Identity Verification, Telemetry Data, Pickleball Chaos – Tucker Callaway, Rob O’Farrell – ESW #343
Full Audio
View Show IndexSegments
1. The Pillars of Trust in Identity Verification – Rob O’Farrell – ESW #343
On this podcast, we've often struggled with whether or not to include stories and discussion on identity verification. Is identity verification cybersecurity proper, or cybersecurity adjacent as part of fraud prevention? As always, when we're unsure, we find folks to talk to and learn more.
Today, we'll be learning about weak points in the identity verification chain from Rob O'Farrell. He'll also be helping us to understand what identity verification is, and why it's important to cybersecurity overall. As more and more of the world is digitized (especially the lagging healthcare industry in the US), reliable identity verification seems more important every day.
Segment Resources:
Announcements
Security Weekly listeners: Cyber threats are evolving — is your organization keeping up? The 2023 Cybersecurity Year in Review is Here! Uncover the latest challenges and strategic responses in CRA's 2023 Cybersecurity Year in Review – sponsored by RSA Conference. From the impact of generative AI to the risks of ransomware to navigating new SEC rulings, get ahead for 2024 with your free copy. Download the report at securityweekly.com/yearinreview2023
Guest
Rob O’Farrell is the Chief Technology Officer (CTO) and co-founder of ID-Pal, a global identity verification provider enables businesses to verify identities and addresses instantly. By combining cutting-edge biometric technology, document verification, and database checks, ID-Pal offers an unparalleled solution that enhances OFAC screening and Know Your Customer (KYC) processes and is also available on the Salesforce AppExchange.
Prior to ID-Pal, Rob established consultancy business Perfutil Technologies, which boasts the largest Utilities in Europe as clients, and builds complex data-driven software for the biggest brands in the world. During this time, Rob led teams designing software to manage the electricity and gas grids in multiple countries including Ireland, the UK, Belgium and the Netherlands.
Rob has 20 years experience working in AI, machine learning and automation and has a deep understanding of the identity verification space. Rob has a degree in Computational Physics and Chemistry, a Masters in Computational Chemistry and a Masters in Multimedia Systems all from Trinity College Dublin.
Hosts
2. Telemetry Data’s Role in Cybersecurity – Tucker Callaway – ESW #343
What is telemetry data and why is it important to cybersecurity? Why is it such a pain to collect, store and use? How do we improve our ability to gather and benefit from this data? Today, Tucker Callaway, the CEO of Mezmo joins us to answer all these questions and help us understand the future of the SIEM and other cybersecurity data tools.
Announcements
Join our cybersecurity community on Discord! Connect directly with our expert hosts, join discussions with fellow audience members, and customize your notifications to receive alerts every time an episode of your favorite show publishes. Get your invite at securityweekly.com/discord!
Guest
Tucker Callaway is the CEO of Mezmo. He has more than 20 years of experience in enterprise software, with an emphasis on developer and DevOps tools. He is responsible for driving Mezmo’s growth across all revenue streams and creating the foundation for future revenue streams and go-to-market strategies. He joined Mezmo in January 2020 as president and CRO and took the torch as CEO six months later. Prior to Mezmo, he served as CRO of Sauce Labs and vice president of worldwide sales at Chef.
Hosts
3. Funding continues for early startups, cybersecurity isn’t special, but pickleball is – ESW #343
On this week's news segment, we pick up where we left off with Doug running the show last week. We discuss current early stage categories, AD canarytokens, and low hanging vulns. We talk about why cybersecurity is important, but not nearly as unique or special as some might have you think. The goal of patching faster than exploits can be used - is it a fool's errand?
Also, pickleball - the country's fastest growing sport, is causing chaos across the nation.
Announcements
Stay up-to-date with us on X (formerly known as Twitter) for the latest show clips and updates! Find us @SecWeekly and stay connected with our cybersecurity community.
Hosts
- 1. FUNDING: ArmorCode Raises $40M in Series B Funding
- 2. FUNDING: Mine Raises $30M in Series B Funding
- 3. FUNDING: Announcing our $22M Series B
- 4. FUNDING: ProvenRun secures €15 million Series A to accelerate its growth in security-by-design for the Internet of Things (IoT) – ProvenRun
- 5. NEW COMPANIES: Xeol: Secure from Code to Deploy
- 6. NEW COMPANIES: Enveedo
- 7. NEW FEATURES: A (beta) Canarytoken for Active Directory Credentials
- 8. TRENDS: State of the Cloud 2023
- 9. LESSONS LEARNED: Real-Life Lessons in Breach Response – SafeBase Blog
- 10. ATTACKS: SQL Brute Force Leads to BlueSky Ransomware – The DFIR Report
I'm sorry, did you say XP-CMDSHELL???
What Year is It.GIF
- 11. ATTACKS: What it means — CitrixBleed ransom group woes grow as over 60 credit unions, hospitals…
- 12. ATTACKS: North Korean hacking ops continue to exploit Log4Shell
- 13. ESSAYS: Cybersecurity Isn’t Special
SHOTS FIRED
- 14. BEST PRACTICES: CISA’s Goldstein wants to ditch ‘patch faster, fix faster’ model
We're seeing a lot of shifting from traditional models and assumptions now that failures (mostly ransomware) is hitting companies hard, and often. We've long had the data telling us that using patching as a defensive measure requires extremely quick response. Quicker than most organizations can muster.
If vulns are going to be exploited, they'll generally happen in hours or days. At that scale, there are only a few options:
- fully automate software updates and skip QA/safety testing altogether
- put mitigations in place very quickly (e.g. virtual patching, vuln/exploit-specific mitigations)
- design systems/networks to be more resilient to attacker actions in general (e.g. isolation, zerotrust, principle of least privilege, etc)
We saw the latter two in action following Okta's latest breach, as BeyondTrust, Cloudflare, and 1Password seemed to detect the attacks very quickly, and (according to them, at least) were able to isolate and eradicate the attackers.
In another example, the folks that fared best during the Log4Shell debacle were those that denied outbound comms by default for servers or any other systems that didn't really need it. Turns out that malicious code can't do much damage if it can't communicate back out!
In conclusion, I hate to say that traditional vuln management seems like a waste of time, but... I don't think getting OT vendors to switch to rust, as CISA suggests, is the solution either.
- 15. REPORTS: The Continued Threat to Personal Data – Key Factors Behind the 2023 Increase
A report commissioned by Apple, concluding that we need... more encryption to stop more breaches??
- 16. REGULATIONS: FBI explains how companies can delay SEC cyber incident disclosures
- 17. SQUIRREL: ‘FYI Pickleball DRAMA’: Local Governments Overwhelmed By Tennis-Pickleball Turf Wars, Documents Show
- 18. SQUIRREL: T’was the Night Before the Breach — 2023 Edition
