The Defender's Advantage Podcast

Chris Porter, chief intelligence strategist at FireEye had theopportunity to speak with Parnian Najafi Borazjani, senior cybersecurity analyst at FireEye, and Michael Rastigue, vice president,cyber risk practice growth leader for the central zone at Marsh, oncyber threats to the manufacturing industry.Listen to the podcast to learn about today's threats, including whothe bad actors are, what assets are they going after, and what aresome possible motivators for bad actors to target the industry.Additionally, Parnian and Michael discussed common exploit routes, andimprovement in risk mitigation and transfer options.

FireEye CTO, Grady Summers spoke about cyber security in 2018 withFireEye CSO, Steve Booth. They touched on various topics, includingthe threat landscape, threat actor techniques, nation-state activity,and the General Data Protection Regulation (GDPR).Check-out the podcast to hear more about what the new year has instore, and also learn a little bit about what organizations should bedoing to stay ahead of these threats – everything from basic upkeep tomanaging priorities.

Grady Summers, CTO, FireEye recently sat down to speak about FireEyeHelix with Paul Nguyen, Vice President and General Manager for Helixat FireEye. During their conversation, Paul reiterated a key focus ofHelix, which is to the help analysts be more effective at their jobs.Check out the podcast to hear all about the latest release (Helix1.2), how FireEye is able to pivot data from the consul throughorchestration, and more.

Chris Porter, chief intelligence strategist at FireEye recently satdown with Jeffrey Ashcraft, senior analyst at FireEye, and MatthewMcCabe, senior vice president and advisory specialist at Marsh, todiscuss cyber threats to the utilities sector and how much of what yousee hackers do in the movies really happens when utilities arebreached in the real world?Listen to our podcast to find out what the difference between anespionage attempt and preparation for an attack is, the importance ofterms and conditions in cyber insurance, and how to best distinguishbetween an attack and an intrusion to your organization.

Given recent high-profile incidents, cyber security has quickly risento the top of the priority list for many organizations, includinggovernments. As with many organizations these days, governmentinformation technology and security is migrating to the cloud. Asgovernment and public education entities migrate to Office 365, GoogleMail or other solutions for their primary email management service,theyâre also looking for email security that delivers advancedthreat protection, and this requires a service that is FedRAMPauthorized. FireEye CTO Grady Summers spoke with FireEye Global GovtCTO, Tony Cole and Risk Management Lead, Stacey Ziegler on how FireEyewill support the government as it moves to the cloud.

FireEye CTO, Grady Summers interviewed Kevin Mandia in the summer of2016 to discuss his goals as FireEye's newest CEO. One year later hehas caught-up with Kevin to discuss his âOne Teamâ philosophy, thesuccessful launch of Helix, and his love of overcoming challenges.

FireEye CTO, Grady Summers caught-up with John Miller, manager ofthreat intelligence to discuss his thoughts on the current threatlandscape.John touched on preventative steps organizations can put in place,popular attack methods and trends he’s observed from the front linesof our cyber investigations.

Matt Snyder, chief information security officer for the Penn StateMilton S. Hershey Medical Center joins Grady Summers, FireEye chieftechnology officer, for a thought-provoking discussion spanning abroad range of security-related topics. Organizations in thehealthcare sector are experiencing exponentially increasing levels oftargeted attacks from organized crime and nation states: Matt shareshis approach to creating a holistic strategy to protect his complexenvironment.

In this podcast, Dan Scali, senior manager for Mandiant consulting andGrady Summers, FireEye Chief Technology Officer, discuss key issues incritical infrastructure and industrial control systems. Bank datacenters, nuclear power plants, and water plants make up this nichearea of information security thatâs quickly gained increasedimportance with recent high profile breaches. Dan covers some of thevulnerabilities these organizations have, including lack of networksegmentation and patching, and how this allows everything fromcrimeware to nation state attacks to threaten the integrity ofcritical systems. Organizations of all sizes need a pragmatic approachto security by adopting holistic security programs, employingenterprise wide monitoring, and ensuring they have incident responseplans in place. Dan discusses some of the ways Mandiant consultantsare helping these organizations in these areas including programdevelopment and non-invasive ICS health checks.

Detecting today’s attacks is difficult. Attackers are moresophisticated, better funded and better organized. Moreover, theattacks are more targeted, with 80 percent of observed malware showingup just once and 68 percent of malware being used against only asingle organization. In many cases, malware isn’t even involved in theattacks – instead, the threat actors use a variety of tactics, some ofwhich have never been seen before.A well-designed architecture needs to detect even the mostsophisticated attacks, especially those designed to evade defensivemechanisms. Furthermore, it needs to detect those attacks withoutgenerating the false positives that may lead to security personnelmissing the true threats. Perhaps most importantly, alerts must comewith the context that enables security teams to prioritizeinvestigations and design a proper response.In our latest podcast, Josh Goldfarb discusses all of this and morewith Matt Allen, senior director of FireEye Labs.