show episodes
 
If you’re looking to understand the business of security, then Business Security Weekly is your show! Matt, Jason, and Paul cover security for senior managers and executives, including business challenges, leadership, and communications! Our special guests provide unique perspectives on real problems and solutions to help organizations secure their environments effectively. Learn how to build your security program, solve real problems, learn leadership skills and so much more!
 
The Cybersecurity Collaborative — in conjunction with Cybereason — is proud to present CISO Stories. Each week CISO Stories takes a deep dive on security leadership with one of the contributors to my latest book, the best-selling CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers. The Cybersecurity Collaborative is a unique membership community enabling cybersecurity leaders to work together in a trusted environment. To learn more, visit: https://www.sec ...
 
Loading …
show series
 
This week in the AppSec News, Mike and John talk: ALPACA surveys protocol confusion, lessons from the EA breach, forgotten lessons about sprintf, Go fuzzing goes beta, security lessons from Kubernetes Goat, basic lessons for OT from CISA, & more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekl…
 
We will provide a short introduction to OWASP SAMM, which is a flagship OWASP project allowing organizations to bootstrap and iteratively improve their secure software practice in a measurable way. Seba will explain the SAMM model, consisting of 15 security practices. Every security practice contains a set of activities, structured into 3 maturity …
 
This week, In the Security News Paul & the crew discuss: Microsoft Patches 6 Zero-Days Under Active Attack, US seizes $2.3 million Colonial Pipeline paid to ransomware attackers, the largest password compilation of all time leaked online with 8.4 billion entries, How to pwn a satellite, One Fastly customer triggered internet meltdown, and I got 99 …
 
What does it mean to protect the attack surface? What's the difference between attack surface protection vs. attack surface management? Rob Gurzeev, CEO and Founder at Cycognito, joins us to discuss why attack surface monitoring needs to run across the entire infrastructure. It's not just about open ports, but finding the assets that are exposed or…
 
OpenWRT is a mature and well supported project. It is supported on many hardware platforms and available as production-level products. OpenWRT has developed into a platform that is filled with enterprise level features, making it a successful product for enterprise uses. Due to the fact that it will run on many IoT platforms, including home gateway…
 
“Behind the scenes of the cyber fight” – talking about the good on the defender side, taking down cyber criminal supply chains, partnerships, taking down ransomware gangs. This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinet to learn more about them! Prior to building a web security program, you have to have a plan. How …
 
This week in the Enterprise News: Proofpoint unveils people-centric innovations across its three platforms, Citrix Secure Internet Access Simplifies Hybrid Workforce Challenges, CyberArk : Advances Industry-Leading Identity Security Platform, AI-powered cybersecurity provider ExtraHop to be acquired for $900M, New Israeli Unicorn Exabeam Hits $2.4 …
 
Traditional options of acquiring network detection and response (NDR) solutions have their individual pros and cons. SaaS or On-Premises NDR solutions allow you to customize it to your environment but require costly care and feeding such as detection tuning that distracts your SOC/IR teams from hunting adversaries. If you go with a Managed NDR you …
 
Doing business with the Federal government has always had its share of requirements and regulations, especially when it comes to storing, processing, or transmitting any sensitive data. In fact, organizations doing business with the Federal government involving sensitive data are well acquainted with the cybersecurity controls they must implement b…
 
This week, we welcome Doug Landoll, CEO at Lantego, to talk about CMMC Program and the DIB Preparation! Doing business with the Federal government has always had its share of requirements and regulations, especially when it comes to storing, processing, or transmitting any sensitive data. In fact, organizations doing business with the Federal gover…
 
Doing business with the Federal government has always had its share of requirements and regulations, especially when it comes to storing, processing, or transmitting any sensitive data. In fact, organizations doing business with the Federal government involving sensitive data are well acquainted with the cybersecurity controls they must implement b…
 
In the Leadership and Communications section, 3 Effective Ways To Improve Your Internal Communication To Boost Employee Engagement, 4 Immediate Measures to Execute After a Cyberattack, 17 cyber insurance application questions you'll need to answer, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://s…
 
This week, we welcome Travis Isaacson, Technical Expertise Manager at Detectify, to discuss Optimize Buying Criteria to Ensure Success of Your New Security Tools! In the Leadership and Communications section, 3 Effective Ways To Improve Your Internal Communication To Boost Employee Engagement, 4 Immediate Measures to Execute After a Cyberattack, 17…
 
Doing business with the Federal government has always had its share of requirements and regulations, especially when it comes to storing, processing, or transmitting any sensitive data. In fact, organizations doing business with the Federal government involving sensitive data are well acquainted with the cybersecurity controls they must implement b…
 
CISOs know the power of security as a driver of business, but other stakeholders often equate security with compliance. Security shouldn’t be viewed as a controlling organ - then it will stall innovation and become a blocker for deploying new techniques. Implemented and evaluated correctly, new security tools should speed up the development process…
 
Doing business with the Federal government has always had its share of requirements and regulations, especially when it comes to storing, processing, or transmitting any sensitive data. In fact, organizations doing business with the Federal government involving sensitive data are well acquainted with the cybersecurity controls they must implement b…
 
Ira Winkler, CISO at Skyline Technology Solutions, recounts his amazing journey from wannabe astronaught to NSA intelligence analyst, social engineer, systems hacker and author and some of the crazy things that happened along the way. Ira is considered one of the world’s most influential security professionals and has been named a “Modern Day James…
 
This week in the AppSec News, Tyler Robinson joins Mike & John to discuss: HTTP/3 and QUIC, bounties for product abuse, Amazon Sidewalk security & privacy, security & human behavior, authentication bypass postmortem, M1RACLES, & more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw153…
 
While web application security is a highly researched topic with a lot of subject familiarity among security professionals, it’s still not easy for security and development teams to navigate modern threats, and understand the differences, and more importantly, the similarities between securing web apps and securing APIs. In the endless battle to ke…
 
This week In the Security News, Paul and the Crew talk: Establishing Confidence in IoT Device Security: How do we get there?, JBS hack latest escalation of Russia-based aggression ahead of June 16 Putin summit, why Vulnerability Management is the Key to Stopping Attacks, Overcoming Compliance Issues in Cloud Computing, Attack on meat supplier came …
 
Over the past year, organizations have rapidly accelerated their digital transformation by leveraging technologies such as cloud and container that support the shift to IoT and a remote workforce. Implementing these technologies has led to considerable growth in the number of IT assets deployed within the enterprise. Traditionally, IT oversees the …
 
We've let the compliance world drive security for so long there are folks that literally have no idea what 'reasonably secure' looks or feels like because they've never seen it before. Segment Resources: phobos.io/orbital Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw697…
 
We want to trust our employees and contractors working within our organizations. For the most part, people are doing their jobs with integrity every day. What happens when an employee decides to leave the organization and start their own business – with our Intellectual property or customer lists? Or when an employee downloads material to work at h…
 
This week in the Security Weekly News, Paul and the Crew Talk: Nagios exploits, hacking a Boeing 747, bypass container image scanning, unpatchable new vulnerability in Apple M1 chips, stop blaming employees (Especially interns), spying on mac users, don't tip off the attackers, security researcher plows John Deere, when FragAttacks, security by des…
 
Rick Howard joins to talk about his Cybersecurity Canon project, the rock and roll hall of fame for Cybersecurity literature! The Cybersecurity Canon Committee has announced it's hall of winners for 2021. Segment Resources: https://icdt.osu.edu/cybercanon Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://secu…
 
Training is critical but it is tough to break away from the day to day. Polarity is running free 15 minute training sessions that leverage our community edition to leave you with a new ability to automate search and save time. Examples include, how to write basic regular expressions, how to find exploit code faster, basics of cyberchef, or how to r…
 
Metrics, Training, Culture – Why Your Phishing Program Isn’t Working - Drew Rose, Living Security Phishing reports have become the standard for measuring security awareness, and yet breaches keep happening. Something is broken. Knowing how to recognize a phishing attempt is a tiny part of creating a security-focused culture and protecting your busi…
 
This week in the Enterprise News, Paul and the Crew talk: Secure and monitor AWS Lamba with new, not related, features from Datadog and Imperva, ServiceNow integrates with Microsoft solutions, SentinelOne wins two awards, Reducing risk with IAM, Kemp lanches Zero Trust, AWS launches another contianer product, Zscaler acquires Smokescreen, Sumo Logi…
 
Loading …

Quick Reference Guide

Copyright 2021 | Sitemap | Privacy Policy | Terms of Service
Google login Twitter login Classic login