Security Matters

Rita Gurevich, CEO of SPHERE, discusses the evolving cyber controls and identity hygiene requirements in cybersecurity. Topics include the impact of cloud environments, cyber insurance trends, and challenges in mergers and acquisitions. Emphasis on the need for comprehensive cybersecurity measures across all platforms.

Today’s Trust Issues guest is Brian Contos, Chief Strategy Officer at Sevco Security. With host David Puner, Contos discusses the intricacies of securing the Internet of Things (IoT) and the challenges posed by the expanding IoT landscape – emphasizing the need for robust identity management. In a broader context, IoT encompasses identity management, cybersecurity and the evolving role of AI in safeguarding digital assets. Contos delves into the pressing issues surrounding IoT, Extended IoT (xIoT) and OT devices' security vulnerabilities – and explores how these vulnerabilities pose threats to consumer privacy, sensitive data and public safety. The conversation also touches on the intersections of identity security with asset intelligence and the importance of understanding the complete asset landscape in cybersecurity. We’re calling this one “The Identity of Things” … Check it out!

In this Trust Issues episode, host David Puner welcomes back Andy Thompson, CyberArk Labs' Offensive Security Research Evangelist for a discussion focused on two recent high-profile breaches: one targeting MGM Resorts International and the other involving Okta's support unit. The conversation delves into the details of the attacks – who’s behind them, how identity plays a pivotal role in both – and the larger implications of this new breed of supply chain attack amid the evolving threat landscape. Thompson also shares insights into how organizations can better protect themselves and their customers. Check out the CyberArk blog for further insights into the MGM and Okta breaches. And, watch Andy Thompson in the CyberArk Labs' webinar, "Anatomy of the MGM Hack."

Today’s guest is Charles Chu, CyberArk's General Manager of Cloud Security, who’s spent more than a decade at the forefront of cloud security. Chu joins host David Puner for a conversation that delves into secure cloud access and the concept of zero standing privileges (ZSP), a dynamic approach to securing identities in multi-cloud environments. Chu sheds light on the complexities of cloud security, emphasizing the need for tailored solutions to protect against evolving cyber threats. Don't miss this insightful conversation that demystifies cloud security and redefines safeguarding digital assets – and answers the pivotal question: Why doesn’t cloud security taste like chicken?  

Arati Chavan, Staff Vice President, Global Head of Identity and Access Management (IAM) at Elevance Health joins host David Puner for a conversation that sheds light on how federated identity solutions are pivotal in achieving efficient and secure access control across diverse entities. Chavan also explores the challenges and opportunities in cloud transformation, the evolving role of AI in healthcare and the delicate balance between customer simplicity and robust security measures. Listen in for a deep dive into the heart of identity security and its impact on the healthcare industry.

Our guest today is Phillip Wylie, an offensive security professional and evangelist, author and podcast host who recently added director of services and training at Scythe to his extensive CV. Wylie talks with host David Puner about the critical need for ethical hacking in cybersecurity, identity security revelations from years of penetration testing, and his fascinating career arc, which began in professional wrestling.  Considering a cybersecurity career? You won’t want to miss this episode – Wylie’s passion for cybersecurity education and mentorship is contagious. Plus, you’ll discover many unexpected parallels between pro wrestling and red teaming – and how they can help strengthen your organization’s digital defenses.

In this episode, we welcome back Shay Nahari, VP of CyberArk Red Team Services. His discussion with host David Puner revolves around attacker innovation, focusing on key areas like cascading supply chain attacks and session cookie hijacking. Lean in as Nahari explains how the Red Team simulates real-world attacks to help organizations identify vulnerabilities and improve their security posture.  

Today’s episode of Trust Issues focuses on spycatching! Eric O'Neill, a former FBI counterintelligence operative and current national security strategist, joins host David Puner to discuss his legendary undercover mission to capture Robert Hanssen, one of the most notorious and damaging spies in U.S. history. O'Neill details his “cover job” of working beside Hanssen in the FBI’s new information assurance (cybersecurity) division, while secretly uncovering his espionage activities. O'Neill’s made-for-the-big-screen experiences emphasize the challenges posed by malicious insiders – some of the most difficult and expensive cybersecurity threats of our time. His gripping account draws intriguing parallels between spies and cyber criminals, shedding light on identity security’s significant role in thwarting insider espionage and defenders’ continuous push to outpace attacker innovation. 

Crystal Trawny, Optiv’s Practice Director, delves into the evolution of Privileged Access Management (PAM) with insightful discussions on overcoming change resistance, deployment timelines, and critical program elements. She emphasizes the correlation between endpoint privilege management and PAM maturity, offering valuable insights to assess and enhance organizational security strategies.

Matt Cohen, CEO of CyberArk and a proponent of leading without fanfare, dives into transformative leadership in the cybersecurity realm. He shares insights on navigating the CEO role and the importance of company culture. The conversation highlights the critical nature of identity security in our increasingly digital world and the innovative approaches required to tackle modern threats. Cohen also discusses the value of authenticity, humility, and customer-centricity in building trust within business relationships.