Scw46

From Security Weekly Wiki
Jump to navigationJump to search

Security and Compliance Weekly Episode #46 - October 06, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. SCW's First Anniversary/Recap - 12:00 PM-12:30 PM


Announcements

  • Would you like to have all of your favorite Security Weekly content at your fingertips? Do you want to hear from Sam & Andrea when we have upcoming webcasts & technical trainings? Have a question for one of our illustrious hosts, someone from the Security Weekly team, or wish you could “hang” out with the Security Weekly crew & community? Subscribe on your favorite podcast catcher, sign up for our mailing list, and join our Discord Server to stay in the loop on all things Security Weekly! Visit: https://securityweekly.com/subscribe

  • It’s official! Security Weekly, in partnership with CyberRisk Alliance, is excited to present Security Weekly Unlocked on December 10, 2020. The inaugural edition of Security Weekly Unlocked also celebrates Security Weekly’s 15th Anniversary. Registration and call for speakers is now open. Visit securityweekly.com/unlocked to submit your speaking session and register for free!

Description

We're going to look back on our favorite episodes of the first year, reflect on how we are doing, solicit feedback from listeners, look ahead to the future/coming year - what to expect.


Thanks to all of our amazing guests who made this past year a successful start to Security & Compliance Weekly (I hope I got all of you):

Alexander Niejelow, Ron Ross, Michael Santarcangelo, Russell Mosley, Jim Nitterauer, Mathieu Gorge, Laura Jones, Steve Levinson, Ian Amit, Ben Rothke, Trevor Bryant, Chris Roberts, Winn Schwartau, Matt Allen, David Walter, Chris Golden, Jeffrey Smith, Joe Brinkley, Jake Williams, Ann Cleaveland, Josh Corman, Rob Carey, Chris Patteson, Matt Springfield, Kimber Dowsett, Brian Tremblay, Ben Rothke, Jeff Hall, David Mundhenk, Art Cooper, John Snyder, Jeannette Manfra, Matt Tarr, Priya Chaudhry, Oleg Shomonko (Ekran), David King, Chas Ballew, Liam Downward




Guest(s)

Kat Valentine

Getting her start with phones and computers at the early age of 6, Kat decided to put fear of success and failure aside to start Osmosis Security, a boutique security firm that supported her vision of what the professional hacker community should be focused on. Kat had humble beginnings and started her career working technical support for a local dial-up ISP in 1998. Since then, Kat worked in many different roles, from network voice engineer, vulnerability researcher to auditor, and is responsible for the secure and compliant design of several well-known cloud providers, payment providers, security platforms and end user applications, including the first compliance automation platform. Skilled in integrating security and compliance with business and product objectives. As of late, she applies that knowledge as an independent consultant where she performs risk assessments, gap assessments and automates evidence collection for Bay Area startups against compliance frameworks like GDPR, SOC 2, HIPAA and PCI. In her spare time, Kat prints things off her 3D printer to relax and designed the first hack/phreak shoe line, the PhreakerSneaker.


Hosts

Jeff Man's Content:

Template:SCW46TopicJeffMan

John Snyder's Content:

Template:SCW46TopicJohnSnyder

Josh Marpet's Content:

Template:SCW46TopicJoshMarpet

Scott Lyons's Content:

Template:SCW46TopicScottLyons


2. Ransomware Attacks - 12:30 PM-01:00 PM


Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • In our October 22nd technical training, we will provide a first look at a new, free resource that delivers thousands of remedies as a service to bridge the gap between vulnerabilities found, and vulnerabilities fixed! On October 28th, learn how to build an integrated security platform in our webcast at 3pm ET! Visit https://securityweekly.com/webcasts to see what we have coming up! Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

Description

How Security & Compliance fails and what to do about it.


The ransomware attack of UHS last week brought the specter of cyber attacks actually leading to loss of life. We started a discussion last week on Paul's Security Weekly (https://securityweekly.com/shows/ryuk-ransomware-attack-windows-xp-server-leak-potential-return-to-hackers-psw-668/) I want to continue the discussion today, and especially take a look at what security and compliance programs can do to help - and/or what do they fail to do to prevent these attacks in the first place.


Guest(s)

Kat Valentine

Getting her start with phones and computers at the early age of 6, Kat decided to put fear of success and failure aside to start Osmosis Security, a boutique security firm that supported her vision of what the professional hacker community should be focused on. Kat had humble beginnings and started her career working technical support for a local dial-up ISP in 1998. Since then, Kat worked in many different roles, from network voice engineer, vulnerability researcher to auditor, and is responsible for the secure and compliant design of several well-known cloud providers, payment providers, security platforms and end user applications, including the first compliance automation platform. Skilled in integrating security and compliance with business and product objectives. As of late, she applies that knowledge as an independent consultant where she performs risk assessments, gap assessments and automates evidence collection for Bay Area startups against compliance frameworks like GDPR, SOC 2, HIPAA and PCI. In her spare time, Kat prints things off her 3D printer to relax and designed the first hack/phreak shoe line, the PhreakerSneaker.


Hosts

Jeff Man's Content:

Template:SCW46TopicJeffMan

John Snyder's Content:

Template:SCW46TopicJohnSnyder

Josh Marpet's Content:

Template:SCW46TopicJoshMarpet

Scott Lyons's Content:

Template:SCW46TopicScottLyons