Defending Against Supply Chain Attacks – Bri Rolston – BTS #18
Full Audio
View Show IndexSegments
1. Defending Against Supply Chain Attacks – Bri Rolston – BTS #18
Bri has spent her career investigating and defending against critical infrastructure attacks. Hear her take on the current threat landscape, supply chain security, and more!
This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about them!
Announcements
Below the surface listeners can learn more about Eclypsium by visiting eclypsium.com/go - there you will find the “Ultimate guide to supply chain security”, an on-demand webinar I presented called “Unraveling Digital Supply Chain Threats and Risk”, a paper on the relationship between ransomware and the supply chain, and a customer case study with Digital Ocean. If you are interested in seeing our product in action you can also sign up for a demo, you can get all that at eclypsium.com/go!
Guest
By day, this mild-mannered blue hat researcher works at Idaho National Laboratory and specializes in defensive, security engineering research and threat response. She bounces back and forth between security research (telecommunications, IT, and ICS/OT) and security operations (incident response, threat management, risk analysis & remediation, vulnerability management, secure code development, cloud security, and security architecture) to prevent boredom from setting in. She has trained a number of IACS/OT incident response teams including the DHS and DOE CERTs, contributed to IACS/OT security standards, worked on hundreds of incidents, worked in all 16 critical infrastructure sectors, and has a patent for efficient attack path selection and risk analysis.
At night—well, late afternoon–the socially bereft side REALLY comes out. She follows the dark path of threat research in her free time—reviewing new trends in attack techniques, developing threat detection plans for her favorite malware, examining the halo effects in exploit development, and analyzing the 2nd-payloads in IACS/OT attacks. She may occasionally support the odd red team effort by speculating on those factors necessary for effective target development and forcing the introverts to communicate.