Bsw181

From Security Weekly Wiki
Jump to navigationJump to search

Business Security Weekly Episode #181 - July 20, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Zero Trust Execution as Part of Your Cloud Workload Protection Strategy - 03:00 PM-03:30 PM


Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • Visit https://securityweekly.com/webcasts to see what we have coming up! Learn about Rapid7’s Findings from the National Internet Cloud Exposure Report on August 13th and How to Create and Run a Conference, from the geniuses behind Layer8 Conference and Wild West Hackin Fest on August 19th! Our next technical training on August 27th will teach you about BootHole, SIGRed and SMBleed…Best Practices To Prioritize And Remediate Now! Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

Description

The use of Application Control - commonly referred to as whitelisting or Zero Trust Execution - is considered to be a robust and essential Cloud Workload Protection strategy, largely due to the high predictability of cloud environments. But it does not prevent all cyber attacks. Attackers can exploit vulnerabilities in trusted applications or utilize whitelisted apps for malicious intent - referred to as Living off the Land (LotL). App Control also presents some operational headaches for cloud security teams, requiring strict and often unrealistic policies. We will discuss how to build a robust Application Control strategy for your workloads that is informed by these challenges. This segment is sponsored by Intezer.

Visit https://securityweekly.com/intezer to learn more about them!


https://www.intezer.com/blog/cloud-security/building-a-robust-app-control-strategy-for-your-cloud-workloads/

https://www.intezer.com/resource/intezer-protect-cloud-workload-protection-platform-cwpp/


Guest(s)

Justin Bradley

Justin heads up Intezer’s growth strategy and partners with key departments such as sales, marketing and product. Business Development is also part of Justin's current responsibilities. Justin joined Intezer after fifteen years at CyberArk, where he held many titles, most recently Global VP Customer Success. According to Justin, an amazing culture and attitude is the core of growth and is what makes any company go from good to great.


Hosts

2. New CISOs, Overworked CISOs, and 10 Worst Cybersecurity Strategies - 03:30 PM-04:00 PM


Announcements

  • Join the Security Weekly Mailing List for webcast/virtual training announcements and to receive your personal invite to our Discord server by visiting https://securityweekly.com/subscribe and clicking the button to join the list!

  • Security Weekly is an official media partner for Virtual BlackHat 2020! To register and save $200, visit https://securityweekly.com/summercamp2020 and click the register button. Discount code: “20SecWeekbh” Alongside Virtual BlackHat, we will be running our conference micro-interviews, you guessed it, virtually, in an event called Security Weekly Virtual Hacker Summer Camp, August 3 – August 6, 2020. Options, pricing and availability are all listed on the same page! Reserve your slot now to get your message out to BlackHat attendees!

Description

In the Leadership and Communications section, CISOs undervalued, overworked, burning out, warns CIISec, The 10 Worst Cybersecurity Strategies, AppSec Becomes A Priority For New CISOs/CSOs, and more!


Hosts

Matt Alderman's Content:

Articles

  • CISOs undervalued, overworked, burning out, warns CIISec - According to the results of the security profession 2019/2020, a report produced by the Chartered Institute of Information Security (CIISec) that surveyed 445 IT security professionals:
    • 82% said security budgets were failing to keep pace with the wider environment, either rising too slowly, staying static, or dropping
    • 64% said their businesses were having to cope with fewer resources when necessary
    • 51% admitted to having let routine or non-critical security tasks slip, increasing risk to their organisations
    • Over half (54%) said they had either quit a job due to overwork or burnout, or had worked with someone who had
  • Cybersecurity Leaders: Invest In Your People - Training, especially cross-training, is insanely powerful when team members are able to experience, train, and work together. It also builds trust. Here are five steps for enterprises to take:
    • Find the right training environment for a hands-on ongoing training program and commit to it. This is essential unless you want to lay people off, have a revolving door for talent, or have people sitting on their hands during an incident.
    • Stop wasting time and money sending people to costly online and classroom training that only contributes to the misguided view that training is something to be scheduled.
    • Assess who and what you have to work with. Have each team member complete assessments to discover their hard and soft skills. You can do this with individual training assessments, or for a team in an online cyber range and learn even more about how your team performs under the stress of an attack. This is where you learn where the gaps are, not just in skills but in communications and collaboration.
    • Build a cross-training program. For staffing shortages, the team's most reliable players can cross train to become subject matter experts to backup existing staff. Extending training to web application developers, DevOps, network, and IT specialists will help provide the reserves and reinforcements you need when trouble strikes.
    • With work-from-home likely to be here to stay, it makes sense to cross train network security or other IT staff whose workloads may have dropped and point them toward building endpoint security, administering VPN systems, and handling encryption configuration and threat hunting.
  • The 10 Worst Cybersecurity Strategies - Let’s count them down.
    • 10. Cyber-Insurance
    • 9. Audit Confidence
    • 8. Best Tools, Left Unmanaged
    • 7. Regulatory Compliance
    • 6. One Good Tool
    • 5. IT Dependence
    • 4. Security by Marketing
    • 3. Default Security Settings
    • 2. Security by Obscurity
    • 1. Hope, as a Strategy
  • Choosing Wisely: An Entrepreneur’s Guide to Better Decision-Making - Here are some expert-backed tips for making smarter decisions:
    • Let go of ‘perfect’ and aim for ‘good enough’
    • Combine intuition with expertise
    • Create a value-based pros and cons list
    • Try negative visualization
  • AppSec Becomes A Priority For New CISOs/CSOs: Recommendations For The First 100 Days - Quick wins at the beginning of a leader’s tenure help set the table for long-term success. Incoming CISOs can work with their teams to achieve benchmarks like these in the first 100 days:
    • By day 30, a complete application inventory, if one is not already available. This data source should include information about the importance to the business of each application and the cybersecurity risk it poses.
    • By day 60, a policy gap analysis and SAMM assessment. These formal reviews assess the maturity of the AppSec program and how complete the formal AppSec policies are.
    • By day 100, a complete AppSec roadmap. By this time the CISO should be familiar with past successes, and can plan to build upon them to advance the program’s maturity.
  • Types of Cyber Security Roles: Job Growth and Career Paths - You figured how to get into cyber security: you learned the technical skills, landed the job, did the work and proved yourself - now it’s time to chart your career path...
    • What Are Cyber Security People Called? - Cyber security professionals go by many names, but the job titles or descriptions will “normally have ‘information security,’ ‘cyber security,’ or related terms in them
    • What Are the Different Roles in Cyber Security? - Cyber security professionals can benefit from starting as generalists and then specializing in an area of interest or strength, including:
      • Application security
      • Data loss prevention
      • Forensics
      • Incident response
      • Network security
      • Security architecture
      • Threat intelligence
      • Vulnerability management
    • How to Take the Next Step in Your Cyber Security Career? - Whether you’re a generalist or a specialist, you’ll need to keep up with cyber security’s ever-changing changing technical requirements, latest legal regulations and best practices as well as the emerging trends in the industry in order to achieve your career goals. To that end, consider:
      • Taking coursework toward a degree (such as a bachelor’s or master’s in cyber security) or certification that aligns with your career aspirations
      • Upskilling in virtual labs to practice industry applications and technologies
      • Completing a cyber internship
      • Joining a professional organization or association, such as ISACA, Information Systems Security Association (ISSA), (ISC)² or the SANS Institute
      • Networking or finding a mentor to help you outline and achieve your medium- and long-term plans

Paul Asadoorian's Content:

Articles