Bsw184

From Security Weekly Wiki
Jump to navigationJump to search

Business Security Weekly Episode #184 - August 17, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Ripple20: Finding Vulnerable Devices & Detecting Attacks - 03:00 PM-03:30 PM


Visit https://securityweekly.com/ for more information!


Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Description

Jeff Costlow, Deputy CISO at ExtraHop, will discuss the challenges of detecting and patching Ripple20. Ripple 20 is a series of zero-day vulnerabilities in a widely used low-level TCP/IP software library developed by Treck, Inc. There are two primary attack vectors: Internet Protocol and Domain Name Services. Jeff will discuss ExtraHop's approach to detecting these devices and provide a quick demo of the solution.

This segment is sponsored by ExtraHop Networks.

Visit https://securityweekly.com/ to learn more about them!


https://www.extrahop.com/company/blog/2020/ripple20-vulnerable-devices-and-attacks/


Guest(s)

Jeff Costlow

Jeff is a security technologist and leader with over 20 years of deep experience securing information and technology assets as well as years of successful engineering leadership, delivering secure product deployments to thousands of customers. Jeff leads the ExtraHop team towards groundbreaking security and privacy services.


Hosts

2. New Problem Solving Strategies, New Priorities, & Jobs With a Future - 03:30 PM-04:00 PM


Announcements

  • Join the Security Weekly Mailing List for webcast/virtual training announcements and to receive your personal invite to our Discord server by visiting https://securityweekly.com/subscribe and clicking the button to join the list!

  • Learn How to Create and Run a Conference, from some of the geniuses behind Layer8 Conference and Wild West Hackin Fest on August 19th! Our next technical training on August 27th will teach you about BootHole, SIGRed and SMBleed…Best Practices To Prioritize And Remediate Now! Learn How to Extend the Enterprise Network for Remote Workers and Protect Your Home Network on September 10th! Visit https://securityweekly.com/webcasts to see what we have coming up! Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

Description

In the Leadership and Communications section, CISOs say new problem solving strategies required, How Remote Work is Reshuffling Your Security Priorities and Investments, Security Jobs With a Future -- And Ones on the Way Out and more!


Hosts

Jason Albuquerque's Content:

Articles

Matt Alderman's Content:

Articles

  • CISOs say new problem solving strategies required - At present, executives are solving a brand new set of problems. Stay-at-home orders and remote work have catalyzed massive organizational shifts. These include:
    • Transitioning infrastructure
    • Rethinking data privacy and storage
    • Reconfiguring budgets
    • Reshaping the internal culture around cyber security
  • Two CISOs Pay $400k for Security, Yet One Spends 10x More. How? - The average organization spends about $7,500 per employee on information technology, with about 5.6% of that spend earmarked for cybersecurity. At these rates, the CISO at an 1,000 employee organization has an average annual infosec budget of $400k, with around $220k spent on reactive measures and $180k spent on proactive measures. As you can tell, an “average” breach, at $4 million, is an order of magnitude more costly than the overall budget for an organization like this. So, if we consider a scenario where one CISO invests heavily in proactive measures, successfully avoiding a major breach, while another invests primarily in reactive measures, and ends up cleaning up after a major breach, CISO one ends up spending 10x less overall.
  • How Remote Work is Reshuffling Your Security Priorities and Investments - And the winners are...
    • Identity and access management (IAM)
    • Endpoint detection and response (EDR)
    • Cloud security
    • Mobile device management
    • Data leakage prevention (DLP)
  • How to tackle the IAM challenges of multinational companies - The rapidly changing business, regulatory and IT environment makes IAM a tough nut to crack for large multinationals. To deal with these regulations, multinational companies need a strong IAM that is flexible enough to be strong in some regions, but more relaxed in others. Here's a few recommendations:
    • Shift to as-a-service model
    • IAM as a managed service
    • Define your future Identity Fabric
  • How to make your security team more business savvy - CISOs are finding ways to inject more business skills into their teams through recruitment, training and staffing strategies that broaden workers’ horizons — strategies that they say are paying off with stronger security and better aligned risk management. Here's how:
    • Lead by example
    • Create opportunities for more cross-function experiences
    • Hire broader-minded talent
    • Cultivate a business mindset in staff members
  • How to Prepare for a Difficult Conversation You Can’t Have in Person - Here are four ways business owners and leaders can prepare for tough conversations with greater intention and reflection, especially when they can’t have them face to face.
    • Define your desired outcome.
    • Anticipate what will be seen and said.
    • Script before you speak.
    • Make sure to vent first.
  • Security Jobs With a Future -- And Ones on the Way Out - Some titles are hot, while others are not, amid rapidly shifting business priorities. Here's the list...
    • HOT
      • Data Scientist/Security Analyst
      • The DevSecOps Security Engineer
      • Security Architect
      • Cloud Roles
      • Governance and Compliance Roles
    • NOT NOT
      • Security Operations Center Analyst
      • Traditional Security Engineer
      • Hardware Engineer
      • Data Center Security Manager

Paul Asadoorian's Content:

Articles