2024 Security Planning, Better Tabletop Exercises – Merritt Maxim, Ryan Fried – ESW #332
Full Audio
View Show IndexSegments
1. 2024 Security Planning with Forrester – Merritt Maxim – ESW #332
Forrester Research releases a few annual reoccurring cybersecurity reports, but one of the biggest that covers the most ground is the Security Risk Planning Guide, which was recently released for 2024. One of the report's 17 authors, and research director, Merritt Maxim, will walk us through the report's most interesting insights and highlights. This is going to be considerably interesting considering some of this year's trends impacting security teams:
- An economic downturn, resulting in layoffs and budget freezes
- The widespread proliferation of generative AI technology
- The relentless and resilient nature of cybercrime, despite some notable law enforcement wins
- Ongoing discussion about the role and relevance of SOCs, CISO's, as well as the security department place in today's enterprise
- Increased enterprise reliance on SaaS and Cloud, as vendors and service providers continue to struggle with securing their products and services
Announcements
As a member of the Security Weekly community, we are pleased to offer you 50% off your AI DC 2023 tickets using code CRA50OFF! Join us on October 4, 2023, in Pentagon City. ICIT, the Nation’s #1 cyber security think tank, brings together America’s leading minds to discuss AI’s impact on the country.
Register today at securityweekly.com/AIDC2023.
Guest
Merritt leads a team of analysts who provide research and advisory services that address the needs of security and risk professionals. His team focuses on identity and access management (IAM), endpoint security, threat intelligence, and vulnerability management strategies and technologies.
Previously, Merritt was a principal analyst on the security and risk team, focusing on IAM best practices and technologies as well as physical security and internet-of-things (IoT) security. He continues to help clients address their IAM and physical security needs, map out customer requirements and strategies, and navigate the IAM technology and services landscape.
Hosts
2. Making tabletop exercises better! – Ryan Fried – ESW #332
If you've ever played Dungeons & Dragons, you probably know that the quality of the experience depends on how prepared, experienced, and talented the Dungeon Master is.
Today, we'll talk to InfoSec DM and practitioner extraordinaire Ryan Fried about some of the key elements that separate a good cybersecurity tabletop exercise from a bad one! This is literally his day job at Mandiant, and it doesn't hurt to have one of the world's largest libraries of attacker TTPs and the collective lessons learned from thousands of actual incident response experiences.
Announcements
Security Weekly listeners: InfoSec World 2023 is just weeks away! Have you registered to join over 2,500 cybersecurity experts on September 25-27 in Lake Buena Vista, FL? InfoSec World is your gateway to a world of knowledge and growth. Don't miss the chance to enhance your career, connect with industry leaders, and make an impact on the rapidly evolving landscape.
Secure your seat using code ISW23-SECWEEK20 to save 20% off your registration. Register today: securityweekly.com/infosecworld2023
Guest
Ryan has 10+ years of experience in IT security ranging from compliance, analyst engineer, CISO and consultant. He also has taught cyber security at the community college level for the last 8 years. Ryan has most recently been leading initiatives such as SOAR, purple teaming, network segmentation, devsecops and cloud security posture management.
Hosts
3. Massive valuations and acquisitions – Cato, Cisco, Splunk & SentinelOne! – ESW #332
This week we talk about finding, acquisitions and the state of the market. If you're interested in cybersecurity market discussion, this is the episode for you.
We also discuss what makes a cybersecurity influencer.
Announcements
Join us at an upcoming Official Cyber Security Summit in a city near you! This series of one-day, invitation-only, executive level conferences are designed to educate senior cyber professionals on the latest threat landscape. We are pleased to offer our listeners $100 off admission when you use code SecWeek23 to register. Visit securityweekly.com/cybersecuritysummit to learn more and register today!
Hosts
- 1. FUNDING: Cato Networks Raises $238M in Equity Investment at Over $3B Valuation
Shlomo Kramer's ~8 year old startup hits another milestone, raising $238M, led by LightSpeed Venture Partners, who has led the last 4 rounds. The company's previous raise was a $200m Series F, and has been a unicorn since the $130m Series E raise in November 2020.
Some stats: $100m ARR crossed in 2022 60% YoY revenue growth 95% gross dollar retention rate
- 2. FUNDING: HiddenLayer Raises $50M in Series A Funding to Safeguard AI
Surprised it took this long! Hiddenlayer took home the win from RSAC's Innovation Sandbox earlier this year.
- 3. FUNDING: Binalyze Raises $19M in Series A Funding
Estonia-based provider of Digital Forensics and Incident Response (DFIR) solutions, raised $19M in Series A funding, led by Molten Ventures.
- 4. FUNDING: Cybersecurity startup Deduce raises $9M for its generative AI Identity fraud solution – SiliconANGLE
Yeah, we're apparently already at the point where this is a thing companies need. Check out the messaging though, and tell me what you think: https://www.deduce.com/
- 5. FUNDING: Patronus AI Launches Out of Stealth to Help Enterprises Deploy Large Language Models Safely
"$3 million seed funding round led by Lightspeed Venture Partners"
Only $3m???
- 6. FUNDING: Goldilock Secures $1.7 million USD Seed Round Led by New York Angels and Harvard Business School Alumni Angels of Greater New York
Interesting - online airgaps? Network segmentation? Interesting focus and timing. Regardless of my hesitation about the product, their site does a great job of explaining what they do: https://goldilock.com/
- 7. ACQUISITIONS: CrowdStrike confirms its Bionic.ai acquisition for $350M today
- 8. ACQUISITIONS: Cisco acquires cybersecurity company Splunk in cash deal worth $28 billion
Cisco's largest acquisition ever, and perhaps the largest cybersecurity deal ever??
- 9. (NON)ACQUISITIONS: Cisco pulled out of SentinelOne acquisition after due diligence revealed ARR inaccuracies
Cisco was apparently very close to acquiring SentinelOne, but SentinelOne... "discovered a gap between the ARR it previously presented and the actual expected revenues. This discovery even led the company to change its ARR calculation method to reflect reality more accurately and also take into account scenarios of reduced usage of its solutions by customers."
Does this mean they were fudging the numbers a bit, got busted, and had to move to more honest calculations, or was it an honest mistake?
"Following the discovery, which required a retroactive revision of the financial statements and reduced $27 million from the company's ARR, Cisco withdrew from the negotiations, and SentinelOne returned to the market, but at a much lower value."
How much lower? Negotiations were reportedly in the $8-$9B range, but more realistically, would be looking at $6-7B after the ARR adjustment and subsequent 40% stock drop. On top of all this, SentinelOne laid off 5% of its workforce (~100 people). Following its IPO, SentinelOne traded as high as $20B, but now trades just under $5B.
"SentinelOne is currently working with the investment bank Catalyst Partners to find a new buyer, and Cisco could still return to the picture, this time at a reduced price."
- 10. ACQUISITION RUMORS: Palo Alto Networks in negotiations to acquire Talon Cyber Security in $600 million deal
Is it true? Who knows, but it seems a bit early for exit talks... unless the secure enterprise browser market isn't looking as hot as originally anticipated.
- 11. NEW COMPANIES: Illuminate Security
Somewhat unique results-based SIEM/XDR-like service. Worth checking out.
- 12. OPEN SOURCE TOOLS: Secure Controls Framework 2023.3 has been released
"The Secure Controls Framework (SCF) is a meta-framework (framework of frameworks) that maps to over 100 cybersecurity and privacy-related laws, regulations and industry frameworks."
- 13. INSIGHTS: Ignore The TOS Change – Get Me a Latte!
Last week, we talked about Mozilla's investigation into the insanity of automotive privacy policies. This week, we find out that tech company terms of service have similarly gone off the rails when it comes to hoovering up all our data for profit.
- 14. ESSAYS: “The Blob” Is Poisoning The Security Industry
- 15. ESSAYS: An Overview of Software Supply Chain Security
- 16. ESSAYS: 25 Hard-Hitting Lessons from 17 Years in Cybersecurity
- 17. DATA LEAK: 38TB of data accidentally exposed by Microsoft AI researchers
The latest in a long line of gaffes by Microsoft, this one is instructive and the details worth reviewing.
- 18. REPORTS: RSAC ESAF CISOs Transforming Third-Party Risk Management
- 19. HOT TAKE: Ops and Security Should Get Along by Nate Cash
