esw252

Enterprise Security Weekly Episode #252 – December 02, 2021

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Are We Ever Going to Get Information Sharing Right? – 03:00 PM-03:30 PM

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Description

In this interview, we discuss defenders sharing information, how Edna deals with Azure’s supply chain challenges, ransomware trends, and some future predictions. Edna has been in security as long as most other folks we interview, but was a lawyer for 20 years before that!

She’s smart, dangerous, and has some great takes we can’t wait to dive into.

Guest(s)

Edna Conway

Edna Conway – VP, Chief Security & Risk Officer, Azure at Microsoft

@edna_conway

Edna Conway currently serves as VP, Security & Risk Officer, Azure Hardware Systems & Infrastructure at Microsoft. She is responsible for the security, resiliency and governance of the cloud infrastructure upon which Microsoft’s Intelligent Cloud business operates. She has built new organizations delivering trust, transparency, cybersecurity, compliance, risk management, sustainability and supply chain transformation.

Conway is recognized domestically (U.S. Presidential Commissions) and globally (NATO) as the developer of architectures delivering value chain security, sustainability and resiliency. She was appointed to the Executive Committee of the U.S. Department of Homeland Security Task Force on ICT Supply Chain Risk Management. Her insight is featured in a range of publications, analyst reports, and case studies, including Forbes, Fortune, Bloomberg, CIO Magazine and the Wall Street Journal.

An influential speaker and author, Conway has contributed to a number of industry-related books and presented at events/forums spanning industry, government and academia.

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

KatieTeitler

Katie Teitler

@Katherinert15

Sr. Product Marketing Manager at Axonius

TylerRobinson

Tyler Robinson

@tyler_robinson

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

2. First Look: Is Passwordless Really Killing the Password? – 03:30 PM-04:00 PM

Announcements

  • In an overabundance of caution, we have decided to flip this year’s SW Unlocked to a virtual format. The safety of our listeners and hosts is our number one priority. We will miss seeing you all in person, but we hope you can still join us at Security Weekly Unlocked Virtual! The event will now take place on Thursday, Dec 16 from 9am-6pm ET. You can still register for free at https://securityweekly.com/unlocked.

Description

Passwordless is everywhere these days, but like most new security markets, it’s shrouded in confusion. There are already dozens of vendors promising to kill the password, but they don’t all seem to be coming at the challenge the same way.

In this “First Look” segment, our goal is to define Passwordless, discuss some of the companies doing it, and how they’re doing it. We’ll even go through a few live passwordless demos.

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

KatieTeitler

Katie Teitler

@Katherinert15

Sr. Product Marketing Manager at Axonius

TylerRobinson

Tyler Robinson

@tyler_robinson

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

3. Killing the SOC, Burger King Runes, ReliaQuest Valuation, & StrongDM – 04:00 PM-04:30 PM

Announcements

  • Throughout 2022, CRA’s Business Intelligence Unit will be releasing research reports on the top topics across the security industry. Our first report will be on Third-Party Risk and the Supply Chain. To participate in the survey, please visit https://securityweekly.com/thirdpartyrisk. The results will be shared at our Third-Party Risk eSummit in January.

  • Don’t forget to check out our library of on-demand webcasts & technical trainings at https://securityweekly.com/ondemand

Description

This week in the enterprise security news: ReliaQuest crests a $1bn valuation, CyCognito raises a $100m Series C, AWS enhances cloud vulnerability management, StrongDM automates access to infrastructure, Can we trust AI written code?, Killing the SOC – is the SOC dead?, Comparing secure messaging apps, The best cities for cybersecurity professionals, and Don’t miss today’s Squirrel Story – it’s a personal anecdote!

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

  1. FUNDING: ReliaQuest Valued At More Than One Billion Dollars Following Growth Round Led by KKR – ReliaQuest
  2. FUNDING: Attack surface management startup CyCognito raises $100M Series C on $800M valuation – TechCrunch
  3. FUNDING: Cycode raises $56M Series B to help secure software supply chains – TechCrunch
  4. ACQUISITION: Coinbase to acquire leading cryptographic security company, Unbound Security
  5. ACQUISITION: Aqua acquiring Israeli software supply chain startup Argon
  6. PRODUCT: Amazon Web Services unveils enhanced cloud vulnerability management
  7. PRODUCT: strongDM is a proxy that manages and audits access to databases, servers, clusters, and web apps
  8. TRENDS: AI Code Generation and Cybersecurity
  9. TRENDS: OpenAI Codex – Wikipedia
  10. TRENDS: Kill your SOC with a D-IR model
  11. TRENDS: Lloyd’s Carves Out Cyber-Insurance Exclusions for State-Sponsored Attacks
  12. TOOLS: Secure Messaging Apps Comparison
  13. TOOLS: CVE Trends – crowdsourced CVE intel
  14. CAREERS: Best cities for cybersecurity professionals – Help Net Security
  15. SQUIRREL: TIL my local Burger King is using Nordic runes to protect itself
KatieTeitler

Katie Teitler

@Katherinert15

Sr. Product Marketing Manager at Axonius

TylerRobinson

Tyler Robinson

@tyler_robinson

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element