From Paul's Security Weekly
Jump to: navigation, search

Recorded September 30, 2019 at G-Unit Studios in Rhode Island!

Episode Audio


  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .

  • Announcements

    • Register for one of our upcoming webcasts with Bryce Shroeder and Barbara Kay of ServiceNow, Kevin O'Brien of GreatHorn, or Steve Laubenstein of Core Security (or all of them!) by going to -> Click the webcast dropdown & Select Registration! If you have missed any of our previously recorded webcasts, you can find our on-demand library by selecting on-demand from the webcast drop down! If you attend any of our webcasts, you will receive 1 CPE credit per webcast!
    • We're currently running our annual Listener Feedback Survey! Please visit -> click the survey tab & select "2019 Listener Survey" to submit your responses!
    • The new Security Weekly website is officially live! Visit to check out all of our new sorting and filtering functionality! Please let us know if you find any issues or have any feedback by sending to
    • Paul will be providing his insights & predictions in the information & cyber security space at a local (ISC)2 RI Chapter Meeting on Monday, November 18th @ Gregg's Restaurant in Providence. If you would like to join us, go to

    Interview: Jeff Costlow, ExtraHop

    Jeff Costlow is the Head of Security at ExtraHop
    Jeff is a security technologist and leader with over 20 years of deep experience securing information and technology assets as well as years of successful engineering leadership, delivering secure product deployments to thousands of customers. Jeff leads the ExtraHop team towards groundbreaking security and privacy services.

    Segment Description:
    Organizations looking to embrace the speed and flexibility of the cloud need to shift gears in security as well, moving towards a cloud-first approach that combines complete visibility with behavioral- and- rule-based threat detection. Learn how the SOC Visibility Triad pairs network detection and response with endpoint detection and response and SIEM tools in order to help you strengthen your cloud security posture.

    Segment Resources:

    Leadership Articles

    • Why New Leaders Should Make Decisions Slowly - 74% of new leaders say they are unprepared for the new role, and in 18 months nearly half of them disappoint or fail entirely. In many cases, leaders either judge too quickly, making snap decisions that prove to be ill advised, or wait interminably to “gather more facts,” only for the critical moment to slip away. Here are three strategies leaders can use to make decisions more effectively when they’re new to an organization
    1. Manage the urge to “do something” right away.
    2. Make sure you’re talking to a wide variety of sources.
    3. Select one critical area of focus for the year.
    • The Missing Ingredient in Kraft Heinz’s Restructuring - There has been a company restructuring recipe that has worked for decades. Buy a company, trim the fat, then reinvest to facilitate growth, and make lots of money. But sometimes this recipe doesn’t work... Three lessons from Kraft Heinzs' restructuring:
    1. When Restructuring Kills Innovation
    2. Calming the Overheated Survive Channel
    3. Activating the Thrive Channel
    1. More than 60% of business stakeholders believe IT implements less than half of their ideas, widening the disconnect between the departments
    2. Half of IT respondents say their budgets are too limited to deliver "solutions at scale"
    3. 89% of stakeholders say IT plays a key role in business initiatives, but only 66% of business technology decision-makers "think of IT as a value-creator."
    1. Digital business is where CEOs want to move their companies, but they have to recognize, "if we're digital, it's not only huge risk, it's complex risk"
    2. About 82% of CEOs say they have some form of a management initiative or program in place for handling the digital business, according to Gartner. "What they don't get is associated risk."
    3. Developing a "risk-aware" culture means deciphering the difference between digital business risk and cyber risk
    • Introduction to 5G: Your guide to fifth-generation wireless - Fifth-generation wireless (5G) is the latest iteration of cellular technology, engineered to greatly increase the speed and responsiveness of wireless networks. Anticipated 5G benefits include increased speeds, improved reliability and lower latency. 5G use cases include:
      • Fixed wireless for better business connectivity
      • Private 5G networks
      • Expanded 5G coverage for rural areas

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+