esw262

Enterprise Security Weekly Episode #262 – February 24, 2022

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Detection Engineering in the Age of Cloud – 03:00 PM-03:30 PM

Announcements

  • We have a couple webcasts coming up soon. First, join us March 2nd to learn five things you can do to catch more bad guys! Live attendees will have the chance to win a $100 gift card to Hacker Warehouse. Then join us March 10th for an intro to KQL queries! To register for these webcasts visit https://securityweekly.com/webcasts. Don’t forget to check out our library of on-demand webcasts & technical trainings at https://securityweekly.com/ondemand.

Description

Cloud, DevOps, Kubernetes – the world has gone crazy. We don’t have servers anymore – we have workloads, instances, and serverless. We have CI/CD pipelines. These workloads are distributed, immutable, and ephemeral (aka ‘DIE’ – hi Sounil!) in many cases.

Today, we chat with Jimmy Vo about what it was like, as a detection engineer, to come from a traditional banking environment and suddenly get thrown into a world full of ‘cloud-first’ startups.

“DevOps folks are nuts.“
—Jimmy Vo

Guest(s)

Jimmy Vo

Jimmy Vo – Detection Engineer at Datadog

@jimmyvo

Jimmy Vo is a Detection Engineer at Datadog, where he focuses writing out of the box security content for Datadog’s Cloud Security Platform product. He has a background in, threat detection and response, SIEM engineering, threat hunting, threat intelligence, and threatening people on the Jiu Jitsu mats.

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

KatieTeitler

Katie Teitler

@Katherinert15

Sr. Product Marketing Manager at Axonius

TylerShields

Tyler Shields

@txs

CMO at JupiterOne

2. Incident Command System for ICS Improves Response to CyberSec Incidents – 03:30 PM-04:00 PM

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Description

This discussion will provide a brief overview of the Incident Command System for Industrial Control Systems processes and describe how ICS4ICS will help companies better manage industrial cyber incidents. We will discuss how ICS4ICS will enable companies to work with government agencies and mutual aid partners when a cyber incident impacts an entire industrial sector or multiple sectors.

Segment Resources:

General info and to sign up for more information in our newsletter: https://gca.isa.org/ics4ics
Learn more about our call to volunteers: https://gca.isa.org/blog/ics4ics-will-improve-management-of-ics-cybersecurity-incidents

Guest(s)

Brian Peterson

Brian Peterson – ICS4ICS Program Manager, ISAGCA Advocacy Program Manager, and LOGIIC Program Manager at International Society of Automation

@ISA_Interchange

Brian Peterson is an Information Risk Consultant who works for ISAGCA, LOGIIC, and other companies as a program and project manager. Mr. Peterson has been the project manager for over 15 years. Mr. Peterson has 30 years of cybersecurity experience of IT systems, applications, and SCADA/DCS systems, such as those used in the oil and gas, and manufacturing sectors. In the last 20 years, he has concentrated on establishing cybersecurity programs, incident management capabilities, and other processes related to Information Security, ICS Security, and other risk programs.

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

KatieTeitler

Katie Teitler

@Katherinert15

Sr. Product Marketing Manager at Axonius

TylerShields

Tyler Shields

@txs

CMO at JupiterOne

3. SBOM Opinions, Phosphorus, CISA Tools, Beyond Identity, & CyberSec Word Games – 04:00 PM-04:30 PM

Announcements

  • Don’t miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Description

This week in the Enterprise News: eSentire raises $325M as it expands into services
Beyond Identity raises $100M to build out MFA, Secureframe raises $56M to help folks with SOC 2 and HIPAA compliance, Nashville-based Phosphorus Cybersecurity raises $38M to secure IoT devices (curious about the name – what kind of Phosphorus? Could be dangerous!), anecdotes raises a $25M Series A to compete in the same space as Secureframe (lots of money for folks that ease compliance pains!), Cloudflare acquires, Area 1 Security for $162M, Darktrace acquires ASM vendor Cybersprint, Snyk acquires Fugue, Andy Ellis drops an SBOM in his latest opinion piece, the latest of several thought-provoking hot takes from him, CISA publishes a list of free tools and services, & more!

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

  1. FUNDING: eSentire Raises $325M; Security Unicorn Preps MDR, XDR as a Service Expansion – MSSP Alert
  2. FUNDING: CHEQ enters Unicorn club with $150 million Series C at $1 billion valuation
  3. FUNDING: Beyond Identity Becomes Unicorn With $100 Million Series C Funding Round
  4. FUNDING: Secureframe secures $56M for a platform that automates an enterprise’s compliance with standards like HIPAA and SOC 2 – TechCrunch
  5. FUNDING: Phosphorus Cybersecurity raises $38 million to secure IoT devices
  6. FUNDING: anecdotes, a compliance operating system platform, secures $25M Series A – TechCrunch
  7. FUNDING: Zero Networks Raises $20M Led by Venrock to Expand Pioneering, Effortless Segmentation to Stop the Spread of Ransomware
  8. FUNDING: Astrix Security Emerges from Stealth with $15M Seed Round to Secure Enterprises’ Expanding Web of Third-Party Applications
  9. ACQUISITIONS: Cloudflare acquires Area 1 Security for $162 million
  10. ACQUISITIONS: Darktrace Acquires Attack Surface Management Company Cybersprint
  11. ACQUISITIONS: Snyk expands into cloud security with acquisition of Fugue
  12. NEW PRODUCTS: Enable True Zero Trust Security for Device Access
  13. HOT TAKES: Drop the SBOM
  14. FREE TOOLS: U.S. Cybersecurity Agency Publishes List of Free Security Tools and Services
  15. SQUIRREL: Cybersecurity Daily Word Game
KatieTeitler

Katie Teitler

@Katherinert15

Sr. Product Marketing Manager at Axonius

TylerShields

Tyler Shields

@txs

CMO at JupiterOne