Enterprise Security Weekly Episode #244 – September 29, 2021
Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe
1. How Good CISOs Build Bad Security Programs – 01:00 PM-01:30 PM
Announcements
-
Don’t miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Description
No Man is an Island. Neither can a security program exist without interconnections and strong relationships to the rest of the business. Yet, over and over again I meet Security Leaders that thrive on designing security fiefdoms with large moats, and one bridge that they roll down only when they intend to roll out a new technology, initiative or need budget authority. There is no amount of authority or power that can provided to a CISO that makes he or she immunized against the need for communication, collaboration and diplomacy with peers, users and Senior Executives.
Segment Resources:
RevolutionCyber – www.revolutioncyber.com, Forbes Business Council Member
Juliet is speaking at InfoSec World 2021, register now and save 20%: https://securityweekly.com/isw2021
Guest(s)
|
Juliet Okafor – CEO & Founder at RevolutionCyber @julesmgmt Juliet Okafor, J.D., is a cybersecurity professional who has combined her knowledge of the legal system She is a passionate security solutions visionary and strategist who builds the Fortune 500 enterprise’s |
Hosts
Adrian Sanabria @sawaba Senior Research Engineer at CyberRisk Alliance |
Lee Neely @lelandneely Senior Cyber Analyst at Lawrence Livermore National Laboratory |
Tyler Shields @txs CMO at JupiterOne |
2. The Importance of Identity Detection and Response (IDR) – 01:30 PM-02:00 PM
Sponsored By

Visit https://securityweekly.com/attivonetworks for more information!
Announcements
-
InfoSec World 2021 is proud to announce its keynote lineup for this year’s event! Hear from Robert Herjavec plus heads of security at the NFL, TikTok, U.S. Department of Homeland Security, Stanford University, and more… Plus, Security Weekly listeners save 20% on Digital Pass registration! Visit https://securityweekly.com/isw2021 to register now!
Description
Visit https://securityweekly.com/attivonetworks for more information!
Announcements
-
InfoSec World 2021 is proud to announce its keynote lineup for this year’s event! Hear from Robert Herjavec plus heads of security at the NFL, TikTok, U.S. Department of Homeland Security, Stanford University, and more… Plus, Security Weekly listeners save 20% on Digital Pass registration! Visit https://securityweekly.com/isw2021 to register now!
Description
Identity Detection and Response (IDR) is a new security category that focuses on protecting credentials, privileges, cloud entitlements, and the systems that manage them across endpoints, Active Directory, and the Cloud through visibility and early detection of attacks targeting identities.
Attackers consider enterprise identities as high-value targets and attempt to compromise them early in the attack to access the network and gain privileges to essential production assets. Current identity security focuses on safeguarding privileged credentials in PAM solutions or securing the authentication process with MFA and IAM solutions, but these measures leave gaps that attackers can exploit.
While current security solutions like Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), Network Detection and Response (NDR), and others provide specific functions for defending the network, they do not focus on identities. EDR focuses on preventing the initial compromise, while XDR and NDR try to detect attacks as they expand from the beachhead. Attacks targeting enterprise identities can evade detection from these security controls, but IDR solutions can bridge these detection gaps to identify such attacks.
Join Joseph Salazar from Attivo Networks as he discusses the importance of IDR to modern enterprise security.
Segment Resources:
https://attivonetworks.com/documentation/Attivo_Networks-Identity_Detection_Response.pdf https://attivonetworks.com/what-is-identity-detection-and-response-idr/ https://attivonetworks.com/solutions/identity-security/
This segment is sponsored by Attivo Networks.
Visit https://securityweekly.com/attivonetworks to learn more about them!
Guest(s)
|
Joseph Salazar – Technical Deception Engineer at Attivo Networks Joseph Salazar is a veteran Information Security professional with over 20 years of both military and civilian experience. He is a retired Major from the US Army Reserves, having served 22 years as a Counterintelligence Agent, Military Intelligence Officer, and Cyber-Security Officer. He’s been a Systems and Security Administrator, a CSIRT Analyst, a Security Operations Manager, and a Computer Forensic Investigator in his civilian career. He maintains the CISSP, CEH, and EnCE certifications, holds a BA in Legal Studies from UC Berkeley, and currently works for Attivo Networks as a Technical Marketing Engineer. |
Hosts
Adrian Sanabria @sawaba Senior Research Engineer at CyberRisk Alliance |
Lee Neely @lelandneely Senior Cyber Analyst at Lawrence Livermore National Laboratory |
Tyler Shields @txs CMO at JupiterOne |
3. Startup Post Mortems, Live Security Statuses, LG Acquires Cybellum, & Coalition – 02:00 PM-02:30 PM
Announcements
-
Security Weekly Unlocked will be held IN PERSON this December 5-7 at the Hilton Lake Buena Vista!
Keynotes from Alyssa Miller, John Strand, Lesley Carhart, & Dave Kennedy!
Visit https://securityweekly.com/unlocked to register and check out our rockstar lineup!
-
Join us October 21 to learn why zero-knowledge encryption matters. If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at https://securityweekly.com/ondemand
Description
In the Enterprise Security News: Cyber insurance firm Coalition lands a $205m Series E with a $3.5bn valuation, Risk management platform Panorays nabs $42m, Jscrambler raises a $15m Series A to rewrite the rules of website security (rewrite, get it? huh?), SenseOn nabs $20m for faster, more accurate cybersecurity detection and response, LG (yes, that LG) is acquiring automotive cybersecurity startup Cybellum, We talk about the emergence of the vendor “live security status page”, 386 startup post mortems,
and don’t forget to stick around for Adrian’s curveball “Squirrel of the Week” story at the end!
Hosts
Adrian Sanabria @sawaba
Senior Research Engineer at CyberRisk Alliance |
|
Lee Neely @lelandneely
Senior Cyber Analyst at Lawrence Livermore National Laboratory |
Tyler Shields @txs
CMO at JupiterOne |