View this email in your browser

This week's episode of Defense in Depth

The Iran Cybersecurity Threat

 On this episode of Defense in Depth:

Co-host Allan Alford and our sponsored guest is Nicholas Hayden, global head of threat intelligence, Anomali, discussed:

• As we're seeing now, it often takes a scare like Iran, to get everyone to pay attention to their threat detection and response capabilities.

• if you believe you're a target for an APT (advanced persistent threat) you need to also assume it's going to be hidden.

• If and when you find an APT, also assume it's at the beginning of an attack chain. You're going to have to go deeper. Shutting it off at that moment won't let you understand what's happening.

• Iran may use the resources of China and Russia as they have hooks into other industries.

• There's a strong belief that cyber warfare is commingled with organized crime. The two groups need each other.

• Much of the "how to handle Iran" advice is to focus on foundations, not basics, because it's actually not easy, said Yaron Levi, CISO, Blue Cross/Blue Shield of Kansas City, we use these potential threats as an area of focus.

• If you are doing the fundamentals, and doing them well, you are doing what you can. You don't have the intelligence that the military has, and therefore, you don't have the ability to craft specific defenses.

• Beware of complacency and going in and out of "heightened alert". Eventually, people will forget about this perceived impending Iran threat. That's why threat intelligence needs to be handled consistently over time.

Special thanks to this week's Defense in Depth podcast sponsor, Anomali.

Anomali is a leader in intelligence-driven cybersecurity solutions. Anomaly turns threat data into actionable intelligence that drives effective security and risk decision making. Customers using Anomali identify cyber threats from all layers of the web, automate blocking across their security infrastructures, and detect and remediate any threats present in their networks. 

www.anomali.com

Don't forget to REGISTER for our live audience recordings in Silicon Valley and Tel Aviv!

Yet another friendly reminder we've got two live audience recordings of CISO/Security Vendor Relationship Podcast planned over the next two weeks.January 21st, 2020 - Santa Clara, California - Silicon Valley ISSA Chapter meeting - REGISTER Mike Johnson and I invite Peter Liebert, former CISO for the State of California, and now an independent consultant and commander, cyber operations, California State Guard, to join us. Networking and dinner starts at 6:00 PM. January 27th, 2020 - Tel Aviv, Israel - Glilot Capital event, "What CISOs Want" - REGISTERJoining me on stage at our first ever Tel Aviv event will be my guest co-host, Bobby Ford, global CISO, Unilever. Our guest will be John Meakin, CISO and security advisor, and formerly CISO for Burberry, GSK, Richemont, and RBS. Networking and drinks start at 6:00 PM. 

SUBSCRIBE TO BOTH PODCASTS

Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.

• iTunes

• Spotify

• Stitcher

• RSS Feed

• iTunes

• Spotify

• Stitcher

• RSS Feed

If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.