Shane Sims, Philippe Humeau – ESW #336
Full Audio
View Show IndexSegments
1. The State of Cybercrime and Breach Response – Shane Sims – ESW #336
Today we interview Shane Sims, CEO of Kivu Consulting. We'll be talking about the current state of cybercrime and insights from incidents his consulting firm has recently worked. We'll discuss some of the latest stats and trends related to ransomware, as well as thoughts on future cybercrime trends. Shane will also share some stories from his time as an FBI agent, working undercover as a cybercriminal.
Segment Resources: Report - Mitigating Ransomware Risk: Determining Optimal Strategies for Business
Announcements
Follow Security Weekly Productions on LinkedIn for exclusive show clips, insights, and updates across our organization! Stay connected with our hosts and fellow community members, and join the conversation that's shaping the future of cybersecurity.
Guest
Shane’s experience spans the fields of cybersecurity, national security, trade secret protection, technology innovation, and building defenses against cyber and insider threats. He has assisted organizations in reducing the risk of cybercrime and espionage, detecting and disrupting active threats, and combatting national security threats faced by the public and private sectors.
Shane approach to reducing cyber and national security risks are shaped by his tenure in the FBI, where he served as a Supervisory Special Agent and Special Agent. During his time in the field, he investigated cybercrime, acts of terrorism, economic espionage, and trade secret theft. He also established and led a group responsible for developing innovative cyber and counterintelligence technologies.
Shane has contributed to the book “Cyber Forensics: Understanding Information Security Investigations,” where he authored the Insider Threat chapter. Additionally, he has authored well-regarded white papers and news articles, and is recognized as a media spokesperson on cybercrime-related topics, espionage and insider threats.
Hosts
2. Leveraging Open Source and Network Effects to Fight Cybercrime at Scale – Philippe Humeau – ESW #336
One of the biggest challenges in security today is organizations' reluctance to share attack information. Perhaps legal teams are worried about liability, or maybe execs are just embarrassed about security failures. Whatever the reason, this trend makes it difficult for organizations to help each other. CrowdSec's mission is to make this process automated, anonymized, and seamless for security teams.
We talk to Phillip Humeau, one of CrowdSec's founders, about what it's like to build a such an unconventional cybersecurity business - one based around crowdsourcing and open source software.
Announcements
Security Weekly Listeners: We are celebrating the milestone of reaching over 1,000 members of our CISO community. The Cybersecurity Collaboration Forum is a one-stop shop for executive collaboration comprised of CISOs across various industries. If you want to be part of this growing community of CISOs, join us as a member or technology partner. To learn more, visit: securityweekly.com/cybersecuritycollaboration
Guest
Philippe Humeau graduated in 1999 as IT security engineer from EPITA (Paris, France).
He founded his first company at the same time and quickly oriented it towards penetration testing and high-security hosting. He was also deeply involved in Magento’s community creation & animation in France and versed in eCommerce.
In 2020, he founded CrowdSec, a company editing an eponymous open-source and collaborative IPS, leveraging both IP behavior & reputation to create a community and tackle the mass scale hacking problem. His crushes will forever be IT security, DevSecOps, and entrepreneurship.
Hosts
3. Securing AI, SingTel sells Trustwave, Yubico IPO, Healthcare attacks & CISO Tenure – ESW #336
This week, in the enterprise security news,
- AI dominates new funding rounds (I’m shocked. This is my shocked face.)
- The buyer’s market continues, with lots of small acquisitions
- SingTel sells off Trustwave at a significant loss
- Yubico goes public (actually, a month ago, sorry we missed it)
- Yubico can also now ship pre-registered security keys
- New cybersecurity tools for board and exec-level folks
- Lessons learned from recent ransomware attacks
- Healthcare is increasingly under attack
- A study on CISO tenure - longer than you might think!
- Don’t miss today’s squirrel stories at the end!
All that and more, on this episode of Enterprise Security Weekly.
Announcements
Join our cybersecurity community on Discord! Connect directly with our expert hosts, join discussions with fellow audience members, and customize your notifications to receive alerts every time an episode of your favorite show publishes. Get your invite at securityweekly.com/discord!
Hosts
- 1. FUNDING: Gutsy launches with huge $51M seed to bring process mining to security
- 2. FUNDING: French cybersecurity startup HarfangLab raises €25M Series A to further its European expansion
- 3. FUNDING: Conveyor raises $12.5M to automate security reviews using LLMs
- 4. FUNDING: Lakera and Deasie raise funding to make AI large language models more reliable – SiliconANGLE
- 5. FUNDING: Lakera launches to protect large language models from malicious prompts
$10M Seed round led by Redalpine
- 6. FUNDING: Cyviation Raises Additional $4M in Funding
- 7. FUNDING: Vera wants to use AI to cull generative models’ worst behaviors
$2.7M Seed round led by Differential Ventures
- 8. ACQUISITIONS: Zyston LLC Announces the Strategic Acquisition of Blue Lava
- 9. ACQUISITIONS: Arctic Wolf acquires cybersecurity automation platform Revelstoke
- 10. ACQUISITIONS: Uno team joins Okta to accelerate Okta Personal
- 11. ACQUISITIONS: SingTel to sell stake in Trustwave for $205 million
After years of rumors of a sale at a big loss (throughout 2021 and 2022), it looks like SingTel is finally selling off a 98% stake in Trustwave for $205m. It acquired the company for $770m in 2015.
- 12. IPOS: Yubico Goes Public
- 13. NEW FEATURES: Passwordless by default: Make the switch to passkeys
- 14. NEW FEATURES: Jupyter AI
- 15. NEW FEATURES: GitHub’s Secret Scanning Feature Now Covers AWS, Microsoft, Google, and Slack
- 16. NEW FEATURES: Yubico can now ship pre-registered security keys to its enterprise users
- 17. NEW TOOLS: A Tool to Help Boards Measure Cyber Resilience
- 18. NEW TOOLS: How Material is That Hack
- 19. STANDARDS: A New Extension of the FAIR Standard: Introducing the FAIR Materiality Assessment Model (FAIR-MAM)
- 20. LESSONS LEARNED: How Vermont’s largest hospital now protects patient info 3 years after ransomware attack
- 21. LESSONS LEARNED: CISA shares vulnerabilities, misconfigs used by ransomware gangs
- 22. BREACHES: Recent Okta Super Admin Breach: Resilience Tips for Users
- 23. REPORTS: 2023 Ponemon Healthcare Cybersecurity Report
I'm not a huge fan of Ponemon's work, as their methodologies are often questionable, but there are two main reasons I'm including this report:
- Ransomware operators repeatedly promised not to hit hospitals. Clearly that was a lie, and yet, the media and some vendors continue to report on cybercriminal statements as if they're factual (e.g. nearly everything you've read about how the MGM attack went down came from the bad guys).
- Attackers have been learning how to scale their attacks. I used to say that there would be a lot more breaches, but that the ratio of attackers to vulnerable companies was small enough that the number of breaches remained limited. I no longer think that's the case.
- 24. ESSAYS: The Evolution of the BISO Role: Challenges and Opportunities
- 25. ESSAYS: The Security Research Product Function
- 26. ESSAYS: Overcoming Security Obstructionism – mattjay
- 27. BOOKS: Securing Our Future: Embracing The Resilience and Brilliance of Black Women in Cyber
- 28. RESEARCH: F500 CISO Tenure
- 29. MEDIA: Security Newsletters: If you build it, they probably won’t come
- 30. SQUIRREL: Blind CEO Approval Rating: The Most Popular CEOs, According to Employees
- 31. SQUIRREL (and a cat): VA hospital’s IT snafu blamed on cat’s keyboard surfing
