featured in CNBC, C-SPAN, Fox, NPR, Forbes, Wall Street Journal, The London Times and many others. He most recently appeared in a cyberwar documentary alongside General Michael Hayden (former Director NSA and CIA). Links from today’s show: Blog: https://verodin.com/blog/ LinkedIn: https://www.linkedin.com/in/briancontos/ Twitter: @BrianContos Brian’s company - Verodin is a Security Instrumentation Platform or SIP Company: https://verodin.com/ Open Source Threat Simulation Projects, these are more Breach and Attack Simulation (BAS) related than SIP, but they can be used to test some security controls: https://blogs.gartner.com/augusto-barros/2018/04/17/threat-simulation-open-source-projects/
In today's podcast we hear about Cymmetria's discovery of a major threat actor in South Asia, Patchwork, which assembles attack code by cutting and pasting from the Internet. HummingBad adware infests Android, and Pirrit (affecting Macs) is attributed to a marketer. D-Link routers may be vulnerable to remote-code execution. Google patches more than 100 Android issues. Symantec works on AV product problems. Avast buys AVG. Blockchain's potential. Cyber workforce development. FBI offers explanations to the House. Cyber crooks go after freelancers. Jonathan Katz explains the many uses for blockchain crypto technology, and Chris Key from Verodin has some advice for those entering the cybersecurity workforce.