Securing The Future Of Business | A Series of Conversations With RSA Security

A Their Story conversation with Sean Martin, Marco Ciappelli, and RSA Security executives, customers, and partners.

This is a 3-part podcast and webcast series with RSA Security executives and business leaders along with some of their strategic customers and partners. The series will explore the accelerated digital transformation disruption as organizations evaluate their risk as it maps to their current and future business operations.

The 3 episodes include: SECURITY | WORKFORCE | BUSINESS

Bookmark this page to catch all of the episodes as they become available.

Listen and start building for the future now.

The Cequence Security Story — Chapter 3 | With Matt Keil

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Matt Keil

With the use of APIs come a large number of entry points for bad actors to target. How many APIs are used within an organization, you ask? Many don't know - but Cequence Security can provide a view into this complex environment, giving organizations a full visual footprint of the APIs in use and then provide a risk score and further inspection to identify vulnerabilities and other gaps that could lead to a compromise.

Describing the API environment as "connective tissue," Matt shares a number of examples of how API-based risk exposure, vulnerability exploitation, and escalation of privilege can become a thing of the past when using the discovery and continuous monitoring capabilities in the newly-released Ceqeuence Security API Sentinel product.

Have a listen.

The Semperis Story — Chapter 3 | With Darren Mar-Elia

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Darren Mar-Elia

Businesses rely heavily on Active Directory to manage policies and access for pretty much everything that runs their business. Essentially, they built a vault years ago to hold all of their treasures and secrets, and business operations look to that vault every moment of every day to grab things from it so they can make countless business decisions.

But, because that vault was created and used behind scenes by most throughout the organization, does it get the attention it deserves in terms of risk assessments, threat monitoring, and attack defense?

This is the burning question that we dig in to with Darren in this chapter.

Have a listen.

Adapting To Unpredictability Without Compromising Quality | A Conversation With HITRUST

Their Story conversations with Sean Martin and HITRUST executives, customers, and partners

This is a 2-part podcast and webcast series with HITRUST executives along with some of their strategic customers and partners. The series explores the value of a formal risk management program coupled with a well-formed culture of security and business continuity that focuses on the impact a crisis can have on the customer.

Bookmark this page to catch all of the episodes as they become available.

The BlackCloak Story — Chapter 2 | With Christopher Pierson

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Christopher Pierson

Succeeding in the information security market takes a lot more than building a better mousetrap. The market must be ready for the solution—finding value and willing to pay for the it—and the team must be capable of surviving a financial runway that supports a return for their investors. Looks like BlackCloak is on the right track for all of the above.

In this podcast, Dr. Pierson walks us through some of the high level threat trends and specific threat activity he and his team are seeing and monitoring as they protect executives and high net worth individuals when and where their business cyber protections stop— in their home and in their everyday life. From home printers being hijacked to cyber extortion, everything is fair game for cyber criminals.

No need to take our word for it. Press play and listen to Dr. Pierson telling us about this new chapter in the BlackCloak story.

Their Story | Inkscreen | A Conversation With Josh Bohls

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Josh Bohls

A picture is worth a thousand words. Why is that? Because humans like to visualize things.

While written words and checkboxes help us manage our tasks, often, it’s a picture—or a diagram—or a scanned document—that can make all the difference in the world.

The potential business workflows, scenarios, and use cases are endless. Examining them will uncover the question, are we taking advantage of new mobile-ready capabilities? Or, are our existing business processes keeping employees chained to the office? And, especially in the new age of pretty much everyone working from home, it begs an even bigger question: how are the in-office workflows working out?

These questions, and many more, are discussed during this chat with Josh Bohls, founder and CEO of Inkscreen. If you have business processes and are looking to make the most of text and images to keep your business workflows running smoothly—AND SECURELY—you’ll want to listen to the Inkscreen story.

Ready? Then have at it!

Their Story | SecureStack | A Conversation With Guy Givoni and Paul McCarty

A Their Story conversation with Sean Martin and Marco Ciappelli

Guests: Guy Givoni and Paul McCarty

We were fortunate to meet Guy Givoni and Paul McCarty during their RSA Conference Launch Pad event in Singapore. They’ve been busy riding the wave of success following that event and we caught up with them in San Francisco during RSA Conference 2020 to get an update from them.

Are you ready to learn more? Good! Have a listen to their story.

Their Story | DomainTools | A Conversation With Corin Imai

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Corin Imai

Having met Corin Imai in many roles and many locations over the years, we were thrilled to finally sit down with her and hear her story - which includes the work she is doing at DomainTools. There’s a lot to what Corin and the team of data scientists are up to. Have a listen as she shares some of their work with us during this chat.

It is a good story. Enjoy.

Their Story | OPSWAT | A Conversation With Benny Czarny

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Benny Czarny

Before we get to the start of this story, our journey here begins with a view of the current moment in time: OPSWAT’s focus on protecting our critical infrastructure.

You might be surprised (or, maybe not) that several organizations that the OPSWAT team has connected with don’t have a decent answer to this question, with many lacking any policy to define what is appropriate vs. what shouldn’t be allowed. Something as simple as the introduction of a malicious Excel spreadsheet that bypasses the antivirus sandbox capabilities can create a situation where a power plant can be taken offline.

So, What does the future hold for securing our critical infrastructure? Listen to Benny Czarny, CEO, and founder of OPSWAT, as he enlightens us during this chat.

Their Story | Silverfort | A Conversation With Dana Tamir

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Dana Tamir

During RSA Conference 2020, we had a chance to connect with Dana Tamir from Silverfort to get the updated Silverfort story. During our chat, Dana points out that enabling secure authentication and zero trust policies without requiring an agent or proxies or software changes should be the primary goal for organizations looking to keep bad actors out while ensuring secure access to those that have been granted authorized access to the business resources.

Dana provides several use cases and workflows to help demonstrate the scenarios discussed during our chat. How many of these scenarios does your organization deal with? Have a listen to learn more.

Their Story | Juniper Labs | A Conversation With Mounir Hahad

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Mounir Hahad

During RSA Conference 2020, Juniper Networks announced its ability to analyze encrypted traffic, bringing visibility and context to the network where threats and attacks continue to move toward a world of darkness. From the release: It permits organizations greater visibility and policy control over encrypted traffic, without requiring resource-intensive SSL Decryption.

We were able to speak with Mounir Hahad, Head of Juniper Threat Labs at Juniper Networks, to learn more about these new capabilities and the impact it can have on an information security program as organizations try to maintain visibility and control over their networks, systems, and data.

Have a listen as Mounir shares his thoughts on today’s state of cybersecurity, comparing it to the era of industrialization.

Vulnerability Stats Report 2020 Review | Their Story | Edgescan | A Conversation With Eoin Keary and Rahim Jina

A Their Story conversation with Sean Martin and Marco Ciappelli

Guests: Eoin Keary and Rahim Jina

For five years running, Edgescan has conducted an annual survey to analyze the state of vulnerability assessment programs within organizations across the globe. With new data points in hand, giving their team the ability to evaluate year-over-year changes, this year’s results raise the obvious question: “Have we learned anything to help make our businesses more secure?”

Some technologies aren’t the silver bullet, and the human element is still critical as they bring the risk assessment to the table. With this point in mind, assuming you are human, you may want to listen to this chat and also read their report to get a view into how you can work with your peers—and the technology—to reduce risk through full-stack vulnerability management.

The Importance Of CyberSecurity Storytelling | Their Story | RSA Security | A Conversation With Rohit Ghai

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Rohit Ghai, CEO, RSA Security

The InfoSec industry has done a lot of work to raise awareness around the risks we face in business and society, thereby increasing the appreciation for the need to protect our companies and ourselves from cybercrime, fraud, and other dangerous activity associated with being connected to the Internet. Unfortunately, the stories that have been told—and the stories that the media pick up and amplify—are often those that paint a picture of doom, and gloom, and failure.

Ultimately, it may be that we aren't defining the ending to our stories in a way that we want them to end. To this end, do we know what does it mean to win? For which side? Do we know what it means to lose? For which side? And, most importantly, does winning on one side equal losing on the other? In both directions?

Answering these questions can help us change the way we want our stories to be heard; it can help us improve the way we tell our story — can help us change the way we live our story.

Are you ready to change the narrative for a better story, a better outcome? Have a listen to this story, and then start telling yours.

Their Story | CyberSaint | A Conversation With Alison Furneaux and Padraic O’Reilly

A Their Story conversation with Sean Martin and Marco Ciappelli

Guests: Alison Furneaux and Padraic O’Reilly

The concept of governance, risk, and compliance (GRC) has been around since the mid-2000s. GRC continues to change, as do business models, the technologies that run the business, and the cyber threats that threaten to bring it to a screeching halt.

Of course, the role of the CISO has also changed, but has it kept up with the times?

Listen to the CyberSaint story to hear how they identified this problem and have been working diligently to help CISOs overcome the challenges they face.

Their Story | Lucy Security | A Conversation With Colin Bastable

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Colin Bastable

Organizations are defined by their culture—and the culture is determined by the collection of individuals that make up the organization. Organizations that take information security seriously and work with their employees to understand and embrace their role in protecting themselves and the business are the organizations that stand a better chance of thwarting off an attack.

According to today’s guest, Colin Bastable, 97% of all of the threats originate with some form of social engineering. So, organizations must work on having an understanding of the human angle as it relates to these threats—both the employees as humans and the cybercriminals as humans. Organizations must understand the human motivation—both to attack and to protect themselves. People are people on all sides of the equation—it’s just how it is; it’s just how they are.

Once you have this understanding, coupled with how the protection technologies work, you can begin to identify the gaps between what the technology can offer and what the humans can do for themselves. It’s this gap that needs to be closed.

Are you interested in understanding how to identify and close this gap? Have a listen to this chat with Colin—he’s seen this in action all around the world in many different industries.

Their Story | Accedian | A Conversation With Michael Rezek

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Michael Rezek

For years, organizations have been monitoring network traffic to squeeze every ounce of performance out of their systems and applications. The data collected and analyzed gives organizations tremendous insights into what changes need to be made to keep things up and running at top speed. This data is gold.

Many organizations stop mining and analyzing their data once they see that there’s gold there—effectively letting the platinum in their data to wash downstream. The platinum—at least in this story anyway—is security data.

Fortunately, Michael Rezek knows a bit about network data analysis, network performance, and network security—and recognizes the value of both the gold and the platinum sitting in the network data they monitor.

Have a listen to Michael as he shares the Accedian story, describing the journey they’ve taken as a company—and the journey they are helping others take as they continue down the path of their digital transformation.

Their Story | Cequence Security | A Conversation With Jason Kent

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Jason Kent

Since we are humans, we seem to be repeating all of these same mistakes in a different part of the application world—the API layer. We're forgetting that the API layer is really meant for computer to computer communications, changing the game for how we approach authentication, access control, communications, instructions, behaviors, and more. As one example, things like rate limiting can really become a problem if not addressed.

To help us understand this world better, have a listen to Jason Kent, Hacker in Residence at Cequence Security, as he shares with us some of the fun ways he hacks on applications—namely through APIs.

Their Story | BlackCloak | A Conversation With Christopher Pierson

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Christopher Pierson

Sometimes it takes some creative thinking when it comes to gaining an understanding of how information security and cybersecurity work—and why they matter, not only during work hours but after hours as well.

To help you with this thinking process, have a listen to this chat with Chris Pierson, founder, and CEO of BlackCloak, as he tells us (you) his story about the creation of BlackCloak and its cyber protection services for executives and high net worth individuals.

Who knows, you might even get a glimpse into what a BlackCloak is.

Enjoy!

Their Story | WeSecureApp | A Conversation With Venu Rao

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Venu Rao

The team at WeSecureApp have been embracing that recognition, the positive feedback they receive from their clients, and the constructive feedback from the RSA Conference Launch Pad judges (in Singapore) to continue to expand their team, their presence around the world, and their product line — all with a focus on meeting customer need and market fit.

With an expansion into the US (with a Dallas, Texas office) and a key member added to their advisory board, WeSecureApp has found themselves benefiting from several accelerator programs that are setting them up for long-term growth and success.

Listen in as Venu tells us more about these activities and what the future holds for WeSecureApp.

Their Story | ReversingLabs | A Conversation With Mario Vuksan and Tyson Whitten

A Their Story conversation with Sean Martin and Marco Ciappelli

Guests: Mario Vuksan, CEO & Co-Founder, ReversingLabs | Tyson Whitten, VP, Global Marketing, ReversingLabs

CHAPTER 2: Does the black box of machine learning and artificial intelligence give you a headache? If so, it’s like the lack of visibility into how new (dare we say, “next-gen”) information technologies work. This is beginning to give pause to many organizations looking to leverage such technologies to help them succeed with their IT security management programs. Without a view into how the data is analyzed paired with a lack of visibility for how the results can be connected back to the operations—and the business—means that organizations are forced to blindly trust that their vendors are doing the best things, the right thing.

So, how come we can’t get this visibility? What’s holding us back? Have a listen to Mario’s and Tyson’s view to hear how they see these headaches being treated in the not-so-distant future.