OT/ICS/SCADA systems are often off limits to cybersecurity folks, and exempt from many controls. Attackers don't care how fragile these systems are, however. For attackers aiming to disrupt operations, fragile but critical systems fit criminals' plans nicely.

In this interview, we discuss the challenge of securing OT systems with Todd Peterson and Joshua Hay from Junto Security.

This segment is sponsored by Junto Security. Visit https://securityweekly.com/junto to learn more!

This week's topic segment is all about tuning your 'spidey sense' to spot myths and misconceptions online so we can avoid amplifying AI slop, scams, and other forms of Internet bunk. It was inspired by this LinkedIn post, but we've got a cybersecurity story in the news that we could have easily used for this as well (the report from MIT).

Finally, in the enterprise security news,

1. Some interesting fundings
2. Some more interesting acquisitions
3. a new AI-related term has been coined: cyberslop
4. the latest insights from cyber insurance claims
5. The AI security market isn't nearly as big as it might seem
6. cybercriminals are targeting trucking and logistics to steal goods
7. Sorry dads, science says the smarts come from mom

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-432

Frontline workers can't afford to be slowed down by manual, repetitive logins, especially in mission-critical industries where both security and productivity are crucial. This segment will explore how inefficient login methods erode productivity, while workarounds like shared credentials increase risk, highlighting why passwordless authentication is emerging as a game-changer for frontline access to shared devices. Joel Burleson-Davis, Chief Technology Officer of Imprivata, will share how organizations can adopt frictionless and secure access management to improve both security and frontline efficiency at scale.

Segment Resources:

• Putting Complex Passwords to Work For You

This segment is sponsored by Imprivata. Visit https://securityweekly.com/imprivata to learn more about them!

Vendors are finding, after integrating agents into their processes, that agentic AI can get expensive very quickly. Of course, this isn't surprising when your goal is "review all my third party contracts and fill out questionnaires for me" and the pricing is X DOLLARS for 1M TOKENS blah blah context window, max model thinking model blah blah. No one knows what the conversion is from "review my contracts" to millions of tokens, so everyone is left to just test it out and see what the bill is at the end of the month.

As we saw with Cloud when adoption started increasing in the early 2010s, we are naturally entering the era of AI cost optimization. In this segment, we'll discuss what that means, how it affects the market, and how it affects the use of AI in cybersecurity.

Jackie mentions this story from Wired in the segment: https://www.wired.com/story/ai-bubble-will-burst/

Finally, in the enterprise security news,

1. we've got funding and acquisitions
2. 7 red flags you're doing cloud wrong
3. security standards for open source projects
4. post mortems of attacks on open source supply chain
5. some analysis on current and historic AWS outages
6. a deep dive
7. some dumpster fires
8. and how much would you pay for a robot that puts away the dishes?

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-431

In this episode, Dave Lewis from 1Password discusses the critical importance of security in mergers and acquisitions, from due diligence through integration. He explores common pitfalls, essential security assessments, and practical strategies for security leaders to protect organizational value throughout the M&A process.

Every industry concerned with safety has a process for publishing the details of accidents, incidents, and failures. Cybersecurity has yet to reach this milestone, and hiding the details of failures is holding us back. This talk will argue for the need for breach details to go public, and share strategies for finding and using some little-known sources of detailed breach data.

Finally, in the enterprise security news,

1. A funding, a few acquisitions, and an IPO for the first time in forever!
2. Attackers are really actually starting to use AI now
3. Some researcher spent all of August poking holes in all the AI tools
4. Someone got Microsoft Copilot to be an accomplice in a coverup
5. Microsoft is making a big change in Azure that will probably break some stuff
6. No, Flipper Zero can't help you steal your car (just the stuff in it)
7. Domain names are free to register now, maybe?
8. Disgruntled former employee goes to jail
9. AI tricked into doing more bad things

All that and more, on this episode of Enterprise Security Weekly.

This segment is sponsored by 1Password. Visit https://securityweekly.com/1password to learn more about them!

Show Notes: https://securityweekly.com/esw-422

Finally, in the enterprise security news,

1. HUMAN, Relyance AI, and watchTowr raise funding this week
2. Alternative paths to becoming a CISO
3. Vendor booths don't have to suck (for vendors or conference attendees!)
4. Budget planning guidance for 2025
5. CISOs might not be that great at predicting their own future needs
6. Use this one easy trick to bypass EDR!
7. Analyzing the latest breaches and malware
8. You probably shouldn't buy a Fisker Ocean, no matter how cheap they get

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-380

Paul and Matt discuss Bay Dynamics and VMware joining forces, the confessions of an insecure coder, Flexera acquiring BDNA, and more enterprise security news!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode61

Visit http://securityweekly.com/esw for all the latest episodes!

Tom Parker is the Group Technology Officer of Accenture Security and a recognized thought leader in the security industry. He's known for his research in adversary and threat profiling and software vulnerability.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode61

Visit http://securityweekly.com/esw for all the latest episodes!

Don Pezet of ITProTV joins us to discuss network security architecture. How does it affect your enterprise? Secure networks closely depend on its performance, reliability, and security.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode60

Visit http://securityweekly.com/esw for all the latest episodes!

Threat Intelligence, starting the Avalanche, Sealpath and Boldon James partner on document security classification and protection, and Oracle injects AI into its IoT cloud portfolio.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode60

Visit http://securityweekly.com/esw for all the latest episodes!

Matt and Michael discuss JASK, Automox, and more vendors that have stood out to them in the realms of security operations and endpoint protection!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode59

Visit http://securityweekly.com/esw for all the latest episodes!

Paul asked our Twitter followers about their favorite open-source alternatives to Nagios for monitoring system and service availability, and we listened, of course! Hear Paul's essential enterprise network monitoring tools in this segment.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode59

Visit http://securityweekly.com/esw for all the latest episodes!

Matt and Michael discuss JASK, Automox, and more vendors that have stood out to them in the realms of security operations and endpoint protection!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode59

Visit http://securityweekly.com/esw for all the latest episodes!

Diving deep into threat intelligence, GeoGuard and Skyhook team up, securing mobile devices, and more enterprise news!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode58

Visit http://securityweekly.com/esw for all the latest episodes!

John and Paul talk about low-hanging fruit, but try to determine if the enterprise is more secure because of your consulting on developer awareness. They help the enterprising company determine whether they need security training or not.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode58

Visit http://securityweekly.com/esw for all the latest episodes!

Paul and John talk about a program that would give you a feed on the vulnerabilities that were specific to the software that you were using. Do you think that is still viable to today? John and Paul discuss the topic of Vulnerability tracking and reporting.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode58

Visit http://securityweekly.com/esw for all the latest episodes!

Implementing SASE can be tricky and onerous, but it doesn't have to be. Today, we discuss Unified SASE as a Service with Renuka Nadkarni, Chief Product Officer at Aryaka. Particularly, how can Unified SASE make both networking and security more flexible and agile?

IT and security professionals need to ensure secure and performant applications and data access to all users across their distributed global network without escalating cost, risk or complexity, or sacrificing user experience.

This segment is sponsored by Aryaka. Visit https://securityweekly.com/aryaka to learn more about them!

Show Notes: https://securityweekly.com/esw-380

In an attempt to define some of the basic areas for collecting information relevant to potential attacks, Paul came up with 4 enchanted quadrants. They cover Endpoints, SIEM, Network and Threat Intelligence. Check out the discussion in this segment!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode57

Visit http://securityweekly.com/esw for all the latest episodes!

Security in the public cloud, the pitfalls of formal education, advanced security for AWS, and more enterprise news!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode57

Visit http://securityweekly.com/esw for all the latest episodes!

Mike Nichols, Director of Products at Endgame, joins us to discuss EDR, threat detection, and customer relations!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode57

Visit http://securityweekly.com/esw for all the latest episodes!

Paul and John talk about Security Policies and Procedures. They discuss the most fundamental parts of policies and procedures. It is the most difficult to implement, but the most important to structure of the enterprise.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode56

Visit http://securityweekly.com/esw for all the latest episodes!

HashiCorp Vault brings disaster recover to security secrets management, Oracle joins SafeLogic to develop FIPS module for OpenSSL security, and Cylance bringing enterprise security platform technology to home users.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode56

Visit http://securityweekly.com/esw for all the latest episodes!

John Strand from Black Hills Information Security, does a tech segment on real intelligence threat analytics. How it works, how you can get it up and running, how easy it is to get started, and what you can actually get out of the tool fairly quickly.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode55

Visit http://securityweekly.com/esw for all the latest episodes!

Ping Look serves as the Executive Advisor of security communications and awareness at Optiv. Ping joins us to discuss security awareness, business diversity, and more!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode55

Visit http://securityweekly.com/esw for all the latest episodes!

Building a SOC with limited resources, the top five barriers to implementation, Qualys is acquiring Nevis Networks, auditing your AWS security policies, and more enterprise news!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode55

Visit http://securityweekly.com/esw for all the latest episodes!

Where do the lines blur between monitoring, configuration, and vulnerability management? What is the best way to monitor systems in an enterprise? How to you manage machine to machine trust? Answers to all those questions and more in this segment!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode54

Visit http://securityweekly.com/esw for all the latest episodes!

Get some in-depth information on GDPR from Thomas Fischer, a Global Security Advocate at Digital Guardian and Director of BSides London!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode54

Visit http://securityweekly.com/esw for all the latest episodes!

Secure by design is more than just AppSec - it addresses how the whole business designs systems and processes to be effective and resilient. The latest report from LevelBlue on Cyber Resilience reveals security programs that are reactive, ill-equipped, and disconnected from IT and business leaders.

Most security problems are out of security teams' hands. Addressing them requires input, buy-in, and action from business leaders and IT. Security cannot afford to be separate from the rest of the organization.

In this interview, we'll discuss how we could potentially solve some of these issues with Theresa Lanowitz from LevelBlue.

Segment Resources:

• Grab your copy of the LevelBlue Futures Report on Cyber Resilience

This segment is sponsored by LevelBlue. Visit https://securityweekly.com/levelblue to learn more about them!

Show Notes: https://securityweekly.com/esw-380

Malwarebytes revamps their adware removal, Minerva Labs fights against ransomware, EdgeWave announces phishing detection and awareness, and more enterprise news!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode54

Visit http://securityweekly.com/esw for all the latest episodes!

Ferruh Mavituna of Netsparker joins us to discuss CI level automated web security!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode53

Visit http://securityweekly.com/esw for all the latest episodes!

Suffering breaches from ex-employees, Tanium announces threat response, the SANS Institute's incident response survey results, and is cybersecurity getting harder?

Full Show Notes: https://wiki.securityweekly.com/ES_Episode53

Visit http://securityweekly.com/esw for all the latest episodes!

If you are a security professional who has not taken the plunge into Docker, this segment is for you. Paul highlights some of the configuration options available for Docket containers and how you can apply them to both your operating system and application hardening strategies.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode53 (Including sample Docker files discussed in this segment)

Visit http://securityweekly.com/esw for all the latest episodes!

Paul and Doug talk about the need for and the pitfalls of Egress Filtering in your enterprise network. And sweaty lawyers.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode52

Visit http://securityweekly.com/esw for all the latest episodes!

Fortinet preps for a next-gen firewall, Samsung no longer males printers, beware of Cisco training, using the right switches, Kubernetes, requirements and testing, to update or not to update and more!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode52

Visit http://securityweekly.com/esw for all the latest episodes!

Apollo Clark discusses the tools and techniques your team can use to manage, monitor and tune your enterprise AWS deployment.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode51

Visit http://securityweekly.com/esw for all the latest episodes!

Love it or hate it, Docker (and containers) are here to stay. Embrace change in this segment where Paul and Apollo discuss using Docker in the enterprise. We cover security considerations, deployment scenarios and much more!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode51

Visit http://securityweekly.com/esw for all the latest episodes!

Microsoft buys another company, to patch (or not), the shift in the cybersecurity battleground, Carbon Black's Petya assessment, and more enterprise news!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode51

Visit http://securityweekly.com/esw for all the latest episodes!

Brian Ventura is a SANS Instructor and infosec architect, while Ted Gary serves as the Product Marketing Manager at Tenable.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode50

Visit http://securityweekly.com/esw for all the latest episodes!

In the enterprise security news,

1. Eon, Resolve AI, Harmonic and more raise funding
2. Dragos acquires Network Perception
3. Prevalent acquires Miratech
4. The latest DFIR reports
5. A spicy security product review
6. Secure by Whatever
7. New threats
8. Hot takes

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-379

Five ways to maximize your IT training, pocket-sized printing, 30 years of evasion techniques, Ixia teases advanced visibility solutions, and more enterprise security news!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode50

Visit http://securityweekly.com/esw for all the latest episodes!

*Should EDR be installed on every system? Servers too? All clients?

*How important is the configuration of EDR?

*What should your goals be for defense: know malware? unknown malware? ransomware? or are these three different products?

*If you have a big name AV install, what should drive you to change it? e.g. Symantec or Mcafee...

*What are the most common threats missed by EDR?

*How much of a concern is: performance, scalability, manageability, and crashing the host OS?

*When should you consider running two, or more, EDR solutions on the same host? Or, do you run one flavor on some, and another flavor on another?

Full Show Notes: https://wiki.securityweekly.com/ES_Episode49

Visit http://securityweekly.com/esw for all the latest episodes!

Carbon Black releases Cb Response 6.1, what to ask yourself before committing to a cybersecurity vendor, Malwarebytes replaces antivirus with endpoint protection, and more enterprise security news!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode49

Visit http://securityweekly.com/esw for all the latest episodes!

What should we consider while building an internal penetration testing team? Would you still need external pen tests? Paul and John discuss the pros and cons!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode48

Visit http://securityweekly.com/esw for all the latest episodes!

Automating all the things, Juniper Networks opens a software-defined security ecosystem, millions of devices are running out-of-date systems, DUO New Zealand and McAfee join forces, and more enterprise news!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode48

Visit http://securityweekly.com/esw for all the latest episodes!

Containers are here to stay. While there is some resistance to this movement, Devops can help improve efficiency and security. For the first time security has a seat at the table when discussing the implementation of this new technology. Corey Bozdin comes on the show to discuss how we can use containers to improve security and how to scan your containers for vulnerabilities and exposures, including incorporating security into your SDLC.

Corey is currently responsible for coordinating the efforts of a global Product Management team, owning the product roadmap, and driving world-class execution of operational initiatives with Sales, Finance, and Support. He works closely with the Chief Product Officer to define, refine, and advance the Tenable product portfolio.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode47

Visit http://securityweekly.com/esw for all the latest episodes!

The power of an exploit, Carbon Black's open letter to Cylance, Viavi Solutions Introduces Scalable RF Monitoring for Heterogeneous Networks, and 13 AWS IAM Best Practices for Security and Compliance!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode47

Visit http://securityweekly.com/esw for all the latest episodes!

Atif Ghauri is the CTO for Herjavec Group USA and comes on the show to talk about SEIM, EUBA and how to build a relationship with your MSSP! Atif has over 15 years of experience in technology strategy, implementation, and business development from Comcast, IBM and Unisys. Prior to Herjavec Group, he spent four years as the CISO for the advanced engineering group at Comcast.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode46

Visit http://securityweekly.com/esw for all the latest episodes!

Stopping insider threats with machine learning, the importance of inspecting encrypted traffic, performance and security relations, and what to do if you're SOC is overwhelmed with too many SEIM alerts.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode46

Visit http://securityweekly.com/esw for all the latest episodes!

Identropy and Exabeam team up, five pitfalls to avoid during a CASB evaluation, FirstWave partners with Fortinet, and more enterprise news!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode45

Visit http://securityweekly.com/esw for all the latest episodes!

Aaron was already a skilled bug hunter and working at HackerOne as a triage analyst at the time. What he discovered can't even be described as a software bug or a vulnerability. This type of finding has probably resulted in more security incidents and breaches than any other category: the unintentional misconfiguration.

There's a lot of conversation right now about the grey space around 'shared responsibility'. In our news segment later, we'll also be discussing the difference between secure design and secure defaults. The recent incidents revolving around Snowflake customers getting compromised via credential stuffing attacks is a great example of this. Open AWS S3 buckets are probably the best known example of this problem. At what point is the service provider responsible for customer mistakes? When 80% of customers are making expensive, critical mistakes? Doesn't the service provider have a responsibility to protect its customers (even if it's from themselves)?

These are the kinds of issues that led to Aaron getting his current job as Chief of SaaS Security Research at AppOmni, and also led to him recently finding another common misconfiguration - this time in ServiceNow's products. Finally, we'll discuss the value of a good bug report, and how it can be a killer addition to your resume if you're interested in this kind of work!

Segment Resources:

• Aaron's blog about the ServiceNow data exposure.
• The ServiceNow blog, thanking AppOmni for its support in uncovering the issue.

Show Notes: https://securityweekly.com/esw-379

April Wright of Verizon Enterprise and Matt Ploessel of Markley Group join us to discuss the security vendor community's response to the WannaCry worm on this episode!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode45

Visit http://securityweekly.com/esw for all the latest episodes!

VMware falls out with Tanium, machine learning at Invincea, the war on legacy IT, Cisco Cloudlock releases an apps firewall, and more enterprise news!

Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/ES_Episode44