Steve Zalewski

This week, Steve Zalewski, a cybersecurity expert and co-host of Defense in Depth, dives into pivotal topics shaping the digital landscape. He discusses the implications of CISA's furloughs on incident response and long-term staffing risks. The shift of the DOD to a Continuous Cyber Risk Management framework is explored, emphasizing resiliency and AI in defense. Additionally, they analyze the recent Oracle data extortion, highlighting vendor responsibility, and touch on the impact of ransomware on Asahi's operations, posing serious questions about supply chain vulnerabilities.

This week features Steve Zalewski, co-host of Defense In Depth, who shares his cybersecurity expertise. The conversation delves into the shocking merger of ShinyHunters and Scattered Spider, which ramps up phishing threats targeting Salesforce users. They discuss innovative AI approaches to vulnerability management, and highlight community projects aimed at bolstering cybersecurity for critical infrastructure. Additionally, they touch on Microsoft’s new Windows 365 Reserve service and its implications for business continuity.

Guest Steve Zalewski discusses topics such as open source challenges, cybersecurity hiring, and sales knowledge. They debate on privacy invasion vs. embarrassment, cybersecurity quiz, and mastering interviews. The podcast also explores company security, risk management, and mentorship in cybersecurity.

Guest Steve Zalewski and the hosts discuss the challenges of securing SaaS applications, the need for a specific strategy, gaining visibility in SaaS environments, and strategies for securing SaaS applications including DNS for app discovery and operationalizing security practices.

Steve Zalewski, a seasoned cybersecurity advisor and CISO in residence, joins to dive into the current landscape of cyber threats. He discusses the ongoing vulnerabilities in Microsoft 365, particularly concerning product deactivation and phishing risks. Zalewski also critiques traditional responses like rebooting systems to solve flaws, advocating for a more robust cybersecurity strategy. The conversation highlights the dangers of large language models creating malware and underscores the critical need for innovative defenses in today’s tech-driven world.