Changes

From Security Weekly Wiki
Jump to navigationJump to search
3,315 bytes added ,  19:47, 12 July 2018
no edit summary
= Paul's Security Weekly #549 =
''Recorded February 22, 2018 at G-Unit Studios in Rhode Island!''
<!-- == Episode Audio ==<div align="center">
{{#widget:SoundCloud
|id=366788456408002385
|width=75%
|height=100
|visual=false
}}
</div> -->
=== Hosts ===
{{Template:Paul}}
{{Template:Larry}}
{{Template:Joff}}
= Announcements =
= Interview: Mary Beth Borgwing, Mach37 (Women in Cyber Con.) - 6:00PM-6:45PM =
[[File:MaryBeth.jpg|right|220px|thumb|<center>'''[https://twitter.com/MACH37 MACH37cyber Mary Beth Borgwing]'''<br>is an Advisor to [https://www.mach37.com/ MACH 37].</center>]] Mary Beth Borgwing, Executive Entrepreneur, Standish Cyber Corp Mary Beth Borgwing is an Advisor to MACH 37 and Center for Innovation (CIT) as the Cyber Executive Entrepreneur and serves as an advisor to many startups with Standish Cyber Corp. Borgwing is bridging the leadership gap and providing cybersecurity SME for new cyber products for private equity and venture investment as well as Fortune 1000 clients. Borgwing has served as executive leadership, CEO and board member of several technology and security companies: • President & CEO, board member for LemonFish, data breach discovery, AI and analytics proprietary product for finding your crown jewels, (IP) that are exposed on the open, deep and dark web. Company was acquired March 2017, private equity investors, LLR Partners and Egis Capital. • President of Cyber Risk Practice, Advisen, Ltd, cyber data analytics and technology company that focuses on data and risk analytics in the insurance industry. • Board Advisor, Chief Financial Officer at Vigilant (sold to Deloitte), a SEIM security company. Vigilant provides perimeter security for money-center financial institution, Federal Reserve Bank of New York, Global banks and hedge fund companies. • Board member, CFO of Sentillion (sold to Microsoft), a single sign-on security technology company. Raised $50+M, C round with Merrill Lynch Private Equity, Polaris Partners, InterSouth Partners, Dresdner Klein Worth. Mary Beth has extensive experience in equity funding, financing for technology companies, Enterprise Risk Management(ERM) and executive leadership in the cybersecurity sector. She brings decades of expertise to start-ups in strategy, operations, product development from building many technology companies in Boston, New York and Virginia. She is the Co-Chair Cyber Advisory Board, CompTIA, Advisor to ICMCP, International Minority Cyber Group and Eleven Canterbury, a technology international consultancy in NYC. Borgwing is a frequent speaker on cyber risk at global cyber conferences and contributing author to many national cyber publications.<center>{{#ev:youtube|Gy2s1ZSKE9A}}</center>
<!-- <center>{{#ev:youtube|PF69klX4LQU}}</center> -->
# How did you get your start in information security?
# With all of the protections available today, why is ransomware a threat What should people listening to this show want to the enterpriseknow about GDPR? Or # Why is itthe percentage of women working in this field so low compared to men?# What are the weaknesses ransomware preys uponis Mach37?# What is we can do as a tabletop exercisecommunity to support early stage startups?# Why are they so useful Where do some of the best ideas for ransomwarenew companies com from?# For practitioners listening, why should they love tabletop exercises What are some of the pros and cons to creating and step away from the keyboardrunning a startup?# How do you execute on apply to the Mach37 program?# What are some of the companies that have come out of the lessons learned in tabletop exercisesprogram?# If you were to create a startup today, what type of problem would you solve?
= Tech SegInterview: Bruce Sussman, SecureWorld Boston - 6:45-7:45PM =[[File:BruceSussman.jpg|right|220px|thumb|<center>'''[https://twitter.com/forecastupdates Bruce Sussman]'''<br>is a Cybersecurity Journalist and helps run [https://www.secureworldexpo.com/ SecureWorld Boston].</center>]] Bruce Sussman spent more than 20 years on TV screens in Portland, Oregon. A journalist, certified meteorologist, and public speaker, Sussman has been telling stories about InfoSec and cybersecurity for several years now. He is SecureWorld’s MMJ (multi-media journalist) and leads media development at the company. “This is cybersecurity’s prime time,” he says. “The world depends on leaders in InfoSec. I cannot believe I get to interview so many of them at our regional cybersecurity conferences, as they share best practices with their peers.” Sussman graduated from the University of Missouri School of Journalism back in the dark ages. If you have a news tip for him, his email is bruces@secureworldexpo.com. <center>{{#ev:youtube|hrQZCk70j6o}}</center><br><br><br>
<!-- [[File:Rebekah.jpg|right|220px|thumb|<center># How did you get into the security field?# What was it like making the transition from meteorologist to security journalist?# What are some of the most interesting people you've met in infosec and why?# You say this is cybersecurity''[https://twitter.com/pdxbek Rebekah Brown]'''<br>s prime time, how come?# Tell us about your role today at Secure World?# How does Secure World differ from other security conferences?# Who is the Threat Intelligence Lead at [https://www.rapid7.com/ Rapid7].</center>]] -->speaker you are most excited about?
= Security News - 7:45PM-8:30PM =
<!-- <center>{{#ev:youtube|PF69klX4LQUHnsSfrUlkPQ}}</center> -->
== Paul's Stories ==
== Larry's Stories ==
#[https://gizmodo.com/new-report-on-ai-risks-paints-a-grim-future-1823191087 Bad AI is still AI]
#[http://cert.europa.eu/static/WhitePapers/CERT-EU_SWP_17-002_Lateral_Movements.pdf Detecting Lateral movement]
#[https://www.theverge.com/2018/2/27/17054740/palantir-predictive-policing-tool-new-orleans-nopd combine this with even better FB facial recognition...]
#[https://www.evilsocket.net/2018/02/27/All-hail-bettercap-2-0-one-tool-to-rule-them-all/ Bettercap 2.0!]
#[https://www.digicert.com/blog/digicert-statement-trustico-certificate-revocation/ Cert compromises and a bit WTF moment] - Also, more findings and [https://mobile.twitter.com/cujanovic/status/969229397508153350 WTAF]
#[https://www.secureworldexpo.com/industry-news/north-korea-capable-of-jumping-air-gap FUD or REAL: N. Korean malware can jump air gaps]
#[https://www.wired.com/story/github-ddos-memcached/ Github DDoS]
 
== Joff's Stories ==
#[https://thehackernews.com/2018/02/memcached-amplification-ddos.html DDoS Rules Again!]
 
 
Don't forget your CPE's!
Chip writes in:
"You might remind your listeners, at least those with one or more security related certifications, to keep track of their listening and submit the hours they spend watching/listening as CPE hours to their various agencies. I racked up 35 hours in the last few months of last year.
 
I listen on my iphone, enter the listen date, show date, and duration into a spreadsheet and total it up every once in a while and submit it.
 
I’ve heard from several peers that they forgot to do CPE work for their CISSP and had to do a mad scramble in the month(s) before their 3 year cert expired. While keeping track of listening isn’t what I would call fun it is certainly better than going through hell at the end of the cycle.
 
I have CISSP, PCI-C, and CIPT certifications - I’ve submitted my PSW listening to all of them.
"
{{SocialMedia}}
1,067

edits

Navigation menu