Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

RSA Podcasts

 

RSAC Fireside Chat: A breakthrough in securing cloud collaboration — decentralized key storage

By Byron V. Acohido

Back in 2002, when I was a reporter at USA Today, I had to reach for a keychain fob to retrieve a single-use passcode to connect remotely to the paper’s publishing system.

Related: A call to regulate facial recognition

This was an early example of multifactor authentication (MFA). Fast forward to today; much of the MFA concept is being reimagined by startup Circle Security to protect data circulating in cloud collaboration scenarios.

I learned about this at RSA Conference 2023 from company Co-founder and CEO Phani Nagarjuna, who explained how Circle extends the use of encryption keys fused to biometrics and decentralizes where copies of the keys are stored. For a full drill down, give the accompanying podcast a listen.

Guest expert: Phani Nagarjuna, CEO, Circle Security

According to Nagarjuna, Circle’s technology places a small agent on the endpoint device. This facilitates the creation of an asymmetric key pair and a symmetric AES256 key. Together these keys authenticate the user’s identity and enable secure and private access to cloud-stored data and resources.

Access to cloud-stored files can then be shared widely. But only authorized individuals, with proof of identity originating from their authenticated device, can open the files. All access attempts get audited using a built-in distributed ledger, allowing policy enforcement and quick remediation.

This iteration of my old-school keychain fob thus eliminates the need for usernames and passwords while much more robustly protecting sensitive data, Nagarjuna asserts. How much traction will it get? I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

 

Comment | Read | June 7th, 2023 | For technologists | Podcasts | RSA Podcasts | Steps forward | Top Stories

RSAC Fireside Chat: Dealing with the return of computing workloads to on-premises datacenters

By Byron V. Acohido

A cloud migration backlash, of sorts, is playing out.

Related: Guidance for adding ZTNA to cloud platforms

Many companies, indeed, are shifting to cloud-hosted IT infrastructure, and beyond that, to containerization and serverless architectures.

However, a “back-migration,” as Michiel De Lepper, global enablement manager, at London-based Runecast, puts it, is also ramping up. This is because certain workloads are proving to be too costly to run in the cloud — resource-intensive AI modeling being the prime example.

I had an evocative discussion about this with De Lepper and his colleague, Markus Strauss, Runecast product leader, at RSA Conference 2023. For a full drill down, please give the accompanying podcast a listen. The duo outlined how a nascent discipline — Cloud-Native Application Protection Platforms (CNAPP) – factors in.

Guest experts: Markus Strauss, Product Leader, and Michiel De Lepper, Global Enablement Manager, Runecast

CNAPP solutions focus on monitoring and enforcing security policies on workloads and in applications – during runtime. This is no small feat in an operating environment of co-mingled on-prem and cloud-hosted resources.

Runecast, for instance, takes a proactive approach to risk-based vulnerability management, configuration management, container security, compliance auditing, remediation and reporting.

This helps with compliance, at one level, but also continually improves detection of any soft spots and/or active attacks, while also paving the road to automated  remediation.

“It’s no longer about creating shields,” De Lepper told me, “Instead, we’re helping our customers plug all the gaps the bad guys can use.”

CNAPP solutions show promise for helping overcome the complexities of fragmented defenses; will they ultimately lead to more resilient business networks?  I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

Comment | Read | June 6th, 2023 | For technologists | Podcasts | RSA Podcasts | Top Stories

RSAC Fireside Chat: Reinforcing ‘Identity and Access Management’ to expose ‘shadow access’

By Byron V. Acohido

The world of Identity and Access Management (IAM) is rapidly evolving.

Related: Stopping IAM threats

IAM began 25 years ago as a method to systematically grant human users access to company IT assets. Today, a “user” most often is a snippet of code seeking access at the cloud edge.

At the RSAC Conference 2023, I sat down with Venkat Raghavan, founder and CEO of start-up Stack Identity. As Raghavan explained, the rapid growth of data and subsequent application development in the cloud has led to a sprawling array of identities and access points. This, he warned, has created a new problem: shadow access.

Shadow access refers to ungoverned and unauthorized access that arises due to the speed and automation of cloud deployment.For a drill down, please give the accompanying podcast a listen.

Guest expert: Venkat Raghavan, CEO, Stack Identity

Stack Identity’s solution quickly onboards a customer’s cloud accounts, methodically identifies potential pathways to data and comprehensively assesses risk. Once all human and non-human access points are identified, automated remediation kicks in to eliminate shadow access.

Notably, this process happens at runtime, watching access in real-time, and looking at how access is utilized, Raghavan told me.

“We have seen that in live customer environments that over 50 percent of identities are over-permissioned and should have access permissions revoked,” he says.”This represents a substantial risk for companies.”

This risk is material; just ask Capital One or LastPass. Here’s another example of directing ML and automation at shrinking the attack surface. Stack Identity emerged from stealth just last month with $4 million in seed funding. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

 

Comment | Read | May 31st, 2023 | For technologists | New Tech | Podcasts | RSA Podcasts | Top Stories

RSAC Fireside Chat: Uptycs emulates Google, Akamai to protect cloud-native apps and endpoints

By Byron V. Acohido

The inadequacy of siloed security solutions is well-documented.

Related: Taking a security-first path

The good news is that next-gen security platforms designed to unify on-prem and cloud threat detection and remediation are, indeed, coalescing.

At RSA Conference 2023 I visited with Elias Terman, CMO, and Sudarsan Kannan, Director of Product Management, from Uptycs, a Walthan, Mass.-based supplier of “unified CNAPP and EDR ” services.

They described how Uptycs is borrowing proven methodologies from Google, Akamai, SAP and Salesforce to harness normalized telemetry that enables Uptycs to correlate threat activity — wherever it is unfolding. Please give a listen to the accompanying podcast for a full drill down.

Guest experts: Elias Terman, CMO, Sudarsan Kannan, Director of Product Management, Uptycs

Kannan described how Uptycs technology platform was inspired by Google’s dynamic traffic monitoring, Akamai’s content distribution prowess and Salesforce’s varied use cases based on a single data model, to help companies materially upgrade their security posture. The aim, he says, is to think like attackers, who certainly don’t operate in silos.

Terman offered the analogy of a “golden thread” stitching together varied threat activities and serving as a cloud security early warning system. The entire value chain is thereby protected, Kannan added, from the developers writing the code to automated connections to critical cloud workloads.

Terman detailed how Uptycs’ platform, indeed, touches everything within the modern attack surface and, in doing so, breaks down legacy silos and facilitates  better security outcomes.

This is part and parcel of the helpful dialogue that will carry us forward. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

 

Comment | Read | May 25th, 2023 | Best Practices | For consumers | For technologists | Podcasts | RSA Podcasts | Steps forward | Top Stories

RSAC Fireside Chat: The need to stop mobile apps from exposing API keys, user credentials in runtime

By Byron V. Acohido

As digital transformation accelerates, Application Programming Interfaces (APIs) have become integral to software development – especially when it comes to adding cool new functionalities to our go-to mobile apps.

Related: Collateral damage of T-Mobile hack

Yet, APIs have also exponentially increased the attack vectors available to malicious hackers – and the software community has not focused on slowing the widening of this security gap.

Mobile apps work by hooking into dozens of different APIs, and each connection presents a vector for bad actors to get their hands on “API secrets,” i.e. backend data to encryption keys, digital certificates and user credentials that enable them to gain unauthorized control.

I learned this from Ted Miracco, CEO of Approov, in a discussion we had at RSA Conference 2023. For a full drill down, please give the accompanying podcast a listen.

Guest expert: Ted Miracco, CEO, Approov

He also explains how hackers are carrying out “man in the middle” attacks during a mobile app’s runtime in ways that enable them to manipulate the communication channel between the app and the backend API.

Hackers know just how vulnerable companies are at this moment. Approov recently did a deep dive study of 650 financial services mobile apps of financial institutions across Europe and the US. The results were startling: the researchers could access API secrets in 95 percent of the apps, including “high value” secrets” in 25 percent of them.

Until API security generally gains a lot more ground, and next gen solutions achieve critical mass, the risk level will remain high. So be careful out there. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

 

Comment | Read | May 23rd, 2023 | For technologists | Podcasts | RSA Podcasts | Top Stories

RSAC Fireside Chat: Counteracting Putin’s weaponizing of ransomware — with containment

By Byron V. Acohido

The ransomware plague endures — and has arisen as a potent weapon in geopolitical conflicts.

Related: The Golden Age of cyber espionage

Cyber extortion remains a material threat to organizations of all sizes across all industries. Ransomware purveyors have demonstrated their capability to endlessly take advantage of a vastly expanded network attack surface – one that will only continue to expand as the shift to massively interconnected digital services accelerates.

Meanwhile, Russia has turned to weaponing ransomware in its attempt to conquer Ukraine, redoubling this threat. Now that RSA Conference 2023 has wrapped, these things seem clear: ransomware is here to stay; it is not, at this moment, being adequately mitigated; and a new approach is needed to slow, and effectively put a stop to, ransomware.

I had the chance to visit with Steve Hahn, EVP Americas, at Bullwall, which is in the vanguard of security vendors advancing ways to instantly contain threat actors who manage to slip inside an organization’s network.

Guest expert: Steve Hahn, EVP Americas, Bullwall

Bullwall has a bird’s eye view of Russia’s ongoing deployment of ransomware attacks against Ukraine, and its allies, especially the U.S.

Weaponized ransomware doubly benefits Russia: it’s lucrative, generating  billions in revenue and thus adding to Putin’s war chest; and at the same time it also weakens a wide breadth of infrastructure of Putin’s adversaries across Europe and North America.

Containment is a logical tactic that could make a big difference in stopping ransomware and other types of attacks. For a full drill down, please give the accompanying podcast a listen. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

 

 

Comment | Read | May 20th, 2023 | Best Practices | For technologists | Podcasts | Privacy | RSA Podcasts | Top Stories

RSAC Fireside Chat: Deploying Hollywood-tested content protection to improve mobile app security

By Byron V. Acohido

Your go-to mobile apps aren’t nearly has hackproof as you might like to believe.

Related: Fallout of T-Mobile hack

Hackers of modest skill routinely bypass legacy security measures, even two-factor authentication, with techniques such as overlay attacks. And hard data shows instances of such breaches on the rise.

I had an evocative conversation about this at RSA Conference 2023 with Asaf Ashkenazi, CEO of Verimatrix, a cybersecurity company headquartered in southern France. We discussed how the Dark Web teems with hackers offering targeted mobile app attacks on major companies.

Many corporations outsource their mobile app development, and these apps often exhibit poor security practices, making them easy targets for cybercriminals, he says.

Verimatrix is coming at this problem with a fresh approach that has proven its efficacy in Hollywood where the company has long helped lock down content such as premium movies and live streamed sporting events.

Guest expert: Asaf Ashkenazi, CEO, Verimatrix

Its technology revolves around application-level protection and monitoring, which allows Verimatrix to collect data on app behavior without invading user privacy.

Coding embedded in the app provide a granular level of insight into what’s happening — when the app is actually running — and a degree of control that’s simply not doable with legacy mobile app security solutions, he told me.

For a full drill down, please give the accompanying podcast a close listen. Ashkenazi argues that we need better security solutions in general to mitigate the AI-generated threats running on our most cherished devices.

He observes that threat actors already use generative AI tools like  ChatGPT, Google Bard and Microsoft Edge to innovate malware; to keep pace, companies are going to have to get much better at not just identifying, but predicting attacks, especially on mobile apps. Agreed. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make … more

Comment | Read | May 18th, 2023 | For technologists | Podcasts | Privacy | RSA Podcasts | Top Stories

Older Articles »