Afleveringen
-
The most dangerous cyber attacks today have one thing in common: they target humans rather than systems. Social engineering has been a prevalent tactic for years, with a known $51B in exposed losses over the last decade. Unfortunately, these numbers will continue to rise with the proliferation of AI, and your email inboxes are your most likely target.
Abnormal Security takes a different approach to email security, understanding human behavior to protect human vulnerabilities. By baselining known behavior, the platform can understand when anomalous activity occurs and block attacks—even when these threats are text-based emails with no traditional indicators of compromise.
In this episode of the EM360 Podcast, Chris Steffen VP of Research at EMA speaks to Leach, Field CISO at Abnormal Security, to discuss:
AI Social Engineering Human behavior Security Culture
-
Hackers use AI tools like ChatGPT to enhance their operations and manipulate large language models. They infiltrate and attack GPT by manipulating the knowledge base through coordinated bot activity.
These sophisticated cybercriminals are not just using AI tools, they are leveraging them to streamline their attacks. By exploiting the model's natural language processing capabilities, they can craft convincing phishing emails, generate fake news articles, and even create highly realistic deepfake videos.
With the ability to mimic human speech patterns and convincingly generate text, these AI-enhanced attacks pose a significant and immediate challenge for cybersecurity professionals worldwide. As the arms race between hackers and defenders escalates, experts stress the urgent need for developing robust defences and staying vigilant against these evolving threats in the digital landscape.
In this episode of the EM360 Podcast, Alejandro Leal, Analyst at KuppingerCole speaks to Arik Atar, Senior Threat Intelligence Researcher at Radware, to discuss:
Hacker infiltration GPT Capabilities Operational needs Hacker skill development
-
Zijn er afleveringen die ontbreken?
-
The trend of platformization in the Security Operations Centre (SOC) is a game-changer in the cybersecurity landscape. It offers a holistic approach to managing and mitigating security threats. By consolidating various security tools, processes, and data sources into a unified platform, organizations can streamline operations, reduce complexity, and significantly enhance overall security outcomes.
Platformization, as demonstrated by solutions like Palo Alto's XDR platform, is a powerful tool for SOC teams. It enables them to efficiently correlate and analyse vast amounts of security data in real-time, leading to quicker detection and response to threats. With advanced analytics, machine learning, and automation seamlessly integrated, platforms like XDR empower SOC analysts to focus on higher-value tasks, such as proactive threat hunting and strategic decision-making.
In this episode of the EM360 Podcast, Brad LaPorte, Advisor at Lionfish Tech Advisors, speaks to Dan Flaherty, Senior Product Marketing Manager at Palo Alto Networks, to discuss:
Why security tool consolidation is happening nowPlatformization for the SOCHow to approach onboarding a platform like Palo Alto Networks Cortex XDR'Interested in learning more about XDR and Palo Alto Networks? You can find some additional resources below:
Break free from legacy endpoint solutionsA Comprehensive Guide to the 2023 MITRE Engenuity ATT&CK EvaluationsPalo Alto Networks named a Leader by Gartner® for Cortex XDR.
Chapters00:00 - Introduction01:39 - Defining Platformization and its Benefits08:16 - Downsides of Implementing Multiple Tools09:14 - Advantages of Platformization29:27 - Platformization as a Solution for Security Challenges31:24 - Conclusion
-
The alarming rate of violence against healthcare workers underscores the urgent need for comprehensive security measures within medical facilities. As incidents continue to rise, it's imperative that proactive strategies are employed to safeguard the well-being of patients, visitors and staff.
In this episode of the EM360 Podcast, Paulina Rios Maya speaks to Sheila Cook, Chief Experience Officer at the University of Illinois Hospital & Health Science System and Clete Bourdeaux, Healthcare Business Development Director for HID’s workforce identity management unit, to discuss:
Workplace violenceEvolution of security protocols within medical facilitiesHealthcare security
-
GenAI has revolutionized the landscape of information security. Once reserved for experts and Ph. D.s, it is now accessible to a broader spectrum of practitioners and engineers. Its applications span from summarising data to tailoring reports, amplifying incident response, and profiling user behaviours.
By harnessing the power of generative AI, security professionals can navigate complex datasets with enhanced efficiency and precision. The importance of continuously updating AI models with fresh data cannot be overstated. It is this constant evolution that ensures the relevance and efficacy of GenAI in the face of ever-changing security challenges. As GenAI continues to advance, it holds the promise of redefining the future of security operations, ushering in an era of proactive defence and adaptive strategies against emerging threats.
In this episode of the EM360 Podcast, Chris Steffen VP of Research at EMA speaks to Jimmy Astle, Senior Director of Detection Enablement at Red Canary, to discuss:
GenAI Uses of GenAI Training of AI Automation in security operations
-
GenAI has revolutionized the landscape of information security. Once reserved for experts and Ph. D.s, it is now accessible to a broader spectrum of practitioners and engineers. Its applications span from summarising data to tailoring reports, amplifying incident response, and profiling user behaviours.
By harnessing the power of generative AI, security professionals can navigate complex datasets with enhanced efficiency and precision. The importance of continuously updating AI models with fresh data cannot be overstated. It is this constant evolution that ensures the relevance and efficacy of GenAI in the face of ever-changing security challenges. As GenAI continues to advance, it holds the promise of redefining the future of security operations, ushering in an era of proactive defence and adaptive strategies against emerging threats.
In this episode of the EM360 Podcast, Chris Steffen VP of Research at EMA speaks to Jimmy Astle, Senior Director of Detection Enablement at Red Canary, to discuss:
GenAI Uses of GenAI Training of AI Automation in security operations
-
The sheer volume and diversity of data available to organisations today offer numerous opportunities for innovation, efficiency gains, and informed decision-making. However, this abundance of data also brings with it formidable challenges, particularly concerning privacy, security, and ethical considerations.
Data is often described as new oil, so safeguarding its integrity and protecting it from unauthorised access or misuse has become paramount. Data breaches and cyberattacks have become all too common, underscoring the critical need for robust security measures and vigilant oversight. Organisations can benefit from leveraging advanced cybersecurity solutions offered by platforms like Cyera to address these challenges.
In this episode of the EM360 Podcast, Richard Stiennon, Chief Research Analyst at IT-Harvest, speaks to Emily Heath, General Partner of VC firm Cyberstarts and former CISO of United Airlines and DocuSign, to discuss:
Data security CISOs and complianceData classification practices Data classification and AI The future of data security with AI
-
Gone are the days of merely safeguarding school computers! Censornet, a rising star in the tech industry, has undergone a remarkable transformation. From its roots as an internet security provider for educators, it has emerged as a trailblazing force in digital risk management.
Today, Censornet offers a comprehensive suite of tools designed to confront the dynamic challenges of the digital landscape, ensuring a safer and more secure online environment for all. This evolution stems from recognising that traditional threats are no longer the sole concern. With the proliferation of Shadow IT, unauthorised applications and devices, and the rise of insider threats, organisations face a complex array of risks.
In this episode of the EM360 Podcast, Jonathan Care, Advisor at Lionfish Tech Advisors, speaks to Gareth Lockwood, VP of Product at Censornet, to discuss:
Inspiration behind Censornet Censornet’s Capabilities Censornet’s Clients Shadow-IT Prevention of future vulnerabilities with AI and Censornet
-
Amid the ever-evolving landscape of cyber threats, organisations are constantly challenged to ensure security. Conventional security methods are failing to keep up with the escalating volume and sophistication of attacks. By implementing Managed Detection and Response (MDR) with automation, Security Operations Centers (SOCs) can optimise workflows, augment analyst capabilities, and significantly enhance the organisation's overall cybersecurity defences.
Palo Alto Networks offers comprehensive MDR services, leveraging its threat intelligence and cutting-edge technology expertise. Unit 42, its esteemed threat intelligence team, is crucial in providing valuable insights into emerging threats and trends, empowering organisations to stay ahead of malicious actors.
In this episode of the EM360 Podcast, Richard Stiennon, Chief Research Analyst at IT-Harvest, speaks to Ophir Karako, Software Engineer (Unit 42) at Palo Alto Networks, to discuss:
Palo Alto’s MDR Services Operational Automation Data EnrichmentThreat Response Job security for SOC AnalystsInterested in learning more about XSOAR and Palo Alto Networks? You can find some additional resources below:
Enloe Medical Center Strengthens Its Security Posture and Improves Efficiency With Unit 42 MDRUnit 42 Managed Detection and Response Service DatasheetA Practical Guide to Deploying SecOps Automation
Chapters00:00 - Introduction and Background
00:57 - MDR Services at Palo Alto Networks
03:20 - Automation in Operations
04:16 - Automating Data Enrichment
05:13 - Intellectual Property Playbooks and Scripts
05:41 - Customized Reports for Customers
06:10 - Automated Threat Response
07:08 - Insights and Lessons Learned from Automation
07:37 - Benefits of Automation for SOC Analysts
08:06 - Collaboration with Product Experts
09:04 - Treating Automation as a CI/CD Process
10:01 - The Future of Automation in Cybersecurity
12:51 - Automation and Job Security for SOC Analysts
14:20 - Cortex XSOAR: Security Orchestration, Automation, and Response Platform
15:46 - Unit 42 MDR Service
16:16 - Conclusion
-
The SolarWinds breach exposed vulnerabilities within DevSecOps practices, sending shockwaves through the tech world.
The U.S. Securities and Exchange Commission (SEC) indictment against SolarWinds further emphasised the gravity of the situation, alleging the company misled investors by failing to disclose these vulnerabilities and the subsequent breach adequately.
This lack of transparency raises crucial questions about accountability and risk management in the mobile app development landscape, pushing organisations to re-evaluate their DevSecOps practices and prioritise robust security measures throughout the entire development lifecycle.
In this episode of the EM360 Podcast, Head of Podcast Production Paulina Rios Maya speaks to Richard Stiennon, Chief Research Analyst at IT-Harvest, and Tom Tovar, CEO and Co-Creator of Appdome, to discuss:
The SolarWinds indictment The U.S. SEC 4-day ruleThe impact on DevSecOps practicesBYOD and VPN security The evolving role of cybersecurityBuilding cyber resilience
-
The fight against cybercrime is a never-ending battle. Firewalls and antivirus software, our traditional defences, are like trusty shields—good against basic attacks but not enough. Advanced attackers can slip through the cracks, exploiting new weaknesses or mimicking harmless traffic. Thus, businesses are exposed and face potential data breaches, financial ruin, and damaged reputations.
That's where Advanced Threat Intelligence (ATI) comes in – a game-changer in the cybersecurity arsenal. Unlike our old shields, ATI offers real-time intel on the latest threats, how attackers operate, and their ever-evolving tactics.
Recognising the limitations of traditional security solutions, Radware goes beyond basic shields. Imagine a high-powered watchtower constantly scanning the digital horizon, identifying threats before they strike.
In this episode of the EM360 Podcast, Analyst Jonathan Care speaks to Arik Atar, Senior Threat Intelligence Researcher at Radware, to discuss:
The Current Threat LandscapeModern Attacker TacticsRomance Scams & Pig ButcheringThe Radware Advantage
-
The cloud revolutionised how businesses operate, but managing dynamic, complex environments presents new and unique challenges.
While digital transformation has brought significant benefits, the reality is that organisations now require innovative solutions to effectively navigate intricate, hybrid, multi-cloud environments.
Evolven Software, driven by a mission to simplify complexity and mitigate risk, empowers large organisations to overcome the challenges of governing extensive hybrid ecosystems. By harnessing the power of AI/ML, Evolven enables a more secure, streamlined, and efficient cloud journey with fewer outages or compliance gaps.
In this episode of the EM360 Podcast, industry veteran Tom Croll, advisor at Lionfish Tech Advisors, speaks to Sasha Gilenson, Founder and CEO of Evolven Software, to discuss:
The current state of enterprise cloud architectures and the challenges in managing hybrid multi-cloud environments.Why managing risk in hybrid multi-cloud environments demands a new paradigm.The unique challenges large organizations face in maintaining visibility, control, and governance across their landscapes.How Evolven's AI/ML-driven solution empowers enterprises to overcome this complexity, enhance security, and optimize performance.
-
Automated Security Validation. Involving tools, scripts and platforms to emulate true-to-life attacks, Automated Security Validation is a key part of assessing the readiness of the security infrastructure and guiding prioritized remediation.
But how does this implementation of automation really work to empower human expertise? How does all of this relate to compliance? And what words of wisdom can be given for those looking to level up their security strategy in 2024?
In this episode of the EM360 Podcast, Analyst Jonathan Care speaks to Thomas Pore, Director of Product Marketing at Pentera, as they discuss:
The pen-testing landscape How important testing and validating areEmpowering human expertise and remaining compliant
-
It seems like VPN products are consistently the initial access vectors for ransomware groups and targetted attacks.
This was demonstrated in the recent Ivanti Connect Secure zero-day vulnerabilities, as well as Cisco when they admitted last year that Akira Ransomware was specifically targeting their VPNs.
But what is the real problem with VPNs - and are they vulnerable by design? How do they fit into wider security architectures and strategies?
In this episode of the EM360 Podcast, Analyst Richard Stiennon speaks to Benny Lakunishok, Co-Founder and CEO of Zero Networks, to discuss:
The problem with VPNs‘Insecure by default’?ZTNA and remote access solutions
-
Rapid breach response. The art of quickly reacting to a security breach or incident. Key for minimising the impact of attacks and ensuring your team is as effective as possible, rapid breach response is an important part of any security strategy.
With the rise and innovation we see in the automation space right now, how could automation be implemented into a security strategy to level up the efficacy of rapid breach response?
In this episode of the EM360 Podcast, Analyst Richard Stiennon speaks to Devin Johnstone, Security Operations Specialist at Palo Alto Networks, to discuss:
Demystifying rapid breach responseImplementing and leveraging automation in RBRAdvice for SOC teams and shifting mindset
-
The audit process is broken. CISOs and CTOs have faced a multitude of challenges under this outdated audit landscape, and the efficacy of companies are being stunted by a system that desperately needs updating.
But how can technology be leveraged to streamline or even transform that auditing process? And what does the future of infosecurity compliance look like?
In this episode of the EM360 Podcast, Analyst Richard Stiennon speaks to Leith Khanafseh, Managing Director of Assurance and Compliance Products at Thoropass as they discuss:
The old audit landscapeChallenges for CISOs and CTOsMultiframeworks and the future of compliance
-
In the world of complex supply chains, it’s not enough to secure our own data but also ensuring that third party vendors we work with have robust security.
When it comes to proactively stopping threats and mitigating issues, supply chain monitoring and ensuring a secure software supply chain is crucial to keep organizations’ data safe.
In this episode of the EM360 Podcast, Analyst Richard Stiennon speaks to Rahul Sasi, Co-Founder and CEO at CloudSEK, to discuss:
Current state of cloud computing securityCommon vulnerabilities in the software supply chainRemote work, cloud reliance and mitigating risk
-
In 2024, the conventional approach of responding to threats is dead. As cyberspace becomes more complex, interconnected, and sophisticated, companies are beginning to recognise the shift from a reactive stance to a proactive one.
This shift isn’t just a technological upgrade - it’s a fundamental change in mindset that can cause ripples throughout the business.
In this episode of the EM360 Podcast, Analyst Jonathan Care speaks to Uri Dorot, Senior Product Marketing Manager at Radware as they discuss:
AI-powered attacksResponsive protection vs proactive protectionHow proactivity works in practice
-
Using threat intelligence effectively in incident investigation is crucial for identifying, mitigating, and preventing cybersecurity threats.
By integrating relevant threat intelligence feeds, security teams gain insights into the tactics, techniques, and procedures employed by malicious actors. This aids in swift detection and response to potential incidents.
In this episode of the EM360 Podcast, Analyst Richard Stiennon speaks to Richa Priyanka, Solutions Architect at Palo Alto Networks, to discuss:
Role of threat hunting in SOCTypical threat intelligence feeds for incident investigationThe future of threat hunting
-
Application security is a complex, wide-ranging field.
With attackers using a wide range of attacks from credential stuffing to cookie poisoning, how can you keep up with the ever-evolving landscape?
In this episode of the EM360 Podcast, Analyst Jonathan Care speaks to Uri Dorot, Senior Product Marketing Manager at Radware, to discuss:Main challenges in protecting applicationsGrowing threat landscapeConsistent security across multi-cloud and hybrid environments
- Laat meer zien