SIEM: Shakeup in Event Management – What’s Happening in the SIEM market today? – Jason Shockey, Seth Goldhammer – ESW #377
Full Audio
View Show IndexSegments
1. SIEM: Shakeup in Event Management – What’s Happening in the SIEM market today? – Seth Goldhammer – ESW #377
The SIEM market has undergone some significant changes this summer. This is a great opportunity to talk about the current state of SIEM! In this conversation, we'll discuss:
- market changes and terminology: security analytics, data lakes, SIEM
- what is SOAR's role in the current SIEM market?
- machine learning and generative AI's role
- strategies for implementing a SIEM
- common mistakes that still lead to SIEMs becoming shelfware
- and much more!
Both Seth and Adrian have a long history when it comes to SIEMs, so this conversation will be packed with anecdotes, stories, and lessons learned!
This segment is sponsored by Graylog. Visit https://securityweekly.com/graylog to learn more about them!
Sponsored By
Guest
Seth Goldhammer, Graylog’s Vice President of Product Management, holds more than 20 years of experience in cybersecurity with a proven track record of driving innovation in the industry. He founded network access control pioneer Roving Planet and held product management leadership roles at TippingPoint, 3Com, and HP. He was the inaugural product manager at LogRhythm, and the first executive hired at Spyderbat, a cloud-native security startup.
Hosts
2. Oh the Places You’ll Go (in Cybersecurity) – Jason Shockey – ESW #377
We've been hearing a lot lately about how the talent gap in cybersecurity is much more complex than some folks have been making it out to be. While making six figures after going through a six week boot camp might be overselling the cybersecurity job market a bit, it is definitely a complex space with lots of opportunities.
Fortunately, we have folks building passion projects like My Cyber Path. When Jason transitioned into cyber from the military, he took note of the path he took. He also noticed how different the path was for many of his peers. Inspired by NIST NICE and other programs designed to help folks get a start in cyber, he created My Cyber Path.
My Cyber Path has a very organized approach. There are 12 paths outlined, which fall into 4 main areas. After taking a personality test, this tool suggests the best paths for you. Hmmm, this sounds a lot like the sorting hat in Harry Potter, and there are 4 "houses" you could get put into... coincidence?
Segment Resources: My Cyber Path has a free account where people can get matched to a cybersecurity work role based on their interests and personality traits and get access to free areas in the platform without having to save a credit card.
Guest
Jason Shockey is the founder of mycyberpath.com and passionate about helping people get into the cybersecurity industry and level up throughout their careers. He is a Chief Information Security Officer in the financial services industry. Prior to his CISO roles, Jason served 20 years active duty in the US Marine Corps as a technology leader conducting cyberspace operations, incident response, and cyber risk management. Three of those years he served with the Cyber National Mission Force at Ft. Meade, MD. Jason believes there is a place for everyone on the cybersecurity team.
Hosts
3. Quantum threats, SOC automation, funding trends – ESW #377
In the Enterprise News, the hosts discuss various trends and challenges in the cybersecurity landscape, including the evolution of terminology, funding trends, the emergence of new startups, and the impact of AI on security practices. They also explore the challenges faced by CISOs, the importance of humor in the industry, and the future of quantum readiness. The conversation highlights the need for clarity in cybersecurity messaging and the potential for consolidation in the market.
Hosts
- 1. FUNDING: New rounds of funding for Picus, Intezer, EasyDMARC, and Eclypsium
- Picus Security $45M Series C - was once BAS, is now "Adversarial Exposure Validation"!?
- Intezer $33M Series C for AI-enabled SOC automation
- EasyDMARC $20M Series A for email authentication security
- Eclypsium $19.7M Series B extension (?)
Funding info courtesy the Security, Funded newsletter. Sign up for free!
- 2. ACQUISITIONS: Swiss Post boosts its expertise in cybersecurity (by acquiring Open Security
Open Security is a Swiss SASE vendor. This move reminds me a bit of Mastercard picking up cybersecurity, and older examples of AT&T picking up companies like Alienvault.
- 3. NEW COMPANIES: ESPROFILER
I'm really curious to hear how well this works. This could be a potential holy grail to help security teams limit how much they get distracted by tools OR it could be the opposite and could lead to them obsessing over filling meaningless gaps and getting TOO focused on tools.
- 4. NEW COMPANIES: Opnova Banks Seed Capital to Tackle Security, IT Automation
OpNova is the latest startup from Sinan Eren, who previously sold Fyde (ZTNA) to Barracuda, and before that, Remotium (secure remote apps) to Avast.
I love that there are more automation vendors popping up. I'm eager to check out what they're going to do in this space, and it makes me happy to see products getting refined and polished. We've come a long way from the early Phantom and Demisto years!
- 5. INTERVIEW: Wendy Nather on the ‘Topics That Are Distracting CISOs’
In this interview (recorded shortly before Cisco axed most of the folks I know over there, including the folks in this video), Wendy remarks on some of the distractions affecting CISOs, including:
- the pandemic (hybrid work models and remote employees in particular)
- AI concerns - AI is coming into the enterprise regardless of whether anyone wants it or is ready for it! In particular, generative AI tends to highlight data hygiene and governance issues.
- supply chain security - this also connects to AI, as everyone tries to profit off their customers' data (often without explicitly telling customers or partners this!
- breaches and CISO liability
Burnout: The constant pressure, distractions, and personal risks are contributing to high levels of burnout among CISOs, compounding the already demanding nature of the role.
- 6. ESSAYS: Security has too many tools
This is an excellent summary of the state of security, and the challenges getting in the way. It's about a lot more than tools, but concludes that tools are often a distraction. Coincidentally, this pairs well with the Wendy Nather interview we're discussing this week!
This story also pairs well with the new company we're discussing this week, ESPROFILER.
- 7. ESSAYS: Managing Apple Intelligence via MDM
A great post from occasional co-host Guillaume Ross. It hadn't even occurred to me that enterprises might want some control over Apple Intelligence on employee devices. Guillaume did the work and put it together in a handy little post.
Don't let the .ZIP domain scare you off, you can safely click this link, I promise ;-)
- 8. REPORTS: Quantum Readiness Roadmap: What Technology Leaders Need to Know about the Quantum Threat
We just did a webcast with Quantum Xchange, and it was a great discussion on exactly this: https://www.scworld.com/cybercast/what-the-nist-post-quantum-cryptography-pqc-standard-means-to-enterprises
My main concern is that post-quantum encryption projects are never going to be important enough to get the attention or resources they need to happen. So 10 years from now, we'll be talking about post-quantum crypto tech debt.
One thing that gave me hope, however, is that this webcast was super well attended and attendees were engaged, active in the chat, and asking tons of questions!
- 9. SQUIRREL: Comedian John Mulaney roasts SF techies at Dreamforce
John Mulaney ROASTS Salesforce employees, customers, and partners at their own event. On their dime. Strap in.
