Security Weekly Podcast Network (Video)

Brief chat around the rise in Ransomware attacks, campaigns against our Infrastructure, the deficit in Cyber Talent, and how we could address the issue by extending Corporate Cyber Training programs to extend past the Corporate boundary. Segment Resources: https://www.aegon.com/home/ https://talklou.com/ https://www.infragardnational.org/ https://inl.gov/critical-infrastructure-protection-training/ https://www.ymcalouisville.org/chestnut/kids-and-teens/black-achievers.html https://www.techgirlz.org/ Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw236

Priya Chaudhry joins us today as co-host and we are eager to catch up with her and get her legal perspective on recent litigations and proposed legislation that impacts our world of security and compliance. Hear ye, Hear ye! The court is now in session. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw81

Priya Chaudhry joins us today as co-host and we are eager to catch up with her and get her legal perspective on recent litigations and proposed legislation that impacts our world of security and compliance. Hear ye, Hear ye! The court is now in session. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw81

In the Leadership and Communications section for this week: In modernization, security is a barrier and an incentive, Federal CISO DeRusha Maps FISMA Reform Priorities, Cybersecurity salaries: What 8 top security jobs pay, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw225

Both the Security Weekly 25 Index and the NASDAQ close at record highs on 7/23/2021. See how the security market continues to stay hot. The current companies in the Security Weekly 25 Index: SCWX PANW CHKP SPLK NLOK FTNT AKAM FFIV ZS PFPT FEYE QLYS VRNT CYBR TENB SAIL MIME NET CRWD NTCT VRNS RPD SUMO RDWR PING Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw225

This week in the AppSec News: CWE releases the top 25 vulns for 2021, findings bugs in similar code, Sequoia vuln in the Linux kernel, Twitter transparency for account security, a future for cloud security, & more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw159

Adoption of serverless functions is rapidly growing, which means security teams will be challenged to deliver protection for data and applications in these complex environments in the coming months and years. Peter Klimek is helping Imperva customers address these challenges and will offer guidance on how to get protection for functions without slowing DevOps. Segment Resources: Details on Imperva Serverless Protection: https://www.imperva.com/company/press_releases/imperva-launches-new-product-to-secure-serverless-functions-with-visibility-into-the-application-layer-code-level-vulnerabilities/ Free trial of the product: https://www.imperva.com/serverless-protection-demo This segment is sponsored by Imperva. Visit https://securityweekly.com/imperva to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw159

This week in the Security News: Trust no one, its all about the information, so many Windows vulnerabilities and exploits, so. many., Saudi Aramco data for sale, Sequoia, a perfectly named Linux vulnerability, is Microsoft a national security threat?, Pegasus and clickless exploits for iOS, homoglyph domain takedowns, when DNS configuration goes wrong and a backdoor in your backdoor!Trust no one, its all about the information, so many Windows vulnerabilities and exploits, so. many., Saudi Aramco data for sale, Sequoia, a perfectly named Linux vulnerability, is Microsoft a national security threat?, Pegasus and clickless exploits for iOS, homoglyph domain takedowns, when DNS configuration goes wrong and a backdoor in your backdoor! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw703

CyberMarket.com is a marketplace where CyberSecurity Consultancies and clients can find each other. There is a growing trend where CyberSecurity Consultants recognize the gap between what they are worth to a consultancy as being sold out for a daily rate compared to what they get paid. There are a number of consultants who are leaving consultancies to start the next generation of independent / boutique consultancies but they don't have a sales pipeline and sales staff like their old consultancies do. CyberMarket.com is a place to help facilitate the sales pipeline for cybersecurity consultancies of various sizes. Segment Resources: https://www.cybermarket.com There is a blog at https://www.cybermarket.com/homes/blog where an article to help people to start up their own cybersecurity consultancy can be found. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw703

Safety in online dating spaces is an issue the dating industry has grappled with for some time; with the surge of dating app usage during the pandemic, the demand for dating apps to take responsibility and ensure safer online interactions is at an all-time high. RealMe is a technology platform that hopes to solve this problem on dating apps (and other online marketplaces) by providing in-app background checks that aggregate publicly available information on criminal records, sex offender status, personal reviews, and more. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw703

The shift away from web application security, caused by the pandemic and the focus on remote workforces, resulted in an increased number of web vulnerabilities. In this segment, Mark talks about the best starting point for organizations to get back on track and prioritize your web app security. This segment is sponsored by Acunetix. Visit https://securityweekly.com/acunetix to learn more about them! Security can be somewhat of a mystery at a lot of organizations. Most companies choose to be tight-lipped about the security measures they have implemented. Rightfully so, there is an underlying fear that publicizing your security efforts could make you more vulnerable to security attacks and damage your reputation with your customers. However, there is another way. Transparency can be your ally in security. This segment is sponsored by GitLab. Visit https://securityweekly.com/gitlab to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw235

In the Enterprise News, SafeBreach adds support for new advanced attacks to the Microsoft Defender for Endpoint evaluation lab, Stellar Cyber XDR Kill Chain allows security analyst teams to disrupt cyberattacks, Bugcrowd Awarded U.S. Patents for Crowd-Enabled Vulnerability Detection, Microsoft puts PCs in the cloud with Windows 365, some funding and acquisition updates from Sysdig, AttackIQ, Stytch, SentinelOne, & more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw235

Security teams relying on asset inventory from their IT counterparts can be a challenge due to a lack of security context for assets. This gap can lead to missed opportunities to identify and fix asset-centric issues like EOL or unauthorized software that they can address even before running their vulnerability management program. Ed will discuss the role asset inventory plays in your overall security strategy. This will include the importance of security context for IT assets, which teams benefit from the information, how to identify and assess the health of critical databases and how to effectively implement a cybersecurity asset management practice. Segment Resources: CSAM free trial: https://www.qualys.com/forms/cybersecurity-asset-management/ CSAM video overview: https://vimeo.com/551723071 Webpage: https://www.qualys.com/apps/cybersecurity-asset-management/ This segment is sponsored by Qualys. Visit https://securityweekly.com/qualys to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw235

Our client was using a hosted service to perform remote monitoring and management and resisted its inclusion in the audit scope. The vendor's external scans revealed critical vulnerabilities. Prior to a highly-publicized breach, the vendor said no auditor had ever included their service in the scope of their audits. We will explore attitudes that keep critical security controls out of scope. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw80

Our client was using a hosted service to perform remote monitoring and management and resisted its inclusion in the audit scope. The vendor's external scans revealed critical vulnerabilities. Prior to a highly-publicized breach, the vendor said no auditor had ever included their service in the scope of their audits. We will explore attitudes that keep critical security controls out of scope. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw80

This week in the Leadership and Communications section, How much does a CEO or business leader need to know about cybersecurity, How businesses can drive innovation while delivering operational excellence, 6 resume mistakes CISOs still make, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw224

In light of recent events and the pressures of the digital world, the landscape is finally shifting towards risk. The opportunity for cyber risk profiling, standardization, and seamless collaboration between CISOs, CIOs, and business-side leadership has come. Padraic O'Reilly, Co-Founder and CPO of CyberSaint discusses what he's learned from working with members of the Global 500 to achieve truly continuous compliance and risk management, and how CyberSaint is delivering Cyber Risk Automation with it's CyberStrong platform. Segment Resources: CyberSaint website: www.cybersaint.io Gartner Cool vendor report: https://www.cybersaint.io/gartner-cool-vendor-in-cyber-it-risk-management-download This segment is sponsored by CyberSaint. Visit https://securityweekly.com/cybersaint to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw224

This week in the AppSec News: Security from code comments, visualizing decision trees, bypassing Windows Hello, security analysis of Telegram, paying for patient bug bounty programs, cloud risks, & more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw158

In the wake of events such as the Solarwinds breach, there has been a lot of misinformation about the role of open source in DevSecOps. GitLab believes everyone benefits when everyone can contribute. Open source plays a key role in how GitLab addresses DevSecOps. We will discuss GitLab's view of the role of open source in DevSecOps including recent contributions to the open source community as well as GitLab's plans for the future. This segment is sponsored by GitLab. Visit https://securityweekly.com/gitlab to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw158

The White House announces a Ransomware Task Force, how much money Microsoft has paid out to security researchers last year, Amazon rolls out encryption for Ring doorbells, how a backdoor in popular KiwiSDR product gave root to a project developer for years, Trickbot Malware returns with a new VNC Module to spy on its victims, and some of the absolute funniest quotes about cyber security & tech in 2021! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw702

In this segment of Paul's Security Weekly, Paul and crew interview Jack Rhysider about how he got his start in Information Security, the projects and careers he worked on over the years, and how he transitioned from a Network Security Engineer to the host of Darknet Diaries Podcast. Segment Resources: https://darknetdiaries.com/ Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw702

Eclypsium researchers identified vulnerabilities affecting the BIOSConnect feature within Dell Client BIOS. This disconnect impacted 129 Dell models of consumer and business laptops, desktops, and tablets, including devices protected by Secure Boot and Dell Secured-core PCs. With cyber-attacks on the rise, firmware security, while often overlooked, might be the next battleground for attackers who continue to target enterprise VPNs and other network devices. Segment Resources: https://eclypsium.com/2021/06/24/biosdisconnect/ This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw702

Against the ubiquitous backdrop of Zero Trust initiatives, we have all come to accept the motto of "Verify, then trust". Yet, here we are building an entire stack of Zero Trust enabled technologies, upon a broken implicit-trust foundation. Nowhere is this risk more apparent, than at the device and firmware level. Indeed this is why both nation-state and criminal actors have converged upon a strategy that combines supply chain attack dynamics, with readily exploitable devices. This allows them to impart maximum impact against victim organizations, and even those victim's downstream partners and customers. In order to address this evolving threat, organizations must take back security control of their devices, and stop trusting the fox that has quite frankly, become the hen house. This segment is sponsored by Eclypsuim. Visit https://securityweekly.com/eclypsium to learn more about them! Data privacy and Web security teams are converging across enterprises and we are seeing more Privacy use cases like cookie banner consent and limiting data sharing (vendors like Facebook, Google etc. are capturing sensitive user data, accessing cameras, microphones, geolocation etc.) via security policies, under the security teams purview. At Tala we offer a Privacy scan that gives enterprises a full view of which vendors have access to sensitive data and how this data is being shared. This in turn helps set the right security controls in place. This segment is sponsored by Tala Security. Visit https://securityweekly.com/talasecurity to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw234

In the Enterprise News, Contrast Security partners with Secure Code Warrior, Bandura releases the Cyber Intelligence Marketplace, Illumio beefs up zero-trust security with automated policy enforcement, Rapid7 Launches InsightCloudSec to Automate Continuous Security and Compliance, Leaked email shows Tanium just lost its fourth chief marketing officers in five years, Bitdefender launches eXtended EDR platform, ThycoticCentrify Releases a new version of Server Suite, Outpost24 acquires threat intelligence solution Blueliv, Microsoft acquires RiskIQ, Cybereason raises $275 million led by Steven Mnuchin's VC fund, and Arctic Wolf triples valuation and raises an additional $150m! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw234

Gas South and Extrahop have partnered to give Gas South visibility in areas of the network that are normally invisible or dark to the regular network team. To learn more about ExtraHop, visit: https://securityweekly.com/extrahop Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw234

We'll start with a brief discussion of what HIPAA and is not (e.g., it's doesn't prevent your employer from ask you about your health). Then discuss recent developments like ongoing how ransomware attacks are targeting healthcare and, when successful, are reportable breaches; and the recent final rule on interoperability and information blocking that went into effect on April 5th. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw79

We'll start with a brief discussion of what HIPAA and is not (e.g., it's doesn't prevent your employer from ask you about your health). Then discuss recent developments like ongoing how ransomware attacks are targeting healthcare and, when successful, are reportable breaches; and the recent final rule on interoperability and information blocking that went into effect on April 5th. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw79

Every day brings news of more breaches and ransomware attacks. Why are organizations failing to protect themselves, and what can we do to combat these cybersecurity threats? Technological advances, such as XDR and AI-driven threat monitoring, offer a way to thwart attackers in an ever-evolving security landscape. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw223

In the Leadership and Communications section, 3 Things Every CISO Wishes You Understood, What is the BISO role and is it necessary?, Cyber insurance costs up by a third, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw223

The truth is, most web app and API security tools were designed for a very different era. A time before developers and security practitioners worked together, before applications were globally distributed and API-based. But attackers are developers too, and they aren't bogged down by the limitations of legacy solutions. It's never been more clear that it's time for a change. Sean will outline new rules for web application and API security that respect the way modern applications are built. https://www.fastly.com/blog/the-new-rules-for-web-application-and-api-security This segment is sponsored by Fastly. Visit https://securityweekly.com/fastly to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw157

In the AppSec news, a password manager makes predictable mistakes, Trusted Types terminate DOM XSS, waking up from PrintNightmare, understanding hardware fault injections. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw157

This week in the Security News: LinkedIn breach exposes user data, Why MTTR is Bad for SecOps, 3 Things Every CISO Wishes You Understood, USA as a Cyber Power, is ignorance bliss for hackers, flaws let you hack an ATM by waving your phone, PrintNightmare, Bitcoins from Banks and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw701

80% of SIM-Swap attacks are successful. This could lead to greater financial loss and loss of social status since this is where hackers latch onto. The statistics are true and spreading like a wildfire. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw701

Deep dive on the data broker industry, and how new threats are stemming from the widespread availability of employee/personal information publicly for sale at data broker websites. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw701

Threat hunters are under increased pressure to rapidly analyze, classify, detect and respond to malicious files. ReversingLabs is stepping forward to address these needs with its new Malware Lab Solution. The ReversingLabs Malware Lab solution powers the next generation of threat hunting by delivering a unique combination of static and dynamic analysis capabilities at scale to identify malicious files including those in the software supply chain. This segment is sponsored by Reversing Labs. Visit https://securityweekly.com/ReversingLabs to learn more about them! The development life cycle as we know it is rapidly changing, and today's AppSec testing needs to keep up with shorter and faster processes. A shift-left approach is no longer enough to protect web assets - you need much more dynamic tools and ways of working. This segment is sponsored by Detectify. Visit https://securityweekly.com/detectify to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw233

This week, In the Enterprise News, Atos launches thinkAI, AWS welcomes Wickr to the team, U.S. DoD approves two (ISC)² certifications as requirements for staff, JFrog to acquire Vdoo, & more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw233

More than 96% of software development projects fail across the globe because too many businesses rely on the legacy DevOps process which allows us to run security testing right before going to production. Using the legacy DevOps can lead to a downfall of the project management triangle (Budget, Scope, and Time). However, with more efficient use of dynamic application security testing tools (DAST) in every single stage/sprint, the legacy DevOps can be transformed into DevSecOps, in turn preventing our projects from failing. This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw233

We will review how synthetics are being utilized to perpetrate pandemic related frauds in the Payroll Protection Program and Unemployment Insurance. An overview of the government programs will take place with the controls that were in place, how they were compromised, by who and what you can do to remediate risk. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw78

We will review how synthetics are being utilized to perpetrate pandemic related frauds in the Payroll Protection Program and Unemployment Insurance. An overview of the government programs will take place with the controls that were in place, how they were compromised, by who and what you can do to remediate risk. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw78

In the Leadership and Communications section: Cybersecurity today requires greater digital and business understanding, 12 skills business continuity managers need to succeed, SOC burnout is real: 3 preventative steps every CISO must take, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw222

For the private sector and government alike, 2021 is proving to be a year of transition and refocused activity. A year of hybrid activity - from cyber threats to IT approaches. Segment Resources: https://www.fortinet.com/blog This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinet to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw222

This week in the AppSec News: Visual Studio Code's Workplace Trust, Injured Android an insecure mobile app, Microsoft accidentally signed driver with rootkits, The NSA funds a new sister Matrix to ATT&CK: D3FEND, & "Ransomware: maybe it's you, not them?", and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw156

In this segment with Clint Gibler, learn: * Why secure defaults are higher ROI than finding vulnerabilities * How modern AppSec teams are working with their engineering counterparts * Targeting vulnerability classes, avoiding bug whack-a-mole * The latest innovations in lightweight static analysis Segment Resources: https://semgrep.dev/ https://github.com/returntocorp/semgrep https://github.com/returntocorp/semgrep-rules 2020 GlobalAppSec SF https://docs.google.com/presentation/d/14PjOViz2dE6iToOyoFk_BQ_RUfkEHGX-celIiybDQZA/edit https://tldrsec.com/ Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw156

In the Security News for this week Paul and the crew talk: Windows 11, Drive-by RCE, Cookies for sale, McAfee has passed away, 30 Million Dell Devices at risk, & more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw700

Brief history and purpose of the CFAA. Discussion of the majority and dissenting "Van Buren" opinion. Implications for the computer forensic and security profession. Segment Resources: https://www.supremecourt.gov/opinions/20pdf/19-783_k53l.pdf Prosecuting Computer Crimes DOJ,: https://www.justice.gov/sites/default/files/criminal-ccips/legacy/2015/01/14/ccmanual.pdf "Computer Crime and Intellectual Property Section DOJ": https://www.justice.gov/criminal-ccips/ccips-documents-and-reports Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw700

Offensive Security expert Jim O'Gorman talks through his own career progression and training, revealing what it takes to be successful in infosec. He also covers key learning tracks and gives concrete examples of job roles available to those who prove themselves through industry certifications and other means. This segment is sponsored by Offensive Security. Visit https://securityweekly.com/offSec to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw700

This week In the Enterprise News: Smoothwall Acquires eSafe Global, LookingGlass Cyber Announces Acquisition of AlphaWave, Vectra Launches Detect for AWS, SentinelOne announces IPO, & Building a Better Internet with Code BGP, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw232

Security is a shared responsibility, but teams need to know what's really going on in production with their web apps and APIs, as it's happening, in order to achieve the reliable security that companies crave. In this podcast, Brendon Macaraeg will focus on the mission-critical need for real-time visibility. As many teams no longer work in the same room side by side, the role visibility plays today — and will continue to play in the future — can no longer be ignored. And it's not just a shift toward distributed work that's creating this increased need for information: while security teams may have more application security tools than ever before, very few of them will actually provide visibility into the important decisions they need to make, like which alerts to triage or which APIs are being targeted. Brendon will discuss why companies need to quickly move past legacy technologies that have limited visibility, to instead more active observability tools that provide real insights to act upon — allowing developers and IT security teams to collaborate in real time. This segment is sponsored by Fastly. Visit https://securityweekly.com/fastly to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw232

In 2020, cyber criminals used cloud apps, the cover of a pandemic, and a newly embraced work-from-home culture to serve up ransomware, steal data, and disrupt how companies do business. The year is over, but the challenges and risks remain. In this interview featuring Cisco's Doni Brass, we lay out how companies and their IT teams can stave off threats in the cloud app discovery process, stop data from landing in the wrong hands, and identify and block cloud malware that can cost both time and treasure! Segment Resources: What attacks aren't you seeing? - https://learn-umbrella.cisco.com/ebook-library/what-attacks-arent-you-seeing?utm_medium=media-article&utm_source=sc-magazine&utm_campaign=umb-fy21-q3-na-0201-paid-media-sc-magazine-podcast&utm_term=pgm&utm_content=umb-fy20-q3-content-ebook-what-cyber-attacks-arent-you-seeing The modern cybersecurity landscape: Scaling for threats in motion - https://learn-umbrella.cisco.com/technical-paper-library/the-modern-cybersecurity-landscape-scaling-for-threats-in-motion?utm_medium=media-article&utm_source=sc-magazine&utm_campaign=umb-fy21-q3-na-0201-paid-media-sc-magazine-podcast&utm_term=pgm&utm_content=umb-fy21-q2-content-technical-papers-the-modern-cybersecurity-landscape Cloud Security Buyers Guide - https://learn-umbrella.cisco.com/ebook-library/cloud-security-buyers-guide?utm_medium=media-article&utm_source=sc-magazine&utm_campaign=umb-fy21-q3-na-0201-paid-media-sc-magazine-podcast&utm_term=pgm&utm_content=umb-fy21-q2-content-ebook-cloud-security-buyers-guide This segment is sponsored by Cisco Umbrella. Visit https://securityweekly.com/ciscoumbrella to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw232

Join Dr. Casey Marks' discussion of the merits of cybersecurity certification and learn whether and how it provides training or proves experience or both, the pros and cons, how to start or approach getting certified, and more. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw77