SWNEpisode2

From Security Weekly Wiki
Jump to navigationJump to search

Recorded January 10, 2020 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Doug White
    Cybersecurity professor, President of Secure Technology, and Security Weekly network host.
  • Annoucements:

    • Our next webcast is January 15th with Cecilia Marinier, RSAC Program Director, Innovation & Scholars where we will discuss RSAC Sandbox, RSAC Innovation Sandbox, RSAC Launch Pad, RSAC Security Scholar and their "How to” Seminar for Innovators and Entrepreneurs! Register for our upcoming webcasts by visiting securityweekly.com, selecting the webcast drop down from the top menu bar and clicking registration.

    Security News

    Security Weekly News Wrap Up -- 5 -- January -- 2020


      Show Summaries
    • On Security and Compliance Weekly, Jeff hosted an interview with Ian Amit who is like crazy famous and has done just about everything in the Sec world including found the Tel-Aviv Defcon Chapter. The topic of the interview was Quantifiable Risk Metrics which is about how you can demonstrate the value in a security program which is, of course, one of the most difficult things to sell with any service organization. They really talked about utilizing quantitative metrics, instead of just saying "it's great" to bring everyone around to the idea of the value of security.
    • On Application Security Weekly, Mike and Matt interviewed Hillel Solow from Checkpoint (which recently acquired his company Protego Labs) about the Evolution of DEVSECOPS and APPSec Trends in 2020. The discussion centered around unique ways organizations are leveraging serverless for their applications and how DEVSECOPS teams are working together to build out these architectures at a rapid pace.
    • On Enterprise Security Weekly, Paul and Matt talked with Britta Glade and Linda Gray Martin about the upcoming RSAC 2020 conferences. Britta is the Director, of Content and Curation for RSA and Linda is the Senior Director and General Manager of the RSA Conference. The topic of the conversation was what to expect at the RSA 2020 conference this year in San Francisco. If you've never been to RSA you should check it out. They talked about the high level overview of the conference this year and "The Human Element" which is the overarching theme of the conference this year. Paul and Matt also talked about Docker Container Security -- Vulnerable upon Inception. Look, when dockers are instantiated, well, they can have anything at all inside and you may not know if you downloaded the container. I mean, how hard would it be to build scripts inside a docker container and put it up on github? So, this is an important issue.
    • On Business Security Weekly, Matt, Jason and Paul talked about the Best and the Worst of 2019. They talked about Amazon, Apple, and Lululemon as three of the best performing companies of 2019 and Boeing, Facebook, and Pacific Gas and Light as three of the worst. Leadership articles for the show includes CIO and IT leadership trends for 2020, Leadership Books for Jan. 2020, Replace Resolutions with habits and make your life mean something beyond 2020, The right way to form new habits, How to handle speaking in public when you are not a public speaker, and 5 questions you can ask to learn about company culture in a job interview.
    • On Security Weekly News, Jason's expert commentary focused on Iranian Cyber Threats: Practical Advice for Security Professionals. He basically summarized that you should continue to focus on operational basics. Patching, ensuring that backups are both safely stored and restorable, and that you understand "collateral damage" which can occur when an attack focused on someone else spills over and effects your organization but reminds us that despite a possible increased threat profile from Iran, you have been plugged into the hostile network 24/7 and you really need comprehensive defenses in place regardless of the state of world affairs.
    • On Paul's Security Weekly, Paul, Larry, Lee, Jeff, and Tyler had an Interview with Dan DeCloss from PlexTrac. Dan is the founder and CEO of the company and the discussion centers around Improving pen testing outcomes with purple teaming. The second segment, last night, was a tech segment with Ambuj Kumar from Fortanix. He is the creator of Runtime Encryption technology. You definitely wanted to see this segment. The topic was: The Keys to your kingdom: protecting Data in Hybrid and Multiple Public clouds and focused on the challenges of protecting data and using encryption for multiple hybrid, public clouds, and how that increases complexity, cost, and security risk. When you move to the cloud, how do you keep crypto keys, shared secrets, and tokens secure and, of course, the Security News.
      Mergers and Acquisitions this week
    • Pulse Secure and Secure Wave formed a Partnership
    • Broadcom acquired Bay Dynamics
    • Mimecast acquired Segasec
    • Cloudflare acquired S2 Systems



    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+