Monday, January 13, 2020

Featured on the Brakeing Down Security Podcast






I just revisited a show we did recapping the year in InfoSec, looking forward to 2020, and which focused largely around building community and gaining insight from other industries. Instead of a special guest, Bryan, Amanda, and Brian invited the leaders of their online community, including myself, to come join the show this time around. If you haven't heard this already it is worth checking out if the topic sounds interesting to you. If you're not a regular BrakeSec listener, but follow me, you may remember a show from over 2 years ago which I recorded for BrakeSec at Sans Berlin.


Below are the complete "show notes" from the Brakeing Down Security Podcast's [sic] website, which you can find here with all complete contact information, and as well here is the show link on iTunes:


https://brakeingsecurity.com/2019-046-end-of-the-year-end-of-the-decade-predictions-and-how-weve-all-changed


---


End of year, end of decade Good, Bad, Ugly The Future Other topics Recent news News Stories from 2010 (see if they still make sense, or outdated)

x


Are things better than 10 years ago? 5 years ago?


If there was one thing to change things for the better, what would that be?






Did naming vulns make things better?


Which industries are doing a good job of securing themselves? Finance?


What do you wished never happened (security/compliance wise)?


Ransomware infections with no bounties


Still have people believing “Nessus” is a pentest






https://nrf.com/


https://www.retailitinsights.com/eventscalendar/eventdetail/1c77d5c6-8625-4f2b-bb98-89cca6590c49


https://monitorama.com/


https://www.apics.org/credentials-education/events






PREDICTIONS!!!


Bryan: The rise of the vetting programs (Companies will want to vet content creators in their eco-systems)


Cybuck: An uptick in surveillance tech; both disguised as cool home smart gadgets and straight up public safety. Triggering a US GDPR type response.


Injection remains as the undisputed heavyweight champion of app sec vulnerability (OWASP top 10). And wishful thinking...broken authentication moves lower, denial of service goes down. https://twitter.com/WeldPond/status/1207383327491137536/photo/1


JB: a major change in social media/generational shift in how we use it, legal or focus on new types of mobile tech for example… Human networking in real-life in the age of ‘social’ ….“When you hire someone… you also hire their rolodex” --- what do you think about this statement? ..it’s role in InfoSec? Talent?






JB- shouted out https://github.com/redcanaryco/atomic-red-team (Invoke-Atomic framework with powershell now on Linux, OSX, and Windows)






JB - Link to hunting/stopping-human-trafficing org i mentioned :


Shoutout


Sherrie Caltagirone, Executive Director, Global Emancipation Network @GblEmancipation


https://www.sans.org/cyber-security-summit/archives/file/summit_archive_1569941622.pdf






Mentioned https://monitorama.com/ https://github.com/viq/air-monitoring-scripts (viq form brake sec )









Talk about where you were 10 years ago, and what you did to get where you are?


Best Hacking tool?


Best Enterprise Tool?






https://www.zdnet.com/article/more-than-38000-people-will-stand-in-line-this-week-to-get-a-new-password/


https://www.phoronix.com/scan.php?page=news_item&px=CERN-MALT-Microsoft-Alternative


https://www.iotworldtoday.com/2019/12/21/2020-predictions-apis-become-a-focus-of-iot-security/


https://www.jonesday.com/en/insights/2018/10/california-to-regulate-security-of-iot-devices










https://www.infosecurity-magazine.com/magazine-features/what-makes-a-ciso-employable/


https://www.csoonline.com/article/2231454/verizon-s-2010-dbir--rise-in-misuse--malware-and-social-engineering.html


https://www.owasp.org/index.php/OWASPTop10-2010-PressRelease

No comments:

Post a Comment

The new "LinkedInSecureMessage"​ ?

With all the talk of secure messenger applications lately, I bet you’d like to have just one more, right? In the past few weeks, we’ve noti...

Follow by RSS