Info

Enterprise Security Weekly (Video)

If you’re looking for advice and information on enterprise security solutions, look no further than Enterprise Security Weekly! We give you an “insider” perspective into security vendors, including coverage on new product announcements, integrations, funding, M&A, and more! Adrian, Tyler, Katie, and Sean have unique perspectives on the enterprise security landscape. All four hosts are former analysts. Adrian has been a consultant, practitioner, founder, and runs Security Weekly Labs. Tyler has spent many years as a marketing executive for security vendors. Katie has also recently moved to a vendor marketing role. Sean is founder and CTO at Trimarc Security, a professional services company which focuses on improving enterprise security. Together they provide valuable resources for protecting the enterprise and following the market each week!
RSS Feed Subscribe in Apple Podcasts
Enterprise Security Weekly (Video)
2024
July
June
May
April
March
February
January


2023
December
November
October
September
August
July
June
May
April
March
February
January


2022
December
November
October
September
August
July
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April


Categories

All Episodes
Archives
Categories
Now displaying: Page 7
May 11, 2023

We are nearly half way through 2023, and we're seeing some new trends surface in the cyber landscape. These include generative artificial intelligence, which was everywhere at RSA Conference this year, as well as automation across security operations and the continued need for skilled expertise. Join Matt Alderman from CyberRisk Alliance and Antonio Sanchez, Principal Evangelist at Fortra, as they dive into 2023 cybersecurity trends and observations.

Segment Resources:

https://www.fortra.com/resources/cybersecurity-education?code=cmp-0000011812&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=contsynd&utm_campaign=ft-brand-awareness

https://www.fortra.com/products/bundles?code=cmp-0000011812&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=contsynd&utm_campaign=ft-brand-awareness

 

This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw317 

May 5, 2023

“Man plans, the Universe laughs” - unfortunately, that’s been the saying for far too long when it comes to cybersecurity. Security leaders know it's only a matter of time before their organization gets breached, but instead of being ready for it, they rely on fixing the problem after it happens. In Cisco’s newest report, the first ever Cybersecurity Readiness Index, it was found that a small minority of businesses globally (15%) consider themselves to be ready and able to defend against the expanding array of cybersecurity risks and threats of today. Organizations need to get ready and stay ready with solutions they can trust.

This segment is sponsored by Cisco. Visit https://securityweekly.com/ciscorsac to learn more about them!

 

OpenText Cybersecurity is on a mission to simplify security by delivering smarter, innovative solutions. Geoff Bibby, the SVP of OpenText Cybersecurity Marketing & Strategy, will offer insight into the company’s purpose-built approach to create a powerhouse cybersecurity portfolio that scales to meet the security needs of large enterprises down to individual consumers. This segment is sponsored by OpenText. Visit https://securityweekly.com/opentextrsac to learn more about them!

 

The continued headcount shortage facing cybersecurity teams is driving many organizations to embrace Managed Detection and Response (MDR) as a way to combat cyber threats. With this demand, dozens of MDR companies have emerged over the past two years. Critical Start’s CTO, Randy Watkins, will discuss the origin of MDR, share evaluation tips, and reveal some of the potential pitfalls.

This segment is sponsored by Critical Start. Visit https://securityweekly.com/criticalstartrsac to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw316 

May 5, 2023

Christopher will delve into what lateral security/lateral movement are and identify key lateral security tools (network segmentation, micro-segmentation, advanced threat prevention systems, network sandboxes, and network traffic analysis/network detection and response). He will also touch on why automation is important when it comes to consistent security and the current threat landscape.

Segment Resources:

https://cio.vmware.com/2023/03/why-cisos-are-looking-to-lateral-security-to-mitigate-ransomware.html

https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/docs/lateral-security-is-the-new-cybersecurity-battleground-solution-overview.pdf

https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/docs/vmw-ransomware-lateral-security.pdf

 

This segment is sponsored by VMware. Visit https://securityweekly.com/vmwarenetsecrsac to learn more about them!

 

AT&T Cybersecurity released its 12th annual Cybersecurity Insights Report, “Edge Ecosystem,” which highlights the dramatic shift in computing underpinned by 5G, the edge, and the convergence of networking and security. The report found that business and technology leaders are finally coming together not just to understand the new edge computing ecosystem, but to make more predictable, data-informed business decisions. Collaboration among these leaders, as well as external partners in the ecosystem, will be critical for the edge journey ahead – but more progress must be made to better leverage the edge and transform the business.

This segment is sponsored by AT&T Cybersecurity. Visit https://securityweekly.com/attrsac to learn more about them!

 

EASM is a critical component of continuous threat exposure management and a necessary step in improving validation and vulnerability management processes. Gartner recently published a report describing the evolution of EASM and where it's headed in the market. e're excited to see the market move in this direction because, at NetSPI, we're already committed to investing in our team and technology to stay ahead of these trends. We already have a head start.

 

This segment is sponsored by NetSpi. Visit https://securityweekly.com/netspirsac to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw316 

May 5, 2023

This week, we start with the news: 2 weeks of news to catch up on! 16 funding stories, 4 M&A stories, Cybereason prunes its valuation… a lot, First Republic Bank seized by FDIC, Ransomware is irrelevant Sun Tzu hates infosec, AI Trends, Kevin Mandia’s 7 tips for defense, & How much time should we spend automating tasks?

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw316 

Apr 27, 2023

Quantum computing is a rapidly emerging technology that harnesses the laws of quantum mechanics to solve problems that today’s most powerful supercomputers cannot practically solve. IBM's Dr. Kayla Lee will explain how close we are to a computational quantum advantage: the point where a computational task of business or scientific relevance can be performed more efficiently, cost-effectively, or accurately using a quantum computer than with classical computations alone.

 Segment Resources:

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw315 

Apr 21, 2023

We're talking with Matt Johansen about his new newsletter, Vulnerable U. We'll discuss his journey from vendors to massive enterprises to less massive enterprises and what he's learned about InfoSec along the way. Like us, Matt has some strong takes on many InfoSec topics, so this conversation could go down many paths. Regardless, we're excited about the journey and the destination with this interview.

 

Subscribe to [Vulnerable U]: https://link.mail.beehiiv.com/ss/c/CygrK4bVgDWxdDLo_7X0UUe8u_TcBPAeAQlRvYdH5hN2mTxFi32BUXbh9K9a2mS8ILJXWKo4rmayv53niV3c6NrsGo7UAp6yFd9EScNQoNwURBhep7S6sIyNBsEMNJ7Z/3v8/6L9W-AB2Sx6Ts9cCBWFiYw/h9/mYsvCYdHno82QRYGHJuyaUZtu8PbgH5PWFi3mLY1CNg

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw315 

Apr 21, 2023

In the Enterprise Security News, Lots of funding announcements and new companies, Private Equity acquires Maltego, Cinven acquires RSA Archer Comcast launches a security product, Zscaler has beef with Gartner, CISA releases updated Zero Trust Model, Amazon jumps into the AI LLM fray, AutoGPT stretches the imagination and potential use cases, The Ever Changing API security market, New security books just released, Zombie birds!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw314 

Apr 21, 2023

Quantum computers are scaling rapidly. Soon, they will be powerful enough to solve previously unsolvable problems. But they come with a global challenge: fully-realized quantum computers will be able to break some of the most widely-used security protocols in the world. Dr. Vadim Lyubashevsky will discuss how quantum-safe cryptography protects against this potential future.

Segment Resources:

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw315 

Apr 21, 2023

With over 1 billion records exposed in just the top 35 breaches, over $2.6 billion stolen in the top nine cryptocurrency breaches, and over $2.7 billion in fines levied to the top 35 violators, lessons abound for security teams. We will walk through some of the biggest trends in last year's data breaches and privacy violations, and we'll talk about what security leaders can learn from these events.

 

Segment Resources:

https://www.forrester.com/blogs/2022-breaches-and-fines-offer-lessons-to-security-leaders

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw314 

Apr 21, 2023

Discuss observations and trends across the venture capital ecosystem as it pertains to cybersecurity. This will include a re-cap in how 2022 ended, what we saw in Q12023, and what we expect from an investing standpoint.

Segment Resources:

https://forgepointcap.com/

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw314 

Apr 14, 2023

In this news segment, we discuss the art of branding/naming security companies, some new cars just out of stealth, 5 startups just out of Y Combinator, and Cybereason's $100M round from Softbank. We also talk new features (Semgrep's new GPT-4 use case), new newsletters, and new reports. We break down Nexx's broken vulnerability disclosure program and its broken products. We also discuss the FDA's new ability to block device certification for security reasons. Android announces rules to make it easier for consumers to delete accounts and remove data when they uninstall apps. IT and Security professionals everywhere are asked not to report breaches, but in some countries more than others. CISOs are more prone to drinking problems, and finally, for our squirrel stories, we discuss a crazy app called Newnew and new ideas in prosthetics.

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw313 

Apr 14, 2023

Fortra's Core Security has conducted it's fourth annual survey of cybersecurity professionals on the usage and perception of pen testing. The data collected provides visibility into the full spectrum of pen testing’s role, helping to determine how these services, tools, and skills must evolve.

 

Segment Resources: https://www.fortra.com/resources/guides/2023-pen-testing-report

 

This segment is sponsored by Fortra's Core Security. Visit https://securityweekly.com/fortracoresecurity to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw313 

Apr 14, 2023

Compliance with cyber security frameworks such as NIST, PCI, HIPAA, etc. have largely been driven by paper-based processes in Word and Excel. With the rise of cloud computing, containers, and ephemeral systems, paper-based processes can no longer keep up with the speed of business and compliance has become the new bottleneck to progress for highly regulated industries such as government, finance, and energy sector. This session will cover how RegScale is leading a RegOps movement to bring the principles of DevOps to compliance with the world’s first real-time GRC system that enables compliance as code via NIST OSCAL. RegOps seeks to shift compliance left to make it real-time, continuous, and complete so that paperwork is always up to date, self-updating, and takes less manual resources to manage.

Segment Resources:

Website – https://www.regscale.com

Documentation/Learn More – https://regscale.readme.io

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw313 

Apr 7, 2023

In this week's enterprise security news, we talk about new companies and funding, trends in the deception and SaaS Security/SSPM space. We discuss Andy Ellis's "10 plagues of cloud security" and Kelly Shortridge's 69 ways to F*&$ up your deploy. We discuss rolling out Yubikeys and the pros/cons of using biometrics instead of security keys. There have been some bad takes in the media on how OpenAI uses your ChatGPT prompts, so we set the record straight there. Cybersecurity is a new requirement for K-12 students in North Dakota, and you've got to see this week's security story - a rogue tire sends a Kia Soul FLYING.* * - but no one was hurt!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw312

Apr 7, 2023

Overall increase in government regulations. EU as well. Shift in liability from consumers to organizations.How to take advantage of safe harbor protections and reduce organizational risk and liability. NIST SSD Framework - how do you understand the security practices of the open source packages you use in your applications and ensure they are following the NIST practices (so you can take full advantage of safe harbor protections and reduce potential liability). Creating a network of open source maintainers, documenting and attesting to their security practices, is a solution. Work with the maintainers to be able to provide documentation. How to get more involved with development in open source security. What is the mechanism?

 

Segment Resources:

https://tidelift.com/government-open-source-cybersecurity-resources

https://blog.tidelift.com/webinar-how-the-nist-secure-software-development-framework-impacts-open-source-software

https://blog.tidelift.com/webinar-recap-what-the-new-u.s.-national-cybersecurity-strategy-means-for-open-source-software

https://blog.tidelift.com/tidelift-advisory-impact-of-new-u.s.-national-cybersecurity-strategy-on-organizations-building-apps-with-open-source-software

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw312

Apr 6, 2023

Kellermann will discuss the recently published report “Cyber Bank Heist” that exposes the cybersecurity threats facing the financial sector. Security must be a top-of-mind issue amid rising geopolitical tensions, increased destructive attacks utilizing wipers and a record-breaking year of zero-day exploits. Podcast listeners will learn what financial sector security leaders from around the world revealed in a series of interviews about specific trends when it comes to notable cyberattacks, e-fraud and cyber defense.

 

Segment Resources:

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw312

Mar 31, 2023

In the enterprise security news, early stage startup funding stays constant, but late stage is nowhere to be found. Cisco, XM Cyber, and Mastercard make acquisitions. YouTube channels keep getting hacked. Microsoft fails to use Azure securely. Organizations are making progress on zero trust, but slowly. Finally, more discussion on AI threats, concerns, and predictions.

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw311

Mar 31, 2023

The White House recently revealed their National Cybersecurity Strategy and its 5 pillars. Some is straightforward - some is more controversial. Josh helped with it and wrote a blog about it. Adrian read that post and asked Josh to come discuss it. So here we are.

 

Segment Resources:

https://www.whitehouse.gov/wp-content/uploads/2023/03/National-Cybersecurity-Strategy-2023.pdf

https://claroty.com/blog/consequential-cybersecurity-brace-yourself-for-the-white-house-national-cybersecurity-strategy

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw311

Mar 30, 2023

So much of the tech world went remote at the start of the pandemic, and many of those jobs (and engineers) show no sign of ever going back into an office. Building successful teams in this environment takes a different approach, one defined by autonomy and trust. In this segment, Nickolas Means, VP of Engineering at Sym, will share insights from more than a decade of leading distributed teams to help us all thrive in a world where distributed is the new normal.

 

Segment Resources:
https://symops.com/?utm_campaign=eswp&utm_medium=social&utm_source=podcast

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw311

Mar 24, 2023

This week in the Enterprise News: Dope Security nabs $16M led by GV to build out secure web gateways designed to work on endpoints, not in the cloud. We take the mystery out of some recent funding. Microsoft 365's Copilot tries to do your job for you. Mapping failures with decision trees. An AI hires a human to solve a CAPCHA, because it needed help, and lies to the human about the reason why. You know what's different between AI and you? Those goosebumps on your arms right now and the ice water in your veins. AI can't do that. New drone designs that change everything & Cyber Startup Buzzword Bingo: 2023 Edition.

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw310

Mar 24, 2023

The ioXt Alliance is a group of manufacturers, industry alliances, labs, and government organizations, dedicated to harmonizing best security practices and establishing testable standards. Our goal is to bring security, upgradability and transparency to the market and directly into the hands of consumers. Come learn about Smart Product security and what consumers should be asking for.

 

Segment Resources:

https://www.ioxtalliance.org/

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw310

Mar 24, 2023

SafeLiShare delivers tamperproof security from inside out across clouds and eliminate algorithmic complexity attacks and reverse never-ending cycles of defense using policy controlled Confidential Computing with secure enclave technology.

 

Segment Resources:

Presentation - https://1drv.ms/p/s!AqqNWej5CK8uhEoIZW5MUxMTQLJU

Blog - https://safelishare.com/blog/defining-confidential-computing/

Video - https://safelishare.com/data-privacy-resources/

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw310

Mar 17, 2023

Finally, in the enterprise security news, We quickly explain the SVB collapse, A few interesting fundings, Rapid7 acquires Minerva who? We’ll explain. GPT-4 - what’s new? Detect text written by an AI! Then, produce text that can’t be detected as written by an AI! The K-Shaped recovery of the cybersecurity industry, Software Security is More than Vulnerabilities, Microsoft Outlook hacks itself, Robert Downey Jr. gets into teh cyberz, & Reversing intoxication!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw309

Mar 17, 2023

Tap, tap - is this thing on? Why do defenders still struggle to detect attacks and attacker activities? Why do so many tools struggle to detect attacks? Today, we've got an expert on detection engineering to help us answer these questions. Thinkst's Canary and Canarytokens make in catching penetration testers and attackers stupidly simple. Thinkst Labs aims to push these tools even further. Casey will share some of the latest research coming out of labs, and we'll ponder why using deception for detection isn't yet a de facto best practice.

Segment Resources:

 https://canary.tools

https://canarytokens.org

 https://blog.thinkst.com

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw309

Mar 16, 2023

The CI/CD pipeline is the backbone of the software development process, so it's critical to ensure you are meeting and exceeding the most critical security measures. Throughout this podcast, Tal Morgenstern, Co-founder and CSO of Vulcan Cyber, will break down the process of how organizations can properly secure a CI/CD pipeline into a checklist of four key steps, as well as offer a handful of tools and tactics security leadership can use to bake risk-based vulnerability management into their CI/CD pipelines. He will explain how securing your CI/CD pipelines alone is not enough to reduce the chances of cyber attacks and the importance for organizations to not only maintain security at speed and scale, but quality at speed and scale. Finally, Tal will dive into how Vulcan Cyber helps organizations to streamline security tasks in every stage of the cyber-risk management process, integrating with their existing tools for true end-to-end risk management.

 

Segment Resources:

https://vulcan.io/

https://vulcan.io/platform/

https://vulcan.io/blog/ci-cd-security-5-best-practices/

 https://www.youtube.com/watch?v=nosAxWc-4dc

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw309

1 « Previous 4 5 6 7 8 9 10 Next » 39