Enterprise Security WeeklySubscribe
Leadership, Breach, Security Strategy, Plan, Budget, Network Security, Security Program Controls/Technologies, Security Management, Endpoint/Device Security, SASE

Cybersecurity Success is Business Success – Renuka Nadkarni, Theresa Lanowitz – ESW #380

Full Audio

View Show Index

Segments

1. Cybersecurity Success is Business Success – Theresa Lanowitz – ESW #380

Secure by design is more than just AppSec - it addresses how the whole business designs systems and processes to be effective and resilient. The latest report from LevelBlue on Cyber Resilience reveals security programs that are reactive, ill-equipped, and disconnected from IT and business leaders.

Most security problems are out of security teams' hands. Addressing them requires input, buy-in, and action from business leaders and IT. Security cannot afford to be separate from the rest of the organization.

In this interview, we'll discuss how we could potentially solve some of these issues with Theresa Lanowitz from LevelBlue.

Segment Resources:

This segment is sponsored by LevelBlue. Visit https://securityweekly.com/levelblue to learn more about them!

Sponsored By

LevelBlue

Guest

Chief Evangelist at LevelBlue

Theresa Lanowitz is the Chief Cybersecurity Evangelist at LevelBlue, a strategic alliance between AT&T and WillJam Ventures, that simplifies cybersecurity for the businesses fueling our global economy.

With a distinguished career in the technology industry, she has held influential roles at companies including Gartner, Borland, Taligent, and Sun Microsystems, significantly impacting application security and emerging technologies.

Theresa is a globally respected leader known for her deep and diverse experience in cybersecurity. Theresa frequently speaks at major industry conferences, sharing her insights on high tech trends, AI integration, and the evolving threat landscape.

Theresa holds a Bachelor of Science in Computer Science from the University of Pittsburgh, Pittsburgh, PA.

Host

Principal Researcher at The Defenders Initiative

2. Exploring Unified SASE as a Service – Renuka Nadkarni – ESW #380

Implementing SASE can be tricky and onerous, but it doesn't have to be. Today, we discuss Unified SASE as a Service with Renuka Nadkarni, Chief Product Officer at Aryaka. Particularly, how can Unified SASE make both networking and security more flexible and agile?

IT and security professionals need to ensure secure and performant applications and data access to all users across their distributed global network without escalating cost, risk or complexity, or sacrificing user experience.

This segment is sponsored by Aryaka. Visit https://securityweekly.com/aryaka to learn more about them!

Sponsored By

Aryaka

Guest

Chief Product Officer at Aryaka

Renuka Nadkarni is a security veteran with 20 years of experience in launching startups and businesses within large publicly traded companies. She formerly held a CTO Security position at F5 Inc., where she was instrumental in driving their entry into the security market. Renuka holds an MS in Electrical Engineering from the University of Houston and a BS from the University of Mumbai.

Host

Principal Researcher at The Defenders Initiative

3. Alternative CISO career paths, budget planning, and one easy trick to bypass EDR! – ESW #380

Finally, in the enterprise security news,

  1. HUMAN, Relyance AI, and watchTowr raise funding this week
  2. Alternative paths to becoming a CISO
  3. Vendor booths don’t have to suck (for vendors or conference attendees!)
  4. Budget planning guidance for 2025
  5. CISOs might not be that great at predicting their own future needs
  6. Use this one easy trick to bypass EDR!
  7. Analyzing the latest breaches and malware
  8. You probably shouldn’t buy a Fisker Ocean, no matter how cheap they get

All that and more, on this episode of Enterprise Security Weekly.

Hosts

Principal Researcher at The Defenders Initiative
  1. 1. FUNDING: HUMAN, Relyance AI, and watchTowr raise money this week

    This week, we look three startups that have raised funding:

    1. HUMAN Raises $50+ Million in Growth Funding to Protect the Digital Customer Journey and Defend Against Bots, Fraud and Risk
    2. Relyance AI Raises $32 Million Series B Funding to Safeguard AI Innovation in the Enterprise
    3. Singapore-based watchTowr Raises $19 Million to Redefine External Attack Surface Management Worldwide
  2. 2. ESSAYS: Five alternative paths to the CISO chair

    As the CISO role matures, it becomes more and more common to see folks in the role that don't have an overly technical background.

  3. 3. ESSAYS: RSAC/Blackhat booths don’t have to suck

    The latest update from Thinkst on how to booth correctly. Point your CMOs and event marketing folks to this one!

  4. 4. PODCASTS: Budget Planning Guide 2025: Security And Risk – Jeff Pollard – BSW #368

    I normally don't promote other Security Weekly podcasts this overtly, but this one is really, really good. You really shouldn't miss it. Jeff is sharp and has really done some homework on security budget trends. Very interesting insights here.

  5. 5. REPORTS: 2025 CISO Perspectives Report Data

    Complete this series of statements:

    1. CISOs in 2015: "MFA is the future of cybersecurity"
    2. CISOs in 2024: "MFA can't keep pace with evolving threats."
    3. CISOs in 2024: "Zero Trust is the future of cybersecurity"
    4. CISOs in 2033:
  6. 6. TOOLS: Silent Threat: Red Team Tool EDRSilencer Disrupting Endpoint Security Solutions

    I was curious about how the tool was bypassing so many EDR products, so I did some research. The method they're using is hilarious:

    1. Look for known EDR processes
    2. Use the Windows Packet Filter to block any outbound comms coming from those processes

    facepalm

  7. 7. VULNERABILITIES: Vulnerable instances of Log4j still being used nearly 3 years later

    Tech debt is a really, really hard problem.

  8. 8. MALWARE: Threat Brief: Understanding Akira Ransomware

    Read up on the TTPs used by the latest ransomware.

  9. 9. BREACHES: Internet Archive hacked, data breach impacts 31 million users

    I guess it's inevitable - the Internet Archive never forgets, and there are a lot of folks out there that very much want the internet to forget certain things. That makes them a target. I don't actually know what the motive is here - I'm just guessing.

  10. 10. BREACHES: Marriott faces $52 million FTC fine and reprimand over data breaches

    What. A. Mess.

    A total of 7 years of dwell time across three breaches and two organizations (Marriott and Starwood - before, during, and after the merger).

    For anyone interested in digging into breach details, FTC Compliants are full of them. Here's the complaint for this one: https://www.ftc.gov/system/files/ftc_gov/pdf/1923022marriottcomplaint.pdf

  11. 11. SQUIRREL: Fisker EVs can’t be ported to new server
Chief Technologist and Senior Director of Programs at CyberRisk Collaborative

Related

Addressing Cybersecurity Disparities – Erin Baudo Felter – OKT24 #2

Though 75% of cybersecurity professionals say the threat landscape today is the most challenging they’ve seen in the last five years, cutbacks on the cybersecurity workforce and widening skills gaps are creating challenges for the industry. It is becoming harder to find people with the right skills to meet growing and evolving needs. Erin Baudo Fel...