esw245

Enterprise Security Weekly Episode #245 – October 06, 2021

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Better Sales, Worse Relationships? – 01:00 PM-01:30 PM

Announcements

  • InfoSec World 2021 is proud to announce its keynote lineup for this year’s event! Hear from Robert Herjavec plus heads of security at the NFL, TikTok, U.S. Department of Homeland Security, Stanford University, and more… Plus, Security Weekly listeners save 20% on Digital Pass registration! Visit https://securityweekly.com/isw2021 to register now!

Description

Sales teams are under more pressure than ever to locate and bring in new customers. The methods they use can range from clever to questionable. While some of the more ethically questionable methods can produce results, we wonder: do vendors realize what these methods could be potentially costing them?

Richard Reinders joins us today to discuss how he handles one of the toughest challenges any security leader will have to face: interacting with vendors.

Guest(s)

Richard Reinders

Richard Reinders – Head of Security at Gravity Payments

Richard Reinders is head of security at Gravity Payments, a credit card processing company known for its commitment to merchants and paying each employee at least 70k. Previous to Gravity Richard worked at data analytics company Looker, performed incident response at Yahoo and security work at financial institutions as well as Sheridan College.

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

TylerRobinson

Tyler Robinson

@tyler_robinson

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

TylerShields

Tyler Shields

@txs

CMO at JupiterOne

2. Shifty Adversaries, Shifting Tactics – 01:30 PM-02:00 PM

Sponsored By

sponsor
Visit https://securityweekly.com/proofpoint for more information!

Announcements

  • Don’t miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Description

Once again, it is Cybersecurity awareness month and we’ll be talking with Ryan Kalember about the latest threats and other activities he and Proofpoint have going on this month.

When it comes to threats, some tactics aren’t changing, though they’re still effective. There are some notable shifts though:
– Crews using Office 365 for lateral movement
– FIN7 reborn
– A sudden interest in exploits
– Increased patience and increased focus on the individual as the key to an attack
SMB attacks look very different from large enterprise campaigns

This segment is sponsored by Proofpoint.

Visit https://securityweekly.com/proofpoint to learn more about them!

Guest(s)

Ryan Kalember

Ryan Kalember – Executive Vice President, Cybersecurity Strategy at Proofpoint

With 20 years of experience in the information security industry, Mr. Kalember currently leads cybersecurity strategy for Proofpoint and is a sought-out expert for leadership and commentary on breaches and best practices. His global team of security experts ensures that Proofpoint’s customers have consistent insight into the attacks that target their people and the best defenses they can implement to mitigate them.

Mr. Kalember joined Proofpoint from WatchDox where he served as chief product officer, leading the development of pioneering data-centric security solutions through to the company’s acquisition. Previously, Ryan ran solutions across HP’s portfolio of security products, was director of product strategy at ArcSight, and held a variety of positions at VeriSign, including EMEA regional manager and senior product manager. Early in his career, Ryan was a security practitioner, helping build many leading security organizations and security operations centers (SOCs) around the world. He received his bachelor’s degree from Stanford University.

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

TylerRobinson

Tyler Robinson

@tyler_robinson

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

TylerShields

Tyler Shields

@txs

CMO at JupiterOne

3. Privacy Engineering Firms, Facebook Outages, Orca Series C, & Gravwell – 02:00 PM-02:30 PM

Announcements

  • Security Weekly Unlocked will be held IN PERSON this December 5-7 at the Hilton Lake Buena Vista!

    Keynotes from Alyssa Miller, John Strand, Lesley Carhart, & Dave Kennedy!

    Visit https://securityweekly.com/unlocked to register and check out our rockstar lineup!

  • Join us October 21 to learn why zero-knowledge encryption matters. If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at https://securityweekly.com/ondemand

Description

In the Enterprise Security News for this week:
Orca Security raises all the money, Privacy engineering firms hit their funding stride, McAfee and FireEye merge, but where’s RSA’s dance partner? Akamai acquires Guardicore, NetApp picks up CloudCheckr, SPDX becomes the ISO standard for SBOMs, & Facebook shares details on how they accidentally Thanos snapped themselves! All that, our weekly Squirrel, and more, on this episode of the Enterprise Security Weekly News!

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

  1. FUNDING: Temasek leads $550M Series C extension into Orca Security, which aims for further international foothold – TechCrunch – Absolutely incredible momentum. There’s a lot to talk about here, we’re likely to spend a good chunk of the news segment just on this huge Series C extension, discussing what it means for Orca and the market as a whole.

    $20.5m Series A in May 2020
    $55m Series B in December 2020 (7 months later)
    $210m Series C in March 2021 (4 months later, $1.2bn valuation)
    $550m Series C extension in October 2021 (7 months later, $1.8bn valuation)

  2. FUNDING: Salesforce and Atlassian double down on developer security with $75M Snyk investment
  3. FUNDING: We (Tonic.ai) raised a $35M Series B. Here’s what’s next for fake data. – Privacy engineering is hot right now!
  4. FUNDING: Duality Technologies Raises $30M Led by LG Technology Ventures to Accelerate Market Adoption of Privacy-Enhanced Data Collaboration – Privacy Engineering is hot right now!
  5. FUNDING: Adaptive Shield lands $30M Series A to build out its SaaS security platform – TechCrunch
  6. FUNDING: Gravwell Emerges From Stealth With Data Fusion Platform and $3m in seed funding
  7. MERGER: McAfee Enterprise-FireEye Products To Merge Into $2B Titan – We pondered this merger months ago after the FireEye/Mandiant breakup was announced and STG acquired the FireEye products business and portfolio. We envisioned this merger as a threesome that included RSA, but alas, it seems our rebranding brainstorming was all for naught: https://twitter.com/sawaba/status/1443968096356773889
  8. ACQUISITION: One Identity has acquired OneLogin, a rival to Okta and Ping in sign-on and identity access management – TechCrunch – Not surprising, as we’ve seen some heavy consolidation in the IAM space. What’s interesting is that this space doesn’t seem to be following the traditional expand/contract patterns we see in the market. There are IAM vendors at every stage in the startup cycle and there’s a lot of ground to cover. Worth a reminder that, while One Identity is operating under its own name, it’s still part of the larger Quest Software group, which spun out of Dell a few years back.
  9. ACQUISITION: Akamai to Acquire Guardicore To Extend Its Zero Trust Solutions To Help Stop Ransomware – Took me a minute to figure out the deal rationale on this one, but Akamai’s Soha acquisition 5 years ago is the key clue. What is now called ZTNA, leaves off where Guardicore picks up – it’s a natural extension. It’s also as full-footed into the internal enterprise network as Akamai has ever been.

    $600m on $106m raised isn’t great, but it’s not a trash fire either. I suspect microsegmentation/network isolation has joined app whitelisting and NAC on the pile of tools that are “useful in small doses”, but were priced and designed to rearchitect the whole enterprise.

    Begs the question – Illumio has raised 5x more and their latest round was a Series F at a $2.75bn valuation. Math works out, but where would they go? PE shop smooshes them together with a Firemon? If a Check Point or Palo Alto was interested, I feel like they would have pulled that trigger long ago.

  10. ACQUISITION: NetApp to Acquire CloudCheckr and Expand its Spot by NetApp CloudOps Platform to Enable Organizations to Better Optimize and Secure Their Multi-Cloud Infrastructure – A late acquisition, as most of CloudCheckr’s competition got picked up years ago.
  11. STANDARDS: SPDX Becomes Internationally Recognized Standard for Software Bill of Materials – Another ISO to purchase (ISO 5962:2021 – https://www.iso.org/standard/81870.html), though I’m sure folks will still use CycloneDX and SWID tags. However, many orgs are likely to follow the one that Intel, Microsoft, Siemens, Synopsys, and the Linux Foundation are endorsing.
  12. TOOLS: GitOops! Attacking and defending CI/CD pipelines.
  13. TRENDS: Principles – Trusted Cloud Principles
  14. DEVOOPS: Details on how Facebook Thanos snapped itself – TL;DR, fat-finger oopsie cascades into a full-blown kerfuffle that was challenging to recover from.
  15. SQUIRREL: Twitter says hello, digital marketing managers everywhere smell opportunity – A bit of welcome levity during the Facebook outage, Twitter nails the moment and sets up every digital marketing manager everywhere to have a good day. You could spend hours sifting through the replies of this one tweet, cataloging winners and losers. We’ll share a few of our favorites.
TylerRobinson

Tyler Robinson

@tyler_robinson

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

TylerShields

Tyler Shields

@txs

CMO at JupiterOne