Securonix SIEMple Talks

Testing Deepfakes: The Reality of AI Impersonation Attacks

Send a text [https://www.buzzsprout.com/twilio/text_messages/2428296/open_sms] What happens when your company's cyber defenses face a deepfake attack impersonating leadership? Bill Shearstone, Director of Information Security in the energy sector, shares the eye-opening results from a penetration test where his team used AI-generated deepfake technology to trick an employee into resetting credentials. Despite technical limitations and the employee's "gut feeling that something wasn't right," the attack succeeded - revealing crucial lessons about human psychology in security. Drawing from both his extensive commercial experience and previous work at the NSA during the global war on terrorism, Shearstone offers practical insights on how organizations should approach penetration testing. Rather than repeatedly testing external defenses, he advocates starting tests with internal access to thoroughly evaluate detection capabilities, incident response procedures, and lateral movement controls. This approach uncovered a critical finding: security tools detected suspicious activity but failed to provide the complete picture of what was happening. Shearstone emphasizes why cybersecurity's strength lies in continuous improvement and incident response preparation: "If I look at an attack coming in and I'm able to contain it without impacting business operations tremendously, to me that's just as good as preventing an attack." His pragmatic approach acknowledges that perfect prevention is impossible, making effective detection and response capabilities equally crucial for organizational resilience.

Cybersecurity Challenges in Small Teams

Send a text [https://www.buzzsprout.com/twilio/text_messages/2428296/open_sms] By exploring the complexities of cybersecurity in a law firm, we gain insight into the unique challenges faced by small teams managing sensitive data. Tim Thornsberry, Director of Information Security at Steptoe & Johnson, shares his experience navigating these waters with limited resources.  • Introduction of Tim Thornsberry and his role at Steptoe & Johnson   • The unique cybersecurity challenges faced by law firms   • Managing threat detection with a small security team   • Embracing automation and AI in cybersecurity   • The value of generalist skills versus specialization in cybersecurity   • Advice for professionals in small security teams   Thank you for joining us! Feel free to connect with us on social media and share your thoughts.

Securing the Digital Battlefield: The Role of Threat Research in Cyber Defense

Send a text [https://www.buzzsprout.com/twilio/text_messages/2428296/open_sms] Discover the world of cybersecurity through the eyes of Tim Peck, the Senior Security Researcher at Securonix, as he shares his journey from a sysadmin role to a leading figure in threat research and incident response. Learn how Securonix integrates advanced threat intelligence into its products to outsmart cyber adversaries and enhance detection capabilities, offering unparalleled value to both the industry and their customers. Tim reveals how timely advisories can disrupt the plans of threat actors, highlighting the proactive nature of modern cybersecurity. Join us as we unravel the complexities of modern cyber warfare, focusing on the tactics of high-profile APT groups and the innovative challenges posed by malware like STEEP#MAVERICK. Understand the necessity of a layered security approach and how pairing technologies can close potential gaps in detection, particularly through SIEM systems. This episode sheds light on the evolving strategies of cyber adversaries and explores how organizations can bolster their defenses against sophisticated threats. Explore the dual impact of AI on cybersecurity, where it serves as both an ally and a threat. While AI enhances our capabilities, it also empowers malicious actors to deploy threats at unprecedented speed and scale. Despite these challenges, threat intelligence remains a cornerstone of cybersecurity, transforming into actionable insights that fortify defenses. By understanding threat actors' methodologies, organizations can not only react to known threats but also anticipate and mitigate future risks, proving that informed strategies are key to securing the digital frontier.

Crafting Unique Cybersecurity Approaches

Send a text [https://www.buzzsprout.com/twilio/text_messages/2428296/open_sms] Join us for an engaging conversation with Evgeniy Kharam, a distinguished cybersecurity expert, as he takes us through his fascinating journey from the Israeli Navy to becoming a leading figure in the field. Evgeniy shares invaluable insights into the critical role that effective communication plays alongside technical expertise in cybersecurity. We also discuss the novel Ski and Snowboard Cybersecurity Conference, an innovative blend of networking and leisure that offers a fresh perspective on professional connections. We navigate the rapidly evolving world of cybersecurity technology, the challenges that hybrid organizations face, strategic decisions about cloud providers, disaster recovery plans, and service consolidation.  We also discussed challenging the notion of "best practices" in cybersecurity, advocating for a systems-thinking approach tailored to each organization's needs. Evgeniy emphasizes the importance of clear communication and understanding your audience to translate technical concepts effectively.  Join us for this insightful episode that promises to enrich your understanding of the dynamic cybersecurity arena.

Beyond Alerts: Unlocking the True Value of Managed Security Services (MSSPs)

Send a text [https://www.buzzsprout.com/twilio/text_messages/2428296/open_sms] Tune in to the first episode of SIEMple Talks with host Augusto Barros as he sits down with Scott McCrady, CEO of SolCyber. Together, they dive deep into the evolving role of Managed Security Service Providers (MSSPs) in modern organizations. From their origins in device management to becoming strategic partners in cybersecurity, this episode explores how MSSPs provide advanced threat detection, 24/7 response capabilities, and valuable security guidance during "peacetime." Learn how MSSPs are changing the game for businesses of all sizes.