Our guest today is Rita Gurevich, the CEO and Founder of SPHERE, an identity hygiene platform. Gurevich joins host David Puner to explore the challenges and dynamics surrounding identity and cyber hygiene in today’s cybersecurity landscape. The conversation begins by addressing the accelerated pace at which cyber controls and identity hygiene requirements are evolving, emphasizing the critical role they play in cybersecurity strategies.
My career began with read-only access. In my first job, I worked night shifts in a data operations center. Our team handled incidents identified either by monitoring or from end customers. This meant I often had to perform first, second and third-line troubleshooting. If we couldn’t identify and resolve the issue, our only option was to wake up a rather exhausted escalation engineer.
The growing frequency and sophistication of cyberattacks, especially on the ransomware front, have compelled even more companies to seek cyber insurance coverage. But as the need for coverage grows, so do the complexities. Even though we’re seeing a trend in which premiums have flattened, with expectations that this will continue as a market correction occurs, significant challenges remain for companies seeking coverage.
2023 was a lucrative year for ransomware actors, with victim organizations paying $449.1 million in the first six months alone. Maintaining this cash stream requires frequent technique shifts, which may be why more attackers are exploiting legitimate software to propagate their malware. Abusing organizations’ existing enterprise tools can help attackers blend in while they’re doing reconnaissance, and also aids them with privilege escalation and persistence.
Today’s Trust Issues guest is Brian Contos, Chief Strategy Officer at Sevco Security. With host David Puner, Contos discusses the intricacies of securing the Internet of Things (IoT) and the challenges posed by the expanding IoT landscape – emphasizing the need for robust identity management. In a broader context, IoT encompasses identity management, cybersecurity and the evolving role of AI in safeguarding digital assets.
An overview of a fuzzing project targeting the Hyper-V VSPs using Intel Processor Trace (IPT) for code coverage guided fuzzing, built upon WinAFL, winipt, HAFL1, and Microsoft’s IPT.sys.
Many of us took ChatGPT for a first-time spin just 12 months ago. Then someone hit the speed multiplier button, and just like that, we’re exiting 2023 with whiplash. Generative artificial intelligence’s (GenAI) breakout year was both exciting and unnerving for cybersecurity professionals who understand that technological change and cyber risk are inextricable.
When complying with regulations and frameworks, it’s hard to keep up when the rules keep evolving. Auditors are no longer just seeking reports on what your identities can access – they now require proof that you have controls for securing those identities (like a math assignment, you have to show your work). And if a framework or regulation’s requirements previously focused on highly privileged IT users’ access … that’s evolving too.
As technology evolves, so do the threats that loom over our communication infrastructure. The rollout of 5G, the rise of artificial intelligence (AI) and our ongoing dependence on these networks combine to make the telecommunications industry a prime target for cyberattacks.
CyberArk MFA now supports authentication with phishing-resistant passkeys and qualifies for the highest NIST Authenticator Assurance Level (AAL3). Based on FIDO2 standards, passkeys replace passwords and provide faster, easier and more secure sign-ins to websites and apps across user devices. With this release, end users can authenticate using passkeys to access their applications and resources.
