Meet Silver SAML: Golden SAML in the Cloud – Eric Woodruff – BSW #348
Full Audio
View Show IndexSegments
1. Meet Silver SAML: Golden SAML in the Cloud – Eric Woodruff – BSW #348
A hybrid workforce requires hybrid identity protection. But what are the threats facing a hybrid workforce? As identity becomes the new perimeter, we need to understand the attacks that can allow attackers access to our applications. Eric Woodruff, Product Technical Specialist at Semperis, joins Business Security Weekly to discuss those attacks, including a new attack technique, dubbed Silver SAML. Join this segment to learn how to protect your hybrid workforce.
Segment Resources: https://www.semperis.com/blog/meet-silver-saml/&utmsource=cra&utmcampaign=bsw-podcast
This segment is sponsored by Semperis. Visit https://securityweekly.com/semperis to learn more about them!
Sponsored By
Announcements
Security Weekly listeners save $100 on their RSA Conference 2024 Full Conference Pass! RSA Conference will take place May 6 to May 9 in San Francisco and on demand. To register using our discount code, please visit securityweekly.com/rsac24 and use the code 54USECWEEKLY! We hope to see you there!
On the evening of Monday, May 6, 2024, W2 Communications and CyberRisk Alliance are bringing CYBERTACOS back to San Francisco! If eating FREE tacos, sipping on margaritas and mingling with cyber professionals from all over the world sounds good to you, make sure to register to secure your spot! Visit securityweekly.com/cybertacos to RSVP today!
Guest
Throughout his 23-year career in information technology, Eric has sought out and held a diverse range of roles, including technical manager in the public sector, Sr. Premier Field Engineer at Microsoft, and Security and Identity Architect in the Microsoft Partner ecosystem. Currently he serves as a Product Technical Specialist at Semperis, focusing on ITDR and cloud identity resilience. Eric is a Microsoft MVP for security, recognized for his expertise in the Microsoft identity ecosystem. Outside of work, Eric supports the professional community, providing his insights and expertise at conferences, participating on the IDPro Body of Knowledge Committee, and blogging about Entra and related cloud security topics.
Hosts
2. Board’s Pivotal Role in Cybersecurity as CISO-CEO Communication Gaps Continue – BSW #348
In the leadership and communications section, The Board's Pivotal Role in Steering Cybersecurity, CISO-CEO communication gaps continue to undermine cybersecurity, The Essence of Integrity in Leadership: A Pillar of Trust and Excellence, and more!
Announcements
Google has announced that they will be shutting down the Google Podcasts platform in mid-2024. To ensure that you don't lose access to the Security Weekly content you know and love, please make sure that you subscribe to your favorite podcasts feeds on an alternative platform such as Spotify, YouTube Music, Amazon Music, Apple Podcasts, Overcast, Podcast Addict, PocketCasts, or anywhere else you listen to podcasts! Visit securityweekly.com/subscribe to find the buttons to subscribe to each show now!
Security Weekly listeners: Join the digital identity community at the ARIA Resort & Casino in Las Vegas, May 28 – 31. The 15th annual Identiverse will bring together over 3,000 security professionals for 4 days of world-class learning, engagement, and entertainment.
As a community member, receive 25% off your Identiverse 2024 tickets using code IDV24-SW25!
Register today: securityweekly.com/idv2024
Hosts
- 1. The Board’s Pivotal Role in Steering Cybersecurity
In an age where cyber threats loom large over every industry, the responsibility of managing these risks increasingly falls upon the shoulders of organizational leadership, particularly the board of directors. The rise in cybercrime's sophistication and frequency underscores the need for a top-down approach to cybersecurity. The board's role transcends traditional governance, delving into active engagement in cybersecurity strategies. Here are my thoughts regarding how the board can prioritize cyber risk, align organizational resources, and foster a culture of cyber resilience.
- 2. IT leaders hiring CISOs aplenty, but don’t fully understand the role
Most businesses now have a CISO, but perceptions of what CISOs are supposed to do, and confusion over the value they offer, may be holding back harmonious relations, according to a report
- 3. CISO-CEO communication gaps continue to undermine cybersecurity
CISO and CEOs still face a communication barrier, making it difficult for senior executives to understand what cyber risks - and cybersecurity - mean for their companies, the CEO and president of Qualys said in London last week.
- 4. Bridging the Gap: Simplifying Cybersecurity Communication for Non-Technical Audiences
In the dynamic world of cybersecurity, effective communication is paramount for bridging the gap between technical experts and non-technical stakeholders.
Whether you’re a cybersecurity professional, educator, or advocate, mastering the art of simplifying complex technical concepts for a broader audience is key to driving awareness, engagement, and action.
In this article, we explore ten proven strategies for simplifying cybersecurity communication and making it accessible to all.
- 5. Are you a toxic cybersecurity boss? How to be a better CISO
Horrible bosses are everywhere but cybersecurity appears to be particularly problematic, leading to talent-retention issues and security risks. Here’s how not to be a toxic CISO.
- 6. The Essence of Integrity in Leadership: A Pillar of Trust and Excellence
Integrity, often heralded as the cornerstone of effective leadership, embodies a commitment to honesty, transparency, and ethical conduct. In the realm of leadership, integrity serves as a guiding light, illuminating the path towards trust, accountability, and organizational excellence. This essay explores the indispensable role of integrity in leadership, examining its significance, impact, and enduring relevance in fostering sustainable success.
- 7. Alarming Decline in Cybersecurity Job Postings in the US
A new study by CyberSN warns that the overall number of cybersecurity job postings in the US decreased by 22% from 2022 to 2023.
The cyber job platform provider added that this decline is alarming and could impact national security, as some of these roles are essential for maintaining organizational and national cyber defenses.
