Avsnitt
-
Today, small businesses face significant challenges. Limited resources, tight budgets, time constraints, and inadequate training often leave them vulnerable. Hackers quickly exploit these weaknesses, targeting small and medium-sized businesses (SMBs) with sophisticated threats.
Managed Service Providers (MSPs) are tasked with the daunting responsibility of safeguarding diverse client environments, each with its own unique set of platforms and security needs. Traditional security measures often fall short against the ever-evolving tactics of cyber adversaries, putting both MSPs and their clients at risk. The next generation of cybersecurity detection and response solutions offers a path forward. Leveraging artificial intelligence and machine learning, these advanced tools can predict, identify, and mitigate threats in real time. This provides robust protection against the most sophisticated cyber threats.
By adopting cutting-edge technologies like Guardz, MSPs can enhance their security posture, ensuring comprehensive protection for their clients and staying ahead of cyber adversaries. Guardz's advanced capabilities simplify the complexities of cybersecurity, making it accessible and effective even for SMBs with limited resources.
In this episode of the EM360 Podcast, Richard Stiennon, Chief Research Analyst at IT-Harvest, speaks to Dor Eisner, CEO and Co-founder of Guardz, to discuss:
MSPsSecurity Infrastructure AI in security infrastructureNext-generation cybersecurity
Chapters00:00 - Introduction and Background of Guardz
02:36 - Challenges for MSPs in Cybersecurity
05:25 - The Unified Approach and Automation in Guards
07:18 - Guardz' Focus on MSPs and Small Businesses
08:14 - The Power of AI in Enhancing Guards' Offering
11:30 - The Impact of Guards on the MSP Space
13:21 - Securing Small Businesses and Compliance
18:07 - Marketing Support and Bringing Business to MSPs
19:02 - Conclusion and Call to Action
-
The 2024 Attack Intelligence Report thoroughly analyses the latest trends, tactics, and techniques used by cyber adversaries. This year's report highlights a significant increase in sophisticated attacks, including advanced persistent threats (APTs) and highly targeted ransomware campaigns. By leveraging the MITRE ATT&CK framework, the report offers valuable insights into the evolving threat landscape, helping organisations understand the strategies and methods employed by malicious actors.
Understanding the findings of the 2024 Attack Intelligence Report is not just crucial; it's empowering for businesses aiming to bolster their cybersecurity defences. The detailed breakdown of adversary behaviours equips security teams to proactively identify vulnerabilities, implement effective countermeasures, and develop robust incident response strategies. By staying informed about the latest attack patterns and techniques, organizations can better protect their assets, data, and reputation in an increasingly complex cyber threat environment.
In this episode of the EM360 Podcast, Jeremy Strozer, Geopolitical Strategist and Cyber Intelligence Analyst, speaks to Caitlin Condon, Director of Vulnerability Intelligence at Rapid7, to discuss:
2024 Attack Intelligence Reportzero-day exploitsmass compromise eventsnetwork edge devicesmulti-factor authentication
Chapters00:00 - Introduction and Background of the Report
01:39 - Key Findings: Prevalence of Zero-Day Exploits
06:15 - The Evolving Nature of Ransomware
08:31 - Importance of Multi-Factor Authentication
09:01 - Addressing Common Vulnerabilities for Better Security Practices
11:21 - Tackling the Security and Human Root Causes of Cyber Threats
13:13 - Conclusion and Call to Action
-
Saknas det avsnitt?
-
As artificial intelligence (AI) becomes increasingly integral to business operations, enterprises face new risks from Shadow AI—unauthorised or unmanaged AI tools and projects that bypass standard security protocols. The potential consequences of Shadow AI are severe, introducing vulnerabilities, compromising data integrity, and leading to compliance breaches, posing significant threats to the organization's overall security framework.
For C-level executives, understanding the impact of Shadow AI is not just crucial, but it's your responsibility to safeguard your enterprise's AI investments. Unauthorized AI projects can undermine strategic initiatives and expose the company to significant risks. By implementing comprehensive governance policies, strict access controls, and continuous monitoring, you can mitigate these risks effectively. Foster a culture of security awareness and ensure regular audits to maintain compliance and protect data integrity. Proactively addressing Shadow AI not only secures your AI assets but also aligns them with your business objectives, enhancing your competitive edge and ensuring sustainable growth.
In this episode of the EM360 Podcast, Chris Steffen, VP of Research at EMA speaks to Shannon Murphy, Global Security & Risk Strategist at Trend Micro, to discuss:
Shadow AIC-level execsZero TrustAI riskSecurity strategies
Chapters00:00 - Introduction and Background
02:06 - Challenges of Shadow AI
03:00 - Visibility in Managing AI Risks
06:18 - Protecting Against AI-Driven Threats with Zero Trust
09:03 - Zero Trust as a Journey
13:17 - Talking to CISOs: Anecdotes Becoming Trends
19:14 - Emerging Use Cases for AI in SOC Teams
20:08 - Conclusion
-
Security Operations Center (SOC) analysts are the backbone of organisations' defence against cyber threats. However, the high-pressure environment, constant vigilance, and demanding workload can lead to serious burnout. This condition not only hampers analysts' performance and job satisfaction but also poses a threat to overall security.
Organisations must recognize the signs early to mitigate SOC analyst burnout and implement supportive measures. Consolidated platforms like XDR with precise use of machine learning can significantly alleviate the burden on SOC analysts.
Platforms can streamline operations by providing a unified interface and automating repetitive tasks, thereby reducing workload and enabling analysts to focus on more strategic activities. By leveraging these technologies, companies can create a more supportive work environment and maintain a resilient and effective cybersecurity team.
In this episode of the EM360 Podcast, Brad LaPorte, Advisor at Lionfish Tech Advisors, speaks to Dan Flaherty, Senior Product Marketing Manager at Palo Alto Networks, to discuss:
SOC Analyst burnout SOC Platforms Automation use casesMachine learning in the SOC
-
The most dangerous cyber attacks today have one thing in common: they target humans rather than systems. Social engineering has been a prevalent tactic for years, with a known $51B in exposed losses over the last decade. Unfortunately, these numbers will continue to rise with the proliferation of AI, and your email inboxes are your most likely target.
Abnormal Security takes a different approach to email security, understanding human behavior to protect human vulnerabilities. By baselining known behavior, the platform can understand when anomalous activity occurs and block attacks—even when these threats are text-based emails with no traditional indicators of compromise.
In this episode of the EM360 Podcast, Chris Steffen VP of Research at EMA speaks to Leach, Field CISO at Abnormal Security, to discuss:
AI Social Engineering Human behavior Security Culture
-
Hackers use AI tools like ChatGPT to enhance their operations and manipulate large language models. They infiltrate and attack GPT by manipulating the knowledge base through coordinated bot activity.
These sophisticated cybercriminals are not just using AI tools, they are leveraging them to streamline their attacks. By exploiting the model's natural language processing capabilities, they can craft convincing phishing emails, generate fake news articles, and even create highly realistic deepfake videos.
With the ability to mimic human speech patterns and convincingly generate text, these AI-enhanced attacks pose a significant and immediate challenge for cybersecurity professionals worldwide. As the arms race between hackers and defenders escalates, experts stress the urgent need for developing robust defences and staying vigilant against these evolving threats in the digital landscape.
In this episode of the EM360 Podcast, Alejandro Leal, Analyst at KuppingerCole speaks to Arik Atar, Senior Threat Intelligence Researcher at Radware, to discuss:
Hacker infiltration GPT Capabilities Operational needs Hacker skill development
-
The trend of platformization in the Security Operations Centre (SOC) is a game-changer in the cybersecurity landscape. It offers a holistic approach to managing and mitigating security threats. By consolidating various security tools, processes, and data sources into a unified platform, organizations can streamline operations, reduce complexity, and significantly enhance overall security outcomes.
Platformization, as demonstrated by solutions like Palo Alto's XDR platform, is a powerful tool for SOC teams. It enables them to efficiently correlate and analyse vast amounts of security data in real-time, leading to quicker detection and response to threats. With advanced analytics, machine learning, and automation seamlessly integrated, platforms like XDR empower SOC analysts to focus on higher-value tasks, such as proactive threat hunting and strategic decision-making.
In this episode of the EM360 Podcast, Brad LaPorte, Advisor at Lionfish Tech Advisors, speaks to Dan Flaherty, Senior Product Marketing Manager at Palo Alto Networks, to discuss:
Why security tool consolidation is happening nowPlatformization for the SOCHow to approach onboarding a platform like Palo Alto Networks Cortex XDR'Interested in learning more about XDR and Palo Alto Networks? You can find some additional resources below:
Break free from legacy endpoint solutionsA Comprehensive Guide to the 2023 MITRE Engenuity ATT&CK EvaluationsPalo Alto Networks named a Leader by Gartner® for Cortex XDR.
Chapters00:00 - Introduction01:39 - Defining Platformization and its Benefits08:16 - Downsides of Implementing Multiple Tools09:14 - Advantages of Platformization29:27 - Platformization as a Solution for Security Challenges31:24 - Conclusion
-
The alarming rate of violence against healthcare workers underscores the urgent need for comprehensive security measures within medical facilities. As incidents continue to rise, it's imperative that proactive strategies are employed to safeguard the well-being of patients, visitors and staff.
In this episode of the EM360 Podcast, Paulina Rios Maya speaks to Sheila Cook, Chief Experience Officer at the University of Illinois Hospital & Health Science System and Clete Bourdeaux, Healthcare Business Development Director for HID’s workforce identity management unit, to discuss:
Workplace violenceEvolution of security protocols within medical facilitiesHealthcare security
-
GenAI has revolutionized the landscape of information security. Once reserved for experts and Ph. D.s, it is now accessible to a broader spectrum of practitioners and engineers. Its applications span from summarising data to tailoring reports, amplifying incident response, and profiling user behaviours.
By harnessing the power of generative AI, security professionals can navigate complex datasets with enhanced efficiency and precision. The importance of continuously updating AI models with fresh data cannot be overstated. It is this constant evolution that ensures the relevance and efficacy of GenAI in the face of ever-changing security challenges. As GenAI continues to advance, it holds the promise of redefining the future of security operations, ushering in an era of proactive defence and adaptive strategies against emerging threats.
In this episode of the EM360 Podcast, Chris Steffen VP of Research at EMA speaks to Jimmy Astle, Senior Director of Detection Enablement at Red Canary, to discuss:
GenAI Uses of GenAI Training of AI Automation in security operations
-
GenAI has revolutionized the landscape of information security. Once reserved for experts and Ph. D.s, it is now accessible to a broader spectrum of practitioners and engineers. Its applications span from summarising data to tailoring reports, amplifying incident response, and profiling user behaviours.
By harnessing the power of generative AI, security professionals can navigate complex datasets with enhanced efficiency and precision. The importance of continuously updating AI models with fresh data cannot be overstated. It is this constant evolution that ensures the relevance and efficacy of GenAI in the face of ever-changing security challenges. As GenAI continues to advance, it holds the promise of redefining the future of security operations, ushering in an era of proactive defence and adaptive strategies against emerging threats.
In this episode of the EM360 Podcast, Chris Steffen VP of Research at EMA speaks to Jimmy Astle, Senior Director of Detection Enablement at Red Canary, to discuss:
GenAI Uses of GenAI Training of AI Automation in security operations
-
The sheer volume and diversity of data available to organisations today offer numerous opportunities for innovation, efficiency gains, and informed decision-making. However, this abundance of data also brings with it formidable challenges, particularly concerning privacy, security, and ethical considerations.
Data is often described as new oil, so safeguarding its integrity and protecting it from unauthorised access or misuse has become paramount. Data breaches and cyberattacks have become all too common, underscoring the critical need for robust security measures and vigilant oversight. Organisations can benefit from leveraging advanced cybersecurity solutions offered by platforms like Cyera to address these challenges.
In this episode of the EM360 Podcast, Richard Stiennon, Chief Research Analyst at IT-Harvest, speaks to Emily Heath, General Partner of VC firm Cyberstarts and former CISO of United Airlines and DocuSign, to discuss:
Data security CISOs and complianceData classification practices Data classification and AI The future of data security with AI
-
Gone are the days of merely safeguarding school computers! Censornet, a rising star in the tech industry, has undergone a remarkable transformation. From its roots as an internet security provider for educators, it has emerged as a trailblazing force in digital risk management.
Today, Censornet offers a comprehensive suite of tools designed to confront the dynamic challenges of the digital landscape, ensuring a safer and more secure online environment for all. This evolution stems from recognising that traditional threats are no longer the sole concern. With the proliferation of Shadow IT, unauthorised applications and devices, and the rise of insider threats, organisations face a complex array of risks.
In this episode of the EM360 Podcast, Jonathan Care, Advisor at Lionfish Tech Advisors, speaks to Gareth Lockwood, VP of Product at Censornet, to discuss:
Inspiration behind Censornet Censornet’s Capabilities Censornet’s Clients Shadow-IT Prevention of future vulnerabilities with AI and Censornet
-
Amid the ever-evolving landscape of cyber threats, organisations are constantly challenged to ensure security. Conventional security methods are failing to keep up with the escalating volume and sophistication of attacks. By implementing Managed Detection and Response (MDR) with automation, Security Operations Centers (SOCs) can optimise workflows, augment analyst capabilities, and significantly enhance the organisation's overall cybersecurity defences.
Palo Alto Networks offers comprehensive MDR services, leveraging its threat intelligence and cutting-edge technology expertise. Unit 42, its esteemed threat intelligence team, is crucial in providing valuable insights into emerging threats and trends, empowering organisations to stay ahead of malicious actors.
In this episode of the EM360 Podcast, Richard Stiennon, Chief Research Analyst at IT-Harvest, speaks to Ophir Karako, Software Engineer (Unit 42) at Palo Alto Networks, to discuss:
Palo Alto’s MDR Services Operational Automation Data EnrichmentThreat Response Job security for SOC AnalystsInterested in learning more about XSOAR and Palo Alto Networks? You can find some additional resources below:
Enloe Medical Center Strengthens Its Security Posture and Improves Efficiency With Unit 42 MDRUnit 42 Managed Detection and Response Service DatasheetA Practical Guide to Deploying SecOps Automation
Chapters00:00 - Introduction and Background
00:57 - MDR Services at Palo Alto Networks
03:20 - Automation in Operations
04:16 - Automating Data Enrichment
05:13 - Intellectual Property Playbooks and Scripts
05:41 - Customized Reports for Customers
06:10 - Automated Threat Response
07:08 - Insights and Lessons Learned from Automation
07:37 - Benefits of Automation for SOC Analysts
08:06 - Collaboration with Product Experts
09:04 - Treating Automation as a CI/CD Process
10:01 - The Future of Automation in Cybersecurity
12:51 - Automation and Job Security for SOC Analysts
14:20 - Cortex XSOAR: Security Orchestration, Automation, and Response Platform
15:46 - Unit 42 MDR Service
16:16 - Conclusion
-
The SolarWinds breach exposed vulnerabilities within DevSecOps practices, sending shockwaves through the tech world.
The U.S. Securities and Exchange Commission (SEC) indictment against SolarWinds further emphasised the gravity of the situation, alleging the company misled investors by failing to disclose these vulnerabilities and the subsequent breach adequately.
This lack of transparency raises crucial questions about accountability and risk management in the mobile app development landscape, pushing organisations to re-evaluate their DevSecOps practices and prioritise robust security measures throughout the entire development lifecycle.
In this episode of the EM360 Podcast, Head of Podcast Production Paulina Rios Maya speaks to Richard Stiennon, Chief Research Analyst at IT-Harvest, and Tom Tovar, CEO and Co-Creator of Appdome, to discuss:
The SolarWinds indictment The U.S. SEC 4-day ruleThe impact on DevSecOps practicesBYOD and VPN security The evolving role of cybersecurityBuilding cyber resilience
-
The fight against cybercrime is a never-ending battle. Firewalls and antivirus software, our traditional defences, are like trusty shields—good against basic attacks but not enough. Advanced attackers can slip through the cracks, exploiting new weaknesses or mimicking harmless traffic. Thus, businesses are exposed and face potential data breaches, financial ruin, and damaged reputations.
That's where Advanced Threat Intelligence (ATI) comes in – a game-changer in the cybersecurity arsenal. Unlike our old shields, ATI offers real-time intel on the latest threats, how attackers operate, and their ever-evolving tactics.
Recognising the limitations of traditional security solutions, Radware goes beyond basic shields. Imagine a high-powered watchtower constantly scanning the digital horizon, identifying threats before they strike.
In this episode of the EM360 Podcast, Analyst Jonathan Care speaks to Arik Atar, Senior Threat Intelligence Researcher at Radware, to discuss:
The Current Threat LandscapeModern Attacker TacticsRomance Scams & Pig ButcheringThe Radware Advantage
-
The cloud revolutionised how businesses operate, but managing dynamic, complex environments presents new and unique challenges.
While digital transformation has brought significant benefits, the reality is that organisations now require innovative solutions to effectively navigate intricate, hybrid, multi-cloud environments.
Evolven Software, driven by a mission to simplify complexity and mitigate risk, empowers large organisations to overcome the challenges of governing extensive hybrid ecosystems. By harnessing the power of AI/ML, Evolven enables a more secure, streamlined, and efficient cloud journey with fewer outages or compliance gaps.
In this episode of the EM360 Podcast, industry veteran Tom Croll, advisor at Lionfish Tech Advisors, speaks to Sasha Gilenson, Founder and CEO of Evolven Software, to discuss:
The current state of enterprise cloud architectures and the challenges in managing hybrid multi-cloud environments.Why managing risk in hybrid multi-cloud environments demands a new paradigm.The unique challenges large organizations face in maintaining visibility, control, and governance across their landscapes.How Evolven's AI/ML-driven solution empowers enterprises to overcome this complexity, enhance security, and optimize performance.
-
Automated Security Validation. Involving tools, scripts and platforms to emulate true-to-life attacks, Automated Security Validation is a key part of assessing the readiness of the security infrastructure and guiding prioritized remediation.
But how does this implementation of automation really work to empower human expertise? How does all of this relate to compliance? And what words of wisdom can be given for those looking to level up their security strategy in 2024?
In this episode of the EM360 Podcast, Analyst Jonathan Care speaks to Thomas Pore, Director of Product Marketing at Pentera, as they discuss:
The pen-testing landscape How important testing and validating areEmpowering human expertise and remaining compliant
-
It seems like VPN products are consistently the initial access vectors for ransomware groups and targetted attacks.
This was demonstrated in the recent Ivanti Connect Secure zero-day vulnerabilities, as well as Cisco when they admitted last year that Akira Ransomware was specifically targeting their VPNs.
But what is the real problem with VPNs - and are they vulnerable by design? How do they fit into wider security architectures and strategies?
In this episode of the EM360 Podcast, Analyst Richard Stiennon speaks to Benny Lakunishok, Co-Founder and CEO of Zero Networks, to discuss:
The problem with VPNs‘Insecure by default’?ZTNA and remote access solutions
-
Rapid breach response. The art of quickly reacting to a security breach or incident. Key for minimising the impact of attacks and ensuring your team is as effective as possible, rapid breach response is an important part of any security strategy.
With the rise and innovation we see in the automation space right now, how could automation be implemented into a security strategy to level up the efficacy of rapid breach response?
In this episode of the EM360 Podcast, Analyst Richard Stiennon speaks to Devin Johnstone, Security Operations Specialist at Palo Alto Networks, to discuss:
Demystifying rapid breach responseImplementing and leveraging automation in RBRAdvice for SOC teams and shifting mindset
-
The audit process is broken. CISOs and CTOs have faced a multitude of challenges under this outdated audit landscape, and the efficacy of companies are being stunted by a system that desperately needs updating.
But how can technology be leveraged to streamline or even transform that auditing process? And what does the future of infosecurity compliance look like?
In this episode of the EM360 Podcast, Analyst Richard Stiennon speaks to Leith Khanafseh, Managing Director of Assurance and Compliance Products at Thoropass as they discuss:
The old audit landscapeChallenges for CISOs and CTOsMultiframeworks and the future of compliance
- Visa fler
