
Security Weekly Podcast Network (Video)
4,876 episodes — Page 48 of 98

Malicious PHP Commits, OAuth Attacks & XML Injection, & Zines For DevSecOps - ASW #146
PHP deals with two malicious commits, SSO and OAuth attack vectors to remember for your threat models, zines for your DevSecOps education! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw146

Shifting Right: What Security Engineers Can Learn From DevSecOps - Leif Dreizler - ASW #146
The security industry generally agrees on the value of enabling developers in an agile environment—although we don't agree on what to call it… "Shifting Left," "Creating a Paved Path," "DevSecOps." Regardless of the name, we tend to focus on teaching developers how to Sec, but there's less focus on security engineers learning how to Dev. This segment will focus on how to create a meaningful partnership between security and software engineers. Segment Resources: https://segment.com/blog/shifting-engineering-right/ Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw146

Ubiquiti Breach, Tesla, PHP, & More Sagas - PSW #689
npm netmask library has a critical bug, when AI attacks, firmware attacks on the rise, Microsoft Hololens and order 66, a real executive order 13694, The Ubiquity breach saga, the FreeBSD and wireguard saga, is the cloud more secure? Hopefully for PHP it is, software updates limit muscle car to 3 HP, a brand new Windows 95 easter egg just in time for, well, easter, and aging wine in space, does it make a difference? Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw689

Cybersecurity Journalist - Robert Lemos - PSW #689
Paul, and the rest of the PSW Hosts, will talk to Robert about how he got his start in InfoSec. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw689

The Intersection of Cybersecurity & Cryptocurrency - Nick Percoco - PSW #689
With an uptick in malware scams and email compromises, the best thing we can do is educate the cryptocurrency community about risks and security best practices. https://www.youtube.com/playlist?list=PL1fKlftNZ_xGh8AFVy46suO193IIQ7lnq https://www.kraken.com/en-us/features/security/kraken-security-labs https://www.canisecure.com/ https://blog.kraken.com/security-labs/ Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw689

Tyler's "Deathpool", Astadia, Gigamon, & GRIMM - ESW #222
This week in the Enterprise News: Funding announcements from Clearsense, Morphisec, Feedzai, Jumio, Ketch, Living Security, Productiv and Socure. ServiceNow acquires Intellibot, Accenture acquires Cygni, Astadia acquires Anubex, AutoRABIT acquires CodeScan, Kroll Acquires Redscan. GRIMM launches a Private Vulnerability Disclosure program, AttackIQ automates the validation of AI and ML, CircleCI offers CI/CD for ARM in the cloud, Elastic Observability updates, Gigamon and FireEye collaborate on integration of Gigamon Hawk, McAfee unveils MVision cloud, Red Hat OpenShift Service Available on AWS, Sysdig Adds Unified Threat Detection Across Containers and Cloud & more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw222

Why User Adoption in Enterprise Security is Low - Juliet Okafor - ESW #222
Security technology roll-outs often fail because of the following: 1) Weak Security Culture - users don't see value or understand the importance of taking action. 2) Security teams often fail to consider user experience in purchase, configuration, set-up and training of security technology, like endpoint security 3) End User communication about new technology is not communicated to the right users, at the right time, during the right stage of the project. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw222

Rise of Insider Threat Post-C19 - Zack Moody - ESW #222
Is there an emerging threat to your data post-C19 with disgruntled employees having to come back to an office? How do we protect our data and keep employees happy that have access to data from where they've been hiding over the past year? Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw222

Vulnerability Management is Still a Mess - Part 2 - Rafal Los - SCW #67
In the second segment, the SCW hosts will continue the discussion with Raf and hopefully come up with some guidance on what can be done to make vulnerability management work better. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw67

Vulnerability Management is Still a Mess - Part 1 - Rafal Los - SCW #67
The SCW hosts discuss Rafal Los' recent blog post "Vulnerability Management is Still a Mess" (https://blogwh1t3rabbit.medium.com/vulnerability-management-is-still-a-mess-27519ffcecc0). In the first segment, we will learn all about Rafal's cybersecurity background and why vulnerability management has not evolved in line with the technology. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw67

Business Leader, CISO Skills, & Building Your Cybersecurity A-Team - BSW #211
In the Leadership and Communications section, Being a CISO in 2021: How to Be a Business Leader in the Boardroom, Skills CISOs Need to Have in 2021, Build your cybersecurity A-team: 7 recruiting tips, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw211

How NDR Technology Helps Manage Cybersecurity Challenges - Nemi George - BSW #211
NDR technologies such as ExtraHop are the latest tools in the CISO toolbox for combating cybersecurity threats. It enables previously unattainable speed and efficacy in detecting, identifying and responding to anomalies and malicious traffic and network events. This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw211

TikTok Analysis, Patching Patches, CI/CD Integrity, Faster Fuzzing, & Slack Safety - ASW #145
Security and privacy technical analysis of TikTok, subtle parsing problems, chain of trust through a CI/CD pipeline, faster fuzzing even without source code, interplay of application security and application safety! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw145

OWASP Top 10 of 2021 - Andrew van der Stock - ASW #145
The OWASP Top 10 2021 is in development. A public survey has just been released. We have finished collecting data. I would like to discuss what the plans are for the OWASP Top 10 2021, and when it will be released, and how you can get involved. https://owasp.org/www-project-top-ten/ https://github.com/OWASP/Top10 Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw145

Open Redirects - An Underestimated Vulnerability - PSW #688
Learn what redirects are, the different types, how they work and how they are exploited by attackers. Oh, also learn how to defend against redirect attacks! Sven's Slide Deck - Open Redirects: https://securityweekly.com/wp-content/uploads/2021/03/Netsparker-Sven-Morgenroth-3-25-21-Open-Redirect.pdf This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw688

DOOM Exploit, iPhone Deep Fakes, & 11 0-Days Infect Devices - PSW #688
This week in the Security News: Doom exploit wins an award, a puzzle honors Alan Turing, anyone can create a deepfake, Jabber bugs, unquoted service paths, Nim malware, Deadly sins of secure coding, & are we living in the toughest time of Cybersecurity? Register to attend Joff Thyer's upcoming Wild West Hacking Fest course "Enterprise Attacker Emulation and C2 Implant Development": http://bit.ly/JoffsC2Class Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw688

Taming Vulnerability Overload - Mehul Revankar - PSW #688
Almost weekly, hackers discover and exploit vulnerabilities in popular programs like SolarWinds and Microsoft Exchange Server, impacting thousands. While it would be great to eradicate these vulnerabilities in the programs themselves, it is unlikely to happen any time soon. That's why patching vulnerabilities quickly is important, yet even when patches are available, companies often fail to patch promptly. We'll discuss barriers companies face that delay patching and Qualys' experience with creating free services that help companies detect specific vulnerabilities and patching remotely for events like the SolarWinds and Microsoft Exchange incidents. The session will include a brief demo of Qualys free 60-day service to detect, prioritize, and patch vulnerable Exchange servers, and to detect environments missing compensating controls. This segment is sponsored by Qualys. Visit https://securityweekly.com/qualys to learn more about them! Show Notes: https://securityweekly.com/psw688 Visit https://www.securityweekly.com/psw for all the latest episodes!

Axis Security, Qualys, VMware, NFTs, & Linksys/Fortinet - ESW #221
This week in the Enterprise News, Funding announcements from Security Scorecard, Secureframe, Axis Security, Orca, Cylera, and Vulcan Cyber. A non-funding announcement from Thinkst. Fortinet aquires ShieldX, VMware acquires Mesh7 and Copado aquires New Context. Knowbe4 files for IPO. Exabeam Launches First-ever Comprehensive Use Case Coverage, Linksys and Fortinet form an interesting partnership, Sonatype targets a more secure software supply chain with a 5-part announcement, CTO.ai Launches Serverless Kubernetes Platform and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw221

"Jump-Start Your SOC Analyst Career" - Jarrett Rodrick - ESW #221
Jarrett Rodrick and Tyler Wall's new book, "Jump-start Your SOC Analyst Career," is meant to serve as a roadmap for those who wish to take their first steps into cyber security/SOC analyst. We discuss topics like introduction to investigative theory, prerequisite skill requirements, and cloud security monitoring. We included stories from real SOC analyst contributors to help the reader understand what challenges might lie before them. The book is available on Amazon: https://www.amazon.com/Jump-start-Your-Analyst-Career-Cybersecurity/dp/1484269039 Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw221

Platform Security - PaaS & Hosting - Trey Ford - ESW #221
- What security features does Heroku offer that the customer can control and how have these evolved over time? - How do you balance the security of the application, with the security of the deployment, with the security of the platform? - What are some tips and/or advice for deploying applications and keeping them secure during the lifecycle? (e.g. as a developer I may run applications in a secure environment, but then down the line someone runs my container with --privileged and exposes a security hole). The goal being our audience learns what to consider when choosing a platform (or platforms) to run applications from a security perspective. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw221

PlexTrac Talks PCI, Part 2 - Dan DeCloss, Shawn Scott - SCW #66
The conversation continues as the PlexTrac team, Dan DeCloss & Shawn Scott, demonstrate how PlexTrac can tackle compliance (among other things)! Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw66

PlexTrac Talks PCI, Part 1 - Dan DeCloss, Shawn Scott - SCW #66
This week, Jeff, Liam Downward, Scott, & Josh talk PCI with Dan DeCloss and Shawn Scott from PlexTrac! Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw66

Dictionary Attacks, SASE Misinformation, & 3 Key Tasks - BSW #210
In the Leadership and Communication Segment, 5 Reasons Why Cybersecurity Should Be A Priority While Planning Your Business, 3 Key Tasks That Help Me Work Way Less and Accomplish More, Everything You Need to Know About Dictionary Attacks, Is Misinformation Slowing SASE Adoption, & more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw210

Medical Device Secure Development Lifecycle - Christopher Gates - BSW #210
How to incorporate security into your existing medical device development process, What artifacts need to be created, & Security activities that are new. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw210

Supply Chains in Azure SDK/Xcode, GitHub Sessions, & GCP VRP - ASW #144
In the AppSec News: Supply chain security in Azure SDK and macOS Xcode, GitHub's postmortem on a session handling flaw, six GCP vulns from 2020, & information resources for hacking the cloud! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw144

Approaching AppSec Like a Hacker - Johanna Ydergard, Roberto Giachetta - ASW #144
Security is struggling to keep up with securing modern web applications and the fast pace of wild web hacks. Detectify is building automated app scanners that can think like a hacker and shorten vulnerability detection time down to minutes and hours, whilst helping ethical hackers do bug bounty/disclosures in a scalable way. This segment is sponsored by Detectify. Visit https://securityweekly.com/detectify to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw144

Plextrac Mini-Series Episode 1: Purple Teaming - Bryson Bort - PSW #687
The first episode of Security Weekly's podcast mini-series with PlexTrac "Getting the Real Work Done in Cybersecurity" starts with PlexTrac's bread and butter, Purple Teaming! The group - along with special guest Bryson Bort of SCYTHE - discuss the ins and outs of purple teaming. Topics covered on the show include the importance of collaboration within your security team, the idea of a milestone-based approach to security, purple teaming engagements, and much more. This segment is sponsored by Plextrac. Visit https://securityweekly.com/plextracseries to learn more about them! Visit https://www.securityweekly.com/series to view the entire PlexTrac Mini Series! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw687

Security Grades, Mirai, Quantum Cryptography, & Hacking "Beer" - PSW #687
In the Security News, If software got a security grade, most would get an F, SolarWinds hackers got some source code, new old bugs in the Linux kernel, hack stuff and get blown up, stop hacking "beer", weekly Chrome zero day, Mirai lives, long live Marai, how attackers could intercept your text messages, and rigging the election, the Homecoming Queen election that is. Register to attend Joff Thyer's upcoming Wild West Hacking Fest course "Enterprise Attacker Emulation and C2 Implant Development": http://bit.ly/JoffsC2Class Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw687

Getting The Real Work Done With Plextrac - Dan DeCloss - PSW #687
Dan will run through some customer testimonials on how they are using Plextrac effectively to get the real work done in security! This segment is sponsored by PlexTrac. Visit https://securityweekly.com/plextrac to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw687

Attack Surface - What are we Missing? - Ilia Kolochenko - ESW #220
Ilia Kolochenko, founder of ImmuniWeb, joins Paul and Adrian to discuss the challenge of discovering and handling exposed data and vulnerabilities before the bad guys do. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw220

ARM Support, Cyber "SPAC", Cyber Fusion, Docker, & Beer Outage - ESW #220
This week in the Enterprise Security News: funding announcements from Coalition, HeraSoft, Cowbell Cyber, Argon, Cynet, Docker, and Cyware. Sonatype Acquires MuseDev, Sumologic Acquires DF Labs, Acronis acquires Synapsys, Lookout grabs CipherCloud and a cybersecurity SPAC. Kasada announces some new features to its bot detection offering, Rapid7 introduces an agent for CloudFront, Aqua supports ARM, and Chris Roberts joins Cynet, & more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw220

Investing In Cybersecurity - Ron Gula - ESW #220
Ron joins us to cover various aspects of investing, including how to give the right pitch, what enterprises should be looking for in new technologies, are you 5% or amazing tech? Ron is also championing a new concept called data care and has launched his own podcast, Gula Tech Cyberfiction, in addition to some outstanding cybersecurity grants. Gula Tech Foundation Grant Program - Data Care: https://www.gula.tech/foundation/ Gula Tech Non-Profits: https://www.gula.tech/projects/ Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw220

Security & Compliance Legal Highlights - Part Deux - SCW #65
We're letting Priya have the bulk of the time to discuss what's on her mind in terms of legal implications of security & compliance news and events. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw65

Security & Compliance Legal Highlights - SCW #65
We're excited to have Priya Chaudry with us today, so we are going to focus our discussion on news and events with legal implications (or the legal implications of news and events)! For starters, the U.S. Cyber Command recently held a virtual edition of its 2021 Legal Conference. The annual conference explores current law and policy issues related to offensive and defensive cyberspace operations. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw65

Importance of Culture, Engaging The Board, & 8 New Roles! - BSW #209
This week, in the Leadership and Communications section, The importance of culture in digital transformation, 4 ways to keep the cybersecurity conversation going after the crisis has passed, 8 new roles today's security team needs, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw209

The Nine Cybersecurity Habits - George Finney - BSW #209
In 1989, Stephen Covey first published "The 7 Habits of Highly Effective People," empowering and inspiring leaders for over 25 years. Is there an equivalent or new set of habits for CISOs? George Finney, Chief Security Officer at Southern Methodist University, joins Business Security Weekly to discuss the Nine Cybersecurity Habits. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw209

Unauth'd RCE, "Regexploits", Post-Spectre Web, & SigStore Signing - ASW #143
Software safety to mitigate the impact of unauthenticated RCEs, exploding regex patterns, web and browser security in the face of Spectre side-channels, signing software artifacts, 8 roles for today's security teams. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw143

Cloud Native Security Platforms - John Morello - ASW #143
Modern appsec demonstrates the importance of a cloud native strategy for enterprise security and how much that strategy must integrate with DevOps tools and workflows. Security solutions need to come from a cohesive platform that addresses the problems DevOps teams face in how they're building apps today. This segment is sponsored by Prisma Cloud/ Palo Alto Networks. Visit https://securityweekly.com/prismacloud to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw143

Ransomware Research, Threats, and Futures - Assaf Dahan - PSW #686
Assaf Dahan, Sr Director, Head of Threat Research at Cybereason, discusses current trends in ransomware research. What happens when we're not watching or watching the wrong indicators? And threat actor handoff off pillaging to Cyber Merenaries. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw686

Russian regex, John McAfee, Verkada Hack, & Microsoft Exchange - PSW #686
Microsoft Exchange had some vulnerabilities, how could you not hear about them?, Russians try to throttle Twitter, silicon valley security camera company has been breached and we get to see what it looks like as they make Teslas in China, Did I mention that there was an Exchange hack?, free tool release to help secure the supply chain (but not Russians with bags of cash), the best practices aren't always the best, advanced Linux malware and how not to encrypt C2 and hide files, and network-based multi-domain macro-segmentation situational awareness for compliance, & more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw686

How Illicit Markets Really Operate - David Hétu - PSW #686
David has been studying the structure, size and scope of illicit markets for over 10 years. He has come to realize just how fragmented illicit markets are, how a few select vendors often control most of the sales, and how important social bonds are even in the context of anonymous illicit markets. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw686

CrowdStrike Falcon, Gigamon Hawk, Awake's NDR, & Acquisitions - ESW #219
This Week, In the Enterprise Security News: Okta acquires Auth0, KnowBe4 Acquires MediaPRO, PayPal to acquire Curv, and Dropbox to acquire DocSend Aqua Security raises $135M, Privacera Secures a Series B, YL Ventures sells its stake in Axonius, Snyk Secures a Series E, and McAfee sells its Enterprise business AWS Announces New Lower Cost Storage, Radware's New Integrated Application Delivery & Protection, Bitdefender launches new Cloud-based EDR Solution, Awake's NDR platform, CrowdStrike Falcon enhancements improve SOC efficiency, Tufin releases Vulnerability-Based Change Automation App, Gigamon launches Hawk, Sonatype Releases New Nexus Firewall Policy to Secure Software Supply Chains, & more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw219

Attack Surface Management, Monitoring, & Mapping - Jeff Foley - ESW #219
The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques. https://github.com/OWASP/Amass https://owasp.org/www-project-amass/ https://vimeo.com/481985359 Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw219

Using Computer Vision to Combat Phishing - Chris Cleveland - ESW #219
Email security and phishing protection has many gaps that are exploited by attackers. Learn how computer vision can help prevent malicious URLs and websites from doing bad things to your users. Threat Report: https://pixm.net/wp-content/uploads/2021/03/Pixm-Q4-2020-Threat-Report.pdf This segment is sponsored by Pixm. Visit https://securityweekly.com/Pixm to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw219

ICS/OT Regulation, Part 2 - Jim Gilsinn - SCW #64
Industrial Control Systems (ICS) and Operational Technology (OT) have risks and consequences in the real world, such as the health and safety of people, but how those industries handle the potential cybersecurity risks varies greatly depending on the regulation that has been applied. The US Government has declared many different industries as critical infrastructures with different levels of prioritization placed on cybersecurity regulation. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw64

ICS/OT Regulation - Jim Gilsinn - SCW #64
Industrial Control Systems (ICS) and Operational Technology (OT) have risks and consequences in the real world, such as the health and safety of people, but how those industries handle the potential cybersecurity risks varies greatly depending on the regulation that has been applied. The US Government has declared many different industries as critical infrastructures with different levels of prioritization placed on cybersecurity regulation. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw64

Risky Business (With Less Resources), Or: Know the CISO Job Search - BSW #208
In the leadership and communications section, Risky business: 3 timeless approaches to reduce security risk in 2021, Why Less Can Be More When It Comes to Cybersecurity, CISO job search: What to look (and look out) for, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw208

Security Leadership in Times of Transition - Gerald Beuchelt - BSW #208
In 2020, we interviewed Gerald Beuchelt on Enterprise Security Weekly. At that time, he was the CISO at LogMeIn. Now he's the CISO at Sprinklr. What's it like to transition jobs in the middle of a pandemic as the first CISO of a company? Gerald discusses his transition story and shares his recommendations and lessons learned for other CISOs. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw208

Security Engineering, Evil Packages, Exchange SSRF, & Observability - ASW #142
Making security engineering successful, Go's supply chain, mitigating JSON interoperability flaws, automating the hunt for deserialization flaws, the importance of observability, and what to do about Exchange. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw142

Privacy, Data Security & Compliance - Cynthia Burke - ASW #142
In most IT shops, privacy, data security and compliance often resided under the same umbrella of ownership. While all 50 States in the US have data breach notification laws, we are seeing a shift in focus on data privacy globally. Privacy and data security compliance are often used interchangeably but this misuse in terminology (and the associated requirements for all IT organizations) creates a lot of confusion in an already complicated industry. Cynthia will explore some of the key factors in 2021 as to and why we need to get it right. This segment is sponsored by Capsule8. Visit https://securityweekly.com/capsule8 to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw142