Difference between revisions of "SCWEpisode12"

From Paul's Security Weekly
Jump to: navigation, search
 
Line 1: Line 1:
 
''Recorded on January 7, 2020, @G-Unit Studios in Rhode Island!''
 
''Recorded on January 7, 2020, @G-Unit Studios in Rhode Island!''
 +
 +
==Episode Audio==
 +
<div align="center">
 +
{{#widget:SoundCloud
 +
|id=740376604
 +
|width=75%
 +
|height=100
 +
|color=660202
 +
|visual=false
 +
}}
 +
</div>
  
 
==Hosts==
 
==Hosts==

Latest revision as of 16:53, 13 January 2020

Recorded on January 7, 2020, @G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Jeff Man
    Cryptanalyst,
    infosec analyst, pioneering ex-NSA pen tester, PCI specialist,
    Tribe of Hackers, & InfoSec Curmudgeon.
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Scott Lyons
    CEO at Red Lion
    MISTI Instructor
    Patent Holder
  • Announcements

    • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
    • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
    • We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting securityweekly.com/subscribe and clicking the button to join the list! You can also submit your suggestions for guests by going to securityweekly.com/guests and submitting the form! We'll review them monthly and reach out if they are a good fit!
    • Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.

    Interview: Ian Amit, Cimpress

    Ian Amitis the CSO at Cimpress
    Ian Amit, has over 20 years of experience in hands-on and strategic roles, working across diverse security fields: business, industry, marketing, technical and research. Ian is the Chief Security Officer at Cimpress, the world leader in mass customization. Previously, Ian held senior leadership roles at Amazon, ZeroFOX and IOActive. His career also includes time at Security-Art, Aladdin, Finjan, and Datavantage, as well as speaking at conferences such as BlackHat, DefCon, various BSides, and RSA. He founded the Tel-Aviv DefCon chapter (DC9723) and also was a founding member of the Penetration Testing Execution Standard (PTES). Ian studied Computer Science and Business Administration at the Herzliya Interdisciplinary Center.

    Segment Topic:
    Quantifiable Risk Metrics - bringing value to your security program

    Segment Description:
    Utilizing quantitative (vs qualitative) metrics in a security program is the first step in maturing it from a technical novelty to something a business can align with and see value from. Understanding where security fits into risk management.

    Segment Resources:


    Topics to discuss with Ian:

    • FAIR
    • PTES
    • RSA CisoTrack - he runs it with Chris Nickerson 50 CISO's enter, hopefully 50 leave. No vendors, no winners!

    Segment Two: Discussion and Q/A - 12:30-1:00PM

    Links to Referenced Discussion

    1. https://www.fairinstitute.org/blog/fixing-nist-800-30
    2. https://wiki.securityweekly.com/ES_Episode139
    3. https://www.cisotrack.com/