ESW #316 – Theresa Lanowitz, Vinay Anand, Christopher Kruegel, Geoff Bibby, Randy Watkins, Nick Biasini
Full Audio
View Show IndexSegments
1. Sun Tzu Vs Infosec, 2 Weeks of News, AI Trends, & De-Horned Unicorns – ESW #316
This week, we start with the news: 2 weeks of news to catch up on! 16 funding stories, 4 M&A stories, Cybereason prunes its valuation… a lot, First Republic Bank seized by FDIC, Ransomware is irrelevant Sun Tzu hates infosec, AI Trends, Kevin Mandia’s 7 tips for defense, & How much time should we spend automating tasks?
Announcements
Our teams from Security Weekly and SC Media were onsite at RSA Conference 2023 delivering in-depth reporting, analysis and interviews from the conference. If you were unable to join us in person, or didn't manage to catch our video livestream from Broadcast Alley, you can access all of our RSAC 2023 coverage at https://securityweekly.com/rsac.
Hosts
- 1. FUNDING: Coro raises $75M at a $575M valuation to grow its all-in-one cybersecurity platform
- 2. FUNDING: Semgrep, a code & supply chain security search engine, raises $53M Series C
$53M Series C led by Lightspeed. The REAL startups to get behind are the ones raising a Series C right now. Nice job, Semgrep.
- 3. FUNDING: Halcyon Closes $50M in Series A Funding
A $50M Series A for a startup that wants to solve the 2017 version of the ransomware problem. Ransomware is nothing more than any attack where leverage can be used to extort money out of the target. You can't build a product to solve this problem. Literally your entire security program is the solution to this problem, as these types of attacks touch nearly every aspect of security.
- 4. FUNDING: Safe Security Raises $50 Million in Series B Funding
- 5. FUNDING: Avalor Emerges from Stealth with $30M to Make Sense of Security Data
- 6. FUNDING: Token Closes $30 Million Financing to Bring its Next-Generation Multifactor Authentication Solution to Market
$30M found financed by PE firm Grand Oaks, in the form of a $20M secured note and a $10M convertible note.
"a revolutionary provider of secure, wearable authentication solutions"
- 7. FUNDING: Dasera Raises $12 Million Series A Funding to Pioneer a New Era of Data Security and Governance Risk Management
- 8. FUNDING: CyberQP Raises $12M in Funding
- 9. FUNDING: Elevate Security Receives Investment from CrowdStrike to Drive Proactive Defense for High-Risk Users – Elevate Security
- 10. FUNDING: NetRise Announces $8 Million in Funding to Advance XIoT Security Technology
- 11. FUNDING: Sonet.io Raises $6M in Seed Funding
- 12. FUNDING: Automatic Vulnerability Fixer Mobb Secures $5.4m and Launches Community Tool
- 13. FUNDING: Stack Identity Emerges from Stealth with $4M Seed Funding
"Solves Shadow Access Problem with Automated AIM Operations"
- 14. FUNDING: Operant Networks raises $3.8M in funding led by Constellation Technology Ventures – Operant Networks
- 15. FUNDING: BreachBits Raises $3.2M for pentest as a service
- 16. FUNDING: lockr Raises $2.5 Million to Help Consumers Take Control of their Digital Identity – lockr
- 17. M&A: ZeroFox Acquires LookingGlass
Acquired for $23M on $119 raised. Ouch.
- 18. M&A: Akamai Technologies To Acquire API Security Company Neosec
- 19. M&A: Yubico is merging with ACQ Bure: merged company intends to go public on Nasdaq First North Growth Market in Stockholm – Yubico
- 20. M&A: Kaseya Acquires Vonahi Security to Revolutionize Cybersecurity with Automated Network Penetration Testing
- 21. NEW GROUP: Thoma Bravo Sponsors Launch of Industry Group to Advance Cybersecurity Sector
I'm not sure I understand the purpose of this consortium. All the members are business founders and leaders, not security experts or researchers (though there is some venn diagram overlap between the two).
- 22. DEHORNED: Cybereason cuts valuation by more than 90%, loses unicorn status
- 23. BANK FAILURE: First Republic Bank seized by FDIC and sold to JPMorgan
- 24. SUPPLY CHAIN: Introducing npm package provenance
A small, but important step in the right direction.
- 25. BREACHES: Mandiant Breach: Initial Intrusion Vector Found
- 26. BREACHES: DOJ Detected SolarWinds Breach Months Before Public Disclosure
- 27. ESSAYS: The Ever Changing API Security Market
- 28. ESSAYS: Ransomware Is Irrelevant (Wait WHAT?!)
- 29. ESSAYS: Sun Tzu wouldn’t like the cybersecurity industry
- 30. REPORTS: Ransom demands, recovery times, payments and breach lawsuits all on the rise
- 31. REPORTS: M-Trends 2023: Cybersecurity Insights From the Frontlines
- 32. REPORTS: New Report Supported by Hundreds of Security Leaders Uncovers Enterprise Risks and Opportunities of Generative AI
A good summary of what security leaders should be worried about with regards to generative AI.
- 33. AI TRENDS: Expert Insight: Dangers of Using Large Language Models Before They Are Baked
I'm including this story as an example of a trend in Really Bad Takes on AI. What everyone gets wrong about GenAI is they compare its output to the top tier of human-created output. What's remarkable about this technology is that it is capable of replacing ANY tier of human-created output in such an early stage.
Scenarios where the where the bar is already set quite low, or the task is highly repetitive, or isn't that difficult are where we're going to initially see AI take off. This is stuff no human really wants to do anyway and largely won't miss (with some exceptions).
- 34. AI TRENDS: Prompt injection: What’s the worst that can happen?
An EXCELLENT read on the very difficult problem of prompt injection.
- 35. AI TRENDS: Web LLM
Taking advantage of LLM AI without exposing sensitive data to a 3rd party service is a key problem that will need to be solved. One idea is to copy a lightweight version of the model to the user's browser, so that input and output can be passed locally, without exposing any sensitive input or output to the 3rd party.
- 36. AI TRENDS: TP#14 How To Avoid Leaking PII to ChatGPT
Taking advantage of LLM AI without exposing sensitive data to a 3rd party service is a key problem that will need to be solved. Threat Prompt's Craig Balding suggests tokenizing data or transforming it in some way that is only reversible by the data owner.
- 37. AI TRENDS: AI for security is here. Now we need security for AI
A nice overview by Ross Haleliuk (of LimaCharlie and the Venture in Security newsletter) on the threats to AI-based services.
- 38. TOOLS: Ransomware Control Matrix
- 39. AI TRENDS: Capturing the Flag with GPT-4
Using ChatGPT to win at CTF!
- 40. AI TRENDS: Stack Overflow Joins Twitter and Reddit in Charging AI Companies for Training Data
"F&$% you, pay me."
- 41. EVENTS: Mike Privette’s Review/Summary of RSAC 2023
Pretty much nails it.
- 42. LESSONS: Mandiant CEO’s 7 tips for cyber defense
- 43. SQUIRREL: Is It Worth the Time?
Just as we're starting to think about the things AI can replace for us, this handy XKCD chart helps us understand how much effort is worth automating something.
2. The Future of Cyber: Lateral Security, Edge Ecosystems, External Attack Surface Mgmt – Christopher Kruegel, Theresa Lanowitz, Vinay Anand – ESW #316
Christopher will delve into what lateral security/lateral movement are and identify key lateral security tools (network segmentation, micro-segmentation, advanced threat prevention systems, network sandboxes, and network traffic analysis/network detection and response).
He will also touch on why automation is important when it comes to consistent security and the current threat landscape.
This segment is sponsored by VMware. Visit https://securityweekly.com/vmwarenetsecrsac to learn more about them!
AT&T Cybersecurity released its 12th annual Cybersecurity Insights Report, “Edge Ecosystem,” which highlights the dramatic shift in computing underpinned by 5G, the edge, and the convergence of networking and security. The report found that business and technology leaders are finally coming together not just to understand the new edge computing ecosystem, but to make more predictable, data-informed business decisions. Collaboration among these leaders, as well as external partners in the ecosystem, will be critical for the edge journey ahead – but more progress must be made to better leverage the edge and transform the business.
This segment is sponsored by AT&T Cybersecurity. Visit https://securityweekly.com/attrsac to learn more about them!
EASM is a critical component of continuous threat exposure management and a necessary step in improving validation and vulnerability management processes. Gartner recently published a report describing the evolution of EASM and where it's headed in the market.
We're excited to see the market move in this direction because, at NetSPI, we're already committed to investing in our team and technology to stay ahead of these trends. We already have a head start.
This segment is sponsored by NetSpi. Visit https://securityweekly.com/netspirsac to learn more about them!
Guests
Vinay Anand is a seasoned technology leader with expertise in leading product strategy, engineering, business development and product marketing for security, software and networking products. Vinay has spent a major portion of the last 20 years focused on developing security solutions for enterprise markets.
Most recently Vinay was the VP of Products for Prisma Cloud – Palo Alto Networks’ public cloud security platform. Prior to this, Vinay was responsible for Anthos Trusted Services covering security, compliance and service management for hybrid clouds at Google. Vinay came to Google from IBM where he was the Vice President of Global Product Management and Strategy for IBM Security, driving strategy and product innovation for the $2B IBM security portfolio. Before that, Vinay was the VP & GM for the ClearPass Security business at Aruba, an HPE company. Prior to Aruba, Vinay held leadership roles in McAfee, Symantec & Cisco Systems.
Christopher Kruegel is VP Security Services at the Network and Security Business Unit (NSBU) at VMware. Before that, Christopher was a co-founder at Lastline, where he served in various positions (CEO, Chief Product Officer, and Chief Scientist) until the acquisition by VMware. In addition, Christopher is a Professor of Computer Science at UC Santa Barbara (currently on leave). Christopher’s research interests are computer and communications security, with an emphasis on malware analysis and detection, web security, and intrusion detection. He has published more than 100 peer-reviewed papers in top computer security conferences. He is also the recipient of an NSF CAREER Award, an MIT Technology Review TR35 Award for young innovators, an IBM Faculty Award, and several best paper awards.
Theresa Lanowitz is the Chief Cybersecurity Evangelist at LevelBlue, a strategic alliance between AT&T and WillJam Ventures, that simplifies cybersecurity for the businesses fueling our global economy.
With a distinguished career in the technology industry, she has held influential roles at companies including Gartner, Borland, Taligent, and Sun Microsystems, significantly impacting application security and emerging technologies.
Theresa is a globally respected leader known for her deep and diverse experience in cybersecurity. Theresa frequently speaks at major industry conferences, sharing her insights on high tech trends, AI integration, and the evolving threat landscape.
Theresa holds a Bachelor of Science in Computer Science from the University of Pittsburgh, Pittsburgh, PA.
Hosts
3. Getting and Staying Cyber Ready with Smarter, Simpler Security and MDR – ESW #316
“Man plans, the Universe laughs” - unfortunately, that’s been the saying for far too long when it comes to cybersecurity. Security leaders know it's only a matter of time before their organization gets breached, but instead of being ready for it, they rely on fixing the problem after it happens. In Cisco’s newest report, the first ever Cybersecurity Readiness Index, it was found that a small minority of businesses globally (15%) consider themselves to be ready and able to defend against the expanding array of cybersecurity risks and threats of today. Organizations need to get ready and stay ready with solutions they can trust.
This segment is sponsored by Cisco. Visit https://securityweekly.com/ciscorsac to learn more about them!
OpenText Cybersecurity is on a mission to simplify security by delivering smarter, innovative solutions. Geoff Bibby, the SVP of OpenText Cybersecurity Marketing & Strategy, will offer insight into the company’s purpose-built approach to create a powerhouse cybersecurity portfolio that scales to meet the security needs of large enterprises down to individual consumers.
This segment is sponsored by OpenText. Visit https://securityweekly.com/opentextrsac to learn more about them!
The continued headcount shortage facing cybersecurity teams is driving many organizations to embrace Managed Detection and Response (MDR) as a way to combat cyber threats. With this demand, dozens of MDR companies have emerged over the past two years. Critical Start’s CTO, Randy Watkins, will discuss the origin of MDR, share evaluation tips, and reveal some of the potential pitfalls.
This segment is sponsored by Critical Start. Visit https://securityweekly.com/criticalstartrsac to learn more about them!
Guests
Geoff Bibby is Senior Vice President of Cybersecurity Marketing and Strategy at OpenText Cybersecurity.
In his role, Geoff leads a dedicated team of marketing professionals who wake up every day wanting to catapult OpenText further up the list of global cybersecurity leaders. Geoff and his team manage over 15 security brands, supporting millions of users across nearly every aspect of the cybersecurity space including adversarial threat analysis, application security, secure data discovery and cyber resilience.
Before assuming this role, Geoff was on the Executive Leadership Team for Zix/AppRiver where he served as Chief Marking Officer. During that time, he played an integral role in helping the company grow into a cloud-based security leader before being acquired by OpenText in 2021.
Geoff is an avid cyclist and endurance athlete. He and his wife Kathleen have three grown sons. While a Canadian native, Geoff now calls Dallas, TX his home.
Nick Biasini’s interest in computers and technology started at a young age when he tore apart his parents’ brand new 486SX PC. Ever since he has been tinkering with computers in one way or another. In his current role, Nick serves as the Head of Outreach for Cisco Talos leading the team responsible for the majority of the published research. Before that Nick was responsible for exposing new details to major threats, with a focus on crimeware. This includes identifying techniques like Domain Shadowing, helping to stop large scale malware campaigns, and revealing clever spam campaigns. Nick has a master’s degree in digital forensics from the University of Central Florida and has worked in both public and private sector positions in the security industry for more than fifteen years.
Randy Watkins is the Chief Technology Officer (CTO) for Critical Start and an emerging thought-leader in the security industry. As CTO, Randy is responsible for designing and executing the company’s strategic technology initiatives, which includes defining the strategy and direction of Critical Start’s Managed Detection and Response (MDR) services delivered by the Zero-Trust Analytics Platform (ZTAP).
Previously, Randy served as Critical Start’s Director of Security Architecture, where he set the strategy for emerging vendor technologies, created the Defendable Network reference architecture, and set product direction for the company’s internally-developed Security Orchestration Automation and Response platform. Watkins was employee number five when he joined Critical Start in 2012.
Randy is a respected author and speaker on security trends and is well-versed in applying security technologies, in practical and meaningful ways, to improve risk management and security infrastructure for enterprise customers. He holds numerous security certifications in data analysis, data science, computer science, and leadership. Randy earned a bachelor’s degree in Information Systems Security and an associate degree in Computer Networking Systems, both from ITT Technical Institute.
In his free time, Randy continues to contribute to the security community through his consultancy to security product manufacturers to help them drive value to the customer through their solutions.
