Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

RSA Podcasts

 

RSAC insights: Concentric AI directs Google’s search techniques towards locking down data sprawl

By Byron V. Acohido

In order to extract value from the Internet, data sprawl first must get reined in. This has always been the case.

Related: Equipping SOCs for the long haul

What good is connecting applications, servers and networks across the public cloud if you’re unable to securely operationalize the datasets that these interconnected systems store and access?

Solving data sprawl has now become a focal point of cybersecurity. It’s about time. Much of the buzz as RSA Conference 2022 happens this week (June 6 – 9)in San Francisco will be around innovations to help companies make sense of data as it gets increasingly dispersed to far-flung pockets of the public cloud.

I had the chance to visit with Karthik Krishnan, CEO of San Jose, Calif.-based Concentric AI, which is in the thick of this development. Concentric got its start in 2018 to help companies solve data sprawl — from the data security and governance perspective – and has grown to 50 employees, with $22 million in venture capital backing. For a full drill down of our discussion, please give the accompanying podcast a listen. Here are a few key takeaways.

Crawling, classifying

Jeff Bezos solved data sprawl for selling books and gave us Amazon. Larry Page and Sergey Brin solved data sprawl for generalized information lookups and gave us Google.

In much the same sense, companies must now solve data sprawl associated with moving to an increasingly interconnected digital ecosystem. And addressing data security has become paramount.

Comment | Read | June 1st, 2022 | For consumers | For technologists | Podcasts | Privacy | RSA Podcasts | Steps forward | Top Stories | Uncategorized

RSAC insights: Why vulnerability management absolutely must shift to a risk-assessment approach

By Byron V. Acohido

Vulnerability management, or VM, has long been an essential, if decidedly mundane, component of network security.

Related: Log4J’s long-run risks

That’s changing — dramatically. Advanced VM tools and practices are rapidly emerging to help companies mitigate a sprawling array of security flaws spinning out of digital transformation.

I visited with Scott Kuffer, co-founder and chief operating officer of Sarasota, FL-based Nucleus Security, which is in the thick of this development. Nucleus launched in 2018 and has grown to over 50 employees. It supplies a unified vulnerability and risk management solution that automates vulnerability management processes and workflows.

We discussed why VM has become acutely problematic yet remains something that’s vital for companies to figure out how to do well, now more so than ever. For a full drill down, please give the accompanying podcast a listen. Here are the key takeaways:

Comment | Read | May 31st, 2022 | For technologists | Podcasts | Privacy | RSA Podcasts | Steps forward | Top Stories

Last Watchdog podcast: Unwrapping ‘resilience’ guidance discussed at RSA Conference 2021

By Byron V. Acohido

Resilience was the theme of RSA Conference 2021 which took place virtually last week.

Related: Web attacks spike 62 percent in 2020

I’ve been covering this cybersecurity gathering since 2004 and each year cybersecurity materially advances. By the same token, the difficulties of defending modern IT systems has redoubled as organizations try to balance security and productivity.

The outside pressures are indeed as daunting as ever. Migration to cloud infrastructure is accelerating; reliance on wide-open, modular software development is deepening; and the shortage of skilled security analysts is wider than ever. Meanwhile, deep, damaging network breaches persist, affecting companies of all sizes and in all industries.

I visited with Bruce Snell and Setu Kulkarni from NTT Security to discuss this.

Snell is vice president of security strategy; his resume includes a stint as McAfee’s cybersecurity and privacy director.

And Kulkarni joined NTT Security last fall as vice president of corporate strategy, coming over with NTT’s acquisition of WhiteHat Security, where he was VP, Corporate Strategy & Business Development (Editor’s note: an earlier version misstated this title.) For a lively debrief of RSA Conference 2021, please give the accompanying podcast a listen.

 

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

 

Comment | Read | May 25th, 2021 | Best Practices | For technologists | RSA Podcasts | Steps forward | Top Stories

MY TAKE: How SASE has begun disrupting IT — by shifting cybersecurity to the ‘services edge’

By Byron V. Acohido

One of the hottest topics at RSA Conference 2021 taking place virtually this week is the Secure Access Services Edge (SASE) security framework.

Related: Cybersecurity experts react to Biden’s EO

SASE (pronounced sassy) essentially is a roadmap for infusing privacy and security deeply into the software coding that gives life to our smartphones, IoT devices and cloud infrastructure, i.e. at the “services edge,” where all the action is taking place.

Coined by Gartner in late 2018, SASE is gaining momentum as a generational disruptive force. It calls for organizations to start proactively managing the myriad new attack vectors they’ve opened up in the pursuit of digital agility — by embracing a bold new IT architecture that extends network security far beyond the traditional perimeter

However, disruption doesn’t happen without displacement. And at this early stage, things are a bit chaotic. As established and newer cybersecurity vendors scramble to catch the SASE wave, marketing messages have sometimes been less than clear.

From the customer’s point of view, some early-adopter enterprises have experienced buyer’s remorse trying out SASE services that don’t really make the grade, says Mike Spanbauer, security evangelist at Juniper Networks, a Sunnyvale, Calif.-based supplier of networking technology.

“What we’ve heard from out in the marketplace is that a number of SASE solutions that supposedly could deliver everything as promised, were found to be lacking in many capacities,” Spanbauer says.

One Comment | Read | May 20th, 2021 | For consumers | For technologists | My Take | New Tech | RSA Podcasts | Steps forward | Top Stories

RSAC insights: Introducing ‘CWPP’ and ‘CSPM,’ new frameworks to secure cloud infrastructure

By Byron V. Acohido

A greater good has come from Capital One’s public pillaging over losing credit application records for 100 million bank customers.

Related: How credential stuffing fuels account takeovers

In pulling off that milestone hack, Paige Thompson took advantage of CapOne’s lack of focus on cloud security as the banking giant rushed headlong into leveraging Amazon Web Services. Luckily, Thompson left an easy trail for the FBI to follow and affect her arrest in August 2019.

The lone wolf hacker’s lasting legacy may be that she gave the cybersecurity industry an impetus to double down on its efforts to help enterprises get a grip on cloud security.

A slew of new cloud-security frameworks have gained traction since the Capital One hack. I recently had the chance to sit down with Kevin Simzer, chief operating officer of Trend Micro, to discuss two of them: Cloud Workload Protection Platform (CWPP) and Cloud Security Posture Management (CSPM.) For a full drill down on our conversation please give the accompanying podcast a listen. Here are the key takeaways:

Cloud migration risks

The summer of 2019 was a heady time for the financial services industry. Capital One’s valuation hit record highs at a time when its senior executives bragged on Wall Street about how the bank’s aggressive adoption of AWS-supplied infrastructure would boost both profits and security. In reality, the bank wasn’t paying close enough attention to its shared responsibility for keeping its cloud-stored assets secure.

Comment | Read | May 17th, 2021 | For technologists | My Take | New Tech | RSA Podcasts | Steps forward | Top Stories

RSAC insights: Deploying SOAR, XDR along with better threat intel stiffens network defense

By Byron V. Acohido

Much attention has been paid to the widespread failure to detect the insidious Sunburst malware that the SolarWinds hackers managed to slip deep inside the best-defended networks on the planet.

Related: The undermining of the global supply chain

But there’s also an encouraging ‘response’ lesson SolarWinds teaches us, as well.

Reacting to the disclosure of this momentous supply-chain hack, many of the breached organizations were able to deploy advanced tools and tactics to swiftly root out Sunburst and get better prepared to repel any copycat attacks. It was an opportunity to put their security orchestration and automation and response (SOAR) solutions, as well as endpoint detection and response (EDR) tools, to the test.

In that sense, SolarWinds validated the truckloads of investment that has been poured into developing and deploying SOAR and EDR innovations over the past five years. I had the chance recently to visit with Leon Ward, Vice President of Product Management, at ThreatQuotient, provider of a security operations platform with multiple use cases including serving as a threat intelligence platform (TIP). We discussed current developments that suggest SOAR and EDR will continue to improve and make a difference.

For a full drill down on our conversation, please give the accompanying podcast a listen. Here are my key takeaways:

Leveraging richer intel

It was by happenstance that analysts at FireEye, a leading supplier of intrusion detection systems, stumbled into a copy of the Sunburst Trojan ever-so-stealthily embedded in FireEye’s own copy of SolarWinds’ Orion network management software. That was on Dec. 13, 2020.

Comment | Read | May 15th, 2021 | For technologists | My Take | Podcasts | Privacy | RSA Podcasts | Steps forward | Top Stories

RSAC insights: ‘SASE’ disrupts networking by meshing security, connectivity at the services edge

By Byron V. Acohido

It’s accurate to say that security has been bolted onto modern business networks.

It also has become very clear that we won’t achieve the full potential of digital transformation without security somehow getting intricately woven into every layer of corporate IT systems.

We’re still a long way from achieving that, but a promising roadmap has emerged. It’s a new model for architecting enterprise IT systems, dubbed Secure Access Service Edge (SASE), a term coined by top security analysts at tech advisory firm Gartner.

I had the chance to visit with Kelly Ahuja, CEO of Versa Networks, a supplier of SASE systems. For a full drill down on our discussion on why SASE could be game changer, please give a listen to the accompanying podcast. Here are the key takeaways:

Connectivity vs. security

Corporate networks exist to connect users to applications. Traditionally this was done by setting up a datacenter at company headquarters, and having employees enter the building and access applications using company-managed equipment. Thus, local area networks, or LANs, were born.

Then along came wide area networks, or WANs, as a means to securely connect several LANs set up in geographically dispersed branch offices. Over time WANs proved to be expensive and inflexible, so they began to be replaced with software-defined wide area networks, or SD-WANs, which offered heightened data-transfer efficiencies.

However, the first-generation of SD-WAN solutions were notable for one key thing: they were solely focused on improving connectivity and did little to account for security.

Comment | Read | May 14th, 2021 | For technologists | My Take | Podcasts | RSA Podcasts | Steps forward | Top Stories

« Newer Articles
Older Articles »