Defense in Depth

Russ Ayers, SVP of Cyber and Deputy CISO at Equifax, dives into the rising threat of deepfakes and their implications for security. He discusses how AI is blurring the lines between real and fake, creating challenges for identity verification. The conversation highlights the need for advanced detection methods and the creation of new roles like ‘Reality Auditor.’ Russ emphasizes the urgent importance of re-establishing trust in communication as deepfake technology alters our perceptions and legal standards.

Vivek Ramachandran, Founder of SquareX, discusses the effectiveness of Secure Web Gateways in the modern enterprise. Topics include challenges in adapting to browser evolution, the need for better solutions, and the role of SquareX in detecting and mitigating web attacks in real-time.

Richard Stiennon, Chief research analyst, IT-Harvest, discusses the hype and challenges of zero-trust solutions in cybersecurity. They delve into defining zero trust accurately, highlighting the importance of transparency. The podcast explores the risks of vendor dependency and the need for innovative frameworks in cybersecurity product selection.

Sandy Bird, Co-founder and CTO of Sonrai Security, joins the podcast to discuss the challenges of scaling least privilege in the cloud. Topics include automating identity security, optimizing cloud access control, and the evolution of attribute-based access control. Discover the importance of just-in-time access permissions and prioritizing assets for enhanced security.

Emily Heath, general partner at Cyberstarts, joins the podcast to discuss the relationship between CISOs and sales representatives. They delve into the challenges CISOs face with aggressive sales tactics, emphasizing the necessity of empathy and authenticity in sales interactions. The conversation highlights the importance of setting boundaries, providing strategic feedback, and building relationships based on trust and value.

Developer advocate Mackenzie Jackson discusses managing data leaks outside your perimeter, addressing the challenges of third-party leaks, the need for security-conscious culture in software development, securely managing secrets and credentials, proactive measures like scanning code repositories for leaks, and safeguarding keys with tools like Gigi Shield and hasmysecretleaked.

Guest Phil Davis, healthcare cybersecurity attorney, discusses the risks and responsibilities of CISOs in today's climate. Topics include liability, balancing responsibility and authority, and the evolving role of CISOs in organizations. Emphasis on security accountability, regulatory challenges, and the transition to cybersecurity attorney.

Former CISO, Paul Connelly, discusses the crucial role of onboarding new cybersecurity talent, emphasizing the need for effective training and avoiding common mistakes. Strategies include fostering engagement, cross-team collaboration, and early exposure to different departments to create a positive onboarding experience.

Jerry Davis, division director for cyber defense at Truist Bank, discusses the importance of building relationships with your boss to advance your cyber career. Topics include developing soft skills, effective communication strategies, setting clear expectations, and mastering leadership dynamics for success in the workplace.

Exploring the challenges of integrating new tools in a SOC and the importance of readiness measures. Discussing the shift from past events to current activities, focusing on speed and measurable outcomes. Highlighting the role of Security Orchestration in boosting SOC efficiency. Delving into the shift towards behavioral monitoring in cloud environments. Reflecting on the ineffectiveness of current security measures and the need for proactive actions.