Enterprise Security Weekly (Video)

What does a mature SecOps team look like? There is pressure to do more with less staff, increase efficiency and reduce costs. JP Bourget's experience has led him to believe that the answer isn't a tool upgrade, it's better planning, architecture, and process. In this interview, we'll discuss some of the common mistakes SecOps teams make, and where to start when building the SOC of the future. Show Notes: https://securityweekly.com/esw-399

In this week's enterprise security news, Knostic raises funding The real barriers to AI adoption for security folks What AI is really getting used for in the wild Early stage startup code bases are almost entirely AI generated Hacking your employer never seems to go well should the CISO be the chief resiliency officer? proof we still need more women in tech All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-398

It takes months to get approvals and remediate cloud issues. It can take months to fix even critical vulnerabilities! How could this be? I thought the cloud was the birthplace of agile/DevOps, and everything speedy and scalable in IT? How could cloud security be struggling so much? In this interview we chat with Marina Segal, the founder and CEO of Tamnoon - a company she founded specifically to address these problems. Segment Resources: Gartner prediction: By 2025, 75% of new CSPM purchases will be part of an integrated CNAPP offering. This highlights the growing importance of CNAPP solutions. https://www.wiz.io/academy/cnapp-vs-cspm Cloud security skills gap: Even well-intentioned teams may inadvertently leave their systems vulnerable due to the cybersecurity skills shortage. https://eviden.com/publications/digital-security-magazine/cybersecurity-predictions-2025/top-cloud-security-trends/ CNAPP market growth: The CNAPP market is expected to grow from $10.74 billion in 2025 to $59.88 billion by 2034, indicating a significant increase in demand for these solutions. https://eviden.com/publications/digital-security-magazine/cybersecurity-predictions-2025/top-cloud-security-trends/ Challenges in Kubernetes security: CSPMs and CNAPPs may have gaps in addressing Kubernetes-specific security issues, which could be relevant to the skills gap discussion. https://www.armosec.io/blog/kubernetes-security-gap-cspm-cnapp/ Addressing the skills gap: Investing in training to bridge the cybersecurity skills gap and leveraging CNAPP platforms that combine advanced tools are recommended strategies. https://www.fortinet.com/blog/business-and-technology/navigating-todays-cloud-security-challenges Tamnoon's State of Remediation 2025 report Show Notes: https://securityweekly.com/esw-398

Penetration tests are probably the most common and recognized cybersecurity consulting services. Nearly every business above a certain size has had at least one pentest by an external firm. Here's the thing, though - the average ransomware attack looks an awful lot like the bog standard pentest we've all been purchasing or delivering for years. Yet thousands of orgs every year fall victim to these attacks. What's going on here? Why are we so bad at stopping the very thing we've been training against for so long? This Interview with Phillip Wylie will provide some insight into this! Spoiler: a lot of the issues we had 10, even 15 years ago remain today. Segment resources: Phillip's talk, Optimal Offensive Security Programs from Dia de los Hackers last fall Show Notes: https://securityweekly.com/esw-398

In the enterprise security news, Why is a consulting firm raising a $75M Series B? A TON of Cybereason drama just dropped Skybox Security shuts down after 23 years The chilling effect on security leaders is HERE, and what that means IT interest in on-prem, does NOT mean they’re quitting the cloud Updates on the crazy Bybit heist the state of MacOS malware Skype is shutting down Mice with CRISPR’ed woolly mammoth fur is NOT the real life Jurassic Park anyone was expecting All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-397

And now, for something completely different! I've always urged the importance for practitioners to understand the underlying technology that they're challenged with defending. When we're yelling at the Linux admins and DevOps folks to "just patch it", what does that process entail? How do those patches get applied? When and how are they released in the first place? This is often one of the sticking points when security folks get nervous about "going open source", as if 90% of the code in their environments doesn't already come from some open source project. It's a legitimate concern however - without a legal contract, and some comfort level that a paid support team is actually going to fix critical vulnerabilities, how do we develop trust or a relationship with an open source project? In this interview, benny Vasquez, the Chair of the board of directors for AlmaLinux, will fill in some of the gaps for us, and help us understand how an open source project can not only be trusted, but in many cases may be more responsive to security teams' needs than a commercial vendor. Segment Resources: benny's 'highly scientific' survey on cloud vs on-prem usage across AlmaLinux users Show Notes: https://securityweekly.com/esw-397

2025 brings us close to an interesting milestone - ransomware attacks, in their current, enterprise-focused form, are almost a decade old. These attacks are so common today, it's impossible to report on all of them. There are signs of hope, however - ransomware payments are significantly down. There are also signs defenders are getting more resilient, and are recovering more quickly from these attacks. Today, with Intel471's Mike Mitchell, we'll discuss what defenders need to know to protect against today's ransomware attacks. He'll share some stories and anecdotes from his experiences with customers. He'll also share some tips, and tricks for successful hunts, and how to catch attacks before even your tools trigger alerts. Segment Resources: https://intel471.com/blog/how-ransomware-may-trend-in-2025 Show Notes: https://securityweekly.com/esw-397

This week, in the enterprise security news, we’ve got some funding and acquisitions! ransomware payments are DOWN 35% infostealers on Macs are UP 101% Bybit got hit by a $1.5B heist and shrugged it off A SaaS report says AI is having no impact on pricing Microsoft’s CEO says AI is generating no value Google is dropping SMS as a second factor Google creates a 4th state of matter instead of fixing Teams What it’s like to be named “Null” All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-396

We get a visit from Tanya Janca to discuss her latest book, Alice and Bob Learn Secure Coding! Segment Resources: Tanya's latest book on Amazon Tanya's previous book, Alice and Bob Learn Application Security on Amazon Tanya's website, She Hacks Purple Show Notes: https://securityweekly.com/esw-396

In 2011, Marc Andreessen predicted that software would eat the world. Specifically, the prediction was that software companies would take over the economy and disrupt all industries. The economic prediction has mostly come true, with 9 out of 10 of the most highly valued companies being tech companies. The industry disruption didn't materialize in some cases, and outright failed in others. Healthcare seems to be one of these 'disruption-resistant' areas. Ed joins us today to discuss why that might be, and what the paths towards securing the healthcare industry might look like. Segment Resources: Ed's podcast, Risk Never Sleeps Show Notes: https://securityweekly.com/esw-396