E06: The #1 Attack Vector, API Security | Gene Fay, CEO, ThreatX

OT Rise of the Machines: Delve Live at Disruptor Day UK 2023

Welcome to this live edition of Delve [https://podcasters.spotify.com/pod/show/delvepodcast] Live - Delve is a podcast by Distology where we’re joined by guests to tackle technology topics that need some exploring, unpacking, and, in some cases, demystifying in this brave and boundaryless IT world that we live and work in. Today, our panel is named “OT Rise of the machines” - which is in no way related to Terminator 3, so don’t worry there will be no Arnold Schwarzenegger impressions today. What we are going to be delving into during this discussion is Operational Technology cybersecurity, or OT for short. This podcast episode will explore the challenges OT environments face, the convergence of IT and OT, and the new opportunities this will present to the IT Channel. To set the scene a little, Operational Technology is the backbone of critical infrastructure in various sectors from Oil & Gas, Energy and Transportation. The priorities in OT differ to IT. IT (information technology) primarily focuses on managing digital data and communication systems, whilst OT centres around controlling and optimising physical processes and machinery in industries – making the safety and availability of systems paramount. A cyber-attack in an OT environment carries severe repercussions, impacting not only OT professionals but also posing significant threats to the environment and human life. This risk is particularly evident when considering critical facilities like nuclear energy facilities and water treatment plants on a broader scale. For those who OT is relatively new to, we have a stellar panel lineup of experts in the OT field – helping you bridge the gap. * Chris Bihary – CEO/Co-finder of Garland Technology [https://www.distology.com/vendor/garland-technology/], Buffalonian and is a 30-year veteran in the network TAP and OT space. * Jake Alosco - Experienced Channel Leader, VP of Global partnerships and all-round great guy from Cyolo [https://www.distology.com/vendor/cyolo], who provide secure remote access to high-risk infrastructures. * Ian McGowan – CEO/Co-founder of Solutions Provider Barrier Networks * Harjit Hothi - With extensive experience in Cyber Security and Operational Technology. He has been in the industry for over 20 years, and he is here today representing OPSWAT [https://www.distology.com/vendor/opswat], who is the latest vendor to join our OT portfolio. Welcome to this episode of Delve!

E07: Product Design & Engineering: Innovating for Success | Martyn Roberts | Distology Studios

Today, we’re delving into the world of product design & engineering – what place does this have on a cybersecurity podcast, I hear you think? Well, with the explosion of web applications in recent years there are some big questions being raised over development practices, secure access to the applications for users and of course the age old struggle of hiring a multi-disciplined team to design and build the product. Helping us get into this topic is Distology’s very own Martyn Roberts – the founder of Berlin-based boutique design & agency Squareball, who are now part of the Distology family as Distology Studios. Martyn, a Glasgow native with a passion for innovation and customer-centric work, embarked on a journey that combines his expertise in product design, engineering, and software systems. After studying product design and engineering with a strong emphasis on engineering, he pursued an MSc in software and systems, further expanding his knowledge. Martyn's career kick-started at prominent consultancies like Unisys, Atos, and C&W, where he quickly realized the lack of innovation and meaningful customer interaction in these sectors. Yearning for fulfillment and a sense of achievement, he decided to venture out on his own as a contractor, establishing valuable connections and gaining confidence in his abilities. It was during this period that he discovered the recruitment industry as his primary focus, directly engaging with clients and their customers, which proved to be an incredibly rewarding experience. As his client base evolved, he began building small, dedicated teams to cater to their specific needs, resulting in closer collaboration and more impactful solutions. Over the course of a decade, Martyn honed his skills in building custom applications, recognizing the pivotal role of UI/UX in delivering exceptional user experiences. In 2011, he made a pivotal move to Berlin, a city known for its vibrant and welcoming creative community. At that time, Berlin was at the forefront of the co-working scene, setting the stage for Martyn's team to thrive and collaborate with like-minded individuals. The city's creative energy also facilitated unique opportunities, such as hosting events in museum spaces, fostering an environment that encouraged unconventional ideas to flourish. In 2018, Martyn's expertise led him to explore the realm of identity and security, as the high-profile projects he undertook required the implementation of Auth0. This development further expanded his repertoire and solidified his position as an innovative force in the industry. Today, he continues to push the boundaries of technology, leveraging his multidisciplinary background and customer-focused approach to create transformative solutions. With a rich tapestry of experiences and a steadfast commitment to excellence, he brings a wealth of knowledge and insight to any discussion on innovation, customer-centricity, and the evolving landscape of technology. 🌟 Episode Discussion Points - Martyn’s background - From Glasgow to Berlin - Designing and engineering applications - methodologies, innovation teams and processes - The importance of UX in the design process - Tools which support the team in the design and engineering process - The benefits of being “agile” to teams and customers - How do smaller agencies take a secure approach to engineering? - The technology Martyn will be delving further into 🎙 Follow Our Guests Martyn Roberts - LinkedIn [https://www.linkedin.com/in/martyn-g-roberts ] Lance Williams - LinkedIn [https://www.linkedin.com/in/lance-williams] 👇 Follow Distology Distology - LinkedIn [www.linkedin.com/company/distology] Distology Studios - LinkedIn [https://www.linkedin.com/showcase/distologystudios/]

Jurassic Spark: The Story of Identity | Delve Bytesize E01

Have you ever wondered how the deaths of all the IT team in Jurassic Park could have been avoided? Identity is the original source of the problem.  This is the tale of how Jurassic Park could have gone from 2 hours to 10 minutes if only they had used Okta [www.distology.com/vendor/okta]. Dennis Nedry, the sole IT support at Jurassic Park, had the immense responsibility of safeguarding the entire park. He possessed exclusive knowledge of the passwords which were the key to the power servers and operational technology. However, when he met his untimely demise, nobody else could get into the servers because only he knew the special passwords that were now lost forever! Step in Okta. With the help of Okta, the remaining characters could have effortlessly entered the browser and accessed the Okta portal. There, they could have swiftly logged in using Okta Fast Pass, which relies on the power of biometric authentication - the strongest and most secure form of verification.  Once in the Okta dashboard, a gateway to all applications would open up before them. But perhaps most crucially, they would have gained the ability to access the power servers controlling the entire park. And this is how Jurassic Park could have been a 10-minute movie, without any deaths.

Cyberman Into the Cyberverse: Delve Live at Disruptor Day Benelux 2023

Join Distology [www.distology.com] for a special episode of Delve, which was recorded in front of a live audience in Utrecht as part of Disruptor Day Netherlands. Breaking away from the usual format, Distology’s CTO Lance Williams has invited a whole host of cybersecurity specialists to share their thoughts on some of the latest automation-harnessing technology services super-powering cybersecurity teams in their continued fight against cyber villains. This panel discussion explores the challenges of: * IT & OT – able to work together in harmony? Digitally awakened machinery based on legacy systems are forming part of the attack surface that organisations need to protect, yet incredibly difficult to secure without impacting operational excellence. How can IT help OT teams to close this loop? * Automating Governance, Risk & Compliance: How can CISO’s take advantage of automation to ensure security investments are consciously competent? ISO/GDPR/SOC2 – can this process be automated?Identity Access * Management Design – Become the choreographer of your identity journey by putting human centric design at the forefront of development * Data First Approach to Security – In a world of porous networks and interconnected infrastructures, how do we protect our data highways and keep the spies out of our lanes? * Human vs Machine – With data overload facing almost all IT teams and alert fatigue setting in, can we trust machines to ‘take over the wheel’ of our cybersecurity journey? Where does the liability lie if an error is made? Follow Our Guests * Lance Williams [https://www.linkedin.com/in/lance-williams/⁠], Distology * Dr Richard Searle [https://www.linkedin.com/in/richard-searle-cc/⁠], Fortanix * George Bonser [https://www.linkedin.com/in/george-bonser-3896a180/⁠], Drata * Eward Driehuis [https://www.linkedin.com/in/ewarddriehuis/⁠], Keynote Speaker * Andreas Grimm [https://www.linkedin.com/in/andreas-grimm/⁠], Distology Studios * Mark Edge [https://www.linkedin.com/in/marktedge/⁠], Cyolo About Delve Delve is a technology podcast, where your host, Lance Williams, is joined by guests to tackle technology topics that need exploring, unpacking and in some cases, de-mystifying in our brave and boundary-less IT world. Available on all podcast platforms, please subscribe and tune in each month as Lance interviews special guests from the cybersecurity world and beyond.

E06: The #1 Attack Vector, API Security | Gene Fay, CEO, ThreatX

Hello listeners, welcome back to this month’s episode of Delve the podcast!   Today we're delving into API security. APIs, or Application Programming Interfaces are a way for different software applications to communicate with each other. They define a set of rules and protocols for how data should be exchanged between the app. In web development, APIs are used to access the functionality and data of a web app from a different programme or website.   And there's BILLIONS of them out there, used in ever conceivable way. Stop levels, weather feeds, time and calculations. You name it! A web app and API exists for it, so they've become intensely interesting for the cyber bad guys to exploit, which is exactly why we have API and web app security technology. Today we are joined by Gene Fay, CEO of API security specialist ThreatX.   About Gene Fay  Gene Fay is the CEO of API and application protection company ThreatX. Gene has a lengthy track record as an executive at technology companies, including COO at White Ops, General Manager at Resilient Systems (acquired by IBM), and VP of Worldwide Sales and Global Alliances of Network Intelligence (acquired by EMC and integrated into RSA).   Discussion Points  * Becoming the CEO of ThreatX; how did that happen? * What the heck is an API?  * What do people have to go through to find API security as a problem? * Everyone uses APIs, why doesn’t everyone know about API security? * How has Gene shaped and managed the ThreatX platform? * What's a rouge API? * Why are there so many APIs?  * Marketing in the IT Channel * How do businesses separate the wheat from the chaff when it comes to API security? * ThreatX is more than just API security * ThreatX and beyond * DDos attacks and Bots * Is there anyone like ThreatX on the market? * Advice on getting API security recognised at a board level in an organisation  * Which tech topic has tickled Gene's taste buds and why?   Sources Mentioned * ThreatX * ThreatX Academy * Darknet Diaries * Executive Security Podcast   🌟 Follow Lance: https://www.linkedin.com/in/lance-williams  🌟 Follow Gene:  https://www.linkedin.com/in/genefay  👇 Learn more about Distology here:  http://www.distology.com http://www.linkedin.com/company/distology  👇 Learn more about ThreatX here:  www.distology.com/vendor/threatx  https://www.linkedin.com/company/threatx  https://www.threatx.com  About Delve  Delve is a technology podcast, where your host, Lance Williams, is joined by guests to tackle technology topics that need exploring, unpacking and in some cases, de-mystifying in our brave and boundary-less IT world. Available on all podcast platforms, please subscribe and tune in each month as Lance interviews special guests from the cybersecurity world and beyond.