Cybersecurity Success is Business Success – Renuka Nadkarni, Theresa Lanowitz – ESW #380
Full Audio
View Show IndexSegments
1. Cybersecurity Success is Business Success – Theresa Lanowitz – ESW #380
Secure by design is more than just AppSec - it addresses how the whole business designs systems and processes to be effective and resilient. The latest report from LevelBlue on Cyber Resilience reveals security programs that are reactive, ill-equipped, and disconnected from IT and business leaders.
Most security problems are out of security teams' hands. Addressing them requires input, buy-in, and action from business leaders and IT. Security cannot afford to be separate from the rest of the organization.
In this interview, we'll discuss how we could potentially solve some of these issues with Theresa Lanowitz from LevelBlue.
Segment Resources:
- Grab your copy of the LevelBlue Futures Report on Cyber Resilience
This segment is sponsored by LevelBlue. Visit https://securityweekly.com/levelblue to learn more about them!
Sponsored By
Guest
Theresa Lanowitz is the Chief Cybersecurity Evangelist at LevelBlue.
Theresa is a globally respected leader known for her deep and diverse experience in cybersecurity.
Host
2. Exploring Unified SASE as a Service – Renuka Nadkarni – ESW #380
Implementing SASE can be tricky and onerous, but it doesn't have to be. Today, we discuss Unified SASE as a Service with Renuka Nadkarni, Chief Product Officer at Aryaka. Particularly, how can Unified SASE make both networking and security more flexible and agile?
IT and security professionals need to ensure secure and performant applications and data access to all users across their distributed global network without escalating cost, risk or complexity, or sacrificing user experience.
This segment is sponsored by Aryaka. Visit https://securityweekly.com/aryaka to learn more about them!
Sponsored By
Guest
Renuka Nadkarni is a security veteran with 20 years of experience in launching startups and businesses within large publicly traded companies. She formerly held a CTO Security position at F5 Inc., where she was instrumental in driving their entry into the security market. Renuka holds an MS in Electrical Engineering from the University of Houston and a BS from the University of Mumbai.
Host
3. Alternative CISO career paths, budget planning, and one easy trick to bypass EDR! – ESW #380
Finally, in the enterprise security news,
- HUMAN, Relyance AI, and watchTowr raise funding this week
- Alternative paths to becoming a CISO
- Vendor booths don’t have to suck (for vendors or conference attendees!)
- Budget planning guidance for 2025
- CISOs might not be that great at predicting their own future needs
- Use this one easy trick to bypass EDR!
- Analyzing the latest breaches and malware
- You probably shouldn’t buy a Fisker Ocean, no matter how cheap they get
All that and more, on this episode of Enterprise Security Weekly.
Hosts
- 1. FUNDING: HUMAN, Relyance AI, and watchTowr raise money this week
This week, we look three startups that have raised funding:
- HUMAN Raises $50+ Million in Growth Funding to Protect the Digital Customer Journey and Defend Against Bots, Fraud and Risk
- Relyance AI Raises $32 Million Series B Funding to Safeguard AI Innovation in the Enterprise
- Singapore-based watchTowr Raises $19 Million to Redefine External Attack Surface Management Worldwide
- 2. ESSAYS: Five alternative paths to the CISO chair
As the CISO role matures, it becomes more and more common to see folks in the role that don't have an overly technical background.
- 3. ESSAYS: RSAC/Blackhat booths don’t have to suck
The latest update from Thinkst on how to booth correctly. Point your CMOs and event marketing folks to this one!
- 4. PODCASTS: Budget Planning Guide 2025: Security And Risk – Jeff Pollard – BSW #368
I normally don't promote other Security Weekly podcasts this overtly, but this one is really, really good. You really shouldn't miss it. Jeff is sharp and has really done some homework on security budget trends. Very interesting insights here.
- 5. REPORTS: 2025 CISO Perspectives Report Data
Complete this series of statements:
- CISOs in 2015: "MFA is the future of cybersecurity"
- CISOs in 2024: "MFA can't keep pace with evolving threats."
- CISOs in 2024: "Zero Trust is the future of cybersecurity"
- CISOs in 2033:
- 6. TOOLS: Silent Threat: Red Team Tool EDRSilencer Disrupting Endpoint Security Solutions
I was curious about how the tool was bypassing so many EDR products, so I did some research. The method they're using is hilarious:
- Look for known EDR processes
- Use the Windows Packet Filter to block any outbound comms coming from those processes
facepalm
- 7. VULNERABILITIES: Vulnerable instances of Log4j still being used nearly 3 years later
Tech debt is a really, really hard problem.
- 8. MALWARE: Threat Brief: Understanding Akira Ransomware
Read up on the TTPs used by the latest ransomware.
- 9. BREACHES: Internet Archive hacked, data breach impacts 31 million users
I guess it's inevitable - the Internet Archive never forgets, and there are a lot of folks out there that very much want the internet to forget certain things. That makes them a target. I don't actually know what the motive is here - I'm just guessing.
- 10. BREACHES: Marriott faces $52 million FTC fine and reprimand over data breaches
What. A. Mess.
A total of 7 years of dwell time across three breaches and two organizations (Marriott and Starwood - before, during, and after the merger).
For anyone interested in digging into breach details, FTC Compliants are full of them. Here's the complaint for this one: https://www.ftc.gov/system/files/ftc_gov/pdf/1923022marriottcomplaint.pdf
- 11. SQUIRREL: Fisker EVs can’t be ported to new server
