Super Cyber Fridays!
Join us TOMORROW, Friday [05-17-24], for "Capture the CISO, Season 2 Finals"

Join us Friday, May 17th, 2024, for “Capture the CISO Finals.”

It all begins at 1 PM ET/10 AM PT on Friday, May 17th, 2024. This is the normal time we do Super Cyber Friday.

See our finalists Omer Singer, vp of strategy for Anvilogic, Russell Spitler, CEO of Nudge Security, and Attila Szász, founder and CEO of BugProve go head to head to see which company captures our CISO judges attention.

Our judges will be Edward Contreras, CISO for Frost Bank and Alexandra Landegger, CISO for Collins Aerospace. The show will be hosted by Rich Stroffolino.

Register

Thanks to our sponsors/contestants, Anvilogic, BugProve, and Nudge Security

Defense in Depth
Where Are Secure Web Gateways Falling Short?

Are secure web gateways still an effective tool in the enterprise? The browser has changed a lot in the last decade, are SWGs still keeping up?

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Vivek Ramachandran, founder, SquareX.

The failure is context 

Secure web gateways still have a place for many organizations. As Neill Baal of Specsavers pointed out, "We have the traditional forward proxy/web gateway/web filter which gives good details on users’ clicks around an incident and does stop some threats in their tracks.” But the current failure stems from a lack of context. “The problem is in a context where modern east-west is also on the WAN side and doesn't get captured in the north-south. The capabilities to stop attacks are getting thinner," said Carlo Dapino.

A layered approach

Secure web gateways can fall down when they are used as a single perimeter solution, rather than part of a layered defense. "Many SWGs still provide a great layer of defense and visibility, however, they are only one layer. I’ve seen too many products recently claiming to be a catch-all when the reality is that there will always be a new attack methodology that will bypass a control, so it's important to not rely on any one component absolutely," said Andy Woodward of HighPoint. And it’s important to remember that these layers can’t be static either. Jaydeep Palana of ITC Infotech makes that case, saying, “Organizations must continuously calibrate EDR, SOC, Identity Threat Detection and Response (ITDR), Web Application Firewall (WAF), Cloud Security components, and most importantly a well-documented and tested Incident Response and Recovery plan in place for comprehensive protection."

The ground has shifted under SWG’s feet

There have been a lot of changes since SWGs first came on the market decades ago. This means different realities in IT and security, but also different expectations from users. "Most of these solutions are user-hostile, creating incentives for disuse and pushing important traffic flows to unmonitored streams. Focus on speed and invisibility, while still reacting quickly and helping to answer the question of ‘what happened’ when the worst inevitably occurs," said Justin Francesconi of Bowtie. For some, this means the math doesn’t work out for SWGs, as Or Eshed of LayerX Security outlined, "Most SaaS apps are a black box for the SWG. SWGs are a legacy technology that takes too much and gives too little. A browser security tool can be 10X better and 10X simpler than SWGs."

Where do SWGs fit into modern cybersecurity?

Given the rise of SaaS and modern cloud environments, we need to change how we view SWGs role in a modern organization. "It is time to re-evaluate the reliance on SWGs for any mission critical risk reduction. The challenges are many. We are at a point where reliance on a network control like this is just fooling ourselves. That is not to say that they cannot play an important role, but it is that they should not be the mitigating control for any major risk," said Russell Spitler of Nudge Security.

Please listen to the full episode on your favorite podcast app, or over on our blog where you can read the full transcript. If you’re not already subscribed to the Defense in Depth podcast, please go ahead and subscribe now.

Listen to the episode.

Thanks to our podcast sponsor, SquareX

Subscribe
Subscribe to Defense in Depth podcast

Spotify, Apple Podcasts, YouTube Music, RSS link, or search "Defense in Depth" on your favorite podcast app.

LIVE!
Cyber Security Headlines - Week in Review

Make sure you register on YouTube to join the LIVE "Week In Review" this Friday for Cyber Security Headlines with CISO Series reporter Richard Stroffolino. We do it this and every Friday at 3:30 PM ET/12:30 PM PT for a short 20-minute discussion of the week's cyber news. Our guest will be Ryan Bachman, evp and global CISO, GM Financial.

Thanks to our Cyber Security Headlines sponsor, Vanta

Cyber chatter from around the web...
Jump in on these conversations

"Best Stories of Reverse Engineering to combat an attack of some kind?" (More here)

"Number of data breaches falls globally, triples in the US. The US has overtaken Russia as the most-breached country." (More here)

"Budgets in this climate" (More here)

Coming Up On Super Cyber Friday...
Coming up in the weeks ahead on Super Cyber Friday we have:

• [05-17-24] "Capture the CISO Finale"

• [05-24-24] NO SHOW

• [05-31-24] Hacking Microsoft Copilot

• [06-07-24] Hacking SOC 2 vs. ISO 27001

 Save your spot and register for them all now!

Thank you!
Thank you for supporting CISO Series and all our programming

We love all kinds of support: listening, watching, contributions, What's Worse?! scenarios, telling your friends, sharing in social media, and most of all we love our sponsors!

Everything is available at cisoseries.com.

Interested in sponsorship, contact me, David Spark.