Incident Response 公开
[search 0]
更多

Download the App!

show episodes
 
Cybersecurity weekly podcast series featuring industry thought leaders discussing security solutions, best practices, threat intel, and more. Our primary topics within InfoSec include: Application Security; Artificial Intelligence; Blockchain; Career Development; Cloud Security; Encryption / DLP; Endpoint / Mobile / IoT Security; GRC; Incident Response / SIEM; Identity and Access Management; Network Security; Privacy; Ransomware / Malware; and Security Awareness.
 
Loading …
show series
 
Ed Cabrera is the former CISO of the United States Secret Service and current Chief Cybersecurity Officer at Trend Micro. He believes we are at an inflection point in cybersecurity and is cautiously optimistic. During this conversation with SecureWorld, Cabrera also discusses ransomware, cryptocurrency, threat intelligence, cyber insurance, and mor…
 
In this SecureWorld Sessions podcast bonus episode, three Chief Information Security Officers play a game show around modern cyber resilience. What is cyber resiliency, how do you align it with business objectives, and is it possible a unicorn won this battle of the CISOs? Contestants include Ricardo Lafosse, CISO, The Kraft Heinz Company; Michael …
 
Our guest on this episode is Jeremy C. Sheridan, Assistant Director, Office of Investigations, at the United States Secret Service. We discuss the evolution of ransomware in cybercrime, including: advances in technology, cyber insurance, the cryptocurrency challenge, the sophistication of ransomware actors, and much more. Also, thank you to Trend M…
 
Princeton University implemented a multi-year program to create a culture of cybersecurity throughout campus. It has already made an impact on the organizational security mindset, including risk reduction, implementing new technologies, broadening security knowledge, and strengthening campus partnerships. In this episode, listen to David Sherry, CI…
 
What can organizations, the U.S. government, and everyday citizens do to stop the surge of ransomware and cyber threats hitting us from overseas? In this episode, we hear from retired Air Force Colonel Cedric Leighton. Leighton is a CNN military analyst who held cyber leadership positions while serving in the Air Force and currently runs the Cedric…
 
Are CISOs getting sued? Yes. Investors filed a lawsuit that specifically names the CISO of SolarWinds as a defendant. Is this the beginning of a trend to sue the Chief Information Security Officer after a cyber incident? #InfoSec twitter reacts, and so do the experts on today's podcast: Rebecca Rakoski is co-founder and Managing Partner of XPAN Law…
 
In this true cybercrime episode, we uncover the case of an insider threat scheme at an AT&T Wireless call center. Court documents reveal how rogue employees collected approximately $1 million in bribes. Plus, Dr. Larry Ponemon discusses the Insider Threat risk, and John Grimm discusses Insider Threat best practices. Resource Links: • Trend Micro re…
 
In this true cybercrime episode, we interview Myra Rosario-Fuentes, Senior Threat Researcher at Trend Micro, who just completed an in-depth, two-year research project on Dark Web markets, especially those selling exploits that hackers use to take advantage of security holes in networks and devices. How much is a Zero Day exploit worth on the Dark W…
 
In this true cybercrime podcast episode, we interview Alexander Urbelis, cyber attorney and threat intelligence expert, who uncovered a cyberattack against the World Health Organization at the start of the coronavirus pandemic. Resource Links: • Trend Micro phishing and ransomware white paper: https://resources.trendmicro.com/rs/945-CXD-062/images/…
 
In this true cybercrime episode, we interview Cam, who was arrested for hacking when he was 14 years old. One of his focused cyberattacks was against SeaWorld San Diego. Now, he works as a cybersecurity professional. How did he get into cybercrime and then into a role defending against it? It all started with gaming. Resource Links: • Trend Micro's…
 
How can we scale up the development of our collective cybersecurity talent pipeline, and what role can you play in this? How can your organization help develop talent? How can your alma mater or current university play a part in this? Hear about a model for this kind of work underway through partnerships at New York University Tandon School of Engi…
 
Listen in as U.S. state cybersecurity leaders discuss key topics: • coming year priority projects • the ransomware surge and preparing for security incidents • their organization's security culture and training to deal with issues • innovative, special projects they are most excited about moving forward Featured presenters on this podcast panel: • …
 
Nancy Rainosek is the Chief Information Security Officer (CISO) for the State of Texas. She knows all about ransomware incident response. Her team played a key role in remediation after a coordinated ransomware attack hit 22 state agencies in Texas in a single day. 1. What was that ransomware day like for Rainosek and her team? 2. Was there a commo…
 
Josh Jackson is Founder and Executive Director of the AI Association, which advocates for the furtherance of artificial intelligence and automation in the United States. In this wide-ranging discussion about AI, Jackson unpacks the following: 1. How should we define artificial intelligence? 2. Where is the intersection of cybersecurity and AI? 3. W…
 
Shawn Tuma is a nationally known "breach quarterback" or "incident response coach" who walks victimized companies through the fallout of a ransomware attack. In this episode, he discusses the following: 1. What stages do organizations and security teams experience during a ransomware attack? 2. Would making ransomware payments illegal disrupt this …
 
Join a CISO panel for a fast-moving discussion around the following questions: 1. The state of cybersecurity: what can we understand from security's rise and the rise of the CISO? 2. What does the business need more of from security teams? And what about from security leaders? 3. Are InfoSec job postings way out of line with reality? 4. What is som…
 
2020 was a "blender" year, during which data privacy and cybersecurity seemingly took a backseat to the other major, pressing health and social issues. As more and more people are getting vaccinated and we reemerge into a world that looks a lot different (i.e. new laws and regulations, new threats, etc.), we need to consider and refocus on the impo…
 
Are you "stuck" somewhere along your cybersecurity career path? Are you planning to pursue your InfoSec career goals "someday" down the road? Belinda Enoma has a cybersecurity and privacy background, and she's a Certified Information Privacy Professional (CIPP) in the U.S. She is also a career advice expert and the Founder of Activate & Implement L…
 
In this episode, Michael Meyer, Chief Risk Officer and Chief Innovation Officer at MRS BPO, exposes three crucial myths around IAM in cloud, especially a multi-cloud environment. Are you believing the myths that stand in the way of properly implementing IAM (Identity and Access Management) in your cloud environments? Also, today's Trend Micro Top 3…
 
In this episode, Mark Eggleston, Vice President and CISO/CPO of Health Partners Plans, speaks with security leaders about cyber resiliency, the return to the workplace, combatting nation-state cyber threats, pandemic lessons that can fuel digital innovation, and mental health in cybersecurity. Panelists include: • Anahi Santiago, CISO, ChristianaCa…
 
In this episode, social engineering professor, entrepreneur, and author Christopher Hadnagy shares social engineering case studies and explains how these attacks are evolving and how you can protect yourself and your end-users. Hadnagy draws from decades of human behavioral research and his time as "Chief Human Hacker" at Social-Engineer, LLC. Reso…
 
In this episode, we are discussing lessons learned from a CISO who led the way on her organization's business continuity plan (BCP) and pandemic plan. Milinda Rambel Stone is VP and CISO at Provation Medical. She shares a first-hand account of the planning, implementation, and takeaways from her company's BCP. And buckle up: security teams face mor…
 
In this episode, we are discussing a hotly debated topic in cybersecurity: best in breed point solutions versus an all in one type of security platform. Which is the best approach for your organization? And how is this part of the security landscape changing? Our guest is Greg Young, Vice President of Cybersecurity and Corporate Development at Tren…
 
We are talking about how to align information security with the business. And our guest, ISSA International President Candy Alexander, says we may be thinking about this strategy in the wrong way. She is not afraid to be controversial, and in this episode she shares what security and business alignment should look like. Candy is also Chief Informat…
 
In this episode, we start with a dramatization of a ransomware attack, which leads us to the ransomware lifecycle in real life. What is a ransomware attack incident response really like? How should you respond in the first hours? What does a 72-hour ransomware response look like? What should you do in the weeks and months following? Hear real-life …
 
When an Iowa Sheriff arrested Coalfire pentesters Gary DeMercurio and Justin Wynn on the job, it sent shockwaves through the cybersecurity community. The two InfoSec professionals faced felony charges, jail time, and the possibility of a criminal record for doing what they were hired to do. And information security professionals faced a possible ch…
 
We are asking questions about the SolarWinds data breach fallout. How did the SolarWinds breach impact everything related to legal and compliance? And how does it change the way you should look at Vendor Risk Management? We get answers from Glenn Kapetansky, CSO and Technology Capability Lead, at Trexin Group; and Rebecca Rakoski, Co-Founder and Ma…
 
"We were not prepared for a SolarWinds type of supply chain attack," says Cedric Leighton, CNN Analyst and U.S. Air Force Colonel (Ret.). In this podcast episode, Leighton examines how wide the impact of the SolarWinds cyberattack might be, possible collateral damage from the attack, and the most likely nation-state behind it all. Plus, Leighton ex…
 
Long-term predictions are risky, but Rik Ferguson likes to predict things a decade into the future. Rik is Vice President of Security Research at Trend Micro. Building off his Project 2020, Rik is now working on Project 2030. In our interview, we get a glimpse of the future of AI, the future of malware, the future of wearables, the future of ransom…
 
What does the 2021 cyber law and privacy law landscape look like? Our first guest is attorney Jordan Fischer of Beckage Law. And how can you ensure total data discovery and then manage that big data with security and compliance in mind? Our second guest is Arun Gandhi, Vice President at 1touch.io, which specializes in this area. Also, we have new r…
 
What does a resilient and secure organization look like? What are key strategies and technologies these organizations should have? How does a resilient organization empower its employees? In this episode, we glean insights from Adam Leisring, Chief Information Security Officer at Paycor. Also, we have new research from Trend Micro. The latest repor…
 
In this episode, we are learning about modern cybersecurity leadership. We hear from Yaron Levi, CISO of Blue Cross and Blue Shield of Kansas City. Levi shares about what security professionals need to do now to lead. And he helps us consider the following questions: Why is information security mainly reactive instead of proactive? Why do most orga…
 
In this episode, we talk to Mark Nunnikhoven, Vice President of Cloud Research at Trend Micro. 2020 was the cloud's biggest year, and we're talking about securing the cloud into the future. How do we make cloud security usable? How do we make cloud security stable? What does building in this environment look like right now, and what is the state of…
 
In this episode, we talk to cybersecurity leaders in the oil and natural gas industry. Experts from the ONG-ISAC (Oil and Natural Gas Information Sharing and Analysis Center) answer the following questions: • What does the cyber threat landscape look like for the petroleum industry, and what are the potential impacts? • What are barriers to sharing…
 
In this episode, we talk to James Goepel about the Cybersecurity Maturity Model Certification (CMMC). He discusses this important new certification for supply chain security within the U.S. Department of Defense (DoD) system, addressing the following: • Why was the CMMC created? • Who needs the CMMC? • How will the CMMC work? • Will the CMMC spread…
 
In this episode, we talk to Julia Voo, one of the authors of the newly published National Cyber Power Index 2020. Which country is the most powerful in cyberspace? The NCPI takes a "whole of country" approach to measuring cyber power, ranking 30 countries in the context of seven national objectives. Voo is a Cyber Fellow at the Belfer Center for Sc…
 
In this episode, we hear from Don McKeown, Information Security Manager at Wolters Kluwer Health. He talks about the various levels of culture within an organization, and the culture of security. Plus, approaches to security: blocking and tackling programs, compliance-based information security programs, and risk-based InfoSec programs. McKeown spo…
 
In this episode, we hear from Dan Pepper, Partner on BakerHostetler's Privacy and Data Protection team. He frequently handles security incidents, interacting with federal and state agencies and forensic service providers, and has overseen investigations including many cases of ransomware. How are attackers launching their ransomware attacks? Should…
 
In this episode, we are partnering with the non-profit Cybercrime Support Network (CSN) to raise awareness as part of their Youth and Cybercrime Week. We interview Cam, who was arrested for cyberattacks when he was 14 years old and now works as a cybersecurity professional. How did he get into cybercrime and then into a role defending against it? W…
 
In this episode, we share part of a SecureWorld presentation by Sandy Silk, Director of Information Security Education and Consulting at Harvard University. In her presentation, titled "Hey, InfoSec: Be Part of the Digital Transformation or Be Left Behind!," Silk discusses how security teams need to evolve to deliver the same digital transformation…
 
CISO Milinda Rambel Stone and Human Resources VP Susan Hanson, both of Provation Medical, worked together on a pandemic plan completed just as the COVID-19 pandemic hit the U.S. They discuss these questions: How does a pandemic plan fit with a Business Continuity Plan (BCP)? How did the business, including information security, communicate during t…
 
In this episode, we are speaking with Joshua Cloud, Director of Information Security at NFI, as he answers three important questions for us: 1. What is Artificial Intelligence (AI)? 2. What is Machine Learning (ML)? 3. How can we use AI and ML in cybersecurity and cyber defense? Also, new research, just published by Trend Micro, our premiere podcas…
 
In this episode, we are speaking with cybersecurity and technology influencer Chuck Brooks about emerging technologies that can help you defend your organization in cyberspace. Brooks covers everything from the future of quantum computing and the encryption debate to China in tech, election cybersecurity, 5G concerns, and low-hanging cybersecurity …
 
In this episode, we hear from Joe Zurba, Chief Information Security Officer at Harvard Medical School. He details the challenging Identity and Access Management landscape the school faces and how it navigates IAM. Zurba was a keynote speaker at the 2020 SecureWorld Boston virtual conference. Also, updates on ThiefQuest (EvilQuest), the quickly-evol…
 
In this episode, we are speaking with cybersecurity researcher, pentester, and author Vinny Troia. His new book is "Hunting Cyber Criminals: A Hacker's Guide to Online Intelligence Gathering Tools and Techniques." He explains how he tracked down the alleged hackers behind Gnostic Plays, Shiny Hunters, NSFW, and the The Dark Overlord groups. And it …
 
What does cybersecurity collaboration look like in the digital realm? What about the future of physical events and conferences for the cybersecurity industry? In this episode, we are speaking with conference creator Brad Graver, Vice President of SecureWorld. Brad and his team have overseen more than 120 cybersecurity conferences across North Ameri…
 
In this episode, we are speaking with Aaron Ansari, Vice President of Cloud One - Conformity at Trend Micro. What are the remote work security gaps exposed by the COVID-19 shift to the cloud? What are common factors in cloud security misconfigurations? With cybersecurity features built into many cloud platforms, do you need a third-party or externa…
 
In this episode, we are speaking with noted author Joseph Steinberg. His works on cybersecurity have been read by millions of people, including a security certification exam study guide and recently the "Cybersecurity for Dummies" book. We cover a variety of topics: AI in cybersecurity; the rise of the insider threat risk; translating risk to execu…
 
Recorded June 2020 TOPIC: Fileless Malware, we think NOT OUR SPONSORS: OUR GUESTS WILL BE: Tyler Hudak - Practice Lead, Incident Response - TrustedSec @secshoggoth www.trustedsec.com Martin Brough - Cybersecurity Expert for Acronis @TheHackerNinja Website - infosec512.com Upcoming Training: SANS DFIR Summit - Running Processes, the Red Team and Bad…
 
In this episode, we discuss in depth the cybersecurity risks that come from insiders. What does a malicious insider threat look like? How about the accidental insider threat? How can executives become accidental insider threats? And more. Hear insights from these experts: • Dr. Larry Ponemon of the Ponemon Institute • Sudeep Venkatesh, Chief Produc…
 
Loading …

快速参考指南

Google login Twitter login Classic login