BSWEpisode154

From Paul's Security Weekly
Revision as of 14:21, 2 December 2019 by Matt (talk | contribs)
Jump to: navigation, search

Recorded December 2, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .

  • Announcements

    • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020 and click the register button to register with our discount code!
    • Attend RSA Conference 2020, February 24-28 and join thousands of security professionals, forward-thinking innovators and solution providers for five days of actionable learning, inspiring conversation and breakthrough ideas. Register before January 24 and save $900 on a Full Conference Pass. Save an extra $150 by going to securityweekly.com/rsac2020 and use our code to register!
    • Our next webcast is February 13th with Sri Sundaralingam, Vice President, Product and Solutions Marketing at ExtraHop where we will discuss Cloud Native Network Detection and Response! Register for our upcoming webcasts by visiting securityweekly.com, selecting the webcast drop down from the top menu bar and clicking registration.


    Interview: Ward Cobleigh, VIAVI Solutions

    Ward Cobleigh is the Sr. Product Manager at VIAVI Solutions
    Ward Cobleigh, Sr Product Manager for VIAVI Solutions, understands the balancing act between network ops and security that IT pros are facing today along with the challenges they have in solving issues due to limited visibility and complexity. His experience in engineering, product management plus design and marketing give him a unique ability to cut to the heart of the problem and demonstrate solutions that give engineers a sigh of relief. He brings a refreshing bit of humor to the dry, technical topic of network performance management and security threat hunting.

    Segment Topic:
    Bringing NetOps into the Threat Hunt

    Segment Description:
    In a very recent study, 65% of responding organizations reported a shortage of cybersecurity staff, with a lack of skilled or experienced security personnel their number one workplace concern (36%). To help fill this void, there is a very real and still growing need to cross-train existing professionals and teams whenever possible. How achievable is this goal? Can we really take the typical NetOps skillset, combine it with the data sources that are typically available to them, and apply this to the SecOps skills gap? This Business Security Week Podcast will answer these questions and include a demonstration of how a performance analysis platform can be used to quickly and efficiently identify threats.

    Segment Resources:

    Blogs:


    Leadership Articles

    • Companies Need to Rethink What Cybersecurity Leadership Is - For businesses today, cyber risk is everywhere. Yet for all the investments , companies are still struggling to make cybersecurity a vibrant, proactive part of strategy, operations, and culture. The root cause is twofold: (1) Cybersecurity is treated as a back-office job and (2) most cyber leaders are ill-equipped to exert strategic influence. Here's a framework for what business leaders must do to spur cybersecurity success:
    1. Set your intent with cybersecurity strategy
    2. Position the cybersecurity function to have influence
    3. Get the right cyber leader for your needs
    • What Companies That Are Good at Innovation Get Right - Innovation labs, technology scouting outposts, and accelerator programs to invest in startups have become ubiquitous in large companies. Yet, in some companies, all of that activity adds up to nothing more than “innovation theater.” But for the ones who get it right, here's what they do:
    1. They hone their focus
    2. They collaborate with key internal partners
    3. They staff appropriately
    4. They design incentive system
    5. They monitor impact
    6. They move beyond culture clashes
    1. Know When to Send a Video Email
    2. Build Your Confidence
    3. Get Your Gear (way less than you think)
    4. Nail Your First Impression
    5. Don’t use a script!
    6. Talk to one person
    7. Lighting: Know where it is
    8. Practice, practice, practice to build confidence and success
    • Enterprises muddled over cloud security responsibilities - Miscommunication in enterprises was identified as a major factor in cloud-native security breaches. There is a diverse range of views about who should take responsibility...
    • Top tech conferences to attend in 2020 - For the CISOs:
      • Suits & Spooks DC, Feb. 6-7, Washington D.C.
      • RSA Conference, Feb. 24-28, San Francisco
      • Gartner Security & Risk Management Summit, June 1-4, National Harbor, Maryland
      • Black Hat USA, Aug. 1-6, Las Vegas
      • DEF CON 28, Aug. 6-9, Las Vegas
      • Global CISO Executive Summit, Sept. 21-23, Marana, Arizona
      • Forrester Security & Risk North America, Sept. 22-23, Washington D.C.


    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+