Security Weekly Podcast Network (Video)

Not all security is complicated--many aspects boil down to noticing that something is off. Attentive and curious employees are an overlooked safety mechanism, as is handling problems in a constructive way. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw254

Since it is Dec 15 - might make sense to have a discussion on what might be coming in 2022 in terms of security - topics could span Ransomware, and other threats as well as technology segments like Zero Trust and SASE, etc. Segment Resources: Barracuda research on Ransomware trends and remote code execution vulns: https://blog.barracuda.com/2021/08/12/threat-spotlight-ransomware-trends/ https://blog.barracuda.com/2021/10/13/threat-spotlight-remote-code-execution-vulnerabilities/ This segment is sponsored by Barracuda Networks. Visit https://securityweekly.com/barracuda to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw721

Let's talk about the 2021 SANS Holiday Hack Challenge. Lotsa great new stuff this year, with a focus on hardware hacking in a virtual world... plus TWO cons at the North Pole. Segment Resources: www.holidayhackchallenge.com www.counterhack.com www.sans.edu Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw721

Ben Carr will lead us in a discussion about the origins of the role of CISO, roles/responsibilities, and what it's like to be a CISO. We'll touch on qualifications, organizational structure, its place in security and compliance, what it's like to be hero or scapegoat. All this and more! Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw98

Ben Carr will lead us in a discussion about the origins of the role of CISO, roles/responsibilities, and what it's like to be a CISO. We'll touch on qualifications, organizational structure, its place in security and compliance, what it's like to be hero or scapegoat. All this and more! Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw98

In the Leadership and Communications section: 13 traits of a security-conscious board of directors, 7 Strategies for CSO Cybersecurity Survival, 10 Effective Ways You Can Improve Your Communication Skills, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw243

-More than 25% of US hospitals have suffered at least one ransomware attack in the last two years. -Clearly, hospital IT teams, for the first time, the power to see and stop ransomware and other cyberattacks across a hospital's sprawling and fragmented ecosystem of office IT, clinical technologies, and electronic health systems. -Existing security solutions are only capable of detecting cyberthreats on office worker devices, which leaves two-thirds of a hospital's IT environment invisible and undefended. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw243

This week in the AppSec News, Mike & John talk: All about Log4Shell, Mozilla's BigFix bug and new sandbox, Rust in the Linux kernel, path traversals, reflections on the security profession, & more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw177

DevSecOps has been traditionally very people centric. It is hard to measure software security and the landscape is becoming increasingly more complex with container, cloud, and infrastructure. Driving an appsec program at scale is often an art that only few can master and the majority of organizations remain uncovered from an appsec perspective. Measuring DevSecOps and evolving risk-based vulnerability management is a must. Bringing along risk people and GRC has traditionally been challenging. Segment Resources: - AppSec Cali 19 Talk: https://www.youtube.com/watch?v=cegMUjo25Zc - ADDO19: https://www.youtube.com/watch?v=x1p3exzkTIY - Open Security Summit 20 - https://www.youtube.com/watch?v=8myMG36gq4o, https://www.youtube.com/watch?v=mh_P1C1a-CM Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw177

Finally, in the enterprise security news: At least a dozen cybersecurity companies announced raises totaling more than $900m - just in the past week!, Permira proposes to take Mimecast private for $5.8bn, The leader of a Swiss tech company is accused of selling access to text message data for surveillance, A former Ubiquiti developer was behind the big breach announced earlier this year - he unsuccessfully tried to extort his employer, SentinelOne tries to bring mobile security back?, Google and Trail of Bits team up to release a tool that scans for vulnerable Python packages, CISA has assembled a panel that will begin making cybersecurity recommendations, Make sure to stick around for, This week's spicy take - Cloudflare recommends ditching your firewall, and This week's squirrel story - a new streaming service from an unexpected source! All that and more, on this episode of Enterprise Security Weekly! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw253