SIEM, Security Research, Leadership, Privacy

ESW #181

April 29, 2020

This week in the Enterprise Security News, Obsidian Security lets security teams monitor Zoom usage, Guardicore Infection Monkey now maps its actions to MITRE ATT&CK knowledge base, Trustwave Security Colony delivers resources, playbooks and expertise to bolster security posture, Almost half of security pros being redeployed during pandemic, Why You Need Both SIEM and SOAR Solutions in your Cybersecurity, and more!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Trustwave, F-Secure, & Obsidian Security

Hosts

Matt Alderman

Matt Alderman – CEO

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Guests

Announcements

  • Learn how penetration testing reduces risk in our next live webcast with Core Security (a Help Systems Company). Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. You can also access our on-demand library of previously recorded webcasts/trainings by visiting securityweekly.com/ondemand.
  • Join the Security Weekly Mailing List by visiting securityweekly.com/subscribe and clicking the button to join the list! We will be starting to roll out our public Discord channel in the next week or so and our mailing list subscribers will get the first invites!
  • Join us at InfoSecWorld 2020 – June 22nd-24th now at Disney’s Coronado Springs Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
  • We are looking for high-quality guest suggestions for all of our podcasts to fill our Q3 recording schedule! Submit your suggestions for guests by visiting securityweekly.com/guests and submitting the form! We review suggestions monthly and will reach out to you once reviewed!

Unfortunately, the pandemic has been used as the subject in an aggressive spike of malicious cyber attacks attempting to monopolize on the situation. Knowing how and where to focus your security efforts first is critical in maintaining security and privacy.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Security Challenges When Working Remotely

Hosts

Matt Alderman

Matt Alderman – CEO

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Guests

Gerald Beuchelt

Gerald Beuchelt – Chief Information Security Officer

Announcements

  • Learn how penetration testing reduces risk in our next live webcast with Core Security (a Help Systems Company). Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. You can also access our on-demand library of previously recorded webcasts/trainings by visiting securityweekly.com/ondemand.
  • Join the Security Weekly Mailing List by visiting securityweekly.com/subscribe and clicking the button to join the list! We will be starting to roll out our public Discord channel in the next week or so and our mailing list subscribers will get the first invites!
  • Join us at InfoSecWorld 2020 – June 22nd-24th now at Disney’s Coronado Springs Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
  • We are looking for high-quality guest suggestions for all of our podcasts to fill our Q3 recording schedule! Submit your suggestions for guests by visiting securityweekly.com/guests and submitting the form! We review suggestions monthly and will reach out to you once reviewed!

This week, we welcome Wim Remes, CEO and Principal Consultant at Wire Security, to discuss learning how to build an Enterprise Security Team, including how to find the right people!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Building an Enterprise Security Team

https://www.fastcompany.com/37145/how-manage-geeks

Hat tip to @snipeyhead (Grokability) for that link. It’s very representative on how I feel I work best with people.

Is Information Security a specialisation of IT rather than a branch of its own? Opinions might be different. When are you “entry level” in security? In most cases you’re already pretty senior in one or more IT disciplines …

Hiring/Firing: There’s often a discussion on how you attract people. The biggest challenges are keeping them and letting them go. I’ve helped people that I sorely needed move to new jobs elsewhere. Why? They were not happy and I had nothing to offer them. The upside? 10 years later I got to work with them again.

Maybe take some time to discuss the “hire for potential instead of culture fit” adage as well.

Training Teams
Something I realized when I did more training than I did today. Most training programs are targeted at creating carbon copies of a certain “ideal” profile. That is so wrong. If we indeed hire for diversity and breadth of coverage across a team, why do we all make them tick boxes (GPEN, CEH, CISSP, …). We should train our teams so that they not only learn new skills but also grease the wheels of working together and at the same time learn who excels at what. What do you want? 3 people that have completed the GPEN, GCIH, CISSP, and CEH trainings (not even talking about certs) or 3 people with a certain overlap in skills but one that excels in network forensics, one that excels in Linux Forensics, and one that is badass at reporting?

The myth of the badass Security Expert
Let’s be real. There is nobody that covers the breadth of infosec as an expert. You can’t do it all. It’s that simple. Why don’t we as the perceived experts recognize that there are enormous gaps in our knowledge?

Hosts

Matt Alderman

Matt Alderman – CEO

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Guests

Wim Remes

Wim Remes – CEO & Principal Consultant

Announcements

  • Learn how penetration testing reduces risk in our next live webcast with Core Security (a Help Systems Company). Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. You can also access our on-demand library of previously recorded webcasts/trainings by visiting securityweekly.com/ondemand.
  • Join the Security Weekly Mailing List by visiting securityweekly.com/subscribe and clicking the button to join the list! We will be starting to roll out our public Discord channel in the next week or so and our mailing list subscribers will get the first invites!
  • Join us at InfoSecWorld 2020 – June 22nd-24th now at Disney’s Coronado Springs Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
  • We are looking for high-quality guest suggestions for all of our podcasts to fill our Q3 recording schedule! Submit your suggestions for guests by visiting securityweekly.com/guests and submitting the form! We review suggestions monthly and will reach out to you once reviewed!
prestitial ad