Non-profits need security too – Kelley Misata – ESW #341
While non-profit doesn't mean "no budget" when it comes to cybersecurity, a lot of smaller to mid-sized non-profits operate on a shoestring, with little to no money for cybersecurity talent or spending. This is where Sightline Security steps in. Sightline's founder and CEO, Kelley Misata joins us today to explain how her own non-profit helps other non-profits improve their cybersecurity posture.
Dr. Kelley Misata, founder and chief trailblazer of Sightline Security, has carved a distinctive niche in the cybersecurity landscape. As the Senior Director of Open Source at Corelight and President of OISF (Suricata), she seamlessly bridges the technical with the strategic in vital cybersecurity dialogues. Articulate and insightful, Dr. Misata brings to the forefront pressing issues like the cybersecurity imperatives of nonprofits, the significance of open-source development, and the nuanced challenges of cyberstalking and privacy. Her expertise is enriched by her pioneering research on nonprofit cybersecurity and her personal experiences as a cyberstalking survivor. Armed with a Ph.D. in Information Security from Purdue University, Dr. Misata pairs holistic security acumen with strategic business understanding.
Join our cybersecurity community on Discord! Connect directly with our expert hosts, join discussions with fellow audience members, and customize your notifications to receive alerts every time an episode of your favorite show publishes. Get your invite at securityweekly.com/discord!
Cybercrime is booming: understanding why and what we can do about it – Keith Jarvis – ESW #341
As with any category of trends, the success rate of cybercrime ebbs and flows. As Russia seems be a safe haven for cybercriminals, it seemed for a while that the war in Ukraine might disrupt this activity. It did, but only for a short while.
Keith Jarvis walks us through the latest types, tactics, and trends in cybercrime. Secureworks' latest State of the Threat report reveals a disturbing dichotomy: how is it we understand our adversaries' so well, but continue to fail to stop them? In this interview, we aim to understand what needs to happen to tilt the odds a bit back in our favor.
Segment Resources:
Keith Jarvis is a senior security researcher working in Secureworks Counter Threat Unit™ (CTU™). He is part of a team of 100+ researchers and cybersecurity experts performing targeted cyber threat intelligence research and technical analysis for both targeted and commodity cyber threats. With over 15 years of experience studying cyberattacks from hostile state actors, Keith is recognized as a subject matter expert in malware analysis and cybercrime.
Keith is a Subject Matter Expert (SME) on a wide range of cybercrime activity and is held in high regard by the FBI and UK National Crime Agency. His experience covers botnet emulation, malware analysis and cybercime threat actor tracking. Keith has over 15 years of experience in network security, vulnerability research and malware analysis and is a Certified Information Systems Security Professional (CISSP) with extensive experience with policy compliance frameworks like PCI-DSS, CIS, USGCB, and DISA STIG.
Follow Security Weekly Productions on LinkedIn for exclusive show clips, insights, and updates across our organization! Stay connected with our hosts and fellow community members, and join the conversation that's shaping the future of cybersecurity.
AI and Ransomware dominate the news cycles – ESW #341
Nine out of the ten funding articles mention AI - they're either using it in their products, or protecting AI use cases (particularly GenAI and LLM use).
We discuss Broadcom's closing of the VMware acquisition, how they operate similarly to private equity firms, and how it's mostly bad news for VMware employees and customers.
Some weird legal cases this week: Binance's founder and CEO pleads guilty to money laundering charges, a cybersecurity company's COO pleads guilty to attacking hospitals to generate sales leads, and Hacking Team's founder is arrested for attempted murder!
We devote a chunk of time to discussing the huge rise in ransomware activity, and close out the show with a squirrel story on the tiny Pacific island nation of Tokelau, and how the .tk domain has destroyed its reputation, and nearly the nation itself.
Dive deeper into the world of cybersecurity with Security Weekly on Instagram! Follow us @SecWeekly to find exclusive clips, hilarious memes, behind-the-scenes sneak peeks, and more! Stay connected, stay informed, and join our growing community!
Adrian Sanabria
- FUNDING: Edgio, Inc. Announces New Capital Infusion to Drive Growth Strategies
- FUNDING: Cyble Raises $6.2M; Expands Series B To $30.2M
- FUNDING: HarfangLab raises 25 million euros
- FUNDING: Automated data governance and security startup ALTR raises $25M – SiliconANGLE
- FUNDING: Radiant Security Secures $15 Million to Meet Growing Demand for AI-Enhanced Security
- FUNDING: AppMap Raises $10M in Funding
- FUNDING: Announcing Our $7.7M Funding Round to Protect Businesses from Cyber Threats
- FUNDING: Lasso Security emerges from stealth and raises $6 million – Help Net Security
- FUNDING: Paris-based Qevlar AI raises €4.5 million to help businesses outsmart the latest cyber threats
- FUNDING: SGNL.ai Secures Strategic Investment from Cisco Investments and Others to Expand Its Continuous Access Management Capabilities
- ACQUISITIONS: Broadcom Completes Acquisition of VMware
The original announcement was a year ago - deals this large take time to close.
- ACQUISITIONS: BlueVoyant Acquires Conquest Cyber
- ACQUISITIONS: SonicWall Acquires Managed Detection and Response Services Tailor-Made for MSPs/MSSPs
- NEW COMPANIES: RootA
Not sure if these folks are actually new, but it's certainly the first I've heard of them, or this: "Open-Source Language for Collective Cyber Defense". Looks very interesting, but also a bit like that "now there are 15 standards" XKCD comic.
- NEW PRODUCTS: Generative AI Powered Assistant – Amazon Q Pricing – AWS
Amazon is moving fast here, with Bedrock already widely in use, reportedly. This is a more tailored, specific AI-based offering.
- NEW TOOLS: AWS Kill Switch
- NEW TOOLS: Coming Soon: MDN Observatory 2.0
- NEW TOOLS: PenTesting Report Generation and Collaboration Engine – FACTION
- NEW FEATURES: Notion’s new Q&A feature lets you ask an AI about your notes
- LEGAL: Binance chief Changpeng Zhao pleads guilty to money laundering charges
- LEGAL: Ex-infosec COO pleads guilty to nightmarish sales strategy
An Atlanta tech company's former COO has pleaded guilty to a 2018 incident in which he deliberately launched online attacks on two hospitals, later citing the incidents in sales pitches.
- LEGAL: Founder of spyware maker Hacking Team arrested for attempted murder: local media
- ATTACKS: Commercial Flights Are Experiencing ‘Unthinkable’ GPS Attacks and Nobody Knows What to Do
- BREACHES: General Electric, DARPA Hack Claims Raise National Security Concerns
- RANSOMWARE: Ransomware on the Rise — Again
- RANSOMWARE: Is ransomware-hit British Library too open …or not enough?
- RANSOMWARE: Matt Johansen on Instagram: “Ransomware gang takes out major real estate financial company.
- RANSOMWARE: Cyberattack on US hospital owner diverts ambulances from emergency rooms in multiple states
- ESSAYS: CrowdStrike CEO: Point Product Vendors Are Being Left Behind
- ESSAYS: The Cyber Why – The Next Era of Cyber Security Capabilities
- REPORTS: Logs missing in 42% cyberattacks; small business most vulnerable: Report
- SQUIRREL: How a tiny Pacific Island became the global capital of cybercrime
- ESSAYS: Data Anonymization in AI: A Path Towards Ethical Machine Learning
