[12-14-23]--Join us tomorrow for “Hacking the SaaS Security Journey”

Join us tomorrow for “Hacking the SaaS Security Journey”

December 14, 2023

CISO Series

Super Cyber Fridays!

Join us TOMORROW, Friday [12-15-23] for “Hacking the SaaS Security Journey”

Hacking the SaaS Security Journey

Join us Friday, December 15, 2023, for “Hacking the SaaS Security Journey: An hour of critical thinking of how to secure your SaaS applications in a holistic way.”

It all begins at 1 PM ET/10 AM PT on Friday, December 15, 2023 with guests Ofer Klein, CEO and Cofounder, Reco and Robert Kugler, head of security and compliance, Cresta. We'll have fun conversation and games, plus at the end of the hour (2 PM ET/11 AM PT) we'll do our meetup.

Thanks to our Super Cyber Friday sponsor, Reco

Defense in Depth

Warning Signs You're About To Be Attacked

Warning Signs You're About To Be Attacked

A recent report from SpyCloud found that over 30% of North American ransomware victims this year had an infostealer on their system prior to an attack. This appears to be a clear sign that these malicious actors are preparing for a larger attack. But this can't be the only indicator. So outside of phishing, what are the early warning signs an attack is underway? 

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Steve Zalewski, co-host, Defense in Depth. Joining me is our sponsored guest, Trevor Hilligoss, senior director security research, SpyCloud.

Bad actors call the support desk

Targeting the support desk to get access didn’t just happen with the MGM Grand attack, it’s becoming a major focus for threat actors and a sign you’re being targeted. "We'll see a rise in social engineering at the service desk. Why wait for credentials to be submitted via a phishing site when you can go directly to the source," said Sean Holshu of DICK'S Sporting Goods. The support desk is designed to resolve issues quickly, so they can hold the keys to the kingdom in a lot of ways. "Once they are scammed, access privileges are escalated, and data is exfiltrated," said Sue Bergamo, CISO at BTE Partners.

Let data tell the story

Looking at logs and other data points across the access pipeline can help you see the often circuitous path a threat actors will take. "Indicators along the attack path can be strung together to trigger that sixth sense. Getting to the bottom of 'why' these anomalies are happening is the tough part," said Mike Van Orden of Emanate Security. Data can also help you establish what network normalcy looks like to better spot aberrations. "Higher than average access failures trending in your logs. In order to detect this you must have already developed a ‘normal’ baseline,” said Tony Chryseliou of Sony.

Don’t ignore other messaging platforms

The ubiquity of messaging apps like WhatsApp, WeChat, Telegram, mean threat actors have a new avenue for phishing approaches. These can offer even more direct access to targets without well established controls in place. "Many other messaging apps are a more accessible way for bad guys to send you a link that you may click with no security control in place to block it," said Evgeniy Kharam, CISO of Cybeats.

The nature of attacks is changing

The rise of infostealers also marks a change in how threat actors orchestrate attacks. Rather than using a fixed payload targeting a high number of targets with a low success rate, threat actors can now use data from infostealers to customize a campaign. Russell Spitler, CEO at Nudge Security laid out the implications, saying, "There is likely an active market for ransomware targets on the darkweb with the infostealer actors selling that access. It means that any infection is likely an indicator of subsequent issues."

Please listen to the full episode on your favorite podcast app, or over on our blog where you can read the full transcript. If you’re not already subscribed to the Defense in Depth podcast, please go ahead and subscribe now.

Thanks to our podcast sponsor, SpyCloud

SpyCloud

LIVE!

Cyber Security Headlines - Week in Review

Week In Review--Rusty Waldron, Chief Business Security Officer, ADP

Make sure you 

 to join the LIVE "Week In Review" this Friday for 

Cyber Security Headlines 

with CISO Series reporter Richard Stroffolino. We do it this and every Friday at 3:30 PM ET/12:30 PM PT for a short 20-minute discussion of the week's cyber news. Our guest will be Rusty Waldron, Chief Business Security Officer, ADP.

Thanks to this week's headlines sponsor, Barricade Cyber Solutions

Barricade Cyber Solutions

CISOs Need Boots On the Ground

Jesse Whaley

For organizations with a sprawling network of operations, it can be hard for a CISO to wrap their head around it. For Jesse Whaley, CISO, Amtrak, a key to doing that is speaking to employees across the organization, understanding where their security pain points are.

that regularly makes this part of their workflow can allow a CISO to scale that visibility across an organization.

Thanks to this week's headlines sponsor, Claroty

Claroty

Cyber chatter from around the web...

Jump in on these conversations 

"Is it "cheating" to whitelist a domain for a phishing simulation?" (

)

"Help me describe this type of 'attack'" (

)

"Cyber Insurance = Accountability?" (

)

Thank you!

Thank you for supporting CISO Series and all our programming  

We love all kinds of support: listening, watching, contributions, What's Worse?! scenarios, telling your friends, sharing in social media, and most of all we love our sponsors!

Everything is available at cisoseries.com.

Interested in sponsorship, contact me, David Spark.