Application security, Cybersecurity Asset Management, Cloud security, Vulnerability management, DevOps, Email security, Security awareness, Identity and access, Incident response, Compliance, Data security, Privacy, Zero trust

RSAC 2021 #4

View Show Index

Segments

1. Metrics, Training, Culture – Why Your Phishing Program Isn’t Working – Drew Rose – RSA21 #4

Phishing reports have become the standard for measuring security awareness, and yet breaches keep happening. Something is broken. Knowing how to recognize a phishing attempt is a tiny part of creating a security-focused culture and protecting your business from attacks.

This segment is sponsored by Living Security.

Visit https://securityweekly.com/rsac2021 to learn more about them! This segment is sponsored by Living Security. Visit https://securityweekly.com/livingsecurity to learn more about them!

Sponsored By

Living Security

Guest

Drew Rose
Drew Rose
CSO - Founder at Living Security

As Living Security’s creative mastermind, Drew Rose combines his experience developing security programs and his love of game design to expertly craft immersive products. He seeks to engage end users and create excitement with his educational experiences and measurable outcomes. Drew is a CISSP with a Bachelors of Science in Cybersecurity who has spent years building and optimizing security programs in the public and private sectors. While serving in the military, Drew learned effective strategies for fighting cybercrime and earned a top-level security rating in the U.S. government. At Living Security, Drew applies his in-depth knowledge to reducing enterprise and personal risk by designing science-based, collaborative security awareness programs.

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly

2. Cyber Supply Chain Risk Management – Alyssa Feola – RSA21 #4

With the SolarWinds attack, supply chain attacks have been in the spotlight. Alyssa Feola joins us to discuss Cyber Supply Chain Risk Management.

Guest

Alyssa Feola
Alyssa Feola
Cybersecurity Advisor at undefined

Alyssa Feola is a Cybersecurity Advisor in the Technology Transformation Services within GSA. Since 2020, she has supports the organization by rationalizing, modernizing, and hardening the infrastructure and software that the workforce needs to do their jobs. She brings a wealth of knowledge, skills, and experience in acquisition, information technology, and cybersecurity. Her passions lie with innovation and modernizing government technology.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security

3. Tech Consolidation and the Final Acts of Once Vital Point Solutions – Jess Burn – RSA21 #4

Of particular interest to me from our newly published “The Forrester Tech Tide™: Zero Trust Threat Detection And Response, Q2 2021” are what look like the final acts of several solutions once considered vital detection and response point products. While automated malware analysis (sandboxing) and network intrusion detection systems (NIDS) remained in our Divest category, three more technologies joined them this year: data loss prevention (DLP), managed security service providers (MSSP), and security user behavior analytics (SUBA). Why is this? Because these stand-alone technologies simply don’t cut it anymore. This isn’t to say these solutions are dead, mind you. No, they live on within larger, more comprehensive solutions.

Segment Resources:

https://go.forrester.com/blogs/the-death-and-life-of-the-standalone-solution/ https://www.forrester.com/report/The+Forrester+Tech+Tide+Zero+Trust+Threat+Detection+And+Response+Q2+2021/-/E-RES164039?objectid=RES164039

Guest

Jess Burn
Jess Burn
Senior Analyst at Forrester Research

Jess is a senior analyst at Forrester serving security and risk professionals. She contributes to Forrester’s research on the role of the CISO and Zero Trust. Additionally, Jess covers email security; incident response and crisis management; and security training, education, and certifications. Prior to her analyst role, Jess spent eight years as a principal advisor on Forrester’s Security & Risk Council. In this role, she was a trusted partner to a network of CISOs and security and risk leaders making critical decisions in the areas of risk management, data privacy and protection, cybersecurity operations, and identity and access management.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security

4. Recent Attacks Against Software Integrity – Ed Skoudis – RSA21 #4

Ed Skoudis joins us to discuss recent attacks against software integrity, including:

- open source libraries

- session tracking for single sign on

- weak crypto

- machine learning (ML) algorithms used to detect malware

- ransomware attacks - how they are evolving

Guest

Ed Skoudis
Ed Skoudis
President of SANS Technology Institute, Director of Holiday Hack Challenge at SANS Institute & Counter Hack

Ed Skoudis has taught cyber incident response and advanced penetration testing techniques to more than 12,000 cybersecurity professionals. He is a SANS Faculty Fellow and the lead for the SANS Penetration Testing Curriculum. His courses distill the essence of real-world, front-line case studies he accumulates because he is consistently one of the first experts brought in to provide after-attack analysis on major breaches where credit card and other sensitive financial data is lost.

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly

5. How to Build and Maintain a Resilient Web App Security Program – Kevin Gallagher – RSA21 #4

Prior to building a web security program, you have to have a plan. How does one create that plan? In this segment, Kevin will focus on some concrete steps to help you create an AppSec plan using a simple framework.

This segment is sponsored by Netsparker.

Visit https://securityweekly.com/netsparker to learn more about them!

Sponsored By

Netsparker

Guest

Kevin Gallagher
Kevin Gallagher
Chief Revenue Officer at Netsparker by Invicti Security

Kevin Gallagher is the CRO of Invicti Security, the company behind the well-known brands, Acunetix and Netsparker. He is a top performing senior executive with 17+ years’ experience managing, bringing to market and selling innovative software management solutions to various high value market segments. Having worked at both start up’s and well established companies, Gallagher has earned recognition as a top – producing sales executive, serving as a motivating team leader and mentor.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Matt Alderman
Matt Alderman
Executive Director at CyberRisk Alliance
prestitial ad