Security Strategy, Plan, Budget

Trolley Talk, RSA 2020 edition: SC’s third annual cable car chats (full video)

Giving new meaning to the term “Cable News,” SC Media’s Senior Reporter Bradley Barth invited four cyber experts on a round-trip, San Francisco cable car ride from the Market Street/Union Square neighborhood to Phisherman’s – whoops, make that Fisherman’s – Wharf and back. Here’s what they had to say about the latest security news and trends buzzing around the RSA conference. (To view the entire round-trip ride, scroll down to the final video.)

Accenture: Advances in cyber extortion require change in victim response strategies

Leading off is Justin Harvey, managing director and lead of the FusionX Global Incident Response practice at professional services and consulting firm Accenture. Justin addresses how cyber extortionists’ latest tactics are forcing companies to change their incident response playbooks. This includes more significantly involving the C-suite and board, and treating response less as a "seek-and-destroy" technical mission and more as a business decision.

He also shares some of his own personal incident response war stories, plus key attack metrics based on his 2019 engagements with customers. For instance, 54 percent of incidents Accenture attended to this past year were executed via phishing.

Intuit’s Red Team Leader Unveils New Cybersecurity Industry Trends Report

Surprise reunion! Our next passenger is Shannon Lietz, leader of the DevSecOps/Red Team at accounting and tax preparation software company Intuit, maker of TurboTax and QuickBooks. She and Justin Harvey first met roughly nine years ago when they collaborated on an incident response following the April 2011 hack of the Sony PlayStation network. Who knew that our Trolley Talk segment would rekindle an old friendship? 

Shannon discusses creating the first-ever Security Practitioners Annual Report, designed to encapsulate the state of the cyber industry in a style similar to Mary Meeker’s Internet Trends report. Shannon reviewed 5,000 companies and 300 reports to compile her newly released publication.

She also reveals how she has been able to creatively recruit members of the IntuitRed Team by seeking candidates outside traditional cyber roles. Her creativity also pays dividends in the kitchen, where she likes to make unique concoctions like peanut butter garlic bread and ceviche enchiladas. Unfortunately, she didn’t share her recipes. Nor she did not help Bradley file his taxes.

DomainTools Survey Anticipates Future Impact of Automation on IT Staffing

By now we’ve already hopped on our second trolley, this one heading back to our original starting point. Our third rider is Tarik Saleh, senior security engineer and malware researcher at DomainTools, a DNS threat intelligence company.

DomainTools and Ponemon Institute recently collaborated on a survey designed to assess the perceived impact of automation on IT staffing in the U.S. and UK. Tarik shares various insights on the study, in which 76 percent of respondents said their organizations use or plan to use automation – in some cases to help compensate for lack of available cyber talent and to better allocate and optimize what staff they do have.

Tarik also explains why an episode of “NCIS” (he said “CSI,” but he clearly meant this) may feature the dumbest depiction of hacking ever on television.

Palo Alto Networks: Developers Failing to Secure Infrastructure-as-Code Templates

Accompanying us down the home stretch is Jen Miller-Osborn, deputy director of threat intelligence with Palo Alto Networks’ Unit 42 team. Jen tackles the Spring 2020 edition of her company's Cloud Security Report, which warns that developers are failing to scan Infrastructure-as-Code (IAC) templates for security issues whenever they are created or updated. She details what kind of vulnerabilities result from such IAC oversights and how attackers are taking advantage.

Jen also catches us up on some recent Unit 42 research on the North Korea-linked KONNI Group and the cryptojacking worm Graboid. Finally, she reveals the origin behind Unit 42’s unusual naming of the malware known as BabyShark (doo-doo-doo-doo-doo-doo!).

Below is a video of the full ride with all four guests, from beginning to end.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.