Active Directory, Container security, Cloud security, Blue team, Endpoint Security

ESW #228

0



The perimeter is dissolving. Employees are using any device from any location for work. With limited visibility from our traditional networking and endpoint security controls, how do we protect our data? John Masserini, Global Chief Information Security Officer at Millicom (Tigo) Telecommunications, joins us to discuss the fundamentals of an identity strategy, including identity and access management, single sign-on, multi-factor authentication, and privileged access. Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

Identity Management as a Foundation for Future-Proofing your Security

Guests

John Masserini

John Masserini – Global CISO at Millicom

A 25-year veteran of providing information and corporate security services to multinational Fortune-1000 companies. An industry-recognized leader whose expertise across multiple business verticals provides for a unique approach to delivering an information risk program that drives business-focused solutions to today’s global Information Security & Compliance challenges. An experienced leader who not only specializes in reinvigorating and realigning existing teams but also building new information security programs to meet today’s critical business needs.

John is the author of the award-winning Chronicles of a CISO blog, where he shares insight and recommendations based on his decades of experience in the security industry.

As the Global Chief Information Security Officer of Millicom Telecom International, John is responsible for all aspects of the global information security program, including Security Operations, Engineering, Architecture, Vulnerability and Risk management, and Business Continuity Planning.

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Jeff Man

Jeff Man – #HackingisNotaCrime Advocate, Sr. InfoSec Consultant at Online Business Systems

@MrJeffMan

Cryptanalyst, infosec analyst, pioneering ex-NSA pen tester, PCI specialist and certified security curmudgeon. Currently a Sr. InfoSec Consultant for Online Business Systems.

Matt Alderman

Matt Alderman – Executive Director at CyberRisk Alliance

@maldermania

Strategic Advisor at Automox, security consultant, and wizard of entrepreneurship.

Announcements

  • Security Weekly is more than happy to announce that we will be at InfoSec World 2021 IN PERSON October 25th-27th, 2021! This year, our annual partnership with InfoSec World is extra special, as we are both business units under the CyberRisk Alliance brand! What does that mean for Security Weekly listeners & InfoSec World attendees? You will get to see and hear from many of the Security Weekly team at the event AND you will save 20% off on your world pass! Visit https://securityweekly.com/isw2021 to register using our discount code!

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, join our Discord Server, and follow us on our newest live-streaming platform, Twitch!



The Enterprise Security Weekly crew summarizes all the news from RSA Conference 2021, including product announcement, acquisitions, funding, and more! Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

All the News From RSA Conference 2021

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Jeff Man

Jeff Man – #HackingisNotaCrime Advocate, Sr. InfoSec Consultant at Online Business Systems

@MrJeffMan

Cryptanalyst, infosec analyst, pioneering ex-NSA pen tester, PCI specialist and certified security curmudgeon. Currently a Sr. InfoSec Consultant for Online Business Systems.

Matt Alderman

Matt Alderman – Executive Director at CyberRisk Alliance

@maldermania

Strategic Advisor at Automox, security consultant, and wizard of entrepreneurship.

Announcements

  • In our May 27th webcast at 11am ET, we’ll explore the latest attacks against DNS and the latest techniques that make it possible to discover and disrupt attacks. In our June 3 webcast at 11am ET, you will learn about pen testing tools and why every organization should be using them regularly. Visit https://securityweekly.com/webcasts to register now! If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at https://securityweekly.com/ondemand



Sponsored By


sponsor
Visit https://securityweekly.com/extrahop-rsac for more information!

SolarWinds SUNBURST was a rude awakening for many security teams, and it won’t be the last time security leaders face tough questions about how an adversary evaded defenses and stayed hidden. With advanced threats persisting inside the network for months, security teams need a new plan. In this session, ExtraHop VP, Security Response Services Mark Bowling discusses strategies to detect, investigate, and respond to post-compromise attack activities.

This segment is sponsored by ExtraHop Networks.

Visit https://securityweekly.com/extrahop-rsac to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

Building a Response Strategy to Advanced Threats

Guests

Mark Bowling

Mark Bowling – Vice President of Security Response Services at ExtraHop

Mark Bowling is Vice President of Security Response Services at ExtraHop. He advises our global customers on risk management and mitigation strategy and helps them respond to complex cybersecurity incidents quickly, thoroughly, and in compliance with regulatory frameworks including GDPR, CCPA, NERC, PCI-DSS, ISO, SEC, and HIPAA. Prior to ExtraHop, Mark spent more than two decades investigating and combating cyber attacks in leadership roles with the FBI and the Department of Education.

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Jeff Man

Jeff Man – #HackingisNotaCrime Advocate, Sr. InfoSec Consultant at Online Business Systems

@MrJeffMan

Cryptanalyst, infosec analyst, pioneering ex-NSA pen tester, PCI specialist and certified security curmudgeon. Currently a Sr. InfoSec Consultant for Online Business Systems.

Matt Alderman

Matt Alderman – Executive Director at CyberRisk Alliance

@maldermania

Strategic Advisor at Automox, security consultant, and wizard of entrepreneurship.

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

0
prestitial ad