Cloud security, Incident response, Insider threat, Leadership, Social engineering, Threat intelligence, Vulnerability management

Escape Room – ESW #222

This week, In the first segment, Zack Moody from AVX Corporation join us for an interview on the Rise of Insider Threat post Covid-19! Next up, Juliet Okafor joins for an interview on Why User Adoption in Enterprise Security is Low! In the Enterprise Security News: Funding announcements from Clearsense, Morphisec, Feedzai, Jumio, Ketch, Living Security, Productiv and Socure. ServiceNow acquires Intellibot, Accenture acquires Cygni, Astadia acquires Anubex, AutoRABIT acquires CodeScan, Kroll Acquires Redscan. GRIMM launches a Private Vulnerability Disclosure program, AttackIQ automates the validation of AI and ML, CircleCI offers CI/CD for ARM in the cloud, Elastic Observability updates, Gigamon and FireEye collaborate on integration of Gigamon Hawk, McAfee unveils MVision cloud, Red Hat OpenShift Service Available on AWS, Sysdig Adds Unified Threat Detection Across Containers and Cloud and more!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. Rise of Insider Threat Post-C19 – Zack Moody – ESW #222

Is there an emerging threat to your data post-C19 with disgruntled employees having to come back to an office? How do we protect our data and keep employees happy that have access to data from where they've been hiding over the past year?

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Guest

Zack Moody
Zack Moody
Head of Global Cybersecurity & Privacy at AVX Corporation

Zachary L. Moody, CISSP currently serves as the Head of Global Cybersecurity & Privacy at AVX Corporation. He has spent over 18 years in information security related positions, and over the past several years his focus has been immersed in establishing global cybersecurity & privacy programs. With an active security clearance, Mr. Moody has worked in numerous capacities in the public, private and government sector environments. His responsibilities have primarily included but not limited to network security, threat intelligence, identity & access, and incident response.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
Tyler Shields
Tyler Shields
CMO at JupiterOne

2. Why User Adoption in Enterprise Security is Low – Juliet Okafor – ESW #222

Security technology roll-outs often fail because of the following:

1) Weak Security Culture - users don't see value or understand the importance of taking action.

2) Security teams often fail to consider user experience in purchase, configuration, set-up and training of security technology, like endpoint security

3) End User communication about new technology is not communicated to the right users, at the right time, during the right stage of the project.

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Guest

Juliet Okafor
Juliet Okafor
CEO & Founder at RevolutionCyber

Juliet Okafor, J.D., is a cybersecurity professional who has combined her knowledge of the legal system
and cybersecurity solution models into success stories across fortune 500
industries throughout the USA. Her ability to scope, plan and design the creation of an OT Cybersecurity
Management System framework for one of the largest cruise lines in the world is testament of
her commitment and leadership regardless of the challenge.

She is a passionate security solutions visionary and strategist who builds the Fortune 500 enterprise’s
overarching security strategy that governs all other smaller strategies within. She is the person who
determines how to solve the company’s problem, be it vulnerability management, incident response or
reducing the risk associated with technology or vendors, and then puts a plan into action or roadmap to
remediate the risks in place – using a combination of people, transforming operations and an array of
emerging security technology.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
Tyler Shields
Tyler Shields
CMO at JupiterOne

3. Tyler’s “Deathpool”, Astadia, Gigamon, & GRIMM – ESW #222

This week in the Enterprise News: Funding announcements from Clearsense, Morphisec, Feedzai, Jumio, Ketch, Living Security, Productiv and Socure. ServiceNow acquires Intellibot, Accenture acquires Cygni, Astadia acquires Anubex, AutoRABIT acquires CodeScan, Kroll Acquires Redscan. GRIMM launches a Private Vulnerability Disclosure program, AttackIQ automates the validation of AI and ML, CircleCI offers CI/CD for ARM in the cloud, Elastic Observability updates, Gigamon and FireEye collaborate on integration of Gigamon Hawk, McAfee unveils MVision cloud, Red Hat OpenShift Service Available on AWS, Sysdig Adds Unified Threat Detection Across Containers and Cloud & more!

Announcements

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
  1. 1. PRODUCT – AttackIQ platform automates the validation of AI and ML-based security technologies - "AttackIQ’s Network Control Validation Module combines a new comprehensive network topology map with adversarial attack replays. This helps organizations rapidly exercise the end-to-end validation of network-deployed security controls and gives technology-specific remediation guidance, ensuring that customers get the most out of their cyberdefense investments."
  2. 2. PRODUCT – Sonrai Security integrates with AWS to accelerate cloud security transformation - "In addition to achieving the AWS Security Competency status in identity and data protection, the Sonrai Dig platform provides out-of-the-box integration with AWS Control Tower and provides visibility into more than 150 AWS services."
  3. 3. PRODUCT – Elastic Observability updates accelerate root cause analysis and enables unified monitoring - "Additionally, support for ARM processor-based infrastructure is now available in Elastic Observability. Customers with servers or devices running ARM can now use Beats or the Elastic Agent to collect health and performance data to enable unified monitoring across their endpoints and infrastructure."
  4. 4. ACQUISITION – AutoRABIT acquires CodeScan to ensure code quality and security - AutoRABIT announced the acquisition of CodeScan and its code quality and security analysis solution for Salesforce development teams. CodeScan’s technology
  5. 5. FUNDING – Clearsense raises $30M to expand its data platform-as-a-service technology and advisory services - Clearsense announced it has closed $30 million in financing in partnership led by Health Catalyst Capital. Clearsense will use the new capital to build out its
  6. 6. ACQUISITION – Accenture acquires Cygni to accelerate cloud first strategies with software engineering services - Accenture has entered into an agreement to acquire Cygni , a cloud native full-stack development firm that helps companies transform their business through
  7. 7. PRODUCT – WALLIX provides enhanced data monitoring and secure remote access for healthcare orgs - "WALLIX Bastion includes a comprehensive range of access security features such as Session Manager and Password Manager, enabling complete data protection and business continuity."
  8. 8. COMMUNITY – GRIMM launches Private Vulnerability Disclosure program to allow defenders to get ahead of the unknown - GRIMM announced the launch of the company’s new Private Vulnerability Disclosure (PVD) program. This offering allows defenders to get ahead of the attack curve,
  9. 9. PRODUCT – CircleCI offers cloud-based CI/CD services for the Arm architecture - "With CircleCI’s Arm build fleet running on AWS Graviton2, developers can build and run Arm-based applications with virtually no spin-up time and deliver significant improvements without sacrificing power or cost efficiency."
  10. 10. PRODUCT – Red Hat OpenShift Service Available on AWS (ROSA) - "With ROSA, customers can enjoy more simplified Kubernetes cluster creation using the familiar Red Hat OpenShift console, features and tooling without the burden of manually scaling and managing the underlying infrastructure. ROSA streamlines moving on-premises Red Hat OpenShift workloads to AWS and offers a tighter integration with other AWS services. ROSA also enables customers to access Red Hat OpenShift with billing and support directly through AWS, delivering the simplicity of a single-vendor experience to customers running Red Hat OpenShift on AWS."
  11. 11. PRODUCT – Threat Stack Cloud Security Platform now offers real-time threat and anomaly detection in the cloud - "The sheer volume of cloud security data makes it challenging for businesses to find meaningful insights into risky user behaviors and anomalies. Threat Stack’s enhanced platform with security analytics solves this problem by delivering transparency into behavior associated with the cloud management console, user identities, sensitive data, and anomalous activities directly within the platform."
  12. 12. PRODUCT – McAfee unveils MVision cloud-native app protection - Huh? "To accelerate their digital transformation journey, enterprises are leveraging the agility and innovation velocity offered by cloud-native applications hosted across private, public and hybrid clouds."
  13. 13. PRODUCT – Zscaler and CrowdStrike release integrations for end-to-end security - Whoa: "ZPA incorporates CrowdStrike's real-time ZTA to enforce access policy to private apps to reduce organisational risks Zscaler Internet AccessTM (ZIATM) deployed inline stops malware propagation by triggering device quarantine through the CrowdStrike Falcon Platform, CrowdStrike's Falcon X threat intelligence and Falcon Endpoint Protection device telemetry data can be shared with Zscaler Zero Trust Exchange for usage when integrations are activated to provide stronger protection and increased visibility, Cross-platform workflow shortens response time and helps combat increasing volumes and sophistication of attacks"
  14. 14. PRODUCT – Gigamon, FireEye collaborate on integration of Gigamon Hawk - "Gigamon says its Hawk solution is now integrated with FireEye Network Security, closing this critical gap and radically simplifying hybrid cloud adoption - with the integration providing a unified view across hybrid infrastructure through a single, simple interface with built-in management and reporting."
  15. 15. PRODUCT – Sysdig Adds Unified Threat Detection Across Containers and Cloud to Combat Lateral Movement Attacks - "Using different cloud and container security tools requires a manual correlation of logs to catch the breach and uncover the systems impacted. By unifying the incident timeline and adding risk-based insights, Sysdig reduces the time to detect threats across clouds and containers from weeks to hours. Cloud development teams can see exactly where the attacker started and each step they took as they moved through the environment."
  16. 16. PRODUCT – Zimperium Collaborates with Oracle to Provide Mission Critical Mobile Security to Customers
  17. 17. FUNDING – Socure’s $100 Million Series D Financing Round
  18. 18. FUNDING – Productiv raises $45 million in new funding round
  19. 19. ACQUISITION – Kroll Acquires Redscan to Expand Cyber-Risk Offering
  20. 20. FUNDING – Ketch raises $23M to automate privacy and data compliance
  21. 21. FUNDING – Feedzai raises $200M at a $1B+ valuation for AI tools to fight financial fraud
  22. 22. FUNDING – Living Security raises $14M for predictive human risk management
  23. 23. ACQUISITION – ServiceNow takes RPA plunge by acquiring India-based startup Intellibot
  24. 24. FUNDING – Cybersecurity Firm Morphisec Raises $31M Funding Round
  25. 25. FUNDING – Jumio raises $150M to fuel innovation and automation - Jumio announced it secured a $150 million investment from Great Hill Partners. This infusion represents the single largest funding round in the digital identity
  26. 26. ACQUISITION – Astadia acquires Anubex to offer a complete mainframe migration RoadMap - In today’s environment, many organizations have a “Cloud First” strategy for deploying business applications. Since most of the important business applications
Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
  1. 1. FUNDING: Morphisec snags $31M for moving target defense that protects mid-sized companies
  2. 2. FUNDING: Living Security raises $14M for predictive human risk management – TechCrunch
  3. 3. FUNDING: Polymer Solutions closes $1MM Seed Round to secure SaaS platforms
  4. 4. LEGAL: Palo Alto Networks latest security giant accused of patent infringement - Centripetal doesn't fit the classic profile of a patent troll, but most of the patents they're suing Palo Alto and Cisco over seem overly frivolous. One describes the basic function of a firewall. Another describes the basic function of an IDS. The root of these lawsuits seems anchored in attempts to partner or license patent tech that went sour, however. NOTE: I'm not a lawyer and this goes deeper and is more nuanced than we'll have time to discuss.
  5. 5. STAFF: F5 appoints two senior executives to boost business transformation and cybersecurity – Help Net Security - Wasn't F5 just in the news for something else?
  6. 6. REGS: Exclusive: Software vendors would have to disclose breaches to U.S. government users under new order: draft - In general, I'm in favor of any regulation that helps us learn from breaches. Currently, understanding root causes and contributors is difficult, if not impossible with the lack of information shared with the public in most cases. Maddeningly, we see companies fall for the same scams and get hacked through the same TTPs - over and over and over. My hope is that regulations like these can help defenders better prioritize security improvements.
  7. 7. REGS: Understanding DFARS 252.204-7012 and NIST SP 800-171 – CyberSheath - A lot of folks have been commenting on the previous article regarding the EO that would require software vendors to disclose breaches, saying that existing regulation, DFARS, already addresses this issue, requiring government contractors to report breaches in 72 hours. The primary counterargument is that the EO would apply more broadly, so it's still needed.
  8. 8. TRENDS: Google starts trialing its FLoC cookie alternative in Chrome – TechCrunch
  9. 9. TRENDS – VC Firms Have Long Backed AI. Now, They Are Using It. - This trend is going to surprise no one, but I think it's an interesting move from an industry long known for investing based more on "gut checks" than due diligence. I suspect AI will likely be just another factor that goes into the overall calculus, not the sole deciding factor.
  10. 10. TRENDS: The Complete List Of Unicorn Companies - CBInsights has a handy list of all 630 unicorns currently in existence. Together, they're collectively valued at more than $2T! There are 25 cybersecurity companies on the list.
  11. 11. TRENDS: WWII codebreaker Turing honored on UK’s new 50-pound note - Many consider Turing an OG hacker, so it's a notable non-sequitur that he's getting some deserved recognition.
  12. 12. TRENDS: The Turing Challenge - And of course, what better way to kick off Turing's new banknote than with a series of puzzles? Someone alert Jeff Man.
Tyler Shields
Tyler Shields
CMO at JupiterOne
prestitial ad