From Paul's Security Weekly
Recorded December 2, 2019 at G-Unit Studios in Rhode Island!
- Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020 and click the register button to register with our discount code!
- Attend RSA Conference 2020, February 24-28 and join thousands of security professionals, forward-thinking innovators and solution providers for five days of actionable learning, inspiring conversation and breakthrough ideas. Register before January 24 and save $900 on a Full Conference Pass. Save an extra $150 by going to securityweekly.com/rsac2020 and use our code to register!
- Our next webcast is February 13th with Sri Sundaralingam, Vice President, Product and Solutions Marketing at ExtraHop where we will discuss Cloud Native Network Detection and Response! Register for our upcoming webcasts by visiting securityweekly.com, selecting the webcast drop down from the top menu bar and clicking registration.
Interview: Ward Cobleigh, VIAVI Solutions
Bringing NetOps into the Threat Hunt
In a very recent study, 65% of responding organizations reported a shortage of cybersecurity staff, with a lack of skilled or experienced security personnel their number one workplace concern (36%). To help fill this void, there is a very real and still growing need to cross-train existing professionals and teams whenever possible. How achievable is this goal? Can we really take the typical NetOps skillset, combine it with the data sources that are typically available to them, and apply this to the SecOps skills gap? This Business Security Week Podcast will answer these questions and include a demonstration of how a performance analysis platform can be used to quickly and efficiently identify threats.
- Below are additional resources related to our topic. These can be used by the hosts for background information. We will have these available on our landing page https://viavisolutions.com/securityweekly
- SANS OnDemand Webinar Recording: https://comms.viavisolutions.com/lp-cmp?cp=vi101475&th=std&lang=en
- 3 Lessons Learned from the Capital One Cyberattack - Listen to Your Data Sources
- What the NASA Cyberattack Teaches Us About Simple Technologies and Advanced Threats
- Not a Fish Story: Tackle the Reel Network Security Issues
- Companies Need to Rethink What Cybersecurity Leadership Is - For businesses today, cyber risk is everywhere. Yet for all the investments , companies are still struggling to make cybersecurity a vibrant, proactive part of strategy, operations, and culture. The root cause is twofold: (1) Cybersecurity is treated as a back-office job and (2) most cyber leaders are ill-equipped to exert strategic influence. Here's a framework for what business leaders must do to spur cybersecurity success:
- Set your intent with cybersecurity strategy
- Position the cybersecurity function to have influence
- Get the right cyber leader for your needs
- What Companies That Are Good at Innovation Get Right - Innovation labs, technology scouting outposts, and accelerator programs to invest in startups have become ubiquitous in large companies. Yet, in some companies, all of that activity adds up to nothing more than “innovation theater.” But for the ones who get it right, here's what they do:
- They hone their focus
- They collaborate with key internal partners
- They staff appropriately
- They design incentive system
- They monitor impact
- They move beyond culture clashes
- Staff in smaller businesses bogged down by poor communications - Inadequate communications between senior management and staff in small to medium-sized enterprises is leading to poor decision-making.
- Why You Should Be Sending More Video Emails … And How To Record Them - Humans have been speaking to each other face-to-face for more than 150,000 years! In today’s digital age we are sending more and more emails, and speaking to each other less and less. Here's a video email guide:
- Know When to Send a Video Email
- Build Your Confidence
- Get Your Gear (way less than you think)
- Nail Your First Impression
- Don’t use a script!
- Talk to one person
- Lighting: Know where it is
- Practice, practice, practice to build confidence and success
- Enterprises muddled over cloud security responsibilities - Miscommunication in enterprises was identified as a major factor in cloud-native security breaches. There is a diverse range of views about who should take responsibility...
- Top tech conferences to attend in 2020 - For the CISOs:
- Suits & Spooks DC, Feb. 6-7, Washington D.C.
- RSA Conference, Feb. 24-28, San Francisco
- Gartner Security & Risk Management Summit, June 1-4, National Harbor, Maryland
- Black Hat USA, Aug. 1-6, Las Vegas
- DEF CON 28, Aug. 6-9, Las Vegas
- Global CISO Executive Summit, Sept. 21-23, Marana, Arizona
- Forrester Security & Risk North America, Sept. 22-23, Washington D.C.