Security Weekly
Enterprise Security WeeklySubscribe
Leadership, Security Program Controls/Technologies, Security Staff Acquisition & Development

Deception, SaaS Security, and the 10 Plagues of Cloud Security – ESW #312

In this week's enterprise security news, we talk about new companies and funding, trends in the deception and SaaS Security/SSPM space. We discuss Andy Ellis's "10 plagues of cloud security" and Kelly Shortridge's 69 ways to F&$ up your deploy. We discuss rolling out Yubikeys and the pros/cons of using biometrics instead of security keys. There have been some bad takes in the media on how OpenAI uses your ChatGPT prompts, so we set the record straight there. Cybersecurity is a new requirement for K-12 students in North Dakota, and you've got to see this week's security story - a rogue tire sends a Kia Soul FLYING.

    • but no one was hurt!

Full episode and show notes

Announcements

  • As a member of the Security Weekly community, we are pleased to offer you 20% off your InfoSec World 2023 tickets! Join a community of over 2,000 security professionals and innovators at InfoSec World on September 25th through 27th at Disney’s Coronado Springs Resort. Experience world-class learning and networking through enlightening keynotes, informative panel discussions, interactive breakout sessions, hands-on workshops, and more.

    Register today at securityweekly.com/infosecworld2023 using code ISW23-SECWEEK20!

Hosts

Principal Researcher at The Defenders Initiative
  1. 1. FUNDING: CrowdStrike Combines Powers With Abnormal Security to Stop Breaches

    A "venture round" from Crowdstrike Ventures follows the company's $210M Series C in May 2022.

  2. 2. FUNDING: DataDome Closes $42 Million in Series C Funding to Advance the Fight Against Bot-Driven Cyberattacks and Fraud

  3. 3. FUNDING: Hypori Completes $23M Series B Financing

  4. 4. FUNDING: Strivacity Announces $20 Million in New Funding To Modernize Customer Sign-in Experiences and Security

  5. 5. FUNDING: Push Security raises $15M to help SaaS users lower their online vulnerability

  6. 6. FUNDING: Entitle Launches With $15M in Seed Funding to Bake Security Into Permissions Management

  7. 7. FUNDING: SCADAfence raises $16 million, adds Fujitsu and Mitsubishi Electric as new investors

  8. 8. FUNDING: Votiro Raises $11.5 Million in Series A Funding

  9. 9. FUNDING: Spera raises $10M for its identity security posture management platform

  10. 10. FUNDING: Trustle Raises $6M Seed Round to Revolutionize Access Management

  11. 11. NEW COMPANIES: Seedata.IO – Making cybersecurity unknowns, known

  12. 12. LESSONS: 10 Plagues of Cloud Security

  13. 13. LESSONS: 69 Ways to F*** Up Your Deploy

  14. 14. LESSONS: List of experiences rolling out Yubikeys and WebauthN – Clint Gibler on Twitter

  15. 15. NEWSLETTERS: Jason Haddix’s Executive Offense Issue #2

  16. 16. REPORTS: FS-ISAC Navigating Cyber in 2023

  17. 17. AI TRENDS: Chat GPT & AI a growing concern for cyber insurance: Corvus’ Hedberg – Reinsurance News

  18. 18. AI TRENDS: Samsung workers made a major error by using ChatGPT

    There's a lot of confusion and FUD going around on what is and isn't trained on when you use ChatGPT.

    TL;DR: If you use ChatGPT's consumer interface (chat.openai.com), you are opted IN for your prompts being used to train/improve the service. There's a form you can fill out to opt OUT. (it's literally a Google form, which seems kinda janky, but it's pretty easy to opt out).

    If you use OpenAI's API interface (api.openai.com), you are opted OUT for your input OR output data being used for training/improvement. There's a form you can use to opt IN.

  19. 19. TRENDS: Burgum, Baesler applaud landmark North Dakota computer science, cybersecurity measure

  20. 20. ESSAY: AI Revolutionizes Infosec

  21. 21. ESSAY: Cybersecurity vs. Everyone: From Conflict to Collaboration

  22. 22. SQUIRREL: When tires attack: Marques Brownlee on Twitter

Product Marketer and Content Strategist
VP Traceable.ai, Cyber Angel Investor and Advisor at 90 Degree Ventures

Related