Danger Zone: The Cloud Has Changed Supply Chain Security - Palo Alto Networks, Matt Chiodi

Cyber defense is complex and easy to get wrong. Threat-informed defense is an approach to cybersecurity that involves gathering and utilizing information about potential threats and adversaries to enhance an organization's security posture. It focuses on understanding the tactics, techniques, and procedures (TTPs) employed by threat actors and using that knowledge to develop proactive defense strategies.

In this episode, we sat down with Jon Baker, Director of the Center for Threat-Informed Defense at MITRE, to discuss the importance of threat-informed defense, the work MITRE is doing around this area, and how organizations can leverage its resources to bolster their cyber strategy. 

All this and more on The Cyber Jack Podcast. 

When individuals with different backgrounds, perspectives, and experiences come together, they bring unique insights and approaches to problem-solving, leading to more robust and effective cybersecurity strategies. 

Larry Whiteside Jr., CISO at RegScale and Co-Founder and President of Cyversity, joins us to talk about the importance of diversity of thought in cybersecurity, how leaders can help accelerate diversity in the field, and how the non-profit Cyversity is making an impact. 

All this and more on The Cyber Jack Podcast.

MITRE, #1 on our 2022 Cyber Top 20 list, is known for frameworks like MITRE ATT&CK® and MITRE D3FEND™ -- but the organization's scope is far greater.  We spoke with Wen Masters, Vice President of Cyber Technologies, MITRE, to learn more about how the not-for-profit organization brings critical resources and frameworks to CISOs and the security community at large. We also discuss how MITRE is thinking about the cyber talent shortage and other big challenges the industry faces.

All this and more on The Cyber Jack Podcast.

Malicious or 'bad' bots are all the rage now.  Cybercriminals and scammers use them to hurt users and companies' bottom line. As bot capabilities advance and become more rampant in e-commerce, businesses need to become savvier about their defenses in order to protect their customers. We sat down with Antoine Vastel, Head of Research at DataDome, to discuss the evolution of malicious bots, the impact on e-commerce, and how businesses can defend themselves. All this and more on The Cyber Jack Podcast. 

Identity-related breaches remain a continual threat to organizations, with 84% experiencing a breach in the last year. We spoke with Julie Smith of the Identity Defined Security Alliance (IDSA) about these new research findings, the importance of securing digital identities in the new connected world, and what the IDSA is doing to rally companies and individuals to fight against a growing identity threat landscape. All this and more on The Cyber Jack Podcast.

Software and app security have been black boxes for too long.  The attacks on SolarWinds and Colonial Pipeline gave the US federal government more urgency to push for transparency across cybersecurity - from software bill of materials (SBOMs) and mandates. We spoke with Jeff Williams, Co-Founder and CTO of Contrast Security, about what makes software and app security so difficult, why even the largest organizations still have insecure code, and your human right to security transparency. All this and more on The Cyber Jack Podcast. 

The economy is shifting, and budgets are tightening. Cybersecurity must shift with it. We sit down with Marcus Bartram, General Partner, Telstra Ventures, to discuss cybersecurity investment in this economic climate, identity-based threats, and what cyber issues CISOs and the industry should keep their eyes on in 2023. All this and more on The Cyber Jack Podcast.

Guest Tony Anscombe, Chief Security Evangelist, ESET brought some data with him. According to ESET's research, key stats around malware and ransomware have declined, and that's great, but that doesn't tell the full threat story. Apple products have an aura of impenetrability, but a back door in MacOS was recently discovered by ESET.  And finally, we check in on the Russia-Ukraine war cyber implications.  All this and more on The Cyber Jack Podcast.

There's a global talent shortage in cybersecurity. So when we hear about an Army veteran's success in security story, we get excited.  Tom Gorup, VP of Security Operations at MDR provider Alert Logic, dives into the OCOKA military strategy and how he's applied what he learned from his deployments in Iraq and Afghanistan to his leadership role in security operations. All this and more on The Cyber Jack Podcast. 

Cloud security is complicated. But it doesn't have to be. Ruvi Kitov, CEO, Tufin, urges organizations to think differently about cloud security by embracing the 'multiverse' and the power of automation. Ruvi also dives into visibility as a security killer and enabler. All this and more on The Cyber Jack Podcast.