The Defender's Advantage Podcast

The healthcare industry faces a range of threat actors and maliciousactivity. FireEye EVP, Products, Grady Summers spoke with PrincipalAnalyst, Luke McNamara on the types of financially motivated cyberthreat activity impacting healthcare organizations, nation statesthreats that the healthcare sector should be aware of, and how thethreat landscape for healthcare organizations evolve in the future.

The importance of being prepared cannot be understated. Companiesexperiencing an email compromise must undertake costly investigationsinvolving forensics services and data mining of affected inboxes tosee if sensitive information has been impacted. If that isn’t badenough, productivity and reputation also stand to take a hit.To shine some light on the business email compromise threat and howbest to defend against it, FireEye EVP and CTO Grady Summers sat downwith Ken Bagnall, VP for Email Security at FireEye, and LaurenWinchester, Privacy Breach Response Services Manager at Beazley.During their chat, the trio discussed awareness, prevention and a newunique offering from FireEye and Beazley.

In April 2018, FireEye CTO, Grady Summers had the opportunity to talkabout some of the latest features of FireEye Email Security with KenBagnall, VP for Email Security at FireEye. Their conversation ended upbeing one of our more popular 'Eye on Security' podcast episodes, soit was a no-brainer that Grady would have Ken back in July 2018 todiscuss some of the changes in email attacks that we had beenobserving.When Ken happily agreed to return for a third appearance, FireEyeChief Intel Strategist, Christopher Porter was particularly glad thatit was his turn to pick his brain. During their chat, Ken andChristopher talked about the innovation behind our secure emailgateway, the intellectual property behind FireEye technologies fordetecting advanced threats that others miss, and some general trendsrelated to email threats that we’re seeing today.Check out the podcast right now, and learn more about how FireEyeEmail Security can help defend against today’s most widely used – andlesser known – email attacks.

In recent weeks FireEye has been talking all about Expertise OnDemand, our annual subscription service that gives customers access tosecurity experts and more. As FireEye Chief Intelligence Strategist,it has been exciting to see the transformation on the Intelligenceside of things, but to get a better look at the Expertise On Demandservice as a whole we turned to Gareth Maclachlan, VP of Strategy andProduct Management.In our latest Eye on Security podcast, Gareth and Christopher discusseverything from how the Expertise On Demand service works and whatmakes it unique, to the overall experience for customers and partners.Gareth also talks about what prompted FireEye to offer Expertise OnDemand in the first place, including an all-too-familiar problem inthe industry: a shortage of trained security professionals.

The United States District Attorney’s Office for the Western Districtof Washington recently unsealed indictments and announced the arrestsof three individuals linked to a criminal organization we have beentracking since 2015 as FIN7. With the threat group in the news quite abit lately, FireEye CTO, Grady Summers sat down to discuss the actorsand the arrests with two of the foremost FIN7 experts: Nick Carr andBarry Vengerik from FireEye’s Advanced Practices Team.They discussed a wide variety of topics, including FIN7’s targeting,why they chose the particular sectors that they did, how they gainedan initial foothold in organizations, their tools and tactics,techniques and procedures (TTPs), some of the methods FireEye used totrack the group, and some of the ways FIN7 activity changed followingarrests made as far back as January 2018.More information on FIN7 and many other threat groups can be found inour Intel Portal as part of our FireEye iSIGHT Threat Intelligenceoffering.

Back in April 2018, FireEye CTO, Grady Summers had the chance to talkwith Ken Bagnall, VP for Email Security at FireEye. At the time, Kenand Grady chatted about FireEye’s acquisition of the company The EmailLaundry, which took place late 2017, and about some of the newcapabilities that was gained in FireEye Email Security from thatintegration. They also discussed some of the trends that had beenobserved in the email security space.Grady recently met back up with Ken to continue their chat, and thistime were also joined by Levi Lloyd, Senior Manager for DetectionServices at FireEye. During the conversation, the three of them dove alittle bit deeper into some of the details behind the changes in emailattacks that they've seen. They then went on to discuss some of thereally cutting-edge techniques that FireEye is using to respond tothose email attacks, including blocking impersonation attacks andURL-based attacks.Check-out the podcast, and also learn more about how FireEye EmailSecurity can help defend against today’s most widely used – and lesserknown – email attacks.

FireEye Chief Intelligence Strategist, Christopher Porter had theopportunity to speak with Jared Semrau, head of our Vulnerability andExploitation intelligence team. Jared discusses how his team gathersinformation on new and existing exploitable bugs, combines that withwhat FireEye knows from engagements and device detections, and howthey map that intelligence to known threat actors. There are a lot ofmyths going around about how vulnerability management should behandled and this discussion helped cut through a lot of that.Listen to the podcast to join this conversation and to learn whyFireEye rates less than 0.01% of its vulnerabilities as critical,compared to 10% of vulnerabilities being rated critical by publicsources. Jared did a great job explaining for me how this focus ononly the truly critical and exploitable vulnerabilities helps ourclients better utilize their limited threat hunting resources and keepoperational systems online as much as possible without unnecessaryout-of-cycle patching.

It’s hard to believe, but April 2018 marked the release of our 9thedition of M-Trends. To learn more about the latest report, FireEyeCTO, Grady Summers sat down and spoke with one of the keycontributors: Jurgen Kutscher, senior vice president responsible forall Mandiant Consulting and Managed Defense offerings at FireEye.During their conversation, Jurgen and Grady discussed a wide varietyof topics touched on in the M-Trends report, including the significantincrease in attacks originating from threat actors sponsored by Iran,a typically dwindling global median dwell time increasing from 99 daysin 2016 to 101 days in 2017, how more than half of organizations thatwere victims of a targeted attack were getting re-attacked by the sameor similarly motivated threat actors, and much more.Check out our podcast today, and also read the M-Trends report toexplore the latest and greatest trends that define today’s threatlandscape athttps://www.fireeye.com/current-threats/annual-threat-report/mtrends.html

FireEye CTO, Grady Summers discussed email security with Ken Bagnall,VP of the FireEye Email Security side of the business. Ken came toFireEye following its 2017 acquisition of The Email Laundry, where hewas a founder and CEO.<br><br>During their chat, Ken and Grady discussed a wide variety of topics,including Ken's history in the industry and how he got into emailsecurity, how the merging of The Email Laundry with FireEye was theperfect fit, up-and-coming email threats such as malware-less attacksand imposter-based attacks, and what FireEye is doing to stay ahead ofthese threats and ensure customers remain protected.<br><br>Check out the podcast, and learn more about how FireEye Email Securitycan help defend against today's most widely used - and lesser known -email attacks.

Chris Porter, chief intelligence strategist at FireEye had theopportunity to speak with Parnian Najafi Borazjani, senior cybersecurity analyst at FireEye, and Michael Rastigue, vice president,cyber risk practice growth leader for the central zone at Marsh, oncyber threats to the manufacturing industry.Listen to the podcast to learn about today's threats, including whothe bad actors are, what assets are they going after, and what aresome possible motivators for bad actors to target the industry.Additionally, Parnian and Michael discussed common exploit routes, andimprovement in risk mitigation and transfer options.