Dec 6, 2024

In this final installment of a trio of discussions with Theresa Lanowitz about Cyber Resilience, we put it all together and attempt to figure out what the road to cyber resilience looks like, and what barriers security leaders will have to tackle along the way. We'll discuss:

• How to identify these barriers to cyber resilience
• Be secure by design
• Align cybersecurity investments with the business

Also, be sure to check out the first two installments of this series!

• Episode 380: Cybersecurity Success is Business Success
• Episode 383: Cybersecurity Budgets: The Journey from Reactive to Proactive

This segment is sponsored by LevelBlue. Visit https://securityweekly.com/levelblue to learn more about them!

When focused on cybersecurity through a vulnerability management lens, it's tempting to see the problem as a race between exploit development and patching speed. This is a false narrative, however. While there are hundreds of thousands of vulnerabilities, each requiring unique exploits, the number of post-exploit actions is finite. Small, even.

Although Log4j was seemingly ubiquitous and easy to exploit, we discovered the Log4Shell attack wasn't particularly useful when organizations had strong outbound filters in place.

Today, we'll discuss an often overlooked advantage defenders have: mitigating controls like traffic filtering and application control that can prevent a wide range of attack techniques.

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

This week, in the enterprise security news,

1. Funding and acquisition news slows down as we get into the “I’m more focused on holiday shopping season”
2. North Pole Security picked an appropriate time to raise some seed funding
3. Breaking news, it’s still super easy to exfiltrate data
4. The Nearest Neighbor Attack
5. Agentic Security is the next buzzword you’re going to be tired of soon
6. Frustrations with separating work from personal in the Apple device ecosystem
7. We check in on the AI SOC and see how it’s going
8. Office surveillance technology gives us the creeps

All that and more, on this episode of Enterprise Security Weekly.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-386