|
Enjoy the latest, podcasts, stories, talk shows, novelties, rarities, and oddities from ITSPmagazine.
|
|
Conversations from RSA Charge 2019
|
|
Rohit Ghai, President (RSA Security)
Digital technologies are driving significant transformations in business, government, and society. It’s the data that is fueling this transformation. Because of this, almost every company is a technology company; even when the main business or product has nothing to do with technology. The velocity of innovation can be mind-boggling—and with it comes an equal amount of mind-boggling risk.
The challenge for most companies is to identify that risk. Even more challenging is reducing exposure and mitigating the anticipated exposure and risk before the tech-enabled business processes and infrastructure are implemented.
To address this challenge head-on, Rohit tells us that companies need to learn to fight fire with fire—to battle risk with risk. It was a key element of his opening keynote during the Charge conference, and we got to dig deeper into this topic when we spoke with him.
We hope you enjoy the conversation.
|
|
The Jenny Radcliffe Talk Show On ITSPmagazine
|
|
|
Stephanie “Snow” Carruthers On The Jenny Radcliffe Talk Show | Episode Three
For this episode of the Jenny Radcliffe Talk Show on ITSPmagazine, we welcome Stephanie “Snow” Carruthers.
This interview sees two world-class social engineers chat about the job, physical infiltration work, who their influences are, and what can go wrong on a social engineering assignment.
Snow talks to Jenny about her career and how she transitioned into security work from a skilled background including stints as a special effects make-up artist and in sales. They talk about many aspects of social engineering including what makes a good pretext, keeping things simple and why grabbing a snack on the job can be problematic!
If you’re a fan of social engineering don’t miss this revealing and entertaining interview between two of the best known social engineers in the business!
Read More →
|
|
|
Conversations from ISSA International 2019
|
|
|
A Conversation With Sandy Lambert And Candy Alexander
It’s not every day that you get to spend time with the current president of an association alongside one of the original founders of that same association—especially when it was founded over 35 years ago and is still going strong!
Well, this exact thing happened to us during the ISSA International Summit in Dallas, Texas. We were honored to be part of it; getting to spend some time with Candy Alexander and Sandy Lambert to record this podcast.
We got to talk about the beginnings of the association, its initial vision and mission, how the world of IT security, information security, and cybersecurity were born, have evolved, and continue to change over the years. More importantly, we discuss the value of learning from the past, keeping up with the industry and cultural changes of the present, and embracing each other to help us prepare for the future.
We all agreed that the magic surrounding this organization is in the people and the passion that drives them all—both at a local chapter level and at an international level. Rooted in their DNA is the desire to educate the community and the future generations. This, in particular, can be seen through the dedication that Sandra, Candy, and the rest of the ISSA International board have for the ISSA Education Fund.
35 years on, ISSA International is open to change and, because of this mentality, it continues to grow, is attracting new members, and is remaining true to its educational roots. It’s now time for the next generation of members to get involved, bring new energy, and to help expand the conversation so that it can involve our society as a whole.
If you are a current member, we encourage you to bring in additional representatives from all walks of life, from all over the world. The more involved and welcoming the community is, the better the association will be in reaching a larger audience and helping us all to succeed in our careers.
Do not take our word for it. Listen to this podcast and hear the story directly from these two amazing leaders.
Go!
|
|
All Day DevOps is the world's largest DevOps conference, bringing together over 30,000 DevOps professionals. It offers 150 expert-led sessions over 24 hours across 5 tracks - all online, all for free. Sessions are all delivered from practitioners like you — with no vendor pitches allowed.
|
|
|
Conversations from ISSA International 2019
|
|
A Conversation With Sandra Joyce, FireEye
In a world where many organizations—large and small—continue to fixate on breach prevention, our guest today, Sandra Joyce, SVP, Global Intelligence at FireEye, reminds us that companies should understand all of the risks they face, especially those that stem from the initial breach event:
- What does the internal lateral movement look like; where can the bad actor go, and to what assets can they gain access?
- What impact can it have on the supply chain, both upstream and downstream?
- When and where does the damage cease to be a problem; are there dormant malicious elements and hidden backdoors that can be enabled and exploited later?
To answer these questions, Sandra effectively recommends that organizations leverage a variety of threats and other security intelligence to understand the threat landscape and their environment better, including context—all of which could make or break your incident response plan.
From state actors to organized crime, we are all vulnerable, despite our human tendency to believe that we might not be a target of interest. The truth is, we are all part of a system that connects one business, organization, and person to another.
“
“That’s where intelligence comes into play. Getting situational awareness of the threat environment is step one, and then seeing yourself within that context, what is my threat profile? .... Looking beyond your own environment to those other externalities requires people to think about where they are in the supply chain where they are even in the political dimension.
— Sandra Joyce, SVP, Threat Intelligence, FireEye
In this podcast, we discuss threat intelligence and how it plays a crucial role in helping us to protect our extended cyber environment.
We believe you will find this conversation quite interesting.
Enjoy.
|
|
|
Guest Post | By David Balaban
|
|
|
Cybercriminals are increasingly choosing to cash in on human gullibility rather than the security flaws of software architecture. Phishing, the dominating vector of social engineering attacks targeting individuals and businesses alike, has seen a huge spike over the past few years.
Take a journey here on ITSPmagazine as David reveals how these schemes work and how users can prepare to spot them before falling victim.
|
|
The FIDO2/WebAuthn authentication standards equip organizations to solve the problems in password-based security. Passwordless authentication offers the opportunity to transform enterprise security and user experience in every industry, as well as for customers, partners, and suppliers. Learn more about passwordless authentications and considerations for enterprise deployment.
Go Passwordless |
|
ITSPmagazine is, and will always be a free publication.
If you are with a company and like what we do, share our values, and would like to associate your brand with ITSPmagazine, we invite you to consider becoming a sponsor.
Visit our Sponsorship Options Page, or simply contact us to talk about it.
|
|
Our mission is to raise awareness for cybersecurity by making it understandable, accessible, and part of everyone’s everyday life. If you can, and wish, to personally contribute to our mission, please consider an individual donation.
Every little bit helps us do what we do. Even one single dollar can help us extend our reach and our influence to help make our cyber society a safer place for everyone.
|
|
|
|
|
Help us spread cybersecurity awareness and education.
Thanks for sharing our newsletter with family, friends, neighbors, peers, and colleagues!
|
|
|
|
