Pushing This to the Top Of Your Inbox So You Can Delete It Again

Pushing This to the Top Of Your Inbox So You Can Delete It Again

April 27, 2021

CISO Series

CISO/Security Vendor Relationship Podcast

Pushing This to the Top Of Your Inbox So You Can Delete It Again

Pushing This to the Top Of Your Inbox So You Can Delete It Again

Mike Johnson and I welcome guest Rinki Sethi, CISO, Twitter, to discuss:

  • Hiring and keeping an awesome cybersecurity team.

  • Breaches are bad, but handling them badly might be worse

  • The unique aspects of work from anywhere security that take time to discover

  • More of "what not to do" as a vendor pitching a cybersec prospect

.

Thanks to our podcast sponsor, Sonatype

Sonatype

Overheard on CISO/Security Vendor Relationship Podcast 

“We built Nucleus to solve the challenges we were experiencing ourselves as vulnerability analysts and managers. I don’t think I could look at myself in the mirror in the morning if we didn’t use it internally.”

Scott Kuffer, co-founder and COO, Nucleus Security

Listen to full episode of "

."

Cyber Security Headlines 

Top headlines for Tuesday, April 27, 2021:

  • FluBot malware explodes

  • John Deere tractor exploit

  • Government password leak

to this episode.

or subscribe to the daily newsletter.

Thanks to this week's headlines sponsor, Aptible

Aptible

Join us this Friday [04-30-21] for "Hacking the Encryption Fallacy"

CISO Series Video Chat: Hacking the Encryption Fallacy

Our discussion will be 

"Hacking the Encryption Fallacy: An hour of critical thinking on where encryption fails and how to keep data protected continuously". 

It all begins at 10 AM PT/1 PM ET on Friday, April 30, 2021 with guests Purandar Das, CEO, Sotero, and Pat Dineen, CIO, Nielsen. We'll have fun conversation and games, plus at the end of the hour (11 AM PT/2 PM ET) we'll do our Icebreaker (AKA "cybersecurity speed dating").

Thanks to our video chat sponsor, Sotero

Sotero

It’s So Hard To Tell, But We’re All Getting Credential Stuffed

It’s So Hard To Tell, But We’re All Getting Credential Stuffed

There’s innocuous bot traffic—search engines, for example—and then there’s bad bot interaction, when fraudsters get their hands on massive lists of compromised user name/password combinations and see what goodies they’ll unlock: bank accounts? Gift card accounts with cash and credit cards attached? 

All of that is possible thanks to ubiquitous password reuse. And getting credentials is far from hard: more than 3 billion credentials were reportedly stolen in 2016, and that number nearly doubled between 2016 and 2020. 

Thanks to our video chat sponsor, F5

F5

Overheard on Defense in Depth 

“You always want to be able to receive information that puts you into a psychological mood… I’m confident in the message that I just received. I’m confident in the person who delivered it to me. And I’m confident they have it in hand.”

Tomás Maldonado, CISO, NFL

Listen to full episode of "

".