A “Blessing” of Unicorns – ESW #262
This week, in our first segment, we welcome Jimmy Vo, Detection Engineer at Datadog for an interview on Detection Engineering in the Age of Cloud! Then, Brian Peterson, ICS4ICS Program Manager, ISAGCA Advocacy Program Manager, and LOGIIC Program Manager at International Society of Automation, joins us to discuss Incident Command System for ICS Improves Response to Cybersecurity Incidents! This week in the Enterprise News: eSentire raises $325M as it expands into services, Beyond Identity raises $100M to build out MFA, Secureframe raises $56M to help folks with SOC 2 and HIPAA compliance, Nashville-based Phosphorus Cybersecurity raises $38M to secure IoT devices (curious about the name - what kind of Phosphorus? Could be dangerous!), anecdotes raises a $25M Series A to compete in the same space as Secureframe (lots of money for folks that ease compliance pains!), Cloudflare acquires, Area 1 Security for $162M, Darktrace acquires ASM vendor Cybersprint, Snyk acquires Fugue, Andy Ellis drops an SBOM in his latest opinion piece, the latest of several thought-provoking hot takes from him, CISA publishes a list of free tools and services, & more!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Full Audio
Segments
1. Detection Engineering in the Age of Cloud – Jimmy Vo – ESW #262
Cloud, DevOps, Kubernetes - the world has gone crazy. We don't have servers anymore - we have workloads, instances, and serverless. We have CI/CD pipelines. These workloads are distributed, immutable, and ephemeral (aka 'DIE' - hi Sounil!) in many cases.
Today, we chat with Jimmy Vo about what it was like, as a detection engineer, to come from a traditional banking environment and suddenly get thrown into a world full of 'cloud-first' startups.
"DevOps folks are nuts."
--Jimmy Vo
Announcements
Join us June 29th for a webcast with Tyler Robinson and Beau Bullock to learn how to pivot into the world of Crypto security. Visit https://securityweekly.com/webcasts to register with only your name and email! Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Guest
Jimmy Vo is a Detection Engineer at Datadog, where he focuses writing out of the box security content for Datadog’s Cloud Security Platform product. He has a background in, threat detection and response, SIEM engineering, threat hunting, threat intelligence, and threatening people on the Jiu Jitsu mats.
Hosts
2. Incident Command System for ICS Improves Response to CyberSec Incidents – Brian Peterson – ESW #262
This discussion will provide a brief overview of the Incident Command System for Industrial Control Systems processes and describe how ICS4ICS will help companies better manage industrial cyber incidents. We will discuss how ICS4ICS will enable companies to work with government agencies and mutual aid partners when a cyber incident impacts an entire industrial sector or multiple sectors.
Segment Resources:
General info and to sign up for more information in our newsletter: https://gca.isa.org/ics4ics
Learn more about our call to volunteers: https://gca.isa.org/blog/ics4ics-will-improve-management-of-ics-cybersecurity-incidents
Announcements
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
Guest
Brian Peterson is an Information Risk Consultant who works for ISAGCA, LOGIIC, and other companies as a program and project manager. Mr. Peterson has been the project manager for over 15 years. Mr. Peterson has 30 years of cybersecurity experience of IT systems, applications, and SCADA/DCS systems, such as those used in the oil and gas, and manufacturing sectors. In the last 20 years, he has concentrated on establishing cybersecurity programs, incident management capabilities, and other processes related to Information Security, ICS Security, and other risk programs.
Hosts
3. SBOM Opinions, Phosphorus, CISA Tools, Beyond Identity, & CyberSec Word Games – ESW #262
This week in the Enterprise News: eSentire raises $325M as it expands into services
Beyond Identity raises $100M to build out MFA, Secureframe raises $56M to help folks with SOC 2 and HIPAA compliance, Nashville-based Phosphorus Cybersecurity raises $38M to secure IoT devices (curious about the name - what kind of Phosphorus? Could be dangerous!), anecdotes raises a $25M Series A to compete in the same space as Secureframe (lots of money for folks that ease compliance pains!), Cloudflare acquires, Area 1 Security for $162M, Darktrace acquires ASM vendor Cybersprint, Snyk acquires Fugue, Andy Ellis drops an SBOM in his latest opinion piece, the latest of several thought-provoking hot takes from him, CISA publishes a list of free tools and services, & more!
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Hosts
- 1. FUNDING: eSentire Raises $325M; Security Unicorn Preps MDR, XDR as a Service Expansion – MSSP Alert - https://www.msspalert.com/investments/esentire-raises-325m-security-unicorn-preps-mdr-xdr-as-a-service-expansion/
- 2. FUNDING: CHEQ enters Unicorn club with $150 million Series C at $1 billion valuation
- 3. FUNDING: Beyond Identity Becomes Unicorn With $100 Million Series C Funding Round - https://www.securityweek.com/beyond-identity-becomes-unicorn-100-million-series-c-funding-round
- 4. FUNDING: Secureframe secures $56M for a platform that automates an enterprise’s compliance with standards like HIPAA and SOC 2 – TechCrunch
- 5. FUNDING: Phosphorus Cybersecurity raises $38 million to secure IoT devices
- 6. FUNDING: anecdotes, a compliance operating system platform, secures $25M Series A – TechCrunch
- 7. FUNDING: Zero Networks Raises $20M Led by Venrock to Expand Pioneering, Effortless Segmentation to Stop the Spread of Ransomware
- 8. FUNDING: Astrix Security Emerges from Stealth with $15M Seed Round to Secure Enterprises’ Expanding Web of Third-Party Applications
- 9. ACQUISITIONS: Cloudflare acquires Area 1 Security for $162 million
- 10. ACQUISITIONS: Darktrace Acquires Attack Surface Management Company Cybersprint
- 11. ACQUISITIONS: Snyk expands into cloud security with acquisition of Fugue
- 12. NEW PRODUCTS: Enable True Zero Trust Security for Device Access - https://infinipoint.io/
- 13. HOT TAKES: Drop the SBOM - https://www.csoonline.com/article/3649794/drop-the-sbom.html
- 14. FREE TOOLS: U.S. Cybersecurity Agency Publishes List of Free Security Tools and Services - https://thehackernews.com/2022/02/us-cybersecurity-agency-publishes-list.html#amp_tf=From%20%251%24s&aoh=16453052069866&csi=0&referrer=https%3A%2F%2Fwww.google.com&share=https%3A%2F%2Fthehackernews.com%2F2022%2F02%2Fus-cybersecurity-agency-publishes-list.html
- 15. SQUIRREL: Cybersecurity Daily Word Game