Crystal Ball Gazing – ESW #251
Full Audio
View Show IndexSegments
1. The Real Costs of Ransomware in 2021, 2022, & Beyond – Mike Campfield – ESW #251
Ransomware: the problem that everyone is talking about, yet somehow continues to get worse with each passing year. In 2021, the cost of ransomware to global businesses is estimated to reach a whopping $20B. The problem has reached such a critical mass that it can no longer be cast away as some unknowable IT problem––everyone from cyber insurance providers to the federal government have taken note. ExtraHop VP, GM of International and Global Security Programs Mike Campfield joins Security Weekly for a retrospective on ransomware in 2021, shares his predictions on how it will evolve in 2022 and beyond, and what controls enterprises can put into place to build their resilience to the growing threat.
This segment is sponsored by ExtraHop Networks.
Visit https://securityweekly.com/extrahop to learn more about them!
Sponsored By
Announcements
In an overabundance of caution, we have decided to flip this year’s SW Unlocked to a virtual format. The safety of our listeners and hosts is our number one priority. We will miss seeing you all in person, but we hope you can still join us at Security Weekly Unlocked Virtual! The event will now take place on Thursday, Dec 16 from 9am-6pm ET. You can still register for free at https://securityweekly.com/unlocked.
Guest
Mike Campfield is the new Chief Revenue Officer (CRO) at Uptycs. Mike comes to Uptycs from Safeguard Cyber where he was the CRO. Mike has helped scale many prominent technology companies such as Documentum, FireEye, ExtraHop, and EMC. Mike lives in Rhode Island with his wife, two teenage children, and three dogs. Mike loves to compete and you will often hear him quoting famous athletes and coaches (or a random movie reference).
Hosts
2. Understanding Cyber Insurance Trends & Changes – ESW #251
Jeffrey joins us today to guide us through the rapidly changing world of Cyber Insurance! We solicited some questions from our audience and look forward to picking his brain in this segment.
Announcements
Throughout 2022, CRA's Business Intelligence Unit will be releasing research reports on the top topics across the security industry. Our first report will be on Third-Party Risk and the Supply Chain. To participate in the survey, please visit https://securityweekly.com/thirdpartyrisk. The results will be shared at our Third-Party Risk eSummit in January.
Guest
Jeffrey founded Cyber Risk Underwriters in 2017 to more efficiently distribute cyber insurance, take advantage of excess cyber insurance capacity to design new derivative products, and develop alternative channels to deliver product to exposed organizations. In this role, Jeffrey is building a business model to better educate clients about the catastrophic nature of cyber security risks, and create a brand reputation evolving around exposure analytics and custom program design. Prior to joining Cyber Risk Underwriters, Jeffrey enjoyed over 25 years of success providing complex insurance and risk financing design, brokerage and relationship management expertise for mid-large corporations, educational institutions, and not-for-profits. He has served many industry verticals including health care, technology, real estate and private equity.
Hosts
3. Congress Goes Cyber-Crazy, Emotet Returns, SnapAttack, & Netography – ESW #251
This week in the Enterprise Security News: NDR startup Netography raises a $45m Series A with Martin Roesch at the helm! Data Security startup Laminar comes out of stealth with a $32m Series A Threat Intel divestment SnapAttack spins out of Booz Allen Cloud Security startup Lacework raises $1.3bn in a single round, Lacework acquires Soluble, You can make some cash if you're willing to delete the NPM modules you manage, Congress goes Cyber Crazy - 18 new cybersecurity-related bills introduced, Emotet returns, but there are tracking tools, All that and more, on this episode of Enterprise Security Weekly!
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
Hosts
- 1. FUNDING: Netography Raises $45 Million in Series A Funding, Led by Bessemer and SYN Ventures, to Secure the Atomized NetworkA whopper of a Series A! For... yet another NDR product? I'm getting heavy Protectwise (acq by Verizon) vibes here - both SaaS-based NDR, with the biggest difference that Protectwise consumed full PCAPs, while Netography aims to only consume netflow, arguing that there's less and less value in deep packet inspection going forward. Even if the product doesn't look all that impressive or compelling, I suspect it's the leadership that brought the VCs to the yard on this one - Martin Roesch was the founder and CEO of Sourcefire. Martin guided the $2.7bn sale of Sourcefire to Cisco in 2013, and was key in turning Cisco into a legitimate security vendor, which picked up a ton of notable security acquisitions following Sourcefire, including ThreatGRID, Neohapsis, OpenDNS, Lancope, CloudLock, and Duo Security. Cisco had security products before Sourcefire, but it didn't *feel* like a security company until after Sourcefire. It will be interesting to see where Roesch takes this one.
- 2. FUNDING: Israeli Data Security Startup Laminar Emerges from Stealth with $32 Million Series A – Laminar
- 3. FUNDING: Threat intel startup SnapAttack lands $8M Series A following Booz Allen spinout – TechCrunch
- 4. FUNDING: Cloud security firm Lacework secures $1.3 billion in new funding roundAs you do your double-take, I'll point out that $1.3bn is the size of the ROUND. The valuation is $8.3bn.
- 5. ACQUISITION: Lacework acquires Soluble to strengthen its data-driven cloud security platform – Help Net Security
- 6. TRENDS: I will pay you cash to delete your npm module
- 7. TRENDS: GitHub’s commitment to npm ecosystem securityhttps://github.blog/2021-11-15-githubs-commitment-to-npm-ecosystem-security/
- 8. TRENDS: Emotet botnet returns after law enforcement mass-uninstall operation
- 9. TRENDS: “As tech M&A soars into the stratosphere, one sector is doing more than its share to boost it toward those previously unimaginable heights: #Informationsecurity.”One of my mentors when I was learning the business and investment side of the industry, Brenon Daly. He always has some interesting takes on the market. It's good to see that the current market looks just as nuts to him as it has to us. It's also shocking to see it quantified on a bar graph, zoomed out to an annual time scale!
- 10. LEGISLATION: 18 new cybersecurity bills introduced as US congressional interest heats upWe won (by losing)! People are finally taking cybersecurity seriously. So now we're swamped with proposed cybersecurity legislation, and some of it is... not well thought out.
- 11. LEGISLATION: Congress Mulls Banning Big Ransomware PayoutsUtter idiocy.
- 12. RESEARCH: Mapping ATT&CK to CVE for Impact
- 13. TOOLS: Feodo Tracker (botnet tracker)
- 14. TOOLS?: SS7 Hack Software – How to hack SS7 and Intercept SMS
- 15. REPORTS: McAfee – Hidden Costs of Cybercrime
- 16. REPORTS: Inside the Mind of a Hacker 2021 Edition
- 17. SQUIRREL: The Mysterious Case of the F*cking Good Pizza
