Identity at the Center Identity At The Center #26 - IAM in Monterrey with Arturo
Dec 20, 2019
Arturo Cordoba, Senior Advisor on the Cyber Security team at CEMEX, dives into the challenges and successes of managing identity and access management (IAM) in Monterrey, Mexico. He discusses the significant PEMEX ransomware attack and its impact on the industry. Arturo also highlights his achievement of rolling out multi-factor authentication for 23,000 employees, and the internal politics that can slow IAM progress. He aims to foster a local IAM community to connect professionals and share knowledge, ensuring an informed and robust cybersecurity landscape.
AI Snips
Chapters
Books
Transcript
Episode notes
Communication Equals Credibility After Breaches
- The Pemex ransomware case highlighted that post-incident communication matters as much as prevention.
- Arturo and Jeff note clear, honest communication earns trust even when breaches occur.
Attackers Favor Low-Control Targets
- Attackers target mid-size firms with weak controls and local-admin users.
- Jeff warns that social tricks like planted USBs still open costly breach paths.
Vet Magic-Bullet Security Claims
- Beware vendors promising a single "magic" product to solve ransomware.
- Validate technical claims and match tools to real controls before buying.
