Nice & Slow – ESW #244
Full Audio
View Show IndexSegments
1. How Good CISOs Build Bad Security Programs – Juliet Okafor – ESW #244
No Man is an Island. Neither can a security program exist without interconnections and strong relationships to the rest of the business. Yet, over and over again I meet Security Leaders that thrive on designing security fiefdoms with large moats, and one bridge that they roll down only when they intend to roll out a new technology, initiative or need budget authority. There is no amount of authority or power that can provided to a CISO that makes he or she immunized against the need for communication, collaboration and diplomacy with peers, users and Senior Executives.
Segment Resources:
RevolutionCyber - www.revolutioncyber.com, Forbes Business Council Member
Juliet is speaking at InfoSec World 2021, register now and save 20%: https://securityweekly.com/isw2021
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Guest
Juliet “Jules” Okafor is an attorney and the CEO/Founder of RevolutionCyber, a boutique security consultancy offering “Security Culture as-a-Service (SCaaS) to midsize and enterprise companies seeking to rapidly mature, scale and embed security across all levels of the enterprise. She is a passionate security solution visionary who builds teams to solve a company’s most complex security issues – from navigating the aftermath of a breach to reduction of risk associated with technology and vendors, she will build a roadmap to prioritize and remediate the biggest risks – using a combination of people, process improvements and emerging security technology.
Hosts
2. The Importance of Identity Detection and Response (IDR) – Joseph Salazar – ESW #244
Identity Detection and Response (IDR) is a new security category that focuses on protecting credentials, privileges, cloud entitlements, and the systems that manage them across endpoints, Active Directory, and the Cloud through visibility and early detection of attacks targeting identities.
Attackers consider enterprise identities as high-value targets and attempt to compromise them early in the attack to access the network and gain privileges to essential production assets. Current identity security focuses on safeguarding privileged credentials in PAM solutions or securing the authentication process with MFA and IAM solutions, but these measures leave gaps that attackers can exploit.
While current security solutions like Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), Network Detection and Response (NDR), and others provide specific functions for defending the network, they do not focus on identities. EDR focuses on preventing the initial compromise, while XDR and NDR try to detect attacks as they expand from the beachhead. Attacks targeting enterprise identities can evade detection from these security controls, but IDR solutions can bridge these detection gaps to identify such attacks.
Join Joseph Salazar from Attivo Networks as he discusses the importance of IDR to modern enterprise security.
Segment Resources:
https://attivonetworks.com/documentation/AttivoNetworks-IdentityDetection_Response.pdf https://attivonetworks.com/what-is-identity-detection-and-response-idr/ https://attivonetworks.com/solutions/identity-security/
This segment is sponsored by Attivo Networks.
Visit https://securityweekly.com/attivonetworks to learn more about them!
Sponsored By
Announcements
InfoSec World 2021 is proud to announce its keynote lineup for this year’s event! Hear from Robert Herjavec plus heads of security at the NFL, TikTok, U.S. Department of Homeland Security, Stanford University, and more… Plus, Security Weekly listeners save 20% on Digital Pass registration! Visit https://securityweekly.com/isw2021 to register now!
Guest
Joseph Salazar is a veteran Information Security professional with over 20 years of both military and civilian experience. He is a retired Major from the US Army Reserves, having served 22 years as a Counterintelligence Agent, Military Intelligence Officer, and Cyber-Security Officer. He’s been a Systems and Security Administrator, a CSIRT Analyst, a Security Operations Manager, and a Computer Forensic Investigator in his civilian career. He maintains the CISSP, CEH, and EnCE certifications, holds a BA in Legal Studies from UC Berkeley, and currently works for Attivo Networks as a Technical Marketing Engineer.
Hosts
3. Startup Post Mortems, Live Security Statuses, LG Acquires Cybellum, & Coalition – ESW #244
In the Enterprise Security News: Cyber insurance firm Coalition lands a $205m Series E with a $3.5bn valuation, Risk management platform Panorays nabs $42m, Jscrambler raises a $15m Series A to rewrite the rules of website security (rewrite, get it? huh?), SenseOn nabs $20m for faster, more accurate cybersecurity detection and response, LG (yes, that LG) is acquiring automotive cybersecurity startup Cybellum, We talk about the emergence of the vendor "live security status page", 386 startup post mortems, and don't forget to stick around for Adrian's curveball "Squirrel of the Week" story at the end!
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
In an overabundance of caution, we have decided to flip this year’s SW Unlocked to a virtual format. The safety of our listeners and hosts is our number one priority. We will miss seeing you all in person, but we hope you can still join us at Security Weekly Unlocked Virtual! The event will now take place on Thursday, Dec 16 from 9am-6pm ET. You can still register for free at https://securityweekly.com/unlocked.
Hosts
- 1. FUNDING: Cyber insurance firm Coalition lands $205M at Series E, valued at $3.5BSo, cyber insurance/cyber security combo firms are a thing now. It's kind of the inverse of a conflict of interest - it's more like a _protection of interest_. In fact, if every vendor had some real stakes in preventing their customers from getting breached, the whole cybercrime landscape would likely look very different right now. Resilience and Corvus offer some continuous monitoring and services, but Coalition has nearly a full security program stack that they can deploy to customers. They acquired BinaryEdge, an ASM vendor, in early 2020. They raised a $90m Series C back in May 2020, with an $890m valuation. (10x the raise) They raised a $175m Series D in March 2021, with a $1.75bn valuation. (10x the raise) This is a $205m Series E, at a $3.5bn valuation. (17x the raise) Their master plan, they propose, is to build an insurance product to fund a security platform, which informs a better insurance product, which leads to better security tools. I'm skeptical, but I can't hate it. At least it's a different approach - one that seems to have some sound logic behind it.
- 2. FUNDING: Cyber risk management platform provider Panorays nabs $42M
- 3. FUNDING: SenseOn nabs $20M for faster, more accurate cybersecurity detection and response via its ‘triangulation’ approach – TechCrunch
- 4. FUNDING: Jscrambler Raises $15 Million in Series A Funding to Rewrite the Rules of Website SecurityREWRITE the rules? Get it? GET IT???
- 5. FUNDING: Exein raises €6M to fuel the company’s planned architectural product expansion – Help Net Security
- 6. FUNDING: EQT Private Equity invests in EC-Council, a global leader in cybersecurity training and certificationSwedish PE firm grabs a significant stake in EC-Council as part of their Asian fund (EC-Council's founder is Malaysian and they seem to have significant operations in India)
- 7. ACQUISITION: LG is acquiring automotive cybersecurity startup Cybellum in a $240M deal – TechCrunch
- 8. ACQUISITION: OneTrust acquires Tugboat Logic to automate InfoSec assurance and certification
- 9. TRENDS: Crossbeam introduces their live security status page – is this the future of vendor management?Crossbeam is part of a new trend taking a bold step: publicly sharing their current compliance and security status. They're using an off-the-shelf product to do it, called SafeBase (https://safebase.io) and they're not the first to do it, just the first that has come to my attention. Any way you look at it, it's impressive and it's really where we need to be: Kirckhoff's Principle really seems to apply here.
- 10. TRENDS: 386 Startup Failure Post-MortemsIt's always interesting reading case studies of startup successes and failures. This is a long list of very concise post-mortems. Each one is about a 10-20 second read. One of the 386 failures is even a cybersecurity startup, called Rubica. (I couldn't really figure out what Rubica did, despite reading several descriptions)
- 11. SQUIRREL: Here’s everything Amazon announced this morning…NOTE: co-hosts, don't read beforehand, I want to do a 'bluff the listener' style quiz. I'll throw out three new products Amazon announced. Two will be made up, one is real. You try to guess which one is real!
