bsw267

Business Security Weekly Episode #267 – June 27, 2022

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. The VC Perspective: Embracing Uncertainty & Staying the Course – 03:00 PM-03:30 PM

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • Don’t forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Description

Forgepoint Capital’s Co-Founder and Managing Director, Alberto Yépez, explains what the current economic challenges mean for innovation and the future of the cybersecurity market. Hear his perspective on what security investments, as well as mergers and acquisitions, will look like throughout the next 12-18 months, and how responsible companies are staying the course amidst layoffs and budget cuts in order to turn uncertainty into a strategic path forward.

Segment Resources:
– Forgepoint’s new CISO security priorities model: https://forgepointcap.com/news/forgepoint-capital-builds-first-ever-ciso-security-priorities-model/

Recent exits that Forgepoint supported:
– Forescout acquires Cysiv on June 6, 2022(release: https://www.cysiv.com/news/forescout-announces-intent-to-acquire-cysiv and Forgepoint’s blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-partha-panda-ceo-of-cysiv/)
– SentinelOne acquires Attivo Networks on May 4, 2022 (release: https://www.sentinelone.com/press/sentinelone-completes-acquisition-of-attivo-networks/ and Forgepoint’s “why we invested” blog: https://forgepointcap.com/news/attivo-networks-why-we-invested/)
– LexisNexis Risk Solutions Acquires BehavioSec on May 3, 2022 (release:https://risk.lexisnexis.com/about-us/press-room/press-release/20220503-behaviosec and Forgepoint’s blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-neil-costigan-of-behaviosec/)
– Cloudflare acquires Area 1 Security on April 1, 2022 (release: https://www.cloudflare.com/press-releases/2022/cloudflare-completes-acquisition-of-area-1-security/ and Forgepoint’s “why we invested” blog: https://forgepointcap.com/news/area-1-security-why-we-invested/)

Guest(s)

Alberto Yépez

Alberto Yépez – Co-Founder and Managing Director at Forgepoint Capital

@alyepez

Alberto Yépez is a Co-Founder and Managing Director at Forgepoint Capital, a venture capital firm that invests in transformative companies protecting the digital future. He is a seasoned investor and serial entrepreneur with a proven track record of building global businesses and leading them to successful exits. Under his leadership, Forgepoint now has the largest portfolio of cybersecurity companies (37 active), one of the most experienced and diverse teams in the industry, and a 75-member Advisory Council of industry experts, customers, and partners who support portfolio growth with guidance and connections.

Alberto serves as Chairman Emeritus of the Hispanic IT Executive Council (HITEC). He was previously on the Board of the National Venture Capital Association (NVCA) and the Board of Trustees of the University of San Francisco. Alberto holds a BS from the University of San Francisco. He also attended the Kellogg School of Management at Northwestern University and the Universidad Nacional de Ingenieria in Lima, Perú.

Hosts

BenCarr

Ben Carr

CISO at Cradlepoint

JasonAlbuquerque

Jason Albuquerque

@Jay_Albuquerque

Chief Operating Officer at Envision Technologies

MattAlderman

Matt Alderman

@maldermania

Executive Director at CyberRisk Alliance

2. Security Consolidation & Beyond the CyberSec Motions – 03:30 PM-04:00 PM

Description

There was a time when the perceived wisdom was to buy best of breed security technologies and that would do for your security program. Trouble of is, none of it integrates with each other or your wider IT. With budgets getting tighter, security pros are being asked to look again at big portfolio security providers and work out whether they can use their offerings to slim down. In this session I’ll discuss what I’m hearing from our customers, and some of the things we are starting to see people do to balance the need to optimize cost and efficiency without compromising security protection.

Speed, Velocity, and Acceleration. The physics of motion are well documented, and we understand how these scalar and vector quantities differ. In information security and cyber risk management the dynamics are not as well understood which has confused our ability to distinguish between motion and progress. This confusion intensifies our escalating risk cycle by causing a mirage of control that continues to lead us to down a path of compromise and catastrophe, adding to our growing labor and skill deficit. This segment is meant to explore the existing physics and gravitational forces of how we have approached cyber risk management to date, discuss where we are stuck today as well as ideas for a path forward – a reorientation of security operations function so that it is optimized to handle the volume as well as reposition it from an anchor point of continual reaction to one where it can take proactive action in front of the cycle of risk. The heart of these changes is a redefinition of the risk equation we have been using for decades Risk = F (Threat, Vulnerability, Consequence) which while useful initially has created a spray and pray model across most of our organizations. I will explain how to redefine the equation to be Risk = F (Threat, Exploitability, Consequence).

Segment Resources:
https://www.uscybersecurity.net/csmag/going-beyond-the-motions-of-cybersecurity/

Guest(s)

Malcolm Harkins

Malcolm Harkins – Chief Security & Trust Officer at Epiphany Systems

@protecttoenable

Malcolm is Chief Security & Trust Officer with Epiphany Systems. He is responsible for enabling client growth with optimal information security infrastructure, systems, policies, and processes. He is featured industry speaker, author, and has testified on cybersecurity before the US Senate. Malcolm was previously the Chief Security and Trust Officer at Cylance as well as Chief Security and Privacy Officer at Intel Corporation. He is a board member and advisor to other growth-stage cybersecurity companies. Malcolm received a BS in Economics from UC Irvine, and an MBA from UC Davis.

Paul McKay

Paul McKay – Principal Analyst at Forrester Research

@PMcKayAnalyst

Paul is a principal analyst on the Security and Risk team. Paul’s research coverage includes cybersecurity risk ratings solutions and cyber risk quantification; CISO and security leadership research in the European market; and European security service providers, focusing on managed security service providers and security consultancies.

Paul is frequently asked to comment on areas relevant to his research coverage and has been quoted in publications such as the Financial Times, Wall Street Journal, Fortune, ZDNet, SC Magazine, Handelsblatt, City A.M., and Infosecurity Magazine.

Hosts

MattAlderman

Matt Alderman

@maldermania

Executive Director at CyberRisk Alliance