View this email in your browser

CISO Series Podcast
Our Help Desk Plaque Reads “Over 100,000 Threat Actors Served”

The shine is off the cybersecurity promise of MFA. While it's certainly vital to implement, threat actors are increasingly finding ways to get around it. Most recently we’ve seen social engineering proving to be effective at this, targeting the help desk. Given the high profile attacks we’ve seen getting around MFA, how much security stock should we put into it going forward?

This week’s episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, operating partner, YL Ventures. Joining us is our guest, Martin Mazor, vp and CISO, onsemi.

Classic CISO blunders

Everyone makes mistakes in their roles. We batted around some of the classic mistakes we see CISOs repeatedly walking into. One is just not linking their actions as a CISO to the overall business, as outline by Bernard Brantley in a recent Dark Reading piece. A CISO can also fall into the trap of becoming a gatekeeper, seeing themselves as the approver of product launches. As part of this, CISOs can also suffer by assuming they are the smartest person in the room and not trusting the experience of people with more direct knowledge of the business or product. The key to avoid these blunders is to embrace a service provider mentality within the organization.

The bloom is off the MFA rose

You don’t have to follow the news too closely to realize MFA has become the new perimeter for threat actors, and they are finding ways around it. We’re starting to understand the typical strategies around it, including SIM swapping, MFA bombing, and service desk attacks, as outlined in a recent Hacker News piece. When implemented well, organizations should still have faith in MFA as providing value. But this means turning away from easier to implement variations, like SMS push notifications. Social engineering in an age of readily available deepfakes remains a challenge, which is why it’s imperative for organizations to build a culture where it’s okay to verify suspicious requests. 

Move fast and secure things

We often think there is an antagonistic relationship between security and developers. Cybersecurity practitioners are seen as the “Department of No,” and slowing things down, while devs want to ship fast. But there’s an argument that quicker releases help to ship more secure products, as articulated in SC Magazine by Lea Kissner. Rapid release cycles receive less organization resistance to marginal security improvements, and with proper automation can still be manageable.

Transitioning from IT to OT 

It’s not uncommon to see IT staff transitioning into OT. One of the first steps in this transition is getting up to speed on fundamentals like SCADA, PLCs, and DCS, as Ryan Virani pointed out on LinkedIn. In a lot of ways, moving to OT is like an IT time machine, dealing with older systems that don’t get frequent patching and are less supportable. But even with these longer life cycles, core IT and security architecture best practices still apply. The biggest challenge comes from dealing with the massive data influx inherent in OT systems and finding the signal from a sea of telemetry noise.

Listen to the full episode over on our blog, or your favorite podcast app where you can read the entire transcript. If you haven’t subscribed to CISO Series Podcast via your favorite podcast app, please go ahead and do so now.

Thanks to our anonymous contributor who provided this week’s “What’s Worse?!” scenario.

Listen to the episode.

Thanks to our podcast sponsor, Material Security

Subscribe
Subscribe to CISO Series Podcast

Spotify, Apple Podcasts, RSS link, or search "CISO Series Podcast" on your favorite podcast app.

Understanding the Zero-Trust Landscape…

"This rush to like try to name your product to fit a made up sector, or a quadrant, or a wave, or whatever it might be, it is really unhelpful for people like me that need to buy these things and have a job to do." - Geoff Belknap, CISO, LinkedIn

Listen to full episode of "Understanding the Zero-Trust Landscape."

Subscribe to our newsletters on LinkedIn!

We've got our bi-weekly and daily Cyber Security Headlines newsletters available right here on LinkedIn. Go ahead and subscribe to one or both!

CISO Series Newsletter - Twice every week

Cyber Security Headlines Newsletter - Every weekday

LIVE!
Cyber Security Headlines - Week in Review

Make sure you register on YouTube to join the LIVE "Week In Review" this Friday for Cyber Security Headlines with CISO Series reporter Richard Stroffolino. We do it this and every Friday at 3:30 PM ET/12:30 PM PT for a short 20-minute discussion of the week's cyber news. Our guest will be Ryan Bachman, evp and global CISO, GM Financial.

Thanks to our Cyber Security Headlines sponsor, Vanta

Super Cyber Fridays!
Capture the CISO Finals, Season 2

Season 2 of Capture the CISO is not over. We still have the finals!

And it's going to be LIVE on Friday, May 17th, 2024 at 1 PM ET/10 AM PT! This is the normal time we do Super Cyber Friday.

See our finalists Omer Singer, vp of strategy for Anvilogic, Russell Spitler, CEO of Nudge Security, and Attila Szász, founder and CEO of BugProve go head to head to see which company captures our CISO judges attention.

Our judges will be Edward Contreras, CISO for Frost Bank and Alexandra Landegger, CISO for Collins Aerospace. The show will be hosted by Rich Stroffolino.

Register

Thanks to our sponsors/contestants, Anvilogic, Nudge Security, and BugProve

Thank you!
Thank you for supporting CISO Series and all our programming

We love all kinds of support: listening, watching, contributions, What's Worse?! scenarios, telling your friends, sharing in social media, and most of all we love our sponsors!

Everything is available at cisoseries.com.

Interested in sponsorship, contact me, David Spark.