BSWEpisode174

From Security Weekly Wiki
Jump to navigationJump to search

Business Security Weekly Episode #174 - May 18, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Interview - Is the Virtual SOC Our "New Normal"? - 03:00 PM-03:30 PM


Visit https://securityweekly.com/rsasecurity for more information!


Announcements

  • Join us at InfoSecWorld 2020 - June 22nd-24th now a fully virtual event! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code!
  • Join the Security Weekly Mailing List & receive your invite to our community Discord server by visiting securityweekly.com/subscribe and clicking the button to join the list!

Description

As many organizations look to their "new normal," remote work will likely be a large piece of that strategy. Adler will dive into the impact this has on the SOC and why EDR should be top-of-mind.

To learn more about RSA Security, visit: https://securityweekly.com/RSAsecurity , To check out the RSA NetWitness Platform (SIEM and integrated EDR), visit: https://www.rsa.com/en-us/products/threat-detection-response


RSA NetWitness Platform (SIEM and integrated EDR): https://www.rsa.com/en-us/products/threat-detection-response


Guest(s)

Mike Adler

Michael Adler serves as the Vice President, Product, RSA NetWitness® Platform. Adler is responsible for setting product strategy, defining requirements, and building and shipping RSA’s Security Operations product portfolio. With more than 20 years of experience building and managing product organizations Michael focuses on delivering quality and feature rich products on a predictable timeline. Adler holds a Bachelor of Science in Computer Science from Carnegie Mellon University and an MBA from Boston College.


Hosts

2. News - Burnt Out CISOS, Build Strategy, and 50+ Security Products - 03:30 PM-04:00 PM


Announcements

  • Layer 8 is Going Virtual! The conference will still be held on Saturday June 6th. Security Weekly listeners save $20 on their ticket by visiting layer8conference.com and using the promo code "SecurityWeekly" before selecting your ticket type! Please consider supporting Layer8 or one of their partner organizations when purchasing your ticket! Some of the Security Weekly team will be in our own channel on the Layer8 Discord server answering questions and possibly doing some contests!
  • Learn how hidden vulnerabilities lead to application compromise in our next webcast with Snyk! Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

Description

In the leadership and communications section, Burnt out CISOs are a huge cyber risk, to build strategy, start with the future, 78% of Organizations Use More than 50 Cybersecurity Products to Address Security Issues, and more!


Hosts

Jason Albuquerque's Content:

Articles

Matt Alderman's Content:

Articles

  • Burnt out CISOs are a huge cyber risk - Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout?
  • To Build Strategy, Start with the Future - Mark Johnson, cofounder of the consulting firm Innosight, says that too many managers develop strategy while focusing on problems in the present, and that’s especially true during a crisis. Instead, he argues, leaders should imagine the future and work backward, so they can build their organization for that new reality.
  • The problem with PowerPoint - Walking through slides doesn’t work. Here's a few tips to make your presentations better:
    • Think about your story
    • Send people a memo
    • Know when and how to show visuals
    • Own the room
  • Challenging the Boss - Do you fear speaking frankly with your supervisor? Dear HBR talks through what to do when your boss micromanages your output, you want to set boundaries for better work-life balance, or your new supervisor is eagerly volunteering your team for too many projects.
  • 78% of Organizations Use More than 50 Cybersecurity Products to Address Security Issues - According to the third-annual Oracle and KPMG Cloud Threat Report 2020,a survey of 750 cybersecurity and IT professionals across the globe found that a patchwork approach to data security, misconfigured services, and confusion around new cloud security models has created a crisis of confidence. Key finding include:
    • 75 percent of IT professionals view the public cloud as more secure than their own data centers
    • 78 percent of organizations use more than 50 discrete cybersecurity products to address security issues; 37 percent use more than 100 cybersecurity products
    • 59 percent of organizations shared that employees with privileged cloud accounts have had those credentials compromised by a spear phishing attack
    • Based on the results of the study, the most common types of misconfigurations are:
      • Over-privileged accounts (37 percent)
      • Exposed web servers and other types of server workloads (35 percent)
      • Lack of multi-factor authentication for access to key services (33 percent)
  • COVID-19 pandemic accelerates transformation in enterprise security - Organizations must retool their policies and invest in security programs to acclimate to a post-COVID-19 business landscape. The proliferation of cloud environments and the related expanded use of external partners means there will be an even sharper focus on disciplines such as IT governance and vendor management for the foreseeable future.

Paul Asadoorian's Content:

Articles