2023 RSAC #3

Cars have evolved from a physical mode of transportation to a digitized experience, bringing with it new risks and challenges in security, privacy and user experience. Putting identity at the center of the connected world solves simplicity and safety challenges, including physical safety, digital security and data privacy. Furthermore, decentralized identity plays a major role in a better, more secure seamless experience – not just for vehicles, but for society at large.

Segment Resources: https://www.rsaconference.com/USA/agenda/session/Driving%20Smart%20Innovation%20-%20Connected%20Car%20Identity%20at%20Scale

This segment is sponsored by ForgeRock. Visit https://securityweekly.com/forgerockrsac to learn more about them!

Cybersecurity teams today are inundated with tools that provide an abundance of alerts and data about threats, gaps, vulnerabilities and everything in between. While security tools are critical to operating a cybersecurity program and produce helpful data, they should never dictate an organization’s cybersecurity strategy. Instead, Amad Fida, CEO & Founder of Brinqa, explains why business priorities should be the foundation for any company’s cybersecurity strategy.

This segment is sponsored by Brinqa. Visit https://securityweekly.com/brinqarsac to learn more about them!

Economic uncertainty has forced IT and security leaders to be more cautious than ever when increasing spending and team size. Suh dynamics give CISOs and CIOs an opportunity to demonstrate value by going beyond “merely” defending the organization from threats. We can contribute toward the organization’s efforts to constrain costs by looking inward at existing tools and assets to understand deployment, usage, and value. We can do this by ensuring the company is making the most of what it already has – and eliminating the spend that’s not being utilized in the most effective way.

Segment Resources: https://www.axonius.com/blog/cybersecurity-asset-management-helps-amid-economic-uncertainty

This segment is sponsored by Axonius. Visit https://securityweekly.com/axoniusrsac to learn more about them!

There is a war on trust in the digital world, and people are caught in the crosshairs. Everywhere we look, there are identity risks with crippling repercussions for businesses, whether fake people, fake content, or insecure web links. With the rise of generative AI tools in business, threat actors are utilizing these technologies to create more sophisticated phishing emails – mimicking brands and tone or more easily translating copy into several languages making them more difficult to identify and easily connecting hackers with global audiences. Now is the time to implement solutions that empower a connected thread of trust between businesses and users – before all trust is lost.

This segment will focus on the growing need to protect digital identities in today’s evolving threat landscape while outlining actionable steps that can be taken to better secure digital identities and improve digital trust, such as implementing continuous identification and authentication. The session will also discuss how digital trust equates to an improved customer experience, highlighting the importance of security being seamlessly woven throughout the customer journey – especially as Web3 nears.

Segment Resources: OneSpan Identity Verification Services: https://www.onespan.com/products/identity-verification

Blog: In a World of Deep Fakes, How to Bring Trust and Integrity Back: https://www.onespan.com/blog/world-deep-fakes-how-bring-trust-and-integrity-back

Press Release: OneSpan Strengthens Protection of Web3 with New Innovative Cloud Notarization Solution: https://www.onespan.com/about/news/onespan-strengthens-protection-web3-new-innovative-cloud-notarization-solution

Forbes Byline: Boldly Meeting The Promise Of Web 3.0 - Written by CEO, Matt Moynahan: https://www.forbes.com/sites/forbestechcouncil/2022/11/02/boldly-meeting-the-promise-of-web-30/?sh=46ffa35358be

This segment is sponsored by OneSpan. Visit https://securityweekly.com/onespanrsac to learn more about them!

Without visibility into your entire web application attack surface and a continuous find and fix strategy, dangerous threats can expose your organization's blind spots and create risk. Invicti analyzes common web application vulnerabilities across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of application vulnerability trends from automated scan results across regions. In this interview, Invicti's Patrick Vandenberg zooms in on the vulnerabilities plaguing organizations, providing insight into this year's report trends, and guidance on how CISOs and AppSec program leaders can create an environment for their teams that mitigates risk.

Segment Resources: https://www.invicti.com/clp/appsec-indicator/?utmmedium=contentsyn&utmsource=scmedia&utmcampaign=i-synRSA-CRA-interview-2023&utmcontent=230424-gaspring-appsec-indicator&utmterm=brand

This segment is sponsored by Invicti. Visit https://securityweekly.com/invictirsac to learn more about them!

Today’s CISOs are laser focused on three imperatives: reducing risk; reducing operational costs, and attracting or retaining top talent. All three priorities are driven by creating a better SOC analyst experience which translates to less time to detect and respond to an attack. In this discussion, we’ll uncover how Extended Detection & Response (XDR) can drastically improve the SOC analyst experience and alleviate CISOs’ top challenges.

Segment Resources: https://blogs.vmware.com/security/2023/03/why-cisos-should-prioritize-extended-detection-response-xdr.html https://news.vmware.com/security/new-research-provides-insights-into-the-xdr-paradigm-shift https://news.vmware.com/releases/vmware-explore-2022-europe-xdr

This segment is sponsored by VMware. Visit https://securityweekly.com/vmwarecarbonblackrsac to learn more about them!

Flaws in the design and implementation of an application can create business logic vulnerabilities that allow attackers to manipulate legitimate functionality to achieve a malicious goal. What’s more, API-related security incidents exploit business logic, the programming that manages communication between the application and the database. In this discussion, Karl Triebes shares what you need to know about business logic attacks to effectively protect against them.

This segment is sponsored by Imperva. Visit https://securityweekly.com/impervarsac to learn more about them!

Semperis CEO Mickey Bresman sits down with SC Magazine to share practical steps for improving Active Directory resilience in the face of escalating cyberattacks, using real-world examples. With cybercrime costs projected to reach $8 trillion in 2023 and AD being the top target for attackers, organizations must prepare to detect, respond, and recover from AD-based attacks. Learn how InfoSec and IAM teams can operationalize the Gartner "top trending" topic of identity threat detection and response (ITDR) to ward off attackers and take back the advantage.

Segment Resources: - https://www.semperis.com/blog/how-to-build-a-strong-itdr-strategy/ - https://www.semperis.com/blog/recovering-active-directory-from-cyberattack-itdr/ - https://www.semperis.com/resources/evaluating-identity-threat-detection-response-solutions/

This segment is sponsored by Semperis. Visit https://securityweekly.com/semperisrsac to learn more about them!

While emerging cyber threats and vulnerabilities tend to dominate headlines, criminals often exploit known vulnerabilities to gain access to critical systems and data for nefarious purposes. And with the number of vulnerabilities rising constantly, they can pose significant risk to organizations, especially if defenders don’t know which ones are critical. Learn how Expel is helping to pull back the curtain on how organizations can more effectively prioritize their most critical vulnerabilities.

Segment Resources: Blog post on new integrations - "Integrations roundup: new integrations to manage overall business risk" : https://expel.com/blog/integrations-roundup-new-integrations-to-manage-overall-business-risk/

Press release on MDR for Kubernetes - "Expel Advances Leadership in Cloud Security with MDR for Kubernetes " : https://expel.com/resource/expel-advances-leadership-in-cloud-security-with-mdr-for-kubernetes/

This segment is sponsored by Expel. Visit https://securityweekly.com/expelrsac to learn more about them!