Careers, Compliance, Critical infrastructure, Cybercrime, Emerging technology, Identity and access, Incident response, Leadership, Social engineering

Buying a CISO – ESW #260

This week, in our first segment, we welcome our own Tyler Robinson for a segment discussing how "To err is human, but the blockchain is forever"! Then, Branden Williams, VP of IAM Strategy at Ping Identity joins to discuss The State of Identity in the Enterprise! Finally, in the Enterprise Security News, Security automation startup Cerby raises $12M, Virtual CISO startup Cynomi raises 3.5M to help SMBs automate cybersecurity, Keeper Security acquires Glyptodon (I’m 90% certain Keeper hasn’t just purchased the remains of an ancient, long-extinct armadillo), SecurityScorecard acquires LIFARS, a DFIR consulting firm, There’s a rumor that Microsoft is considering picking up Mandiant with all the extra cash still laying around after the Activision/Blizzard buy, & DHS launches the first-ever cyber safety review board!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. To Err Is Human, but the Blockchain Is Forever – ESW #260

One of the key features of cryptocurrency, NFTs, and other blockchain-based technologies is the immutable ledger. Put another way, there's no clear way to implement an 'undo' button when it comes to blockchain. In more traditional situations, passwords can be reset. Financial institutions can issue a stop payment order.

Announcements

  • The call for papers is now open for InfoSec World 2022! Featuring expert insights, enlightening keynotes, and interactive breakout sessions, this year's conference will take place on September 26-28 in Orlando. We're looking for experts and innovators to contribute their ideas, experiences, and perspectives to help shape the 2022 program. To submit your proposal, please visit: https://securityweekly.com/isw2022

Hosts

Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
Katie Teitler
Katie Teitler
Senior Security Strategist at Axonius
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

2. The State of Identity in the Enterprise – Branden Williams – ESW #260

We discuss the current state of identity challenges in the enterprise with Branden Williams.

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Guest

Branden Williams
Branden Williams
VP, IAM Strategy at Ping Identity

Dr. Branden R. Williams has nearly twenty-five years of experience in business, technology, and cybersecurity as a consultant, strategist, and executive. Dr. Williams has experience working for the largest and smallest institutions as an entrepreneur, practitioner, and advisor. His specialty is navigating complex landscapes—be it compliance, security, technology, or business—and finding innovative solutions that promote growth while reducing risk. He is a practitioner and advisor for operational, engineering, and management of IT and IS tools. He’s held several executive roles in the industry, and served on both the PCICo and EMVCo boards. He is an author of several books on PCI Compliance, and his blog and other publications can be found at his website (brandenwilliams.com).

Hosts

Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
Katie Teitler
Katie Teitler
Senior Security Strategist at Axonius
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory

3. Glyptodons, Mandiant Rumors, Virtual CISOs, Log4j Testimony, & A Cyber Safety Board – ESW #260

Finally, in the Enterprise Security News, Security automation startup Cerby raises $12M,

Virtual CISO startup Cynomi raises 3.5M to help SMBs automate cybersecurity, Keeper Security acquires Glyptodon (I’m 90% certain Keeper hasn’t just purchased the remains of an ancient, long-extinct armadillo), SecurityScorecard acquires LIFARS, a DFIR consulting firm, There’s a rumor that Microsoft is considering picking up Mandiant with all the extra cash still laying around after the Activision/Blizzard buy, & DHS launches the first-ever cyber safety review board!

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Hosts

Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
  1. 1. FUNDING: Security automation startup Cerby raises $12M to secure non-IT-managed apps
  2. 2. FUNDING: Virtual CISO startup Cynomi raises $3.5M to help SMBs automate cybersecurity – TechCrunch
  3. 3. ACQUISITION: Keeper Security acquires Glyptodon to enhance privileged access management platform
  4. 4. ACQUISITION: SecurityScorecard Acquires LIFARS; Empowers Organizations with a Complete View of Cyber Risk and an Accelerated Path to Cyber Resilience
  5. 5. RUMOR: Microsoft Considers Pursuing a Deal for Cybersecurity Firm Mandiant
  6. 6. STATS: CYBERSECURITY ALMANAC - The annual Cybersecurity Almanac is always a _momentous_ occasion, and never more so than this year, with 2021 numbers being completely bonkers. The most interesting statement to me? "Investment In Cyber Is Keeping Pace With Threats" If our "investment in Cyber" was doing any good, wouldn't you expect the investment to _outpace_ the threats? With threats and breaches keeping pace, I think it's as clear as ever that cybersecurity isn't a problem we can simply spend our way out of.
  7. 7. FEDERAL: Cisco’s Chief Security and Trust Officer Testifies About Log4J - Brad Arkin, Cisco's CISO (CSTO?) had a chance to testify before congress regarding Cisco's performance addressing Log4j vulnerabilities, and the general impact to the industry. This Twitter thread is well worth a read-through.
  8. 8. FEDERAL: DHS Launches First-Ever Cyber Safety Review Board - https://www.dhs.gov/news/2022/02/03/dhs-launches-first-ever-cyber-safety-review-board
  9. 9. SQUIRREL: Florida man steals car; train sends it crashing into house - The homeowners were fine, but “the explosive sound of a driverless car smashing into the side of their home was clearly jolting,” the sheriff’s office said.
Katie Teitler
Katie Teitler
Senior Security Strategist at Axonius
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
prestitial ad