Canada joins global leaders offering stricter privacy protection in 2018 with mandatory breach notification. David Senf from Cyverity is joined by Lisa R Lifshitz from Torkin Manes and Constantine Karbaliotis from PwC Canada to offer guidance on critical steps Canadian and international organizations will need to take to be compliant.
David Senf of Cyverity is joined by Mike Davis of CounterTack and Josh Fu from Cylance to net out how our security industry is reshaped by artificial intelligence. We look at machine learning and where it is being embedded and which skills will need to be expanded.
I'm joined this week by Jonathan Nguyen-Duy from Fortinet, Travis Barlow and Mike Davis from CounterTack / GoSecure, and Ben Smith from RSA to learn how to plan, react and measure your incident response capabilities. Recorded live at the GoSec conference in Montreal.
Fantastic advice! I’m joined by Visesh Gosrani at Guidewire / Cyence, Greg Markell at Ridge Canada and David Strom at Strom.com to discuss cyber insurance. We catch up on the rapidly evolving industry and the impact of change on customers, brokers and underwriters. Get helpful tips on coverage and premiums.
I'm joined by Pascal Fortin from CounterTack / GoSecure and Alfredo Hickman from Rackspace in a hard hitting chat about big changes in managed security services. We talk about the impact on customers and the channel. Tips are provided to select an MSSP and to negotiate a contract as well.
Be it resolved that developer employability hinges on their security skills. A great debate featuring Shannon Lietz from Intuit, Amir Sharif from Aporeto, Brian Kelly from CyberArk and Kyle Bassett from Arctiq, hosted by David Senf from Cyverity. Subscribe to Threat Actions This Week on iTunes, Google Play, Youtube, etc
If your organization is not using the MITRE ATT&CK framework yet, it's time to start. Katie Nickels from MITRE, Travis Farral from Anomali and David Strom from Inside Security newsletter & strom.com join host David Senf from Cyverity to talk about ATT&CK tactics, techniques and tools.
We look for the balance between developers' security responsibility and the security team. Maya Kaczorowski from Google, Shannon Lietz from Intuit and Larry Maccherone from Comcast help weigh the options.
We cut through the layers of the microservice onion to highlight security actions developers and security pros need to take. Anil Karmel from C2 Labs, Duncan DeVore from Lightbend, Brian Kelly from Conjur / CyberArk and Peter Maddison from Xodiac offer fantastic advice!
Ransomware, like any other attack, is not inevitable if you can stop the attacker at even one step along a kill chain. We look specifically at the 5 steps of a ransomware as an example of how to improve your odds of avoiding a breach. Stewart Cawthray from Thomson Reuters, Allan Liska from Recorded Future, Tim Gallo from FireEye and Birat Niraula from CapitalOne provide lots of great advice!
Identity management is going through incredible change of late, so we catch up with Sarah Squire from Ping Identity, Amir Sharif from Aporeto and Wes Kroesbergen from Lumagate NA. They talk through the latest solutions, standards and best practices your organizations should consider for successful identity management in a rapidly changing world from developers to devices and from containers to cloud.
Cloud ushers in new security challenges, while alleviating others. My guests Stu Solomon CTO at Optiv and Allan Liska senior analyst at Recorded Future apply the NIST Cybersecurity Framework to draw out key elements of consideration for your security in the cloud.
If you're using Amazon AWS, Microsoft Azure, Google Cloud Platform or myriad other IaaS, PaaS and SaaS offerings, we hope you'll find this episode of value.
GDPR is having an impact on organizations in Canada and the US already. New rights for the protection of personal data each create actions that need to be taken to be compliant if an organizations is in anyway collecting, processing or otherwise data from EU subjects. This Cyverity report explains what key rights and actions look like. Moreover it explores the potential for GDPR strength legislation to come to Canada or the United States.
Containers like Docker offer new automation awesomeness, portability and predictability. But traditional security tools and ops are only the start of reducing your risks. John Morello from Twistlock, Alfredo Hickman from Rackspace and Kellman Meghu from Sycomp pull the container stack apart to reveal security gaps.
Please read NIST Application Container Security Guide co-authored by John Morello
And read Container Intrusions: Assessing the Efficacy of Intrusion Detection and Analysis Methods for Linux by Alfredo Hickman
If you're new to security threat intelligence or want to get the latest details on tools and techniques, Allan Liska from Recorded Future, Tim Gallo from FireEye and Wadeed Mian from ISA are here to help.
Learn how to decide which DDoS provider to select, what operational issues may come up and how to handle them. My guests: Laurent Gil co-founded a leader in DDoS solutions (Oracle Dyn formerly Zenedge) and Stewart Cawthray helped set up a DDoS service for a major telco and is now Senior Director Security at Thomson Reuters in Toronto, Canada. We delve into the difference between several different kinds of attacks with most time spent at the application layer (OSI layer 7).
Stewart Cawthray and Theo Van Wyk are my guests to help carefully extract our SIEM from the hot soup of new acronyms. Plus the Threat Radar, Frontline Actions and a little on Invisible Identity. Stewart is from Thomson Reuters and Theo is from Scalar.