What's happening at the intersection of IT security and society?
During Black Hat USA 2017, we recorded more than 40 podcasts. A handful of them have already been published to our coverage page. You can find the latest below and will be releasing them as they are ready.
What else is new at ITSPmagazine? This.
An InfoSec Life Human and Artificial Intelligence: A Dialogue With Tadd Wood Diverse IT Challenges And Opportunities For Women In Cybersecurity The New Gearhead A Cyber-Attack Costs A Lot More Than You Think | The Internet Of Toys. Is Barbie Spying On You? Experts Corner Seriously?! Can You Not Do That? Chapter III - External Internet Acces | Current Cyber Coverage Cannot Stand The Next WannaCry | The Metamorphosis Of An Open Source Bot - Mirai To Persirai | Citizen Development - It’s Everywhere, Unstoppable, And Good The Cyber Society: How To Stay Cybersecure This Summer Vacation
Black Hat USA 2017 is now in the past. It was a great event, and we are very excited to share with you all the fantastic conversations we had.
The live panels are now streaming the recorded version, in case you missed it. Click on each image to learn more about the topic, the moderator, the guests, and to watch the panel now.
More than 40 podcast interviews and conversations have been recorded during the event. We will be releasing them as they are ready. Check the Black Hat USA 2017 coverage page to see what is new and sign up to our mailing list to get new content updates from our team.
What happened in vegas dID NOT stay in vegas.
What did we do at Black Hat USA 2017?
Our Black Hat USA 2017 coverage is sponsored by:
Mounir Hahad from Cyphort Labs reminds us: the end goal is to protect our customers and users
Mounir Hahad, Sr. Director at Cyphort Labs connected with ITSPmagazine’s Sean Martin at Black Hat 2017 in Las Vegas.
During their conversation, Hahad reminds us all that the end goal for the industry is to protect our customers and provide a safe environment for the end users to conduct their business. With this in mind, Hahad also puts a call out to the industry at large to work together, suggesting that business and technical partnerships should not be limited to the behemoths that want to control the market nor the startups that are looking for a creative, partnership-driven means to enter the market. In other words, it’s going to require all of us to work together if we are to successfully tackle the problem of cybercrime.
As Mounir described the threat landscape for me, he noted that, while accessing malicious content via the web is still a prevalent threat, email seems to be the most common vector for delivery of malicious code - such as that found in some of the recent ransomware attacks. As organizations look to address the threat of ransomware, Mounir offered some fundamental recommendations to help them prepare for a pending ransomware attack: 1) back up your data safely offline, 2) employ a defense in depth model while not relying on a single technology for protection, and 3) patch, patch, patch.
Will the GDPR be a forcing factor for how companies operate their websites? Chris Olson explains.
Aside from the scary penalties and the costs associated with achieving compliance, GDPR has a lot of positives.
GDPR will become a forcing factor for organizations to pay closer attention to how their data is collected, traded, and managed. During Black Hat USA 2017, Debra Farber, host of The Privacy Pact, talks with Chris Olson, CEO of The Media Trust. He suggests that ultimately, GDPR will drive consumer trust in the right direction. Companies can take better control over their data ecosystem, where up to 75% of their web environment is driven by 3rd party code and services.
What makes a business more susceptible to attack? Neill Feather from SiteLock explains.
Websites run the business - and you want yours to be available for good visitors, but how can you tell the good from the bad? To make matters worse, there are a variety of attacks and compromise to consider: it’s not just malware or a denial of service attack that could make or break the business. In fact, based on recent survey data from SiteLock, two-thirds of customers won’t go back to a company whose website had been breached. Feather also suggests that dealing with an attack against a website is very different - and requires very different tools - than an attack resulting in an endpoint compromise. What makes a business more susceptible to attack you ask? You’ll want to listen to this interview with Neill to find out. He shared his insights on these topics, and more, during his chat with ITSPmagazine's Sean Martin during Black Hat 2017 in Las Vegas.
Prof. Stefano Zanero (Politecnico di Milano) Tells ITSPmagazine Why Just NOT REJECTING Someone Isn’t Enough When It Comes to Inclusion
Stefano Zanero, Associate Professor in the Computer Engineering Department at Politecnico Milano, sat down with ITSPmagazine’s Selena Templeton to discuss Queercon at Black Hat 2017 in Las Vegas. Tune in to hear about the largest social network of LGBT hackers from around the world, the importance of having professional role models who “look” like you, the difference between European and American hacking conferences when it comes to minorities and women, and why just not rejecting someone isn’t enough when it comes to inclusion.
Selena Templeton, discusses DIVERSE IT with Rami Essaid - Co-founder & CEO - Distil Networks
Tune in to hear about Distil Network’s new Women Forward in Technology Scholarship Program, how the U.S. travel ban has impacted Rami personally, his company and the cyber industry, the importance of three white male leaders constantly challenging each other to create a diverse and inclusive organization, and how to tackle an unconscious bias that you aren’t aware of – in humans and AI.
Power To The People - Knowledge Is Power.
A podcast with Chris Roberts and Dr. Christopher Pierson.
Sean Martin and Marco Ciappelli invited Chris Roberts - Chief Security Architect at Acalvio Technologies - and Dr. Christopher Pierson - Chief Security Officer and General Counsel at Viewpost - to hang out with us and have a chat.
It is an interesting conversation. We invite you to listen to it.
We started discussing the status of Artificial Intelligence and Machine Learning in today's cybersecurity solutions. What is possible, what is not, and what is â€œmarketingâ€ making appear today's reality? I took the bullet for that. You are welcome, marketers!
We also spoke about what is happening with all this big data collection executed by different kind of IoT devices, and what it takes to TRULY turn this into a positive thing for the final users. Privacy and security are concepts that cannot just be built in the products; they have to be built in the companies. It is TRUST.
There is much more than just convenience in technology nowadays; there are inconveniences too and the only way for the users to be safe - for the time being - is to stay informed and empower themselves. At least enough to understand the basics.
Get ready; this is just the beginning of the Cyber Society.
The best - or worst - has yet to come.
Episode 437 - Genetic Intelligence
HIPAA (the Health Insurance Portability and Accountability Act of 1996) is legislation that provides data privacy and security provisions for safeguarding your medical information but the act only within the U.S. This means that there's nothing to stop a U.S. genetic testing company from passing that data on to non-U.S. companies. Rusty Sailors, chairman and CEO of LP3-SecurIT, explains what's going on.
Niloo Howe of RSA Talks to Diverse IT About Why We Should Embrace Being Uncomfortable
Selena Templeton, host of Diverse IT, caught up with Niloo Howe, Chief Strategy Officer of RSA, at Black Hat USA 2017 to discuss why a diversity of perspectives is required for innovation. Tune in to hear how different perspectives and experiences drive better top- and bottom-line outcomes, why we should embrace being uncomfortable rather than making the safe choice, why the hell no one knows that Hedy Lamarr wrote the base patent for CDMA technology for secure communications, and steps you can take to bring more diversity to your company.
Debra Farber chats with Chad Holmes from EY about cybersecurity, privacy, and safety
From the halls of Black Hat USA 2017, Debra Farber, host of The Privacy Pact on ITSPmagazine, talks with Chad Holmes, Partner/Principal and Cyber Chief Technology, Strategy and Innovation Officer from EY about filling the cybersecurity talent gap. They also discuss trends in privacy and security that EY sees in the industry and Chad also describes innovation around cyber safety in society.
Do companies have a responsibility to protect their employees? Byron Rashed suggests they do
In this podcast, Sean Martin, co-founder and editor-in-chief at ITSPmagazine, spent some time with Byron Rashed, VP of advanced threat intelligence at InfoArmor during Black Hat USA 2017.
One of the most intriguing parts of the conversation was the focus on moving beyond protecting the business information and customer information, but also protecting the privacy and security of the employees within a business. Organizations have a responsibility to their employees to make sure they are safe - and they also have risk associated with an employee being compromised. This is where threat intelligence comes into play - but not at the expense of human intelligence, warns Rashed.
Listen in to hear how Byron recommends CISOs approach this challenge.
Gary Hayslip and Ted Harrington chat with ITSPmagazine after a live panel during Black Hat USA 2017.
Following the ITSPmagazine and BrightTALK live panel session at Black Hat USA 2017, two of the expert panelists - Gary Hayslip from Webroot and Ted Harrington from Independent Security Evaluators - chat with Sean Martin and Marco Ciappelli about the Internet of Things and their impact on businesses of all shapes and sizes.
Alex Horan [Onapsis] discusses the challenges with auditing and GDPR as it relates to ERP systems
Why is it important to audit and meet compliance for your ERP systems? Alex Horan from Onapsis chats with ITSPmagazine's Sean Martin - during Black Hat USA 2017 - as he describes some of the requirements for meeting compliance, using the Global Data Protection Regulation as a model for purposes of discussion. What data do you have, and whose data is it? What are the requirements to protect it from unauthorized access AND what are the requirements for removal of the data when the owner of the data requests.
The Internet of Things status quo is a mess. We need trust and transparency, and we need it now.
After a great podcast about the Moral Compass for Autonomous Vehicles that Ashwin had with Sean Martin, Marco Ciappelli took over the torch and invited Ashwin to join the Cyber Society Podcast on ITSPmagazine.
The two met during Black Hat 2017 in Las Vegas, a day after we all learned that Rumba Vacuum Cleaners weren't just collecting dust, bread crumbs and pets hair; oh no, they were collecting map floors of people homes, and who knows what else.
Seriously, what is going on with all this big data harvesting? It is so cheap to do nowadays that companies do it anyway - either they need the data for their product or not. The commercial value may be huge for marketers shortly. But who is allowing companies to collect information about our homes, our cars, our lifestyle, and overall our privacy? How can a user opt-out or opt-in, and decide something that doesn’t even know about?
Listen to this conversation, and you will start getting the picture of the mess we are in with the Internet of Things right now. It is complicated, but we need to empower the user, we need knowledge, and we need a Moral Compass and strong ethics.
The Cyber Society needs trust and transparency, and it needs it right now.
Tim Jarrett from CA Veracode talks about application security during Black Hat USA 2017
Tim Jarrett, CA Veracode, talks about application security with Sean Martin during Black Hat USA 2017. What are the drivers behind organizations choosing to invest in application security and who should lead the application security program? How do companies get on top of the problem of insecure components being used in applications? Tim shares his thoughts with us, tying it all together with the Internet of Things and the impact connected devices have on society - due to the vulnerabilities introduced at the application layer.
Introducing New Podcast Series on ITSP Radio
As you know, a chronicle |ˈkränək(ə)l| is a factual written account of important or historical events in the order of their occurrence.
Well, sorry, that is not 'exactly' what this is. We like to think of it as a succinct mix of commentary and fact.
From Our Experts Corner
The Experts Corner is where great minds share their expert opinion on information security news and cybersecurity trends.
From a partnership with BrightTALK, a brand new approach to bring our readers to the Intersection of IT Security & Society.
We are also planning and working on more webinars, podcast interviews, and a variety of conversations with the cybersecurity experts you want to hear from. We are even scheduling some live TV panels from Black Hat 2017.
Stay with us and enjoy some ITSP Radio & TV. Interested in producing a webinar with ITSPmagazine? Let us know!
Cybersecurity Conferences And Events