2023 BH #1

As more organizations explore edge computing, understanding the entire ecosystem is paramount for bolstering security and resiliency, especially within a critical industry like healthcare. In this segment, Theresa Lanowitz, Head of Cybersecurity Evangelism at AT&T Business, will provide a deep dive into the state of edge computing—specifically, how it is revolutionizing healthcare. She will discuss key findings from the “2023 AT&T Cybersecurity Insights™ Report: Focus on Healthcare” and provide insight into how to prepare for securing the healthcare edge ecosystem.

Segment Resources: Get the AT&T Cybersecurity InsightsTM Report: Focus on Healthcare

This segment is sponsored by AT&T Cybersecurity. Visit https://securityweekly.com/attcybersecuritybh to learn more about them!

The modern web browser is the single most commonly used application by enterprises worldwide. Its power, simplicity, and usability makes it an essential tool at work. And yet, the browser is not an enterprise application. It lacks the fundamental controls enterprises require to ensure proper security, visibility, and governance over critical apps and data.

As a result, we surround the browser with a massive security ecosystem in an attempt to manage the intersection between users, web applications, and the underlying data. In the process, our technology stack becomes complex, expensive, and fragile to maintain, while end users are left with a frustrating experience. All because the consumer browser was not designed with enterprise needs in mind. The question is: What if there was a browser designed exclusively for the enterprise?

This segment is sponsored by Island. Visit https://securityweekly.com/islandbh to learn more about them!

With Active Directory (AD) exploited in 9 out of 10 cyberattacks, delaying AD modernization—especially after a merger or acquisition—can compound security risks. Security is the most compelling reason to migrate to a pristine AD forest or perform an AD forest or domain consolidation, but many organizations delay such projects due to the effort and planning they require. Security Weekly talks with Semperis CEO Mickey Bresman about the keys to a smooth and secure AD modernization strategy.

Segment Resources: Why AD Modernization Is Critical to Your Cybersecurity Program

ACTIVE DIRECTORY MIGRATION & CONSOLIDATION

Top 15 Steps to a Successful AD Migration

This segment is sponsored by Semperis. Visit https://securityweekly.com/semperisbh to learn more about them!

Security organizations are increasingly adopting data lakes and cloud services as additions or alternatives to traditional SIEMs, but face challenges like scarcity of data engineering expertise and high data ingestion and cloud compute costs. To overcome these, a new security data stack is emerging, guided by models like SecDataOps and supported by solutions like Tenzir, purpose-built for security data use cases. In this segment, we will be talking about what is driving the heavy use of data in security operations, why that is stressing traditional security operations tools and processes, and what some early-adopter organizations are doing to meet these challenges.

Segment Resources:

Release Announcement: https://tenzir.com/press/tenzir-launches-security-data-pipeline-platform?utmsource=bhusa&utmcampaign=interview

Release Blog: https://docs.tenzir.com/blog/introducing-tenzir-security-data-pipelines?utmsource=bhusa&utmcampaign=interview

This segment is sponsored by Tenzir. Visit https://securityweekly.com/tenzirbh to learn more about them!

The rapid growth of APIs used to build microservices in cloud-native architecture has left many enterprises in the dark when it comes to knowing where, how many, and what types of APIs they have. With multiple teams creating their own API endpoints without shared visibility or governance, exposed APIs can become a critical threat vector for hackers to exploit.

According to the Veracode State of Software Security 2023, 74% of applications scanned in 2023 were found to have a high-severity vulnerability.

Edgio will address how its new advanced API security capabilities give customers integrated and unparalleled protection at the edge, protecting APIs that are critical to modern businesses. Edgio delivers these services as part of its fully integrated holistic Web Application and API protection solutions giving customers the ability to respond to threats quicker. With its ML-powered API discovery abilities, enterprises can easily onboard API endpoints on the Edgio platform via OpenAPI standards, and enforce encryption, rate limiting, and other controls across identified APIs without tedious manual processes or third-party bolt-on solutions. This ensures consistent security practices and mitigates the risk of unauthorized access or data breaches from unknown or hidden APIs without adding additional latency or tools to manage. Edgio will wrap up the podcast by talking about how an edge-enabled holistic security platform can effectively reduce the attack surface, and improve the effectiveness of the defense while reducing the latency of critical web applications via its multi-layered defense approach. Edgio will conclude with how its security platform “shrinks the haystacks” so that organizations can better focus on delivering key business outcomes.

This segment is sponsored by Edgio. Visit https://securityweekly.com/edgiobh to learn more about them!

Offensive security is a proactive approach that identifies weaknesses using the same exploitation techniques as threat actors. It combines vulnerability management with pen testing and red team operations to “expose and close” vulnerabilities before they are exploited.

Segment Resources: Meet Fortra Your Cybersecurity Ally

Think Like a Threat Actor to Identify Your Cybersecurity Blind Spots

Offensive Security Product Bundles

This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrabh to learn more about them!

Join us at Black Hat as we delve into the world of Managed Detection and Response (MDR) providers. In this podcast, we'll explore the critical factors to consider when selecting an MDR provider, uncover the common shortcomings in their services, and discuss the necessary evolution required to ensure ongoing effectiveness and enhanced value for customers. Get ready to unravel the complexities of MDR and gain insights into the future of this vital cybersecurity solution.

This segment is sponsored by Critical Start. Visit https://securityweekly.com/criticalstartbh to learn more about them!

Hear from Karim Toubba, CEO of LastPass, on LastPass' journey to passwordless, the importance of a passwordless world and why authentication is becoming more complex and facilitating the ease of authentication for users at work and at home.

This segment is sponsored by LastPass. Visit https://securityweekly.com/lastpassbh to learn more about them!

Ransomware-as-a-Service has contributed to a steady rise in sophisticated ransomware attacks. Ransomware authors are increasingly staying under the radar by launching encryption-less attacks which involve large volumes of data exfiltration. Organizations must move away from using legacy point products and instead migrate to a fully integrated zero trust platform that minimizes their attack surface, prevents compromise, reduces the blast radius in the event of a successful attack, and prevents data exfiltration.

Segment Resources: Zscaler 2023 Ransomware Report Shows a Nearly 40% Increase in Global Ransomware Attacks

2023 Phishing Report Reveals 47.2% Surge in Phishing Attacks Last Year

This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscalerbh to learn more about them!