Enterprise Security WeeklySubscribe
Managed Services, Privacy, Application security, Breach, Security Program Controls/Technologies, Security Staff Acquisition & Development, Threat Management

ESW #314 – Ernie Bio, Sandy Carielli

Full Audio

View Show Index

Segments

1. State of the Market with a VC – Ernie Bio – ESW #314

Discuss observations and trends across the venture capital ecosystem as it pertains to cybersecurity. This will include a re-cap in how 2022 ended, what we saw in Q12023, and what we expect from an investing standpoint.

Segment Resources: https://forgepointcap.com/

Announcements

  • As a member of the Security Weekly community, we are pleased to offer you 20% off your InfoSec World 2023 tickets! Join a community of over 2,000 security professionals and innovators at InfoSec World on September 25th through 27th at Disney’s Coronado Springs Resort. Experience world-class learning and networking through enlightening keynotes, informative panel discussions, interactive breakout sessions, hands-on workshops, and more.

    Register today at securityweekly.com/infosecworld2023 using code ISW23-SECWEEK20!

Guest

Managing Director at Forgepoint Capital

Ernie Bio is a Managing Director with the cybersecurity-focused venture firm, Forgepoint Capital. He has been in venture capital for 4.5 years, focused on early stage (Series A & B) investing.

Prior to entering venture capital, Ernie worked with both U.S. Cyber Command and the Pentagon, helping to bring cyber and other cutting edge technologies into the national security ecosystem. He began his career as an Air Force F-16 fighter pilot.

Hosts

Principal Researcher at The Defenders Initiative
Product Marketer and Content Strategist at OX Security

2. Lessons Learned From 2022’s Biggest Data Breaches And Privacy Violations – Sandy Carielli – ESW #314

With over 1 billion records exposed in just the top 35 breaches, over $2.6 billion stolen in the top nine cryptocurrency breaches, and over $2.7 billion in fines levied to the top 35 violators, lessons abound for security teams. We will walk through some of the biggest trends in last year's data breaches and privacy violations, and we'll talk about what security leaders can learn from these events.

Segment Resources: https://www.forrester.com/blogs/2022-breaches-and-fines-offer-lessons-to-security-leaders

Announcements

  • We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!

Guest

Principal Analyst at Forrester Research

Sandy is a principal analyst at Forrester advising security and risk professionals on application security, with a particular emphasis on the collaboration among security and risk, application development, operations, and business teams. Her research covers topics such as proactive security design, security testing in the software delivery lifecycle, protection of applications in production environments, and remediation of hardware and software flaws.

Hosts

Principal Researcher at The Defenders Initiative
Product Marketer and Content Strategist at OX Security

3. Zombie Birds, Amazon AI LLM, Zscaler Beef, & Comcast Security!?! – ESW #314

In the Enterprise Security News, Lots of funding announcements and new companies, Private Equity acquires Maltego, Cinven acquires RSA Archer Comcast launches a security product, Zscaler has beef with Gartner, CISA releases updated Zero Trust Model, Amazon jumps into the AI LLM fray, AutoGPT stretches the imagination and potential use cases, The Ever Changing API security market, New security books just released, Zombie birds!

Announcements

  • Join us at an upcoming Official Cyber Security Summit in a city near you! This series of one-day, invitation-only, executive level conferences are designed to educate senior cyber professionals on the latest threat landscape.

    We are pleased to offer our listeners $100 off admission when you use code SecWeek23 to register.

    Visit securityweekly.com/cybersecuritysummit to learn more and register today!

Hosts

Principal Researcher at The Defenders Initiative
  1. 1. FUNDING: ID.me Appoints Samantha Greenberg as Chief Financial Officer and Raises $132 Million in Series D Funding
  2. 2. FUNDING: SpecterOps Raises $25M to Accelerate Company Growth and Expand Attack Path Management Solutions – SpecterOps
  3. 3. FUNDING: Australian firm Fivecast secures $20m in Series A
  4. 4. FUNDING: Otterize raises $11.5M to help developers securely connect software services
  5. 5. FUNDING: CYFIRMA raises $5.5M in pre-Series B round led by OurCrowd, L&T Innovation Fund
  6. 6. FUNDING: Privacy tech startup Oblivious raises €5.35m in funding
  7. 7. ACQUISITIONS: Maltego Secures $100M to Accelerate Growth of its Intelligence Platform to Combat Cybercrime and Misinformation
  8. 8. ACQUISITIONS: Cinven to acquire Archer
  9. 9. NEW COMPANIES: Mobb

    Automated vuln remediation

  10. 10. NEW COMPANIES: Strike One
  11. 11. NEW COMPANIES: Inside-Out Defense
  12. 12. NEW PRODUCTS: alphaMountain.ai – threatYeti research portal

    Another option for threat and OSINT research

  13. 13. NEW PRODUCTS: Comcast Technology Solutions Launches DataBee™ Platform to Enable Large Enterprises to Effectively Manage Enterprise Security, Risk, and Compliance

    Anyone want a cloud-native data fabric from Comcast? No? I didn't think so.

  14. 14. CYBERDRAMA: Cybersecurity Firm Zscaler Loses Coveted Spot in Gartner Ranking Due to ‘Sales Arrogance’

    Oooooh, spicy! Gartner has downgraded two 800 pound gorillas recently - first Palo Alto Networks, and now Zscaler.

  15. 15. STANDARDS: CISA Releases updated Zero Trust Maturity Model

    Good to have stuff like this toss the marketing aside and standardize the space a bit

  16. 16. REPORTS: 2023 State of Exposure Management from XM Cyber and Cyentia

    Chock full of interesting insights, this report explores XM Cyber's extensive data on attack paths (all the potential ways an attacker could get into an environment). It also makes some very progressive statements on how to handle risk and vulnerabilities. For example:

    "Threats and vulnerabilities that don't jeopardize critical assets can be effectively zeroed out."

  17. 17. LESSONS: Creating email detection rules for Sublime Security
  18. 18. AI TRENDS: Glass AI by Glass Health

    Hypochondriacs rejoice, it's WebMD 2.0!

  19. 19. AI TRENDS: Amazon Is Joining the Generative AI Race

    Amazon's inevitable, but important entry into the LLM AI space is upon us. We've been predicting that it's just a matter of time before enterprises build the "virtual AI employee", and this is a big building block towards that goal.

    Amazon Bedrock will provide access to LLMs from Anthropic and AI21 - both startups competing directly with OpenAI's offerings. Amazon also has two generative language models: Titan Text to generate text from a prompt, and Text Embeddings, which can be used for translation and search.

    AWS will also offer access to Stable Diffusion.

  20. 20. AI TRENDS: Auto-GPT: An Autonomous GPT-4 Experiment

    NOW things are getting interesting. I really need to re-read Daniel Suarez's Daemon.

  21. 21. AI TRENDS: BabyAGI
  22. 22. TRENDS: Tech Companies Unveil New Hacking Policy Council, Legal Defense Fund for Researchers

    This seems like a very positive development!

  23. 23. ESSAYS: Why cybersecurity is national security – TFX Capital
  24. 24. ESSAYS: The Ever Changing API Security Market
  25. 25. NEW BOOKS: Security Chaos Engineering: Sustaining Resilience in Software and Systems
  26. 26. NEW BOOKS: 1% Leadership
  27. 27. SQUIRREL: Scientists in New Mexico are giving dead birds a new life…

    ...with an unconventional approach to wildlife research — converting them into drones

  28. 28. SQUIRREL: TikTok ban gets final approval by Montana’s GOP legislature
Product Marketer and Content Strategist at OX Security
VP Traceable.ai, Cyber Angel Investor and Advisor at 90 Degree Ventures

Related

You can skip this ad in 5 seconds