ESW #318 – Mickey Bresman, Dave Merkel, Michaël Lakhal, Ashley Leonard, Jason Rolleston, Eve Maler
Full Audio
View Show IndexSegments
1. Mountains of backups, Softbank takes an L, and the need for breach transparency – ESW #318
This week, we discuss fundings, acquisitions (TWO DSPM exits!), the ongoing market downturn/weirdness, and surprise - LLM-based AIs! We spend a fair amount of time talking about the importance of breach transparency - we need to be able to learn from others' failures to improve our own defenses. We also discuss the inevitable 'One App To Rule them All' that will serve as an all-knowing personal assistant. It will integrate with all our comms, calendars, and notes, which will be scary and fraught with privacy and security issues. But Tyler and Adrian still yearn for it, as their pre-frontal cortexes become increasingly dulled by scotch and beer.
Announcements
Our teams from Security Weekly and SC Media were onsite at RSA Conference 2023 delivering in-depth reporting, analysis and interviews from the conference. If you were unable to join us in person, or didn't manage to catch our video livestream from Broadcast Alley, you can access all of our RSAC 2023 coverage at https://securityweekly.com/rsac.
Hosts
- 1. FUNDING: Iron Mountain launches $1B debt offering (NYSE:IRM)
- 2. FUNDING: Huntress Secures $60 Million Series C Funding to Expand Suite of Solutions that Protect SMBs from Cyber Attacks
- 3. FUNDING: 1touch.io Raises $14M in Series B Funding
- 4. FUNDING: Cybeats Announces Closing of Private Placement For Gross Proceeds of Over $6.2 Million
- 5. FUNDING: Keeper Security Announces Minority Growth Equity Investment from Summit Partners
- 6. ACQUISITIONS: Absolute Software to be Acquired by Crosspoint Capital Partners for Enterprise Value of US$870 Million
- 7. ACQUISITIONS: IBM to Help Automate Cloud Data Protection with Acquisition of Polar Security
- 8. ACQUISITION RUMORS: Cloud security startup Laminar set to be acquired for $200-250 million
- 9. ACQUISITION RUMORS: Why Datadog and Rubrik Are In Talks to Buy Laminar for $200M
- 10. TRENDS: Lawmakers want to train rural hospital workforce to address cybersecurity needs
- 11. TRENDS: America’s Most Connected Cities
- 12. TRENDS: Amazon Clinic requires patients to waive HIPAA protections in exchange for care
- 13. TRENDS: Why more transparency around cyber attacks is a good thing for everyone
- 14. TRENDS: The rise of security engineering and how it is changing the cybersecurity of tomorrow
- 15. TRENDS: Japanese tech giant loses record $39B on Vision Funds
- 16. AI TRENDS: Botsonic – build your own ChatGPT
- 17. POST MORTEM: Deconstructing a Cybersecurity Event
- 18. STANDARDS: The Security Auditing Manifesto: Shared Values for Effective Security and Compliance Management
- 19. ESSAYS: Is AI the Next Zero Trust?
- 20. SQUIRREL: Scientists say they have found more moons with oceans in the Solar System
- 21. SQUIRREL: Beeper X SQMFI = Beepberry!
- 22. SQUIRREL: Gandalf
2. Reduce Attack Surface; Increase Car Safety and Customer Confidence with Identity – Ashley Leonard, Eve Maler, Michaël Lakhal – ESW #318
Enterprises are struggling to manage and reduce their organizational attack surface, especially with a shortage of skilled staff. Find out how some security executives are tackling this challenge by automating their IT and vulnerability management.
This segment is sponsored by Syxsense. Visit https://securityweekly.com/syxsensersac to learn more about them!
Cars have evolved from a physical mode of transportation to a digitized experience, bringing with it new risks and challenges in security, privacy and user experience. Putting identity at the center of the connected world solves simplicity and safety challenges, including physical safety, digital security and data privacy. Furthermore, decentralized identity plays a major role in a better, more secure seamless experience – not just for vehicles, but for society at large.
This segment is sponsored by ForgeRock. Visit https://securityweekly.com/forgerockrsac to learn more about them!
There is a war on trust in the digital world, and people are caught in the crosshairs. Everywhere we look, there are identity risks with crippling repercussions for businesses, whether fake people, fake content, or insecure web links. With the rise of generative AI tools in business, threat actors are utilizing these technologies to create more sophisticated phishing emails – mimicking brands and tone or more easily translating copy into several languages making them more difficult to identify and easily connecting hackers with global audiences. Now is the time to implement solutions that empower a connected thread of trust between businesses and users – before all trust is lost.
This segment is sponsored by OneSpan. Visit https://securityweekly.com/onespanrsac to learn more about them!
Sponsored By
Guests
Ashley Leonard is the president and CEO of Syxsense-a global leader in Unified Security and Endpoint Management (USEM). Ashley is a technology entrepreneur with over 25 years of experience in enterprise software, sales, marketing, and operations, providing critical leadership during the high-growth stages of well-known technology organizations.
Ashley manages U.S., European, and Australian operations in his current role, defines corporate strategies, oversees sales and marketing, and guides product development. Ashley has worked tirelessly to build a robust, innovation-driven culture within the Syxsense team while delivering returns to investors.
He has founded several successful technology companies with global operations, serves on several boards and mentors up-and-coming technology CEOs. Accolades include being named a finalist for Ernst & Young’s “Entrepreneur of The Year” and AeA’s “Outstanding Private Company CEO” Award and won the AGC Innovation CEO Award.
As a product manager and strategist, Michaël has more than 10 years of experience in the Digital Signature market, focusing on B2C transactions for financial services. As Director of Product Management at OneSpan, he leads two product lines: Identity Verification and Authentication to provide an end-to-end digital agreement solution. Prior to joining, Michaël was a senior product manager and senior product marketing manager at DocuSign to expand their offering in EMEA and APAC. Earlier in his career, he joined QuickSign as the first employee to build the first mass-market platform for B2C transactions based on OpenTrust signature engine, focused on onboarding for the financial industry.
Eve Maler is a globally recognized strategist, innovator, and communicator on digital identity, security, privacy, and consent. As an identity and access management pioneer, she has shaped IAM standards and thought leadership for over two decades. In that time she has delivered dozens of mainstage presentations, technical education sessions, and workshops. As CTO of ForgeRock she led its Labs team investigating and prototyping innovative solutions to customers’ challenges. As a Forrester security and risk analyst she advised clients on strategy, industry developments, and best practices for IAM, strong authentication, and API security. Now Eve is on the hunt to take it to the next level.
Hosts
3. Strategy for Active Directory Resilience, XDR Prioritization, and Security Operations – Dave Merkel, Jason Rolleston, Mickey Bresman – ESW #318
Semperis CEO Mickey Bresman sits down with SC Magazine to share practical steps for improving Active Directory resilience in the face of escalating cyberattacks, using real-world examples. With cybercrime costs projected to reach $8 trillion in 2023 and AD being the top target for attackers, organizations must prepare to detect, respond, and recover from AD-based attacks. Learn how InfoSec and IAM teams can operationalize the Gartner "top trending" topic of identity threat detection and response (ITDR) to ward off attackers and take back the advantage.
This segment is sponsored by Semperis. Visit https://securityweekly.com/semperisrsac to learn more about them!
Today’s CISOs are laser focused on three imperatives: reducing risk; reducing operational costs, and attracting or retaining top talent. All three priorities are driven by creating a better SOC analyst experience which translates to less time to detect and respond to an attack. In this discussion, we’ll uncover how Extended Detection & Response (XDR) can drastically improve the SOC analyst experience and alleviate CISOs’ top challenges.
This segment is sponsored by VMware. Visit https://securityweekly.com/vmwarecarbonblackrsac to learn more about them!
While emerging cyber threats and vulnerabilities tend to dominate headlines, criminals often exploit known vulnerabilities to gain access to critical systems and data for nefarious purposes. And with the number of vulnerabilities rising constantly, they can pose significant risk to organizations, especially if defenders don’t know which ones are critical. Learn how Expel is helping to pull back the curtain on how organizations can more effectively prioritize their most critical vulnerabilities.
This segment is sponsored by Expel. Visit https://securityweekly.com/expelrsac to learn more about them!
Sponsored By
Guests
Jason is an accomplished business executive with experience across multiple technologies and a passion for cybersecurity. He has expertise managing businesses at scale while also developing next generation capabilities for adjacent opportunities. Jason joined VMware in 2021 to lead product management for VMware Carbon Black. Prior to VMware, Jason most recently served as Chief Product Officer at Kenna Security where he lead product management, product marketing, and business development. Prior to Kenna security, he was Vice President for Security Operations Products at McAfee, where he was responsible for McAfee’s security operations products, including SIEM, endpoint detection and response, behavioral analytics, and sandboxing. Prior to that, he served as Head of Product Management for Enterprise Routing at Cisco and held several senior positions at Symantec. He holds a B.S. in applied physics and a masters in engineering management from Cornell University, and an MBA from the University of Chicago Booth School of Business.
Mickey began his technical career in the Navy. Mickey’s comfort zone is on the front lines, helping organizations thwart and respond to cyberattacks. The long-time cybersecurity expert and entrepreneur has an extensive track record of driving revenue growth and scaling organizations across the globe.
Prior to co-founding Semperis, Mickey held the position of CTO at YouCC Technologies, a Microsoft Gold Partner integration company. As a cybersecurity thought leader, Mickey has been quoted or featured in many major publications, including Forbes, CNBC, and others. He has a B.A. in Technical Management and a Minor in Electronic Engineering.
Dave Merkel (aka “Merk”) is the co-founder of Expel as well as our Chief Executive Officer (CEO). Dave has been involved in the information security field for nearly 30 years, first as a federal agent pursuing cyber criminals in the era of floppy disks and 2400 baud modems, then as Chief Technology Officer (CTO) and vice president of products at Mandiant. Following FireEye’s acquisition of Mandiant, Dave served as the global CTO of FireEye.
Before Dave’s 10 years as a solutions provider, he spent another decade as a security practitioner. He got his start as a special agent in the Air Force Office of Special Investigations, pursuing cyber criminals and conducting digital forensic investigations, and later as head of AOL’s technical security organization. While at AOL, he created and ran the first incident response capability for AOL and Time Warner, managed software security and policy programs, and built technologies for AOL’s security infrastructure.
