All Our Devices and Privacy on the Web – Deepika Gajaria, Scott Scheferman – ESW #234
Against the ubiquitous backdrop of Zero Trust initiatives, we have all come to accept the motto of "Verify, then trust". Yet, here we are building an entire stack of Zero Trust enabled technologies, upon a broken implicit-trust foundation. Nowhere is this risk more apparent, than at the device and firmware level. Indeed this is why both nation-state and criminal actors have converged upon a strategy that combines supply chain attack dynamics, with readily exploitable devices. This allows them to impart maximum impact against victim organizations, and even those victim’s downstream partners and customers. In order to address this evolving threat, organizations must take back security control of their devices, and stop trusting the fox that has quite frankly, become the hen house.
This segment is sponsored by Eclypsuim.
Visit https://securityweekly.com/eclypsium to learn more about them!
Data privacy and Web security teams are converging across enterprises and we are seeing more Privacy use cases like cookie banner consent and limiting data sharing (vendors like Facebook, Google etc. are capturing sensitive user data, accessing cameras, microphones, geolocation etc.) via security policies, under the security teams purview.
At Tala we offer a Privacy scan that gives enterprises a full view of which vendors have access to sensitive data and how this data is being shared. This in turn helps set the right security controls in place.
This segment is sponsored by Tala Security.
Visit https://securityweekly.com/talasecurity to learn more about them!
Deepika is responsible for product strategy and delivery at Tala. Working closely with our customers, she drives product direction and shapes the product roadmap to address their core needs.
Prior to Tala, Deepika was part of Cisco Jasper where she led the launch of IoT smart city applications. Her career in Product Management began at EMC, in the New Product Introduction team, working on key initiatives across the Storage and the Data Protection divisions.
Deepika has held diverse roles in her career: her first job out of school was in Research and Development of high voltage particle accelerator technology used in cancer therapy machines.
Scott, aka “Shagghie” in the community, is a public speaker, thought leader and cyber strategist. With decades of cyber consulting in both Federal and Commercial domains, he brings strong opinions and insight into any topic covering cyber, privacy, AI/ML, or the intersections of these. Winner of the first defcon badge-hacking contest and a defcon music artist, he currently works to bring urgent awareness to the device and firmware attack surface now being readily exploited.