Episode539

From Paul's Security Weekly
Jump to: navigation, search

Paul's Security Weekly #539

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Interview: Lisa O'Connor, Accenture - 6:00PM-6:45PM

    Lisa O'Connor
    Managing Director at Accenture.

    Lisa leads Global Security Research and Development at Accenture Labs. In this role, she curates and manages a portfolio of cyber research, including threat intelligence, advanced cyber hunting, orchestration for resilient cyber architectures, edge analytics, analytics and machine learning, active defense and security of the Industrial Internet of Things.

    With more than 29 years of information security experience and over 18 years of expertise in financial services, Lisa also has more than seven years’ experience as an active member of the Financial Services Sharing and Analysis Center (FS-ISAC) and the Financial Services Sector Coordinating Council. She is a Certified Information Systems Security Professional (CISSP) by ISC2 and an INFOSEC Analyst and a Cryptologic Engineer, recognized by the NSA.

    Prior to this, Lisa was part of Accenture’s Consulting business for Financial Services in North America, where she led the organization’s security efforts in Banking and Payments. In her career, she has played several critical roles, including Fannie Mae as the lead of Information Security Governance, leading the national security consulting practices at Predictive Systems (INS), Guardent (Verisign), PriceWaterhouseCoopers and the National Security Agency. Her work at the National Security Agency included assignments to the White House Communications Agency and to the Surveys and Investigations Staff of the House Appropriations Committee.

    She served for over six years as a Board member of a national ovarian cancer foundation focused on educating women about the often-misdiagnosed symptoms, empowering women to advocate for their health and fundraising to fund out-of-the-box scientific research to accelerate the diagnosis and treatment of ovarian cancer. A rock climbing enthusiast, Lisa is also part of the Access Fund Mid Atlantic Climbers, a non-profit organization dedicated to preserving access to climbing areas in the Mid-Atlantic region. Her hobbies also include gardening and hugging trees. Her guiding thought is: “Trust your intuition, it's trying to tell you something.”

    Advanced Security Analytics - Many vendors use the terms "AI" and "Machine Learning", often times we believe these are just words, how can we use these techniques in security effectively? Data Protection At Scale - We, as a society, generate more data than ever before, how do we protect the sensitive data? Attack Surface Management - Many in IT still believe in the more traditional approach to attack surface, protecting IP addresses and endpoints, how do we need to evolve our thinking to become more effective at security?

    Tech Segment: Bypassing Two-Factor Authentication with Eyal Neemany, Javelin Networks - 6:45-7:45PM

    Eyal Neemany
    Sr. Cyber Security Researcher at Javelin-Networks

    Former Head of Israeli Air Force CERT & Forensics Team, Senior Security Researcher at Javelin Networks.

    Security News - 7:45PM-8:30PM

    Paul's Stories

    1. Uber Paid 20-Year-Old Florida Hacker $100,000 to Keep Data Breach Secret
    2. Process Doppelgnging: New Malware Evasion Technique Works On All Windows Versions
    3. Naked rowers calendar hit by denial-of-service attack following Russia 'ban'
    4. Newly Revealed Flaw in Intel Processors Allows Undetectable Malware
    5. Man turns shed into top rated restaurant on TripAdvisor
    6. Banking Apps Found Vulnerable to MITM Attacks
    7. Apple gets around to patching all the other High Sierra security holes

    Larry's Stories

    1. Bluetooth enabled GUN SAFE hax.
    2. MailSploit, for when you need to sploit mail clients with your SE campaign
    3. IoT security with Microsoft

    Jeff's Stories

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+