Enterprise Security WeeklySubscribe
Cloud Security, Incident Response, Data Security, Network Security, Critical Infrastructure Security, Endpoint/Device Security, Application security, Breach, Security Program Controls/Technologies

Unveiling DSPM & the Future of Cloud Data Security: State of IoT in 2023 – Dan Benjamin, Paddy Harrington – ESW #322

Full Audio

View Show Index

Segments

1. Digging Into DSPM & the Future of Data Security in the Cloud – Dan Benjamin – ESW #322

Securing data is hard. Business stops when data flows are hindered, stopped, sometimes even slowed. Placing controls around data traditionally leads to more friction and less productivity. Can it be a different story in the cloud? Today, we find out when we talk to Dan Benjamin about why he founded Dig and the space they're trying to fill in public cloud services.

Announcements

  • Dive deeper into the world of cybersecurity with Security Weekly on Instagram! Follow us @SecWeekly to find exclusive clips, hilarious memes, behind-the-scenes sneak peeks, and more! Stay connected, stay informed, and join our growing community!

Guest

Dig Security

Dan Benjamin is the Co-Founder and CEO of Dig Security, a leading cloud data security company that helps organizations discover, monitor, protect, and govern their cloud data stores through a unified policy engine. Dig’s mission is to provide the data security stack for modern enterprises, protecting data wherever it lives inside an organization.

Dan is an entrepreneur with over a decade of industry experience founding and leading startup companies, and has held leadership roles at Fortune 100 companies, including cloud and security leadership roles at Microsoft and Google. During this time, he noticed a gap in public cloud data security solutions, leading him to co-found Dig Security, a company dedicated to helping customers instantly identify cloud security issues to prevent breaches and attacks through real-time data detection and response. Dan is also a former member IDF (8200), an Israeli Intelligence Corps unit of the Israel Defense Forces.

Hosts

Principal Researcher at The Defenders Initiative
Product Marketer and Content Strategist at OX Security
Founder & CTO at Trimarc

2. The State of IoT Security in 2023 – Paddy Harrington – ESW #322

Paddy Harrington joins us from Forrester research to discuss his findings in this year's state of IoT security report. Computers have been shoved into anything and everything, both in the home and in the workplace. Paddy will share some interesting insights from the report, and we'll discuss why some of the results seem to conflict.

Announcements

  • Join us at an upcoming Official Cyber Security Summit in a city near you! This series of one-day, invitation-only, executive level conferences are designed to educate senior cyber professionals on the latest threat landscape.

    We are pleased to offer our listeners $100 off admission when you use code SecWeek23 to register.

    Visit securityweekly.com/cybersecuritysummit to learn more and register today!

Guest

Sr. Analyst, Security & Risk at Forrester Research

Paddy is a senior analyst at Forrester advising security and risk professionals. He focuses on endpoint security on platforms ranging from desktop PCs to internet-of-things (IoT) devices. His research includes the endpoint’s impact on the security of business applications and data in light of the recent proliferation of edge devices and the evolving work environment.

Hosts

Principal Researcher at The Defenders Initiative
Product Marketer and Content Strategist at OX Security
Founder & CTO at Trimarc

3. Vendor Failures Coming, MDM Confusion, Cyberinsurance Mess, Tines, & an AI Camera – ESW #322

This week, for the enterprise security news, we discuss the continuing impact of the market downturn and how it might affect late stage startups. We also discuss the state of cyber insurance - is it improving? SEC is starting to get traction with new and proposed cyber rules. Enterprise browsers not living up to the hype isn't even a hot take anymore, it's merely smoldering. Valence Security's state of SaaS report is out, and finally - how much would you pay for an AI camera that has no lens?

Announcements

  • Follow Security Weekly Productions on LinkedIn for exclusive show clips, insights, and updates across our organization! Stay connected with our hosts and fellow community members, and join the conversation that's shaping the future of cybersecurity.

Hosts

Principal Researcher at The Defenders Initiative
  1. 1. FUNDING: Cyera Secures $100 Million Series B Investment to Become the Data Security Platform Enabling the AI Revolution

    In an environment where we're seeing hardly any funding, Cyera somehow pulls a $100M series B out of a hat, led by Accel. $100M is more than we've seen across ALL investments over the past 2 weeks, which come to $96.7M across 13 separate startups.

  2. 2. FUNDING: Venn Secures Patent for First Technology to Make MDM for Laptops a Reality; Reveals $29 Million in Series A Funding led by NewSpring Capital

    $29M Series A. I have no idea what the heck this press release is talking about. They're trying to make MDM for laptops sound like it's a thing they invented? We've had MDM for laptops for well over a decade! They apparently think all remote workers use VDI???

    Did ChatGPT or Bard hallucinate this press release? The "Venn diagram" between this company and reality has no overlap, I'm thinking.

  3. 3. FUNDING: Astrix Security, which uses ML to secure app integrations, raises $25M
  4. 4. FUNDING: Trust Lab Closes $15 Million Investment Led by U.S. Venture Partners
  5. 5. FUNDING: Oso sees huge opportunity in simplifying authorization for developers

    $15M series B? They don't call it a Series B, but it's coming after their Series A, and is nearly twice the size, so...

  6. 6. FUNDING: CrowdStrike Invests In and Partners With Prelude Security – CrowdStrike

    Not a lot of details, but a notable transaction/partnership.

  7. 7. FUNDING: Blackbird.AI – Narrative & Risk Intelligence Platform
  8. 8. ACQUISITIONS: Thales proposes to acquire Tesserent in a recommended transaction, expanding its global cybersecurity leadership

    Tesserent is apparently one of the largest cybersecurity companies in New Zealand and Australia. They're an MSSP.

  9. 9. ACQUISITIONS: HashiCorp acquires BluBracket to add secrets scanning
  10. 10. TAKE PRIVATE: C5 Looks to Take IronNet Private, Oust Gen. Keith Alexander

    IronNet has been on shaky ground for a while. I don't understand the dynamics at play here, but apparently the company has to oust its founder and CEO in order to get bailed out of their current situation.

  11. 11. NEW COMPANIES: Bearer

    My friend Nipun Gupta's new startup!

  12. 12. NEW COMPANIES: Kodem Security
  13. 13. NEW COMPANIES: Silent Push Threat Intelligence
  14. 14. NEW PRODUCTS: Amazon launches AWS AppFabric to help customers connect their SaaS apps

    AWS AppFabric pulls data from SaaS apps, normalizes it, and hands it off for analysis, auditing, archiving, etc.

  15. 15. CYBERINSURANCE: U.S. cyber insurance growth continued in 2022 with direct premium up 50% – Reinsurance News
  16. 16. CYBERINSURANCE: 5 Reasons Cyber Insurance is a Mess

    The latest from fellow host Katie Teitler on what's going on with Cyber Insurance!

  17. 17. LEGISLATION: SEC Targets SolarWinds’ CISO for Rare Legal Action Over Russian Hack
  18. 18. LEGISLATION: Who’s Afraid of the SEC?
  19. 19. GOOD PRACTICES: Good Practices for Supply Chain Cybersecurity

    The EU shares good practices for supply chain security. Not best, mind you. Good. GOODEST, even.

  20. 20. CRIME TRENDS: Service Rents Email Addresses for Account Signups – Krebs on Security
  21. 21. RESOURCES: Tines Labs (@tines_labs) / Twitter

    The Tines Labs Twitter account is an excellent resource for ideas on automating cybersecurity tasks, SOAR/SOC/Detection engineering folks should check it out!

  22. 22. TOOLS: Shopping for DSPM tools – What to know and where JupiterOne fits in

    https://www.jupiterone.com/blog/shopping-for-dspm-tools-what-to-know-and-where-jupiterone-fits-in

  23. 23. AI TOOLS: TakedownGPT
  24. 24. AI ESSAYS: AI Canaries
  25. 25. SHAMELESS SELF PROMOTION: Destroyed by Breach

    Everyone else has been covering the Destroyed by Breach dataset I maintain, so I guess I should as well? Spotted this first on Clint Gibler's TLDRSec, then on Daniel Miessler's Unsupervised Learning, and finally on Mike Privette's Security, Funded newsletter.

    This is a list of all the companies I've been able to find (with considerable assistance from journalists and the cybersecurity community!) that have been destroyed by a cyber incident.

  26. 26. HOT TAKES: We have left the cloud
  27. 27. HOT TAKES: Emerging Tech: Security—The Future of Enterprise Browsers

    This isn't a new hot take from me, but I'm still pushing back on all this enterprise browser hype. I think they're a niche product at best and don't justify the levels of hype or funding they're receiving.

  28. 28. REPORTS: Introducing the Valence 2023 State of SaaS Security Report

    A bit more self-promotion. I spent a lot of time putting this report together, along with the Valence Security Labs team and our CEO. Lots of interesting insights about SaaS breaches and risks. We've got recommendations and predictions for you as well.

  29. 29. SQUIRREL: Paragraphica

    A camera without a lens. Interesting statement/tech, or bullshit stunt?

Product Marketer and Content Strategist at OX Security
Founder & CTO at Trimarc

Related

Modernizing AppSec – Melinda Marks – ASW #307

In this week's interview, Melinda Marks' joins us to discuss her latest research. Her recent report Modernizing Application Security to Scale for Cloud-Native Development delves into many aspects and trends affecting AppSec as it matures, particularly in cloud-first organizations. We also discuss the fuzzy line between "cloud-native" AppSec and ev...