Enterprise Security WeeklySubscribe
Vulnerability Management, Data Security, Security Program Controls/Technologies, Identity, Incident Response, Threat Management

ESW #280 – Fleming Shi, Kevin L. Jackson, Meritt Maxim

Full Audio

View Show Index

Segments

1. Securing IoT Devices – Kevin L. Jackson – ESW #280

Connected devices outnumber us humans two to one, a ratio that is on an accelerating growth curve. Risks associated with device counterfeiting and cyberattacks is also growing rapidly and now represent very real real risks to economies, national security, our critical infrastructure, and our very lives. One necessary component for addressing this threat is establishing a verifiable and immutable device identification and lifecycle reporting system.

Segment Resources: Number of mobile devices worldwide 2020-2025: https://www.statista.com/statistics/245501/multiple-mobile-device-ownership-worldwide/

UCID Website - https://www.ucidentifier.io/

Announcements

  • We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!

Guest

Senior Vice President at Total Network Services

Kevin L. Jackson is Senior Vice President of Total Network Services (https://www.tnscorp.io/),. With over 350,000 followers on social media, he is also the host of the “Digital Transformers” podcast. Internationally recognizable firms that have sponsored articles authored by him include Cisco, Microsoft, Citrix and IBM. He has also provided technology consulting services to Applied Materials, AT&T Business, Intel, Fujitsu, SAP, and Ericsson.

As an Associate Consultant with A.T. Kearney, he provided cloud computing and cybersecurity management consulting services to the Kingdom of Saudi Arabia which served as the basis for the Kingdom’s national cybersecurity regulations. Mr. Jackson’s commercial experience also includes Vice President J.P. Morgan Chase, Worldwide Sales Executive for IBM and SAIC (Engility) Director Cloud Solutions. He has served on teams that have supported digital transformation projects for the North Atlantic Treaty Organization (NATO) and the US Intelligence Community.

Kevin Jackson’s formal education includes a MS Computer Engineering from Naval Postgraduate School; MA National Security & Strategic Studies from Naval War College; and a BS Aerospace Engineering from the United States Naval Academy. Previous books include “Click to Transform” (Leaders Press, 2020), “Architecting Cloud Computing Solutions” (Packt, 2018), and “Practical Cloud Security: A Cross Industry View” (Taylor & Francis, 2016). He also delivers online training through Tulane University, O’Reilly Media, LinkedIn Learning, and Pluralsight.

Mr. Jackson retired from the U.S. Navy in 1994, earning specialties in Space Systems Engineering, Carrier Onboard Delivery Logistics and carrier-based Airborne Early Warning and Control. While active, he also served with the National Reconnaissance Office, Operational Support Office, providing tactical support to Navy and Marine Corps forces worldwide.

Hosts

Principal Researcher at The Defenders Initiative
Senior Engineering Leader at AWS
VP Traceable.ai, Cyber Angel Investor and Advisor at 90 Degree Ventures

2. Survival of the Quickest, Ransomware Victim Paid, Zendesk, & Cyber Insurance Unicorn – ESW #280

In the Enterprise Security News, Cyber insurance joins the Unicorn club, Bishop Fox raises a $75M Series B, A dozen more funding rounds, XM Cyber acquires Cyber Observer, Zendesk gets bought by private equity, 5 more rounds of cybersecurity layoffs, Some very interesting new products - both open source and commercial, Survival of the Quickest, And a ransom victim earning money from its payment??

Announcements

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Hosts

Principal Researcher at The Defenders Initiative
  1. 1. FUNDING: Cyber insurance firm Coalition valued at $5 billion after fund raise
    https://www.reuters.com/technology/cyber-insurance-firm-coalition-valued-5-bln-after-fund-raise-2022-07-08/
  2. 2. FUNDING: Carrick Capital Invests $75 Million in Cybersecurity Company Bishop Fox
    https://www.wsj.com/articles/carrick-capital-invests-75-million-in-cybersecurity-company-bishop-fox-11657792800
  3. 3. FUNDING: Swimlane Secures $70M Growth Round to Fuel Global Expansion of Next Generation Low-Code Security Automation Platform
    https://www.businesswire.com/news/home/20220706005017/en/Swimlane-Secures-70M-Growth-Round-to-Fuel-Global-Expansion-of-Next-Generation-Low-Code-Security-Automation-Platform
  4. 4. FUNDING: Cyolo Raises $60 Million in Series B Financing to Meet the Rising Demand for Smarter, Faster and More Reliable Access to Digital Assets
  5. 5. FUNDING: Normalyze Announces $22.2M in Series A Funding to Solve the Biggest Issue in Modern Cloud Security: Data
  6. 6. FUNDING: Opaque System nets $22M to bring collaboration to confidential computing – SiliconANGLE
  7. 7. FUNDING: CloudQuery: Dev-First Cloud Asset Inventory, Congrats on the $15M Series A
  8. 8. FUNDING: Token Announces $13 Million Series B Funding Round and Appointment of New CEO to Disrupt the Authentication Market
    https://www.businesswire.com/news/home/20220629005343/en/Token-Announces-13-Million-Series-B-Funding-Round-and-Appointment-of-New-CEO-to-Disrupt-the-Authentication-Market
  9. 9. FUNDING: Security automation startup Cerby raises $12M to secure non-IT-managed apps
  10. 10. FUNDING: Hacker-led security startup Hadrian raises €10 5M, unsolicited seed round – Hadrian
  11. 11. FUNDING: INSPECTIV CLOSES $8.6M FUNDING ROUND, EXPANDS LEADERSHIP TEAM
  12. 12. FUNDING: IaC Security Leader oak9 Raises $8 Million in Additional Funding
  13. 13. FUNDING: Infrastructure as Code (IaC) Security Leader oak9 Raises $8 Million in Additional Funding
  14. 14. ACQUISITIONS: Seven Months After Acquisition by Schwarz Group, XM Cyber Acquires Cyber Observer
  15. 15. ACQUISITIONS: Zendesk sells to private equity group for $10.2B – TechCrunch
  16. 16. LAYOFFS: Snyk – Announcing organizational updates to better serve our customers
  17. 17. LAYOFFS: Facing Slowing Growth And Worker Discontent, High-Flying Fintech Unicorn Socure Lays Off 13% Of Staff
  18. 18. LAYOFFS: Big layoff at Interos.ai Today
    Interos.ai continues its slide from an exciting unicorn to a complete failure. Today they did a 15% layoff across the organization, including sales. Interos has failed to make any major sales this year and seems destined to go to the scrap pile. #Interos #Layoff
  19. 19. LAYOFFS: Finite State – Columbus Inno – Drive Capital-backed cybersecurity startup cuts jobs amid economic downturn
  20. 20. LAYOFFS: $IRNT Ironnet Reduces Number Of Employees by About 55, Which Represents About 17% Of Total Employees
  21. 21. LAYOFFS: Highflying Cyber Firms Cut Staff After Raising Hundreds of Millions of Dollars
  22. 22. NEW HIRES: CyCognito Appoints Anne Marie Zettlemoyer as Chief Security Officer
  23. 23. NEW PRODUCTS: Introducing 1Password for Visual Studio Code
  24. 24. NEW PRODUCTS: Tensor9 – Use sensitive data without seeing it
  25. 25. NEW PRODUCTS: Amazon launches CodeWhisperer, a GitHub Copilot-like AI pair programming tool – TechCrunch
  26. 26. NEW TOOL: Microsoft open sources Salus software bill of materials (SBOM) generation tool
  27. 27. NEW TOOL: Introducing Splunk Attack Range v2.0
  28. 28. NEW SERVICE: Deloitte launches a new zero-trust access managed service
    https://venturebeat.com/2022/07/11/deloitte-zero-trust-access/#amp_tf=From%20%251%24s&aoh=16577160373805&csi=0&referrer=https%3A%2F%2Fwww.google.com&share=https%3A%2F%2Fventurebeat.com%2F2022%2F07%2F11%2Fdeloitte-zero-trust-access%2F
  29. 29. TRENDS: Python packages upload your AWS keys, env vars, secrets to the web
    Time to play our favorite gameshow, "ACTUAL THREAT OR JUST RESEARCHER"?!?
  30. 30. TRENDS: Sequoia, Adapting to Endure – Page 23, Survival of the Quickest
  31. 31. TRENDS: NIST unveils four algorithms that will underpin new ‘quantum-proof’ cryptography standards
  32. 32. TRENDS: The Cybersecurity Skills Gap is Another Instance of Late-stage Capitalism
  33. 33. STANDARDS: CIS Software Supply Chain Security Guide 1.0
  34. 34. REGULATION: SEC Cybersecurity Proposed Rules
  35. 35. RESEARCH: Here’s how GreyNoise reduces the noise for IPv6 networks.
    https://www.greynoise.io/blog/diving-in-the-ipv6-ocean
  36. 36. SQUIRREL: Maastricht University wound up earning money from its ransom payment
  37. 37. SQUIRREL: BMW owners outraged over $18-a-month charge to use heated seats
    https://nypost.com/2022/07/12/bmw-owners-outraged-over-18-a-month-charge-to-use-heated-seats/?sp_amp_linker=1*1b14tj3*amp_id*cEV5dllJVFRHb01Eblc5WUFsV2tXcENrVDlvWU9laVVaUmx3OVhNZUp1RmhMMVNHUkVpQVFEbnFCM1ktcHBkUg..
Senior Engineering Leader at AWS
VP Traceable.ai, Cyber Angel Investor and Advisor at 90 Degree Ventures

3. A Transform Perspective & Latest Trends in Identity & Access – Fleming Shi, Meritt Maxim – ESW #280

How surreal it is for the industry to return to RSA event in person... what changed or transformed fundamentally ... etc. Specific impacts around the areas of ZTNA, SOC, and OT security.

This segment is sponsored by Barracuda Networks. Visit https://securityweekly.com/barracuda to learn more about them!

Merritt Maxim discusses the latest trends on identity access and how organizations should tackle the ever expanding user security challenges.

Guests

CTO at Barracuda Networks

Fleming joined Barracuda in 2004 as the founding engineer for the company’s web security product offerings, helping to create the first version of Barracuda’s message archiving product and paving the way for expansion into new content security product areas. As Chief Technology Officer, Fleming leads the company’s threat research and innovation engineering teams in building future technology platforms to deliver continued success in our security and data protection products. He has more than 20 patents granted or pending in network and content security.

VP & Research Director at Forrester Inc.

Merritt leads a team of analysts who provide research and advisory services that address the needs of security and risk professionals. His team focuses on identity and access management (IAM), endpoint security, threat intelligence, and vulnerability management strategies and technologies.
Previously, Merritt was a principal analyst on the security and risk team, focusing on IAM best practices and technologies as well as physical security and internet-of-things (IoT) security. He continues to help clients address their IAM and physical security needs, map out customer requirements and strategies, and navigate the IAM technology and services landscape.

Host

Chief Product Officer at CyberSaint

Related

You can skip this ad in 5 seconds