In the Security News, Who is responsible for Active Directory security within your organization?, Apple publishes new technical details on privacy features, How to ensure online safety with DNS over HTTPS, Amazons Ring Video Doorbell could open the door of your home to hackers, and much more!
Kevin Finisterre is a Co-founder of Arcade Hustle. Josh Valentine is a Co-founder of Arcade Hustle. Josh and Kevin have spent the last year immersing ourselves in arcade platforms, games, and cabinets. There is quite a bit of cross over into the traditional security scene. There is even more to learn in the subtle differences of how each scene handles. We'd like to talk about our project Arcade Hustle, and the things we've learned during our into to the arcade scene.
Tim Callan is the Senior Fellow at Sectigo. Quantum computing and what its arrival means for IT, traditional computing and infosecurity. TC expects that both architectures will live side by side, with traditional computing serving most tasks and quantum computing being employed for the specific operations where it offers improved efficiency. He will discuss expected outcome of quantum computing is that the world’s existing cryptographic infrastructure will have to change in a fundamental way and future encryption platforms need to be resistant to attacks not just from quantum computers but traditional computers as well.
Peter Smith is the Founder & CEO of Edgewise.
Adrian is an Advocate at Thinkst, the company behind the awesome and much loved Thinkst Canary. A former practitioner, PCI QSA, penetration tester, industry analyst and entrepreneur, he has explored many angles of the security industry, attempting to understand what makes it tick and what makes it fail. Adrian is an outspoken researcher that doesn't shy away from uncomfortable truths. He loves to write about the industry, tell stories and still sees the glass as half full.
Balancing the Company’s Needs and Employee Satisfaction, Why Successful People Wear The Same Thing Every Day, What industry gets wrong about cyber insurance, and much more!
In the news, talking about how Trustwave offers threat detection and response for Microsoft Azure, LogRhythm offers migration service to Splunk customers to address security challenges, CrowdStrikes Falcon security platform lands on AWS, and how GitLab plans to ban hires in China and Russia due to espionage concerns!
New York’s Breach Law Amendments and New Security Requirements, Cybersecurity, The C-Suite, & The Boardroom: The Rising Specter Of Director & Officer Liability, Kaiser says data breach exposed information on nearly 1,000 Sacramento-area patients, Companies Still Not Prepared to Comply with GDPR and Potential EU Data Breaches, The Human Factor of Cyber Security, and much more!
Jeff Man, Scott Lyons, Josh Marpet, and Matt Alderman talk about PCI and how it affects the state of the union.
Stable Channel Update for Desktop Chrome users should upgrade to, Overcoming the container security conundrum: What enterprises need to know, Security Think Tank: In the cloud, the buck stops with you, PHP Bug Allows Remote Code-Execution on NGINX, Servers and patch details at Sec Bug #78599, Raising Security Awareness: Why Tools Can't Replace People, and much more!
Henry Harrison is the CTO of Garrison. A contrarian in the security industry, Henry Harrison of Garrison believes the only way forward is to implement security on the foundational level through Hardsec. An evangelizing approach that emerged out of research and development from the UK’s national security, hardsec relies on hardware security executed through the use of non-turing machines digital logic – chips that are too dumb to be hacked – to eliminate cyber threats. This moves away from the generic chip sets and advocates for a more unique and specialized chip set for devices where security is paramount. During this conversation, Henry can talk about this approach and what it would take for it to become widely adopted.
Alexander Niejelow is the Senior Vice President, Cybersecurity Coordination and Advocacy at Mastercard. The Cybersecurity Talent Initiative is the first-of-its-kind public-private partnership aimed at recruiting and training a world-class cybersecurity workforce. The program is a selective opportunity for students in cybersecurity-related fields to gain vital public and private sector work experience and even receive up to $75,000, inclusive of tax, in student loan assistance.
We interview Daniel Lowrie, who is an Edutainer at ITProTV and Justin Dennison, who is also an Edutainer at ITProTV. Dan and Justin talk about how to bridge the gap between a developer and security. Developers are faced with the challenges of working under pressure to get things done quickly, often overlooking securing their code. We'll discuss the strategies to capture interest while addressing common pitfalls.
Important security notice about your DoorDash account, How PCI DSS compliance milestones can be a GDPR measuring stick, Companies vastly overestimating their GDPR readiness, only 28% achieving compliance - Help Net Security, When Compliance Isn't Enough: A Case for Integrated Risk Management, and much more!
Paul and Matt sit down with Dave Bittner from Cyberwire to discuss the state of security podcasts, the latest security trends, and the security community.
Sven Morgenroth is the Security Researcher at Netsparker. Sven joins us again to talk about Formatting string vulnerabilities.
To learn more about Netsparker, visit: https://securityweekly.com/netsparker
Carter Manucy is the Cybersecurity Manager at Municipal Power Agency. Fireside chat around the differences in IT and OT cybersecurity, challenges finding the right folks, challenges facing securing OT specific equipment, workforce development.
Philippe Courtot is the Chairman and CEO of Qualys. Sumedh Thakar is the Chief Product Officer Qualys. Philippe Courtot, chairman and CEO of Qualys will examine the impact of today's complex and hyper-connected IT environments have on security and compliance. He will discuss why, in a world where everything connects, we need to regain the visibility we have lost, and why visibility is now the cornerstone of security. Simply put, it is difficult, if not impossible, to secure what we do not know or cannot see.
Paul and Matt talk about Deployment, Practice, and Reporting concerning Vulnerability Management.
In the leadership and communications section, Of the 4 manager types, only 1 boosts employee performance 26%, How to Look and Sound Confident During a Presentation, 2020 IT spending priorities — and the traps a cloud shift creates, and more!
In the Enterprise News, discussing how IaaS cloud vulnerabilities are expected to increase 50% over 2018 figures, examining security process maturity in 400 organizations, Snow Software Unveils Risk Monitor to Combat Security and Compliance Threats, and some funding and acquisition updates from Aviatrix and enSilo!
Top cloud security controls you should be using, State of Software Security X, Developers: The Cause of and Solution to Security's Biggest Problems, and much more!
This week, we welcome Kevin O'Brien, Co-founder and CEO at GreatHorn, to discuss email security.
Mike Shema, Matt Alderman, and John Kinsella, talk about Bug Bounties, Pentesting, & Scanners.
Last week, Elastic and Endgame announced that they have formally joined forces to introduce Elastic Endpoint Security. Together, they combine Elastic’s free and open SIEM with Endgame's endpoint security product to give users an integrated solution that offers greater visibility across their environment. This is a step toward realizing Elastic’s vision for applying search to multiple use cases, like threat hunting, fraud detection, and security monitoring. Now, when users deploy a data collection agent for Elastic SIEM, they can protect the endpoint simultaneously and remove the inefficiency of multiple solutions that can’t respond in time to prevent damage and loss. And, to make Elastic Endpoint available to everyone, the company announced that they are eliminating per-endpoint pricing. No more counting endpoints or days of threat intelligence data retained.