2020-044-Marcello Salvati (@byt3bl33d3r), porchetta industries, supporting opensource tool creators, sponsorship model
What is Porchetta Industries? What is the current problem with supporting opensource projects? How are you working to solve the problem
Why we are here today? What kind of hardware or software do you need? Why would a security professional want to know how to use SDR tools and attacks? What other kinds of attacks can be launched? What are the current limitations to testing wireless and RF related systems? What about custom wireless implementations? I’m a wireless manufacturer of some kind of device. What are some things I could do to ensure that the types of attacks we discussed here cannot affect me?
**Apologies on the Zoom issues** This is the 2nd of 3 sponsored podcast interviews with Illumio about Their zero trust product. Katey Wood is the Director of Product Marketing at Illumio. https://www.linkedin.com/in/kateywood/ Topic: Conversation on segmentation and ransomware Topic Background: The attack surface and vulnerabilities are on the rise, along with cyber attacks Why? Remote everything - cloud collaboration (including processing PII) is the new normal and that means the attack surface is heightened. This requires appropriate network, cloud, and endpoint security. Double ransom with #data #exfiltration -- more attackers are exfiltrating customer data from businesses and (if ransom is withheld) extorting consumers directly through bitcoin - often in the headlines. Privacy is a chief security concern now more than ever before, as remote everything continues and #cyberattacks and #ransomware attacks skyrocket. For businesses, Covid and the new WFH normal means even more vulnerabilities and greater incentive to pay an even higher ransom to avoid privacy law penalties and class-action litigation. Enter Segmentation. Perimeter security is important, but unfortunately, we all know that alone it’s not enough (i.e. breach, after breach, after high-profile breach). #ZeroTrust the assume breach mentality/default deny are philosophies that take security deeper to protect organizations from a threat moving laterally within their environment. This is helpful because it’s often not the initial point of breach that causes so much damage – it’s the breach spreading to more critical data and assets that’s so destructive. #Network #segmentation is a crucial control to secure critical data and PII, by ring-fencing applications with patient or client data. Implementing Zero Trust security policies limits access to only allowed parties with a legitimate business purpose and stops the attacker from moving freely across the network to the most valuable data. #Illumio helps #healthcare, academic, and other critical industries keep their crown jewels safe through better, more scalable micro-segmentation that decouples Zero Trust from the constraints of the network by implementing it on the workload. Vertical ‘Brakedown’ - Healthcare and Education Businesses in the healthcare and education industry often have large numbers of customers and employees, and handle large volumes of PII, are especially at risk. Both have already been under scrutiny for privacy concerns around PII for years, through regulations like #HIPAA in healthcare and #FERPA in education (and now #CCPA). Now that distance learning is the norm and medical records have gone largely electronic, it’s even easier for attackers to move between systems if there are no network segmentation access policies in place to prevent it. Potential Questions: Customer data cases: ‘Dead data’ With today’s workforce largely remote, tell me what that means from a security standpoint. What challenges are businesses facing to protect important data/PII? What is that data “worth” and what are the consequences of falling victim to a ransomware attack or similar event from a bad actor? Talk to me about the “assume breach mentality.” What does that mean and how can you/why should you use this philosophy in your approach to security? How does segmentation relate to compliance? How do the two go hand in hand? How does segmentation protect organizations against large scale breaches? In terms of cost, is segmentation a sizable investment for SMBs? Is it a worthwhile investment, in terms of dollars saved from ransomware attacks? #Segmentation is often thought of as a big (perhaps cumbersome) project – how do you suggest organizations make it more scalable? How does segmentation protect end users?
topics discussed: Why did you write the book? What is a pentester? Skills needed Education of hacker Building a lab Kali linux Pentester Framework Docker OWASP Juice Box Vulnhub Overthewire PicoCTF Developing a plan Gaining experience Gaining employment How companies can hire better qualified candidates
1 hr 10 min
man's search for meaning poor planning means poor performance in an incident SHIELD from MITRE RTO/RPO metrics 7 steps to building
1 hr 17 min
intro discuss updates between the 2018 show and this month How has Ohio standardized IT and Security management? Voting chain of custody best practices
1 hr 3 min
making an impact knowing when to start making changes in the organization best methods to encourage org change management and build out your security program
Neil Patel (Sr. Technical Marketing Engineer), illumio adopting zero trust philosophy Implementing #zeroTrust in organization Challenges and benefits to microsegmentation? Forrester Wave Report: https://www.illumio.com/resource-center/research-report/forrester-wave-zero-trust-2020 https://www.illumio.com/ Twitter: https://twitter.com/illumio
A little bit of background learning how to 'own' a program wasting 'consultant' time by checking a box "thinking fast and slow" developing skills and expertise
1st steps to implement in the VCMM What can be done to ensure management buy-in what would a pipeline for intake of vulnerabilities look like?