エピソード

  • Airgaps over AI? Cyberdefense pro's tips and predictions
    2024/11/07

    Robert Slaughter is CEO of Defense Unicorns, a defense tech startup specializing in Airgap software delivery in highly secure and sensitive environments in the military and federal government. Previously, he was director of the U.S. Department of Defense's Platform One DevSecOps project and co-founder at Space CAMP, a predecessor of Platform One for the US Space Force. Prior to starting Defense Unicorns, he served 12 years in the US Air Force.

    If companies think threats to the security of critical national infrastructure don't involve them, Slaughter says, they should think again. And he suggests they might adopt some of the techniques familiar to military and government cyberdefense pros, from proactive threat hunting to air gaps.

    続きを読む 一部表示
    23 分
  • SecOps "where bits and bytes meet flesh and blood"
    2024/10/31

    Joshua Corman is executive in residence for public safety & resilience at The Institute for Security and Technology (IST), a non-profit think tank based in the San Francisco Bay Area. He is also co-leader of a Cybersecurity and Infrastructure Security Agency (CISA) community working group for SBOM on-ramps & adoption. Previously, he was vice president of cybersecurity strategy for Claroty, an IoT security company; chief strategist on the CISA COVID task force; director of the Atlantic Council's Cyber Statecraft Initiative; and CTO at security software vendor Sonatype.

    In August, Corman delivered a presentation at CISA's SBOM-a-Rama event warning that time is running out to more effectively protect critical infrastructure systems such as the water and power supply that rely on potentially vulnerable software to operate. Corman emphasized the urgent need to more effectively identify vulnerabilities and defend against attacks such as China's Volt Typhoon nation-state threat group. An initiative Corman is leading at IST under the working title UnDisruptable27 now looks to address these threats.

    "We live in glass houses," he said in this episode's interview. "And people are about to start throwing rocks."

    続きを読む 一部表示
    25 分
  • Lessons from a "graybeard" in assessing cloud risk
    2024/10/24

    Chris Steffen is vice president of research for information security at analyst firm Enterprise Management Associates. He previously held a variety of IT leadership roles at companies including Hewlett Packard Enterprise, and DXC Technology. He is a regular speaker at industry conferences, the host of the Cybersecurity Awesomeness podcast and a frequent guest on other IT security podcasts.

    The day of the CrowdStrike outage, Steffen posted on LinkedIn, "Not trying to kick anyone while they are down, but those that equate resiliency with public cloud computing really need to re-evaluate those beliefs, especially for mission critical workloads. The outages being reported today were some of the exact same issues that we have seen before, but - as an industry - don't seem to learn from."

    In this episode, Steffen discusses the lessons on data center resilience he says have been lost in the cloud era and why IT orgs must re-evaluate their cloud risk.

    続きを読む 一部表示
    23 分
  • Data, observability and the future of DevSecOps
    2024/10/17

    Esteban Gutierrez is chief information security officer and vice president of information security at observability vendor New Relic. Previously, he was an enterprise information security strategist at Intel, and he managed the network operations and security center for the US Army Corps of Engineers.

    He shares takeaways from New Relic's recent State of Observability survey, lessons learned from his career in cybersecurity about bridging the SecOps / IT Ops gap and why he believes data is crucial to the future of both DevSecOps and AI.

    続きを読む 一部表示
    18 分
  • From Sony breach to CrowdStrike, IT Ops-SecOps rift deepened
    2024/10/10

    Rich Lane is currently IT director at the City of Medford, Massachusetts, and has had a varied career in IT infrastructure and operations. He served as VP of digital operations strategy for data security software vendor Netenrich from 2021 to 2022, and as a Forrester Research analyst from 2018 to 2021. Before that, Lane worked as a professional services consultant for observability vendor Splunk, and as IT infrastructure and operations manager at Bain Capital.

    From Lane's perspective, the CrowdStrike outage reflected an organizational disconnect at many companies between the IT security teams that choose tools and the infrastructure operations teams that must support those tools in production. In Lane's experience, this rift began to grow after the high-profile Sony Pictures data breach ten years ago as enterprises re-emphasized cybersecurity.

    Now, he says, CrowdStrike should be a sign it's time for the two groups to come together again and come up with more resilient ways to operate security tools, demand better communication from vendors during incidents, and to better account for the human factor in cyberattacks.

    続きを読む 一部表示
    16 分
  • What SecOps pros can learn from Microsoft security overhaul
    2024/10/03

    Melinda Marks is cybersecurity practice director for TechTarget's Enterprise Strategy Group analyst firm. Previously, she held a variety of roles in the IT and cybersecurity industry, including marketing and PR leadership positions at vendors such as VMware, Qualys, Tenable Network Security. Just before joining ESG in 2021, she was chief strategy officer and CMO at Soluble, makers of a CI/CD security and compliance automation tool for infrastructure as code.

    In this episode, Marks discusses how Microsoft's first Secure Future Initiative report can serve as a blueprint for other enterprise SecOps pros; the evolution of cloud security tools; the future of cybersecurity regulations; and how SecOps practices must also evolve in an age of increased regulatory scrutiny to become more efficient and collaborative while maintaining visibility and control.

    続きを読む 一部表示
    22 分
  • Cloud security, AI giveth and taketh away
    2024/09/26

    Kyler Middleton is senior principal software engineer at healthcare tech company Veradigm. She is also founder, owner, and CEO at 14ers Consulting, an IT services and engineering firm, as well as the co-host of her own podcast, Day Two DevOps and the founder of an IT training website, LetsDoDevOps.com. Her LinkedIn profile says, "I will teach you. It's unavoidable."

    In this episode, Middleton and TechTarget Editorial's Beth Pariseau examine two of the biggest double-edge swords in IT: cloud security and AI. The same cloud platforms that connect the world -- and broaden its attack surface -- also offer free and low-cost tools for IT pros to experiment with multiple layers of security automation and centralize log analytics; the same AI models that make burgeoning log data manageable could make it more difficult for security novices to learn the basics. Middleton shares her outlook on all these issues as well as tips for SecOps newbies.

    続きを読む 一部表示
    20 分
  • How KnowBe4 caught an impostor employee in 25 minutes
    2024/09/19

    Brian Jack is chief information security officer and data protection officer at KnowBe4, a security awareness training software vendor based in Clearwater, Florida. The company made headlines in July when it thwarted an attempt by a North Korean nation-state actor to infiltrate its software engineering staff. The company did hire the attacker, who used the stolen identity of a US citizen and deepfake images to get through the vetting process, but detected suspicious activity on his account and contained the threat before the attacker gained access to any company data.

    In this episode, Jack shares the details of the incident, how the company's SOC detected and responded to the threat, advice for other companies on how to mitigate this increasingly common path of attack in the age of remote work and how he defines a good state of SecOps.

    続きを読む 一部表示
    23 分