Attack & Defense – ESW #250
Full Audio
View Show IndexSegments
1. MegatronAL on Kicking in the Door to Cybersecurity – Angela Marafino – ESW #250
I once told my college advisor that I wanted to double major in computer science and jazz performance. She laughed at me. Instead, I jumped into a career in IT and played jazz - without a degree in either. Turns out, that was fine - the industry valued experience and results over academic achievement.
Today's guest has two degrees, one in fine arts, one in pre-law, and that's also fine. If there's anything I've learned in InfoSec, it's the mind that matters most, less so the degrees or certs on your wall. Angela Marafino gets cybersecurity and understands what makes it tick. Using this knowledge, she has built a personal brand, network, and career in an impressively short time. She is simultaneously mentor and mentee.
Today, we'll explore Angela's path into the industry as well as some of her views on challenges, like imposter syndrome.
https://hbr.org/2021/02/stop-telling-women-they-have-imposter-syndrome https://www.itspmagazine.com/focal-point-podcast https://twitter.com/hackerbookclub1
Announcements
In an overabundance of caution, we have decided to flip this year’s SW Unlocked to a virtual format. The safety of our listeners and hosts is our number one priority. We will miss seeing you all in person, but we hope you can still join us at Security Weekly Unlocked Virtual! The event will now take place on Thursday, Dec 16 from 9am-6pm ET. You can still register for free at https://securityweekly.com/unlocked.
Guest
Based out of Seattle, Washington, Angela Marafino is a Program Manager within the Security, Compliance, Identity, and Management organization of Experiences & Devices at Microsoft. Currently a co-host of the Focal Point podcast on the ITSP Magazine podcast channel, moderator of The Hacker Book Club, a proud mentor, a humble mentee, she stays quite busy while also balancing work with play as a dog & cat mom, world traveler, avid reader, and foodie!
Hosts
2. Building a Risk Based Security Program That Actually Works – Nick Leghorn – ESW #250
Risk based security programs are all the rage, from managers looking to "trim" the security budget to regulatory bodies looking for excuses to fine your company. Nick is a security pro who has seen it all -- programs done well, programs done poorly, and implemented one or two of them himself, and would love to share the lessons learned from those experiences.
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Guest
Nick Leghorn is the Director of Application Security at the New York Times. After graduating from Penn State University with a degree in Security and Risk Analysis, his first job was working for the U.S. Department of Homeland Security quantifying terrorism risks and identifying mitigations to provide the best risk reduction for each dollar spent.
Nick has spent his career working for a number of large companies, including Rackspace Hosting, Shoretel, Mitel, and Indeed, improving the security of both the infrastructure itself as well as the processes within the company.
Hosts
3. Record Unicorns, SCYTHE Series A, SPAC Fails, McAfee Worth $14B, & Hashicorp IPO – ESW #250
In the Enterprise Security News for this week: Drata reaches unicorn status in record time with a $100m Series B, SCYTHE announces a $10m Series A, McAfee Consumer business acquired for $14b, WPScan acquired by Automattic (the company behind WordPress), QOMPLX SPAC is called off, HashiCorp IPO is not called off, open source CSPM and firmware emulation tools, Ghost kitchens and more.
Announcements
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
Hosts
- 1. FUNDING: Drata Reaches Unicorn Status with $100M in Series B Funding
- 2. FUNDING: SCYTHE Announces $10 Million Series A Investment to Support Expansion of Enterprise-Level Cybersecurity
- 3. ACQUISITIONS: McAfee to Be Acquired by an Investor Group for over $14 Billion
- 4. ACQUISITIONS: DomainTools and Farsight Security Join Forces to Deliver Best-in-class Threat In
- 5. ACQUISITIONS: WPScan Acquired by Automattic – WPScan WordPress Security
- 6. ACQUISITIONS: SPAC Tailwind Acquisition, QOMPLX call off $1.4 billion merger, citing ‘market conditions’
- 7. IPO: HashiCorp Files for U.S. IPO, Said to Seek $10 Billion Valuation
- 8. TOOLS: Netflix’s ConsoleMe – soon to be a commercial product!
- 9. TOOLS: Firmadyne: run embedded linux firmware in a VM!
- 10. REGULATIONS: Despite Abuses of NSO Spyware, Israel Will Lobby U.S. to Defend It
- 11. SQUIRREL: The Mysterious Case of the F*cking Good Pizza
