Brilliance Security Magazine Podcast

Thousands of virtual appliances are being distributed with known, exploitable, and fixable security flaws and often on outdated operating systems. Organizations depend on virtual appliances for securing cloud workloads, firewalls, secure gateways, and encryption. To help the cloud security industry keep pace with demand, Orca Security released the “2020 State of Virtual Appliance Security Report,” which analyzed 2,218 virtual appliance images from 540 software vendors for known vulnerabilities, to identify risks and provide an objective assessment score and ranking. As the enterprise migrates to the cloud at a rapid pace, the security of virtual appliances has fallen dramatically behind. In this episode, we talk with Yoav Alon, Chief Technology Officer at Orca Security, and examine what went into creating this report and some of its top findings.

Mobolize, the recognized leader for providing an on-device Data Management Engine that provides security, connectivity, and optimization on mobile devices, recently announced a partnership with Akamai, the intelligent edge platform for securing and delivering digital experiences, to offer security to mobile devices for enterprises. The addition of mobile protection adds an extra layer of proactive security controls and threat protection to quickly and uniformly block malicious web traffic for the growing use of mobile devices as employees work from home. In Episode S2E18 we explore this new partnership as we speak with Colleen LeCount, Chief Revenue Officer at Mobolize, and Tim Knudsen, VP Product for Enterprise Security Products at Akamai. We uncover how this relationship will affect security and device performance for enterprise mobile device users.

Episode S2E17 is an informative discussion about how financial institutions are fairing in their quest to converge fraud, risk, and IT teams. We look at the state of the financial industry as it relates to fraud and how the pandemic has affected financial institutions. We examine some of the pain points banks suffer as they attempt to converge risk management solutions as well as the benefits of this convergence. As our guest, we have Matt Tengwall, the General Manager of Verint Fraud & Security Solutions. He shares his unique insight into how technology often leads the way as financial institutions grapple with fraud, risk, and IT convergence. 

In episode S2E16 we talk with Eric Solis, the CEO of MovoCash, and discuss how consumer demand for cashless payment is changing society and how financial institutions can offer competitive digital services while preventing fraud. We examine the "state of the industry" as it relates to cashless payments and bank fraud. We talk about the need for new banking standards and look at whether or not a government-backed digital dollar is a good idea. Eric describes a better way of making cashless payments than just handing over a credit or debit card number that gives merchants access to your entire credit limit or bank balance. 

In episode S2E15 we have a fascinating discussion with author and compliance expert, Karen Walsh. We dive into some of the cybersecurity and compliance challenges faced by small to medium-sized businesses.  Karen shares her expert insight into what SMBs need to know to protect their data, stay in compliance, and understand what is really important. In her characteristically charming way, she sorts through some of the industry's hyperbole and rhetoric to expose some simple cybersecurity and compliance truths.  Karen is working on a new book and offers some insights into what we can expect when it is published. 

From adopting secure configurations with measures to protect and control access to cameras, to managing security threats with vulnerability scans during integration, and even ensuring the integrity and security of products over the supply chain with regular audits, in episode S2E14 we talk about designing  360-degree surveillance technology with the cybersecurity needs of end-users in mind. Our guest is Jon Marsh. Vice President of Product at Oncam. Jon is responsible for Oncam’s overall product development. He spearheads the technology, design, and delivery of products, and ensures that the development of new solutions fit customer needs. Join us for an interesting conversation about what camera manufacturers can and should be doing to protect their end user's network. 

In episode S2E13 we talk with two experts about how physical security solutions must be designed with cybersecurity in mind. You can think of this as security for security. Nigel Waterton is Chief Revenue Officer, for Arcules, and Tim Palmquist is Vice President Americas, for Milestone Systems.  Together we uncover some interesting ways that Arcules uses the concept of Security by Design to bake cybersecurity elements into their cloud-based physical security solutions. We also talk about the unique relationship between Arcules and Milestone Systems. A relationship that provides each company with strategic advantages in the marketplace.

To say that the COVID-19 pandemic has disrupted operations around the world is the understatement of the decade. That being said, businesses and governments are under mounting pressure to restart their operations as quickly as possible. With social distancing and other measures helping to curtail the spread, organizations are turning their attention to a critical question: “How do we effectively restart operations while protecting our employees’ and citizens’ health and safety?” In episode S2E12 we talk with Alan Stoddard, Vice President and General Manager, Verint Situational Intelligence Solutions. He says adjusting to these new conditions demands a pragmatic approach that addresses the potential risk to employees in various environments while also delivering a degree of confidence to customers that an organization is taking a meaningful, proactive posture to keep people safe and healthy. Also, as circumstances change, obtaining the insight to adapt to those changes, and implementing workplace health and safety tools are crucial for businesses to stay one step ahead and remain agile.

From financial services to education, nearly every industry relies on API feeds to remain competitive and generate revenue. In S2E11 former team leader of an elite Israeli Defense Forces (IDF) cyber unit and current CEO of Salt Security, Roey Eliyahu, cautions that API security must be part of an organization’s business continuity strategy. If left unprotected, a breach could have catastrophic repercussions for both revenue and brand reputation. Listen to this episode to hear Roey explain how attackers choose which APIs to target, how they execute attacks, and how to protect against these threats.

In Episode S2E10 we talk with Perry Carpenter, Chief Evangelist, and Strategy Officer with KnowBe4. We discuss KnowBe4’s new research arm, KnowBe4 Research, and their first Security Culture Report that was recently released. In the 2020 “Security Culture Report”, data was collected from 120,050 employees in 1,107 organizations across 24 countries. There were a total of 17 industry sectors examined in detail. Results from this year’s report revealed a large gap between the best performers and the poor performers when it comes to security culture. The best performers were from Banking, Financial Services, and Insurance and the worst performers were from Education, Transportation, and Energy & Utilities. Security culture varies across industries. In the industry comparison report, all industries were compared according to their security culture scores and across each of the seven dimensions (Attitudes, Behaviors, Cognition, Communication, Compliance, Norms, and Responsibilities) of security culture. Download a copy of the report here.