View this email in your browser

CISO Series Podcast
We Can’t Fail at API Security If We Never Even Try

It seems like we can’t go a week without hearing reports of a data leak caused by a failure in API security. There’s nothing easy about securing APIs, but it’s hardly the only aspect of security dealing with authentication, encryption, monitoring, versioning, and validation. So why do organizations struggle with API security? 

This week’s episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, operating partner, YL Ventures. Joining us is our sponsored guest Yoav Nathaniel, CEO, Silk Security.

SBOMs aren’t a balm for the software supply chain

Lots of companies have been burnt by vulnerabilities in the software supply chain. It’s obvious companies need a better way to get visibility into the software they depend on. A software bill of materials, SBOMs, seems to some like a way to approach that. But in their current state, they are rife with problems. There’s no general format consensus, quality is all over the place, and tracing back an SBOM to actual vulnerabilities is immature at best, argued Kyle Kelly of CramHacks. The industry will likely mature with more standardization over time, but right now these only serve as a small piece in securing the overall software supply chain. 

The immature state of API security

We know APIs represent a huge attack surface. So why do we see a lack of strategy in API security? Sure it’s complex and represents a long term commitment rather than an end state. But doesn’t that make the case for approaching it top-down rather than with a reactive scattershot approach. API security requires managing a lot of moving pieces, like authentication, encryption, monitoring, versioning, and validation, argued Ross Moore of IT Security Guru. Why is API security so tough? We’ve found ways to systematically and strategically address these with other aspects of security. 

Don’t skip the fundamentals with security posture 

While there are a lot of subtleties to security posture management, at its core it equates to maintaining proper hygiene across all aspects of security. This needs to be a holistic and consistent effort. Think of it like taking a daily shower versus waiting for when you’re completely filthy. That sounds simple, but it comes down to organizational alignment, accountability, and clear communication to effectively manage security posture. A successful security posture needs comprehensive, proactive approaches to meet the bevy of modern challenges.

Reject tradition, embrace modernity

What actually defines a modern SOC? This isn’t just about integrating specific tooling. Slapping some AI in your SOC may have some benefits, but if it doesn’t change the fundamental workflow in your SOC, it's still traditional, argued Anton Chuvakin of Google's Cloud Security Podcast. Rather than specific tooling, a modern SOC is defined by automation and creating an engineering-led feedback loop. The end goal should be to automate the traditional SOC out of a job, freeing up analysts for more meaningful work. 

Listen to the full episode over on our blog, or your favorite podcast app where you can read the entire transcript. If you haven’t subscribed to CISO Series Podcast via your favorite podcast app, please go ahead and do so now.

Listen to the episode.

Thanks to our podcast sponsor, Silk

What Is Your SOC's Single Search of Truth?

"Today, security relevant data is now everywhere. And so enabling teams to make better use of it for very specific missions I think is a much better approach. So, you may end up having different panes of glass that are used for different purposes, but the idea of trying to have just one, a single one, just seems like we’re not going to get there." - Matt Eberhart, CEO, Query

Listen to full episode of "What Is Your SOC's Single Search of Truth?"

Subscribe to our newsletters on LinkedIn!

We've got our bi-weekly and daily Cyber Security Headlines newsletters available right here on LinkedIn. Go ahead and subscribe to one or both!

CISO Series Newsletter - Twice every week

Cyber Security Headlines Newsletter - Every weekday

LIVE!
Cyber Security Headlines - Week in Review

Make sure you register on YouTube to join the LIVE "Week In Review" this Friday for Cyber Security Headlines with CISO Series reporter Richard Stroffolino. We do it this and every Friday at 3:30 PM ET/12:30 PM PT for a short 20-minute discussion of the week's cyber news. Our guest will be David Cross, SVP/CISO, Oracle.

Thanks to our Cyber Security Headlines sponsor, Conveyor

Super Cyber Fridays!
Understanding the Complexity of Breach Response

Responding to breaches is an inevitable reality every cybersecurity professional faces. When it comes to a security incident, just determining when you have a breach versus an incident is vital according to Matt Radolec, vp, incident response and cloud operations, Varonis. You should also have a handle on who will be making breach-related decisions in a crisis and understand your reporting requirements. This is a preview of our Super Cyber Friday event happening this Friday, March 8, 2024. Our topic will be "Hacking Breach Response: An hour of critical thinking about recovery, containment, and remediation after a data loss event."

Joining me and Matt for this event will be Charles Garzoni, deputy CISO and staff vp of cyber defense operations, Centene Corporation.

It all starts at 1 PM Eastern/10 AM Pacific. At the end of the hour [2 PM Eastern/11 AM Pacific] we'll switch gears to our meetup where everyone will get a chance to chat face to face. Join us!

Register

Thanks to our Super Cyber Friday sponsor, Varonis

Thank you!
Thank you for supporting CISO Series and all our programming

We love all kinds of support: listening, watching, contributions, What's Worse?! scenarios, telling your friends, sharing in social media, and most of all we love our sponsors!

Everything is available at cisoseries.com.

Interested in sponsorship, contact me, David Spark.