RSAC 2020

Their Story | Inkscreen | A Conversation With Josh Bohls

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Josh Bohls

A picture is worth a thousand words. Why is that? Because humans like to visualize things.

While written words and checkboxes help us manage our tasks, often, it’s a picture—or a diagram—or a scanned document—that can make all the difference in the world.

The potential business workflows, scenarios, and use cases are endless. Examining them will uncover the question, are we taking advantage of new mobile-ready capabilities? Or, are our existing business processes keeping employees chained to the office? And, especially in the new age of pretty much everyone working from home, it begs an even bigger question: how are the in-office workflows working out?

These questions, and many more, are discussed during this chat with Josh Bohls, founder and CEO of Inkscreen. If you have business processes and are looking to make the most of text and images to keep your business workflows running smoothly—AND SECURELY—you’ll want to listen to the Inkscreen story.

Ready? Then have at it!

Their Story | SecureStack | A Conversation With Guy Givoni and Paul McCarty

A Their Story conversation with Sean Martin and Marco Ciappelli

Guests: Guy Givoni and Paul McCarty

We were fortunate to meet Guy Givoni and Paul McCarty during their RSA Conference Launch Pad event in Singapore. They’ve been busy riding the wave of success following that event and we caught up with them in San Francisco during RSA Conference 2020 to get an update from them.

Are you ready to learn more? Good! Have a listen to their story.

Their Story | DomainTools | A Conversation With Corin Imai

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Corin Imai

Having met Corin Imai in many roles and many locations over the years, we were thrilled to finally sit down with her and hear her story - which includes the work she is doing at DomainTools. There’s a lot to what Corin and the team of data scientists are up to. Have a listen as she shares some of their work with us during this chat.

It is a good story. Enjoy.

Their Story | OPSWAT | A Conversation With Benny Czarny

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Benny Czarny

Before we get to the start of this story, our journey here begins with a view of the current moment in time: OPSWAT’s focus on protecting our critical infrastructure.

You might be surprised (or, maybe not) that several organizations that the OPSWAT team has connected with don’t have a decent answer to this question, with many lacking any policy to define what is appropriate vs. what shouldn’t be allowed. Something as simple as the introduction of a malicious Excel spreadsheet that bypasses the antivirus sandbox capabilities can create a situation where a power plant can be taken offline.

So, What does the future hold for securing our critical infrastructure? Listen to Benny Czarny, CEO, and founder of OPSWAT, as he enlightens us during this chat.

Their Story | Silverfort | A Conversation With Dana Tamir

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Dana Tamir

During RSA Conference 2020, we had a chance to connect with Dana Tamir from Silverfort to get the updated Silverfort story. During our chat, Dana points out that enabling secure authentication and zero trust policies without requiring an agent or proxies or software changes should be the primary goal for organizations looking to keep bad actors out while ensuring secure access to those that have been granted authorized access to the business resources.

Dana provides several use cases and workflows to help demonstrate the scenarios discussed during our chat. How many of these scenarios does your organization deal with? Have a listen to learn more.

Their Story | Juniper Labs | A Conversation With Mounir Hahad

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Mounir Hahad

During RSA Conference 2020, Juniper Networks announced its ability to analyze encrypted traffic, bringing visibility and context to the network where threats and attacks continue to move toward a world of darkness. From the release: It permits organizations greater visibility and policy control over encrypted traffic, without requiring resource-intensive SSL Decryption.

We were able to speak with Mounir Hahad, Head of Juniper Threat Labs at Juniper Networks, to learn more about these new capabilities and the impact it can have on an information security program as organizations try to maintain visibility and control over their networks, systems, and data.

Have a listen as Mounir shares his thoughts on today’s state of cybersecurity, comparing it to the era of industrialization.

Vulnerability Stats Report 2020 Review | Their Story | Edgescan | A Conversation With Eoin Keary and Rahim Jina

A Their Story conversation with Sean Martin and Marco Ciappelli

Guests: Eoin Keary and Rahim Jina

For five years running, Edgescan has conducted an annual survey to analyze the state of vulnerability assessment programs within organizations across the globe. With new data points in hand, giving their team the ability to evaluate year-over-year changes, this year’s results raise the obvious question: “Have we learned anything to help make our businesses more secure?”

Some technologies aren’t the silver bullet, and the human element is still critical as they bring the risk assessment to the table. With this point in mind, assuming you are human, you may want to listen to this chat and also read their report to get a view into how you can work with your peers—and the technology—to reduce risk through full-stack vulnerability management.

The Importance Of CyberSecurity Storytelling | Their Story | RSA Security | A Conversation With Rohit Ghai

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Rohit Ghai, CEO, RSA Security

The InfoSec industry has done a lot of work to raise awareness around the risks we face in business and society, thereby increasing the appreciation for the need to protect our companies and ourselves from cybercrime, fraud, and other dangerous activity associated with being connected to the Internet. Unfortunately, the stories that have been told—and the stories that the media pick up and amplify—are often those that paint a picture of doom, and gloom, and failure.

Ultimately, it may be that we aren't defining the ending to our stories in a way that we want them to end. To this end, do we know what does it mean to win? For which side? Do we know what it means to lose? For which side? And, most importantly, does winning on one side equal losing on the other? In both directions?

Answering these questions can help us change the way we want our stories to be heard; it can help us improve the way we tell our story — can help us change the way we live our story.

Are you ready to change the narrative for a better story, a better outcome? Have a listen to this story, and then start telling yours.

Their Story | CyberSaint | A Conversation With Alison Furneaux and Padraic O’Reilly

A Their Story conversation with Sean Martin and Marco Ciappelli

Guests: Alison Furneaux and Padraic O’Reilly

The concept of governance, risk, and compliance (GRC) has been around since the mid-2000s. GRC continues to change, as do business models, the technologies that run the business, and the cyber threats that threaten to bring it to a screeching halt.

Of course, the role of the CISO has also changed, but has it kept up with the times?

Listen to the CyberSaint story to hear how they identified this problem and have been working diligently to help CISOs overcome the challenges they face.

Their Story | Lucy Security | A Conversation With Colin Bastable

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Colin Bastable

Organizations are defined by their culture—and the culture is determined by the collection of individuals that make up the organization. Organizations that take information security seriously and work with their employees to understand and embrace their role in protecting themselves and the business are the organizations that stand a better chance of thwarting off an attack.

According to today’s guest, Colin Bastable, 97% of all of the threats originate with some form of social engineering. So, organizations must work on having an understanding of the human angle as it relates to these threats—both the employees as humans and the cybercriminals as humans. Organizations must understand the human motivation—both to attack and to protect themselves. People are people on all sides of the equation—it’s just how it is; it’s just how they are.

Once you have this understanding, coupled with how the protection technologies work, you can begin to identify the gaps between what the technology can offer and what the humans can do for themselves. It’s this gap that needs to be closed.

Are you interested in understanding how to identify and close this gap? Have a listen to this chat with Colin—he’s seen this in action all around the world in many different industries.

Their Story | Accedian | A Conversation With Michael Rezek

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Michael Rezek

For years, organizations have been monitoring network traffic to squeeze every ounce of performance out of their systems and applications. The data collected and analyzed gives organizations tremendous insights into what changes need to be made to keep things up and running at top speed. This data is gold.

Many organizations stop mining and analyzing their data once they see that there’s gold there—effectively letting the platinum in their data to wash downstream. The platinum—at least in this story anyway—is security data.

Fortunately, Michael Rezek knows a bit about network data analysis, network performance, and network security—and recognizes the value of both the gold and the platinum sitting in the network data they monitor.

Have a listen to Michael as he shares the Accedian story, describing the journey they’ve taken as a company—and the journey they are helping others take as they continue down the path of their digital transformation.

Their Story | Cequence Security | A Conversation With Jason Kent

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Jason Kent

Since we are humans, we seem to be repeating all of these same mistakes in a different part of the application world—the API layer. We're forgetting that the API layer is really meant for computer to computer communications, changing the game for how we approach authentication, access control, communications, instructions, behaviors, and more. As one example, things like rate limiting can really become a problem if not addressed.

To help us understand this world better, have a listen to Jason Kent, Hacker in Residence at Cequence Security, as he shares with us some of the fun ways he hacks on applications—namely through APIs.

Their Story | BlackCloak | A Conversation With Christopher Pierson

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Christopher Pierson

Sometimes it takes some creative thinking when it comes to gaining an understanding of how information security and cybersecurity work—and why they matter, not only during work hours but after hours as well.

To help you with this thinking process, have a listen to this chat with Chris Pierson, founder, and CEO of BlackCloak, as he tells us (you) his story about the creation of BlackCloak and its cyber protection services for executives and high net worth individuals.

Who knows, you might even get a glimpse into what a BlackCloak is.

Enjoy!

Their Story | WeSecureApp | A Conversation With Venu Rao

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Venu Rao

The team at WeSecureApp have been embracing that recognition, the positive feedback they receive from their clients, and the constructive feedback from the RSA Conference Launch Pad judges (in Singapore) to continue to expand their team, their presence around the world, and their product line — all with a focus on meeting customer need and market fit.

With an expansion into the US (with a Dallas, Texas office) and a key member added to their advisory board, WeSecureApp has found themselves benefiting from several accelerator programs that are setting them up for long-term growth and success.

Listen in as Venu tells us more about these activities and what the future holds for WeSecureApp.

Their Story | ReversingLabs | A Conversation With Mario Vuksan and Tyson Whitten

A Their Story conversation with Sean Martin and Marco Ciappelli

Guests: Mario Vuksan, CEO & Co-Founder, ReversingLabs | Tyson Whitten, VP, Global Marketing, ReversingLabs

CHAPTER 2: Does the black box of machine learning and artificial intelligence give you a headache? If so, it’s like the lack of visibility into how new (dare we say, “next-gen”) information technologies work. This is beginning to give pause to many organizations looking to leverage such technologies to help them succeed with their IT security management programs. Without a view into how the data is analyzed paired with a lack of visibility for how the results can be connected back to the operations—and the business—means that organizations are forced to blindly trust that their vendors are doing the best things, the right thing.

So, how come we can’t get this visibility? What’s holding us back? Have a listen to Mario’s and Tyson’s view to hear how they see these headaches being treated in the not-so-distant future.

Their Story | Virsec | A Conversation With Willy Leichter

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Willy Leichter

Our guest today, Willy Leichter, points out that the National Vulnerability Database has been tracking between 5,000 to 7,000 vulnerabilities every year; a figure that went up to about 20,000 a couple years ago, and where we're now seeing 10,000 to 15,000 per month. Trying to keep up with this trend from a patch management perspective as the sole means to eliminate vulnerabilities and mitigate risk to the business isn't scalable; it isn't feasible.

Still, business marches on—technology marches on—security is always going to have to run fast to keep up. Most organizations accept that. But it can be daunting at times. Have a listen to this chat with Willy to get a different perspective on this problem. With any luck, you'll have a fighting chance to make it through tomorrow, and the next day, and the day after that without a serious problem with your apps.

Their Story | DataLocker | A Conversation With Jay Kim

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Jay Kim

How do organizations ensure that those devices (and related ports) don’t get misused and abused — especially when there are 10s of thousands of users, each potentially with multiple external devices?

That’s where centralized management comes into play, giving IT leaders and business owners the ability to define and enforce acceptable use policies aligned with their business needs and their risk appetite. Listen to today’s story by Jay Kim as he shares some detailed use cases.

Their Story | SIRP | A Conversation With Faiz Shuja

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Faiz Shuja

We’ve arrived at a time in business where we can no longer rely on manually fighting the status quo as a means to protect the organization from compromise. We’ve reached a point where organizations must prepare for the inevitable and take aim at defining and implementing the best possible breach response capabilities—driven by intelligence and orchestrated with automation. Listen to today’s episode as Faiz Shuja shares the SIRP story with us, giving us a view into what the future holds for the security orchestration and automated response market.

Have a listen to this story!

Their Story | BYOS | A Conversation With Matias Katz

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Matias Katz

Listen to today’s episode as Matias Katz tells us the BYOS story: the origins of the company, how Matias’ upbringing and education helped to shape the company, and how his passion and drive for knowledge and learning are helping him to take the company into the future—a future full of countless bad actors looking to compromise and exploit some of the billions of Internet-connected devices for their financial gain.

Their Story | Prevailion | A Conversation With Karim Hijazi and Adam Flatley

A Their Story conversation with Sean Martin and Marco Ciappelli

Guests: Karim Hijazi and Adam Flatley

The question for you as you listen to this conversation is: “are you zeroing in on what matters for your entire business ecosystem, or are you stuck in a world where updating patches, changing firewall rules, and running AV scans is still your top priority?”