bsw258

Business Security Weekly Episode #258 – April 11, 2022

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Actionable High Resolution Threat Intelligence – 03:00 PM-03:30 PM

Sponsored By

sponsor
Visit https://securityweekly.com/fortinet for more information!

Announcements

  • Don’t miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

  • Join Alan Stacilauskas and hosts Tyler Robinson and Paul Asadoorian on April 21st to learn how to gain visibility into your enterprise with SYSMON. Also join Paul Asadoorian and Rich Mogull on May 4th to learn how to choose the right architecture for your application. Live attendees at both of these webcasts will have the chance to win a $100 Hacker Warehouse gift card! Register at securityweekly.com/webcasts. Don’t forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Description

By and large, individual malware strains come and go, but to stop attacks more quickly, organizations need to gain a deeper understanding of attack techniques. By analyzing the attack goals of attackers, organizations can better align their defenses to adapt to quickly changing attack techniques.

FortiGuard Labs analyzed the functionality of detected malware by detonating the malware samples collected throughout the year. The result was a list of the individual tactics, techniques, and procedures the malware would have accomplished had the attack payloads been executed. The intelligence we gathered indicates that stopping an adversary earlier is critical. Understanding adversaries’ goals is crucial to defending against the flood of changing techniques they may use. By focusing on a few identified techniques, an organization could shut down a malware’s methods for attack entirely in some situations.

This segment is sponsored by Fortinet.

Visit https://securityweekly.com/fortinet to learn more about them!

Guest(s)

Derek Manky

Derek Manky – Chief, Security Insights & Global Threat Alliances at Fortinet’s FortiGuard Labs

Derek Manky formulates security strategy with more than 20 years of cybersecurity experience behind him. His ultimate goal to make a positive impact in the global war on cybercrime. Manky provides thought leadership to industry, and has presented research and strategy worldwide at premier security conferences. As a cybersecurity expert, his work includes meetings with leading political figures and key policy stakeholders, including law enforcement. He is actively involved with several global threat intelligence initiatives all in effort to shape the future of actionable threat intelligence and proactive security strategy.

Hosts

BenCarr

Ben Carr

CISO at Cradlepoint

JasonAlbuquerque

Jason Albuquerque

@Jay_Albuquerque

Chief Operating Officer at Envision Technologies

MattAlderman

Matt Alderman

@maldermania

Executive Director at CyberRisk Alliance

2. Cybersecurity is IT’s Job, Why CISOs Fail, & Create a Culture of Security – 03:30 PM-04:00 PM

Announcements

  • Security Weekly listeners, save $100 on your RSA Conference 2022 Full Conference Pass! RSA Conference will be live in San Francisco June 6th-9th, 2022. Security Weekly will be there in full force, delivering real-time, live coverage and interviewing some of the event’s top speakers and sponsors. To register using our discount code, please visit https://securityweekly.com/rsac2022 and use the code 52UCYBER. We hope to see you there!

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Description

In the Leadership and Communications section: Cybersecurity is IT’s Job, not the Board’s, Right?, Why Some CISOs Fail, How JetBlue creates a culture of security, and more!

Hosts

BenCarr

Ben Carr

CISO at Cradlepoint

JasonAlbuquerque

Jason Albuquerque

@Jay_Albuquerque

Chief Operating Officer at Envision Technologies

MattAlderman

Matt Alderman

@maldermania

Executive Director at CyberRisk Alliance

  1. Successful CEOs Navigate These 3 Phases of Leadership – With any company, team, or project — leadership has three distinct phases. The trick is getting to the right one and staying there as long as you can. The good news is that once you come to terms with which leadership phase you’re in, it isn’t terribly difficult to right your own ship.

    Phase 1
    You’re new to this particular leadership role. You’ve been appointed the leader, by yourself or by someone else, but you haven’t established leadership credibility. Mistakes and bad decisions will stick to you like glue. How you deal with the fallout is what establishes that credibility that moves you to the next phase.

    Phase 2
    You’ve earned your stripes as a leader. Now you have the luxury to make a ton of bad decisions and mistakes in the name of progress. You’re pretty much Teflon. If you lead everyone off a cliff, they will blame the cliff.

    Phase 3
    You’ve been in the leadership role too long, and your credibility as a leader has started to wane. This phase usually arrives after major turnover in the ranks, big changes to the business, or the unchecked build-up of those troublesome mistakes and bad decisions.

  2. Keeping Sight of Your Company’s Long-Term Vision – Crafting a powerful vision is often considered the sine qua non of great leadership, but it’s only the first step. How can leaders translate that vision into reality — a process that can take years — while the rapidly changing context distracts with the need for daily adaptation? The authors, both advisors to large firms which have undergone significant transformations, suggest three approaches: 1) Structuring strategic planning processes around the vision, rather than letting it be an afterthought; 2) Focusing experimentation on questions relevant to the long-term vision; and 3) Investing in training programs to help staff embrace the skills and mindset needed to executive on the vision.
  3. Cybersecurity is IT’s Job, not the Board’s, Right? – Cybersecurity is a modern tech-savvy buzzword that often makes non-IT peoples’ eyes glaze over. This mindset is very risky, and cybersecurity should not be taken lightly. The truth is that cybersecurity, while highly technical at the developer level, uses the same principles and concepts as many other business-related legal risks. Directors for both public and private companies should be asking the right questions and taking steps to protect the business – and themselves – from cyberattacks.
  4. Why Some CISOs Fail – The role of Chief Information Security Officer (CISO) is new. It’s just 25 years since Steve Katz became the world’s first known CISO. There is no universally accepted definition of the role, its methods or its responsibilities; and CISOs are left to find or forge their own paths. Some fail to choose or find the right path.
  5. How JetBlue creates a culture of security – VP of Security Keith Slotter and his team have tapped 600 employees across the organization as part of a Security Champions program. The result is a strengthened security presence and an employee population engaged in security.
  6. How to Get Cybersecurity Insurance (and Keep Costs as Low as Possible) – Here are some ways to convince an insurer that you’re worth the risk — and keep costs as low as possible:

    – What you need to qualify: The first step is assessing your three estates: your company’s enterprise network, your public cloud assets, and your remote operations.
    – How to keep your insurance: In reality, you have to apply greater rigor to keeping your insurance than when you qualified for it. It’s imperative to establish a rhythm of communication and assessment with your carriers between renewals, for example, to determine the impact on indemnity as you invest in cybersecurity tools.
    – Lowering your premiums: Start with an all-hands-on-deck approach to mitigate higher cyber insurance premiums and keep your insurers happy. Show that your CEO is involved in tabletop exercises and that your board is engaged. Demonstrate that you have continuity in trained staff.