Nathan Case, Theresa Lanowitz – ESW #325
Full Audio
View Show IndexSegments
1. Has the traditional CISO model outlived its usefulness? – Nathan Case – ESW #325
The traditional concept of the CISO may literally be 'too much', according to Nathan Case. It's based on systems of control and unrealistic assumptions that don't survive contact with real life. In this conversation, we'll discuss what the top security leadership role should be, and how it differs from the current/old school concept.
Announcements
Security Weekly listeners: InfoSec World 2023 is heading back to Orlando, Florida! Join the infosec community at Disney’s Coronado Springs Resort, September 23 – 28, 2023.
Experience world-class learning and networking through enlightening keynotes, informative panel discussions, interactive breakout sessions, hands-on workshops and summits, and more.
As a Security Weekly community member, you’re able to receive 20% off your InfoSec World 2023 tickets using code ISW23-SECWEEK20!
Register today at securityweekly.com/infosecworld2023 !
Guest
Meet Nathan Case, an innovative builder with a passion for driving positive change in the security landscape. He excels in leading strategic initiatives and creating cutting-edge technologies in healthcare, information technology, defense, and cloud industries.
Nathan’s expertise lies in Incident Response and operational security, continuously pushing the boundaries of threat detection and response. He thrives on exploring fresh ideas and their applications in the realms of security and technology.
Hosts
2. Security Insights from Edge Ecosystem Exploration – Theresa Lanowitz – ESW #325
The concept of Edge computing has evolved over the years and now has a distinct role alongside the public cloud. AT&T Cybersecurity just released their 12th report on this market, which explores insights from a massive, 1400 respondent survey. Theresa Lanowitz joins us to discuss the findings of the report, and the future of this market.
https://cybersecurity.att.com/insights-report
This segment is sponsored by AT&T Cybersecurity. Visit https://securityweekly.com/attcybersecurity to learn more about them!
Sponsored By
Announcements
Dive deeper into the world of cybersecurity with Security Weekly on Instagram! Follow us @SecWeekly to find exclusive clips, hilarious memes, behind-the-scenes sneak peeks, and more! Stay connected, stay informed, and join our growing community!
Guest
Theresa Lanowitz is the Chief Cybersecurity Evangelist at LevelBlue, a strategic alliance between AT&T and WillJam Ventures, that simplifies cybersecurity for the businesses fueling our global economy.
With a distinguished career in the technology industry, she has held influential roles at companies including Gartner, Borland, Taligent, and Sun Microsystems, significantly impacting application security and emerging technologies.
Theresa is a globally respected leader known for her deep and diverse experience in cybersecurity. Theresa frequently speaks at major industry conferences, sharing her insights on high tech trends, AI integration, and the evolving threat landscape.
Theresa holds a Bachelor of Science in Computer Science from the University of Pittsburgh, Pittsburgh, PA.
Hosts
3. Healthy Funding, $3.6B Imperva Acquisition, New SEC Rule, Death of Infosec Twitter – ESW #325
This week, we discuss the state of the market as OneTrust announces a round, one year after they laid off nearly 1000 employees. We also note that we continue to see more and more non-US cybersecurity vendor activity - France and India specifically this week. An IBM report tries to tie security spending to breach costs, but we disagree. We discuss the impact of InfoSec leaving Twitter, and the odds of whether or not the Las Vegas Sphere will get hacked during DEF CON.
Announcements
Join us at an upcoming Official Cyber Security Summit in a city near you! This series of one-day, invitation-only, executive level conferences are designed to educate senior cyber professionals on the latest threat landscape.
We are pleased to offer our listeners $100 off admission when you use code SecWeek23 to register.
Visit securityweekly.com/cybersecuritysummit to learn more and register today!
Hosts
- 1. FUNDING: OneTrust Secures $150M Investment Led by Generation Investment Management
- 2. FUNDING: Cybercrime detection company Netcraft raises $100M to drive growth – SiliconANGLE
- 3. FUNDING: Protect AI raises $35M to build a suite of AI-defending tools
$35 million in a Series A round led by Evolution Equity Partners. Building tools to harden the security around AI systems.
- 4. FUNDING: Wing Cloud is building an open source, unified cloud programming language
$20M Seed: $15M Seed raised last year, and $5M extension closed in April. Led by Battery Ventures, Grove Ventures, and StageOne Ventures.
One lang to bring them all, and in the darkness, bind them.
- 5. FUNDING: Adaptive Shield Secures Strategic Investment from Blackstone
$10M "venture round" that's definitely not a down round. Nope. Brings the company's total funding to $44M after a $30M Series A in October 2021. One of the larger vendors in the SaaS Security/SSPM space.
- 6. FUNDING: Cyclops raises $6.4M in seed funding to launch AI-powered cybersecurity search platform
Built on "cybersecurity mesh architecture (CSMA)".
Quoting the CEO, "“CSMA is similar to zero trust, but more mature and advanced."
- 7. FUNDING: More Than 30 Leading CISOs Personally Invest in Gem Security’s Industry-Leading Cloud Detection and Response Platform
- 8. FUNDING: Cranium AI Security
- 9. FUNDING: Cyber Security Startup PingSafe Raises $3.3 Million In Seed- Fund Round
- 10. ACQUISITIONS: Thales enters app security market with $3.6B Imperva acquisition
- 11. REPORTS: IBM Report: Half of Breached Organizations Unwilling to Increase Security Spend Despite Soaring Breach Costs
- 12. BREACH: VirusTotal apologizes for data leak affecting 5,600 customers
Whoopsie daisy.
- 13. TRENDS: The Death of Infosec Twitter
- 14. CYBERCRIME: Umbreon Unplugged: Unraveling the Sequel to Failures
An interesting interview with a young Dutch serial cybercriminal that has been in and out of ineffective (hacking) rehab programs.
- 15. ESSAYS: How You Respond to Security Researchers Says Everything About You – Dhole Moments
- 16. REGULATIONS: Attorneys on alert for cybersecurity threats: New York’s new CLE training requirement
As of July 1st, every NY attorney has to complete an hour of cybersecurity training before they can renew their law license.
- 17. REGULATIONS: SEC approves new cyber reporting regulations for public companies
TL;DR - 4-day reporting timeline (begins when a company determines "incident materiality", not the initial discovery
- 2 30-day delay options if necessary (e.g. national security concerns)
- technical details of incidents not required
- companies also must disclose cybersecurity risk management, strategy and governance in annual filings
- 18. REGULATIONS: Final Rule – Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure
All glorious 186 pages of the final rule.
- 19. HACKING: Will the MGM Sphere get hacked during DEFCON?
- 20. HACKING: The Las Vegas Sphere is about to weather its first DEF CON
No bug bounty, no vulnerability disclosure program, no information about security precautions taken, and tons of speculation online about when this thing is going to get hacked.
- 21. SQUIRREL: Researchers find deliberate backdoor in police radio encryption algorithm
So THAT'S what that feels like.
