Enterprise Security Weekly Episode #250 – November 11, 2021

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. MegatronAL on Kicking in the Door to Cybersecurity – 03:00 PM-03:30 PM

Announcements

• Security Weekly Unlocked will be held IN PERSON this December 5-7 at the Hilton Lake Buena Vista! Keynotes from Alyssa Miller, John Strand, Lesley Carhart, Dave Kennedy, & Maril Vernon! Visit https://securityweekly.com/unlocked to register and check out our rockstar lineup!

Description

I once told my college advisor that I wanted to double major in computer science and jazz performance. She laughed at me. Instead, I jumped into a career in IT and played jazz – without a degree in either. Turns out, that was fine – the industry valued experience and results over academic achievement.

Today’s guest has two degrees, one in fine arts, one in pre-law, and that’s also fine. If there’s anything I’ve learned in InfoSec, it’s the mind that matters most, less so the degrees or certs on your wall. Angela Marafino gets cybersecurity and understands what makes it tick. Using this knowledge, she has built a personal brand, network, and career in an impressively short time. She is simultaneously mentor and mentee.

Today, we’ll explore Angela’s path into the industry as well as some of her views on challenges, like imposter syndrome.

https://hbr.org/2021/02/stop-telling-women-they-have-imposter-syndrome
https://www.itspmagazine.com/focal-point-podcast
https://twitter.com/hackerbookclub1

Guest(s)

Angela Marafino – PM at Microsoft Based out of Seattle, Washington, Angela Marafino is a Program Manager within the Security, Compliance, Identity, and Management organization of Experiences & Devices at Microsoft. Currently a co-host of the Focal Point podcast on the ITSP Magazine podcast channel, moderator of The Hacker Book Club, a proud mentor, a humble mentee, she stays quite busy while also balancing work with play as a dog & cat mom, world traveler, avid reader, and foodie!

Hosts

Adrian Sanabria @sawaba Senior Research Engineer at CyberRisk Alliance

Katie Teitler @Katherinert15 Sr. Product Marketing Manager at Axonius

Tyler Shields @txs CMO at JupiterOne

2. Building a Risk Based Security Program That Actually Works – 03:30 PM-04:00 PM

Announcements

• Join us for our next live webcast on December 2nd to see what’s under the XDR hood. Visit https://securityweekly.com/webcasts to save your seat! Don’t forget to check out our library of on-demand webcasts & technical trainings at https://securityweekly.com/ondemand

Description

Risk based security programs are all the rage, from managers looking to “trim” the security budget to regulatory bodies looking for excuses to fine your company. Nick is a security pro who has seen it all — programs done well, programs done poorly, and implemented one or two of them himself, and would love to share the lessons learned from those experiences.

Guest(s)

Nick Leghorn – Director of Application Security at The New York Times @NickLeghorn Nick Leghorn is the Director of Application Security at the New York Times. After graduating from Penn State University with a degree in Security and Risk Analysis, his first job was working for the U.S. Department of Homeland Security quantifying terrorism risks and identifying mitigations to provide the best risk reduction for each dollar spent. Nick has spent his career working for a number of large companies, including Rackspace Hosting, Shoretel, Mitel, and Indeed, improving the security of both the infrastructure itself as well as the processes within the company.

Hosts

Adrian Sanabria @sawaba Senior Research Engineer at CyberRisk Alliance

Katie Teitler @Katherinert15 Sr. Product Marketing Manager at Axonius

Tyler Shields @txs CMO at JupiterOne

3. Record Unicorns, SCYTHE Series A, SPAC Fails, McAfee Worth $14B, & Hashicorp IPO – 04:00 PM-04:30 PM

Announcements

• Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Description

In the Enterprise Security News for this week: Drata reaches unicorn status in record time with a $100m Series B, SCYTHE announces a $10m Series A, McAfee Consumer business acquired for $14b, WPScan acquired by Automattic (the company behind WordPress), QOMPLX SPAC is called off, HashiCorp IPO is not called off, open source CSPM and firmware emulation tools, Ghost kitchens and more.

Hosts

Adrian Sanabria @sawaba Senior Research Engineer at CyberRisk Alliance

FUNDING: Drata Reaches Unicorn Status with $100M in Series B Funding – FUNDING: SCYTHE Announces $10 Million Series A Investment to Support Expansion of Enterprise-Level Cybersecurity – ACQUISITIONS: McAfee to Be Acquired by an Investor Group for over $14 Billion – ACQUISITIONS: DomainTools and Farsight Security Join Forces to Deliver Best-in-class Threat In – ACQUISITIONS: WPScan Acquired by Automattic – WPScan WordPress Security – ACQUISITIONS: SPAC Tailwind Acquisition, QOMPLX call off $1.4 billion merger, citing ‘market conditions’ – IPO: HashiCorp Files for U.S. IPO, Said to Seek $10 Billion Valuation – TOOLS: Netflix’s ConsoleMe – soon to be a commercial product! – TOOLS: Firmadyne: run embedded linux firmware in a VM! – REGULATIONS: Despite Abuses of NSO Spyware, Israel Will Lobby U.S. to Defend It – SQUIRREL: The Mysterious Case of the F*cking Good Pizza –

Katie Teitler @Katherinert15 Sr. Product Marketing Manager at Axonius

Tyler Shields @txs CMO at JupiterOne