Lessons From the Last Year’s Breaches, ISW Interviews – ESW #334
Full Audio
View Show IndexSegments
1. Lessons Learned from a Year of Cybersecurity Breaches – ESW #334
In this segment, we'll explore some of the most useful lessons and interesting insights to come out of the last year's worth of breaches and data leaks! We'll explain why we will NOT be covering MGM in this segment. The breaches we will be covering include:
- Microsoft AI Research Data Leak
- Microsoft/Storm-0558
- CommutAir
- Riot Games
- Lastpass
- CircleCI
- RackSpace
- Drizly (yes, this breach is older, but the full story just wrapped a year ago!)
Announcements
Security Weekly Listeners: We are celebrating the milestone of reaching over 1,000 members of our CISO community. The Cybersecurity Collaboration Forum is a one-stop shop for executive collaboration comprised of CISOs across various industries. If you want to be part of this growing community of CISOs, join us as a member or technology partner. To learn more, visit: securityweekly.com/cybersecuritycollaboration
Hosts
2. Data Lakes – Security’s Savior, or Waste of Money? Also, the News! – ESW #334
On this week's news segment, we go down a bit of a rabbit hole on data lakes and have a GREAT conversation about where security data wrangling might or might not go in the future. We also discuss Nord Security's funding and $3B valuation, try to figure out what Synqly is doing, and discuss IronNet's demise.
We also find out which email solution is more secure (at least, according to insurance claim data), Google or Microsoft!
We wrap up, learning that forms of CAPTCHAs are apparently broken now, $3800 gets you a gaming PC in the shape of a sneaker, and someone has created the DevOps equivalent of dieselgate!
Announcements
Dive deeper into the world of cybersecurity with Security Weekly on Instagram! Follow us @SecWeekly to find exclusive clips, hilarious memes, behind-the-scenes sneak peeks, and more! Stay connected, stay informed, and join our growing community!
Hosts
- 1. FUNDING: Nord Security Raises $100M Financing Round
- 2. FUNDING: Lumu Raises $30 Million Series B to Optimize Security Operations for Enterprises and MSPs – Lumu Technologies
- 3. FUNDING: Gem Security raises $23M for its cloud security platform
- 4. FUNDING: Vali Cyber™ Secures $15M in Seed Funding to Revolutionize Linux Cybersecurity
- 5. FUNDING: Nexusflow raises $10.6M to build a conversational interface for security tools
- 6. FUNDING: EchoMark Raises $10M in Seed Funding
It will be interesting to see how resilient these watermarks are, or if they end up being trivial to remove, like image watermarks in this paper I just spotted: https://browse.arxiv.org/pdf/2306.01953.pdf
- 7. SHUTDOWNS: IronNet Ceases Operations, Terminates All Remaining Staffers
- 8. NEW COMPANIES: Synqly Emerges from Stealth to Revolutionize Security Product Integrations – Synqly
A bit confused on this one - how is this unique from what Tines, Workato, and others in the iPaaS and SOAR space are doing?
- 9. PRODUCT SECURITY: When It Comes to Email Security, the Cloud You Pick Matters
- 10. NEW TOOLS: JA4+ Network Fingerprinting
- 11. ESSAYS: Securing AI: What You Should Know
Securing AI: Similar or Different?
- 12. ESSAYS: “Influence” and Your Career
- 13. COMPLIANCE: The SOC2 Starting Seven
- 14. COMPLIANCE: SOC2 Guide
- 15. MARKET ANALYSIS: Software Supply Chain Vendor Landscape
- 16. MARKET ANALYSIS: Security is about data: how different approaches are fighting for security data and what the cybersecurity data stack of the future is shaping up to look like
- 17. CYBER WAR: 8 rules for “civilian hackers” during war, and 4 obligations for states to restrain them
- 18. HACKS: Dead grandma locket request tricks Bing Chat’s AI into solving security puzzle
- 19. SCIENCE: MemComputing Claims Breakthrough In Large-Scale Prime Factorization, Potentially Revolutionising Cryptography
Huge if true.
- 20. SQUIRREL: Cooler Master’s Sneaker Gaming PC Sells For $3,799
- 21. SQUIRREL: volkswagen
3. Stop PII Exposure, Know Your Data Location, Cloud Threat Visibility – Ward Cobleigh, Reuben Moretz, Trace Woodbury – ESW #334
Each employee serves as a potential gateway to their organization, and the personal information of your workforce is readily accessible and exposed on the internet, making the organization susceptible to threats. DeleteMe is the solution that locates and eliminates personal data from the open web, safeguarding your organization.
This segment is sponsored by DeleteMe. Visit https://www.securityweekly.com/deletemeisw to learn more about them!
With all of the fancy tools, equipment, and logos most organizations are unable to understand where their data is and how it can be accessed. In the world of work from wherever and whenever orgs need a better handle on what this means. Ridge has worked to curate a set of solutions to meet and implement this need!
This segment is sponsored by Ridge IT Cyber. Visit https://www.securityweekly.com/ridgeitisw to learn more about them!
Why are we seeing a re-emergence of the demand for packet and flow-based forensic data in cloud environments? In this session, we’ll discuss three reasons why IT leaders still need the same if not even better visibility in the cloud than they have in their data centers.
We’ll also discuss the growing demand for Threat Exposure Management (TEM). Why does a leading analyst describe this as a transformation technology and how can you quickly visualize your environment the way the attackers do?
Segment Resources: https://www.viavisolutions.com/en-us/ptv/solutions/threat-exposure-management https://www.viavisolutions.com/en-us/ptv/solutions/high-fidelity-threat-forensics-remediation
This segment is sponsored by VIAVI Solutions. Visit https://www.securityweekly.com/viaviisw to learn more about them!
Sponsored By
Guests
Ward Cobleigh, Product Line Manager for VIAVI Solutions, understands the balancing act between efficient service delivery and security that IT pros are facing today along with the challenges they have in solving issues due to limited visibility combined with complexity and rapid change. His experience in development, sales, marketing, alliances, and product management allow him to see things from multiple perspectives, cut to the heart of the problem, and demonstrate solutions that give engineers a sigh of relief and help decision makers see the value. He brings a refreshing bit of humor to the sometimes dry, technical topics of network performance and threat management.
Innovative leader, architect and hands-on IT security professional with experience developing strategic roadmaps for business processes and IT initiatives. Specializes in building out security programs for start-ups.
As CIO and Co-Founder of Ridge IT Cyber, Trace Woodbury has been in the field of Cybersecurity and IT Security for over 20 years. As a result of his expertise, Ridge IT Cyber specializes in modern-day environments where users are more mobile and remote than ever, and he architects environments for both commercial and federal clients that are customized specifically to meet their needs and security stack.
Hosts
