Exploring the Intersection of Security for Edge Computing and Endpoint – Theresa Lanowitz, Mani Keerthi Nagothu – ESW #340
Once again, Theresa Lanowitz joins us to discuss Edge Computing, but with a twist this time, as Mani Keerthi Nagotu from SentinelOne joins us as well! As a field CISO, Mani knows all too well the struggles security leaders are going through, given the current market and threat landscape:
- Maybe not less budget, but more pressure to produce results and justify spending
- Security leaders being held personally accountable for performance
- Potential layoffs, and the need to achieve the same goals with less labor and tool overhead
Segment Resources
This segment is sponsored by AT&T Cybersecurity. Visit https://securityweekly.com/attcybersecurity to learn more about them!
Theresa Lanowitz is the Chief Cybersecurity Evangelist at LevelBlue.
Theresa is a globally respected leader known for her deep and diverse experience in cybersecurity.
Mani Keerthi Nagothu is a cybersecurity professional with global work experience. Her expertise includes cybersecurity strategy, incident response, and risk management. She has been a speaker at various conferences, including RSA Conference 2023, Evanta, Infosec World, (ISC)2 Security Congress, Cloud Security Alliance, and many more. She is passionate about sharing knowledge with others, and most recently, her LinkedIn course – Insider Threat Risk Management, was published
Join our cybersecurity community on Discord! Connect directly with our expert hosts, join discussions with fellow audience members, and customize your notifications to receive alerts every time an episode of your favorite show publishes. Get your invite at securityweekly.com/discord!
Five Lessons Learned From Okta’s Customer Support System Breach – ESW #340
We regularly cover significant breaches on this podcast, but it is rare that we have enough information about a major breach to cover in enough detail to devote an entire segment to. Today, we dive into lessons learned from the breach of Okta's customer support system that targeted some other major security vendors.
This is part of a troubling trend, where the target of an attack only serves as a jumping off point to other organizations. China's 2023 attack of Microsoft is an example of this. It was easier to attack Microsoft 365, one of the world's largest business SaaS platforms, than to go after each of the 25 individual targets these Chinese actors needed access to.
Traditionally, we've thought of lateral movement as something that happens within a network segment, or even within a single organization. Now, we're seeing lateral movement between SaaS platforms, between clouds, from third party vendors to customer, and even from open source project to open source adopters.
In this segment, we'll cover five key lessons learned from Okta's breach, from information shared by Okta and three of its customers: 1Password, Cloudflare, and BeyondTrust.
- Protect Your Session Tokens
- Monitor for Unusual Behavior
- SaaS Vendors Are Common Targets
- Zero Trust Principles Work
- MFA Isn't a Binary (on or off) Control
Segment Resources
New security startups, Stamos and Krebs go to SentinelOne, NY takes cyber seriously – ESW #340
Finally, in the enterprise security news,
- Lots of new security startups with early stage funding
- SentinelOne picks up Chris Krebs and Alex Stamos’s consulting firm
- PE firm picks up ActiveState - a company I haven’t thought about since I last downloaded ActiveState Perl 1000 years ago
- Microsoft announces the limited release of Security Copilot
- Semgrep releases a secrets scanner
- AGI predicted to come much sooner than you might expect
- NY State doubles down on cybersecurity regulations to protect its hospitals
- the young hackers behind Mirai, one of the biggest botnets ever
- Ransomware groups snitch on businesses to the SEC
Adrian Sanabria
- FUNDING: Vulcan Cyber Closes $55 Million Series B with Additional $34 Million to Solidify Position as a Leader in Cyber Risk Management
- FUNDING: Securing Our Vision: The $6.4M Seed Funding Milestone
- FUNDING: Risk Ledger Secures £6.25M to Prevent Cyber Attacks on the Supply Chains of Nation’s Largest Enterprises
- FUNDING: Myrror Security Raises $6M in Seed Funding
- FUNDING: Tidal Cyber Raises $5M in Seed Funding
- FUNDING: HydroX AI: Building a One-Stop Platform for LLM Security and Privacy
- FUNDING: Protecto Raises $4M in Seed Funding
- FUNDING: Attack Surface Management Technology Provider Cavelo Announces CAD$5M Funding Round
- ACQUISITIONS: SentinelOne® Launches PinnacleOne Strategic Advisory Group
SentinelOne picks up Chris Krebs and Alex Stamos's consulting firm, Krebs Stamos Group LLC, rebranding it as PinnacleOne (redundant?) Strategic Advisory Group
- ACQUISITIONS: Vertu Capital Acquires Secure Open Source Integration Platform Company, ActiveState
- DIVESTITURES: ThreatDown: A new chapter for Malwarebytes
- NEW PRODUCTS: Microsoft unveils expansion of AI for security and security for AI at Microsoft Ignite
- NEW PRODUCTS: Introducing Semgrep Secrets
- ESSAYS: Why We’ll Have AGI by 2025-2028
TL;DR - Daniel's theory is that AGI won't first emerge as a single packaged product, but will be the product of many smaller AI products integrated together.
- ESSAYS: As cars hoover up more and more drivers’ data, is it time to regulate the industry?
- REGULATIONS: New York State Cybersecurity Strategy
- REGULATIONS: New York State Cybersecurity Requirements for Financial Services Companies
- REGULATIONS: Governor Hochul Announces Proposed Cybersecurity Regulations for Hospitals Throughout New York State
- INVESTIGATIONS: The Mirai Confessions: Three Young Hackers Who Built a Web-Killing Monster Finally Tell Their Story
- VULNERABILITIES: In a first, cryptographic keys protecting SSH connections stolen in new attack
- SQUIRREL: Are ransomware groups using the SEC as leverage now?
Ransomware group hacks public company... then turns them into the SEC for not reporting the breach within the new required timelimit???
