CISO Perspectives (public)

Microsoft Azure adoption with cybersecurity first principle strategies.The cloud revolution is here. How well can we implement our first principle strategies within each environment? Do we need to embrace other security platforms to get it done? In this session, Rick and the Hash Table review Microsoft Azure through the lens of first principle thinking. They review how Azure supports, or doesn’t support, strategies of resilience, zero trust, intrusion kill chains, and risk assessments. The Hash Table gives their detailed technical experiences and strategies using Azure to support cybersecurity.Two members of the CyberWire’s Hash Table of experts - Rick Doten, Carolina Complete Health CISO and Mark Simos, Microsoft’s Lead Cybersecurity Architect - discuss Microsoft Azure security through a first principle lens. Can Azure deployments satisfy our requirements for zero trust, intrusion kill chain prevention, resilience, and risk assessment?Cybersecurity professional development and continued education.You will learn about: Microsoft Azure services and security tools, infrastructure as code, Azure strategies that support cybersecurity first principlesCyberWire is the world’s most trusted news source for cybersecurity information and situational awareness. Join the conversation with Rick Howard on LinkedIn and Twitter, and follow CyberWire on social media and join our community of security professionals: LinkedIn, Twitter, Youtube, Facebook, InstagramAdditional first principles resources for your cybersecurity program.For more Microsoft Azure and cybersecurity first principles resources, check the topic essay.Selected Reading: S1E9: 01 JUN: Cybersecurity first principles – resilience. “A Look Back At Ten Years Of Microsoft Azure,” by Janakiram, Forbes, 3 February 2020. “Azure AD Overview,” by John Savill, YouTube, 2020. “Azure Security Benchmark,” msmbaldwin, Microsoft.com, 2021.  “Azure Virtual Network FAQ,” KumudD, Microsoft.com, 26 June 2020.  “Azure Virtual Network Overview,” by John Savill, YouTube, 4 February 2020. “Microsoft Azure: Security,” Microsoft. “Microsoft: How 'zero trust' can protect against sophisticated hacking attacks,” by Liam Tung, ZDNet, 20 January 2021. “Secure Score in Azure Security Center,” memildin, Microsoft.com, 5 January 2021. “Thinking about Resiliency in Azure,” by John Savill, YouTube Video, June 2019. “Top SolarWinds Risk Assessment Resources for Microsoft 365 and Azure,” by Susan Bradley, CSO Online, 13 January 2021. “Zero Trust Deployment Center,” by Gary Centric, Microsoft.com, 30 September 2020. Learn more about your ad choices. Visit megaphone.fm/adchoices

Microsoft Azure adoption with cybersecurity first principle strategies.The cloud revolution is here. How well can we implement our first principle strategies within each environment? Do we need to embrace other security platforms to get it done? In this session, Rick discusses Microsoft Azure through the lens of first principle thinking. He reviews how Azure supports, or doesn’t support, strategies of resilience, zero trust, intrusion kill chains, and risk assessments.Cybersecurity professional development and continued education.You will learn about: Microsoft Azure services and security tools, infrastructure as code, Azure strategies that support cybersecurity first principlesCyberWire is the world’s most trusted news source for cybersecurity information and situational awareness. Join the conversation with Rick Howard on LinkedIn and Twitter, and follow CyberWire on social media and join our community of security professionals: LinkedIn, Twitter, Youtube, Facebook, InstagramAdditional first principles resources for your cybersecurity program.For more Microsoft Azure and cybersecurity first principles resources, check the topic essay.Selected Reading: S1E1: 6 APR: Your Security Stack is Moving: SASE is Coming. S1E9: 01 JUN: Cybersecurity first principles - resilience S2E7: 31 AUG: Identity Management: a first principle idea. S2E8: 07 SEP: Identity Management: around the Hash Table. S3E3: 02 NOV: Securing containers and serverless functions. S3E4: 09 NOV: Securing containers and serverless functions: around the Hash Table. S3E5: 16 NOV: SOAR: a first principle idea. S3E6: 23 NOV: SOAR: around the Hash Table. “About: History,” Cloud Security Alliance. “A Brief History of AWS,” by Alec Rojasm, Media Temple, 31 August 2017. “A Look Back At Ten Years Of Microsoft Azure,” by Janakiram, Forbes, 3 February 2020. “An Annotated History of Google’s Cloud Platform,” by Reto Meier, Medium, 10 February 2017. “Azure AD Overview,” John Savill, YouTube, 2020. “Azure Virtual Network FAQ,” KumudD, Microsoft.com, 26 June 2020.  “Azure Virtual Network Overview,” by John Savill, YouTube, 4 February 2020. “Matrices: Cloud Matrix,” by Mitre ATT&CK. “Microsoft Azure: Security.” by Microsoft. “Thinking about Resiliency in Azure,” John Savill, YouTube Video, June 2019. “Zero Trust Deployment Center,” Gary Centric, Microsoft.com, 30 September 2020. Learn more about your ad choices. Visit megaphone.fm/adchoices

Two members of the CyberWire’s Hash Table of experts, Gary McAlum, USAA CSO and Don Welch, Penn State CIO, join Rick Howard to discuss the SolarWinds attack.Resources: S1E6: 11 MAY: Cybersecurity first principles. S1E7: 18 MAY: Cybersecurity first principles: zero trust. S1E8: 26 MAY: Cybersecurity first principles: intrusion kill chains. S1E9: 01 JUN: Cybersecurity first principles: resilience. S1E11: 15 JUN: Cybersecurity first principles: risk assessment. S2E7: 31 AUG: Identity Management: a first principle idea. S2E8: 07 SEP: Identity Management: around the Hash Table. “Cybersecurity Canon,” by Ohio State University. “Do I Need a Third-Party Security Audit?” By Rachel Phillips, Bleeping Computer, 2 March 2018.  “SolarWinds hack officially blamed on Russia: What you need to know,” by Laura Hautala, Cnet, 5 January 2021. “Sunburst backdoor – code overlaps with Kazuar,” by SecureList, Kaspersky, 11 January 2021. Learn more about your ad choices. Visit megaphone.fm/adchoices

Rick discusses if the first principles theories prevent material impact in the real world, such as the latest SolarWinds attack.Previous episodes referenced:S1E6: 11 MAY: Cybersecurity First PrinciplesS1E7: 18 MAY: Cybersecurity first principles: zero trustS1E8: 26 MAY: Cybersecurity first principles: intrusion kill chains.S1E9: 01 JUN: Cybersecurity first principles - resilienceS1E11: 15 JUN: Cybersecurity first principles - riskS2E3: 03 AUG: Incident response: a first principle idea.S2E4: 10 AUG: Incident response: around the Hash Table. S2E7: 31 AUG: Identity Management: a first principle idea.S2E8: 07 SEP: Identity Management: around the Hash Table.Other resources:“A BRIEF HISTORY OF SUPPLY CHAIN ATTACKS,” by Secarma, 1 September 2018.“Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers,” by 365 Defender Research Team and the Threat Intelligence Center (MSTIC), Microsoft, 18 December 2020.“A Timeline Perspective of the SolarStorm Supply-Chain Attack,” by Unit 42, Palo Alto Networks, 23 December 2020.“Cobalt Strike,” by MALPEDIA.“Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon,” by Kim Zetter, Published by Crown, 3 June 2014.“Cybersecurity Canon,” by Ohio State University.“FireEye shares jump back to pre-hack levels,” Melissa Lee, CNBC, 23 December 2020."Implementing Intrusion Kill Chain Strategies by Creating Defensive Campaign Adversary Playbooks," by Rick Howard, Ryan Olson, and Deirdre Beard (Editor), The Cyber Defense Review, Fall 2020.“Orion Platform,” by SolarWinds.“Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers,” by Andy Greenberg, Published by Doubleday, 7 May 2019. “Solarstorm,” by Unit 42, Palo Alto Networks, 23 December 2020.“The Cybersecurity Canon: Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon,” by Rick Howard, The Cybersecurity Canon Project, 28 January 2015.“Using Microsoft 365 Defender to protect against Solorigate,” by the Microsoft 365 Defender Team, 28 December 2020. Learn more about your ad choices. Visit megaphone.fm/adchoices

Two members of the CyberWire’s Hash Table of experts: Gary McAlum, USAA CSO Zan Vautrinot, Air Force Major General (retired), Board Director Wells Fargo, Battelle, and City of Hope discuss where the CISO and CSO should fit into the organization.Resources: “Changing CISO's Reporting Structure: Why The Debate Is Back?” BY CIO&Leader, 3 July 2019. “Does it matter who the CISO reports to?” By Josh Fruhlinger, CSO, 30 April 2019. Learn more about your ad choices. Visit megaphone.fm/adchoices

Rick describes where the CISO fits into the corporate organizational structure and why it came to be that way.Resources: “CIO Hall of Fame: Max D. Hopper,” By Richard Pastore, CIO, 15 September 1997. “Concept of the Corporation,” by Peter F. Drucker, published Routledge, 1946. “Durant Versus Sloan – Part 1,” by steve blank, 1 October 2009.  “EVOLUTION OF THE CISO,” by Thomas Borton, ISACA Conference, 13 March 2014. “Max Hopper: Modernized information technology at American Airlines,” by Trading Markets, 28 Jan 2010. “My Years with General Motors,” by Alfred P. Sloan Jr., Published by Crown Business, 1964. “The Emergence of the CIO,” by IBM. “Title tips: Officer titles and their meanings,” By Chelan David, Smart Business, 3 March 2016. Learn more about your ad choices. Visit megaphone.fm/adchoices

Three members of the CyberWire’s Hash Table of experts: Rick Doten Kevin Ford Kevin Magee discuss SOAR tools.Resources: “A Brief History of SIEM,” by Stephen Gailey, CyberSecurity Magazine, 19 January 2020. “Cybersecurity First Principles: DevSecOps.” by Rick Howard, CSO Perspectives, The CyberWire, 8 June 2020. "Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains,” by Eric Hutchins, Michael Cloppert, Rohan Amin, Lockheed Martin Corporation, 2010, last visited 30 April 2020.   “Site Reliability Engineering: How Google Runs Production Systems,” by Betsy Beyer, Chris Jones, Jennifer Petoff, and Niall Richard Murphy, Published by O'Reilly Media, 16 April 2016. “The Cybersecurity Canon: The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win,” book review by Rick Howard, Palo Alto Networks, 21 October 2016. “The Evolution of SOAR Platforms,” by Stan Engelbrecht, SecurityWeek, 27 July 2018. “The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win,” by Gene Kim, Kevin Behr, George Spafford, Published by IT Revolution Press, 10 January 2013. Learn more about your ad choices. Visit megaphone.fm/adchoices

Rick explains the network defender evolution from defense-in-depth in the 1990s, to intrusion kill chains in 2010, to too many security tools and SOAR in 2015, and finally to devsecops somewhere in our future. Resources: “Cybersecurity First Principles: DevSecOps.” by Rick Howard, CSO Perspectives, The CyberWire, 8 June 2020. “FAQ,” RSA Conference, 2020. "Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains,” by Eric Hutchins, Michael Cloppert, Rohan Amin, Lockheed Martin Corporation, 2010, last visited 30 April 2020.   “Malware? Cyber-crime? Call the ICOPs!” by Jon Oltsik, CSO, Cybersecurity Snippets, 22 June 2015. “Market Guide for Security Orchestration, Automation and Response Solutions,” by Gartner, ID G00727304, 21 September 2020.  “MITRE ATT&CK,” by Mitre. “The Cybersecurity Canon: The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win,” book review by Rick Howard, Palo Alto Networks, 21 October 2016. “The Cyber Kill Chain is making us dumber: A Rebuttal,” by Rick Howard, LinkedIn, 29 July 2017. “The Evolution of SOAR Platforms,” by Stan Engelbrecht, SecurityWeek, 27 July 2018. “What is SOAR (Security Orchestration, Automation, and Response)?” by Kevin Casey, The Enterprisers Project, 30 October 2020. Learn more about your ad choices. Visit megaphone.fm/adchoices

Two members of the CyberWire’s hash table of experts: Bob Turner: University of Wisconsin at Madison CISO Roselle Safran: KeyCaliber’s CEO & Founder discuss security concerns around containers and serverless functions.Resources: “Cybersecurity first principles: intrusion kill chains,” By Rick Howard, CSO Perspectives, the Cyberwire, 26 May 2020. “Race Flag Meanings,” by Go Ahead Take the Wheel, 2020. “What Copernicus Knew About Cybersecurity Operations,” by Robert Turner, UW-Madison Information Technology, 27 June 2017. Learn more about your ad choices. Visit megaphone.fm/adchoices

Rick explains what containers and serverless functions are, why they are related, why they are the latest development in the evolution of the client server architecture, why you need to secure them, and how.Resources: “5 ways to secure your containers,” by Steven Vaughan-Nichols, CEO, Vaughan-Nichols & Associates, 23 April 2019. “8 technologies that will disrupt business in 2020,” by Paul Heltzel, CIO, 26 August 2019. “A Brief History of Containers: From the 1970s Till Now,” by Rani Osnat, Aqua, 10 January 2020. “A brief history of SSH and remote access,” by Jeff Geerling, an excerpt from Chapter 11: Server Security and Ansible, in Ansible for DevOps, 15 April 2014. “Amazon Launches Lambda, An Event-Driven Compute Service,” by Ron Miller, TC, 13 November 2014 “Application Container Security Guide: NIST Special Publication 800-190,” by Murugiah Souppaya, John Morello, and Karen Scarfone, NIST, September 2017. “Container Explainer,” IDG.TV, 19 August 2015. “Container Network Security - Kubernetes Network Policies in Action with Cilium (Cloud Native),” by Fernando, Gitlab, 16 July 2020. “Container Security,” by Synk. “Google has quietly launched its answer to AWS Lambda,” by Jordan Novet, Venture Beat, 9 February 2016. “Historical Computers in Japan: Unix Servers,” IPSJ Computer Museum. “M.C. Escher Collection,” Maurits Cornelis (MC) Escher - 1898 - 1972. “Serverless Architectures,” by Martin Fowler, martin.Fowler.com, 22 May 2018. “Serverless vs Microservices — Which Architecture to Choose in 2020?” TechMagic, 01 JULY 2020. “The Benefits of Containers,” by Ben Corrie, VMWARE, 16 May 2017. “The essential guide to software containers for application development,” by David Linthicum, Chief Cloud Strategy Officer, Deloitte Consulting. “The Invention of the Virtual Machine,” by SEAN CONROY, IDKRTM, 25 JANUARY 2018. “What are containers and why do you need them?” By Paul Rubens, CIO, 27 JUN 2017. “What even is a container: namespaces and cgroups,” by Julia Evans, Julia Evans Blog. “What is a Container?” by Ben Corrie, VMWARE, 16 May 2017 “What is a Container?” by VMWARE. Learn more about your ad choices. Visit megaphone.fm/adchoices