Information is power. And wherever there’s power, there are people looking to steal it. But that’s also where you’ll find us. We’re RSA Conference. And we’re here to stand against cyberthreats around the world. That means being here for you. Connecting you with the people and insights that will empower you to stay ahead of cyberthreats. We do this through our online outreach and with our events around the globe. And we make a great host, if we do say so ourselves. Some say it’s impossible to ...
R
RSA Conference


1
Digital Identity as an Attack Surface
15:23
15:23
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
15:23
Within the last decade, fraud and cyberattacks have become increasingly focused on exploiting digital identity. The exposure of digital identity as an attack surface has implications for individuals, enterprises, and even our societal structures. In this session we discuss the state of identity-based attack vectors and what the security community i…
R
RSA Conference


1
Tracers in the Dark: A Discussion with Andy Greenberg
26:04
26:04
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
26:04
In the story of Gyge’s Ring, Plato asserts that if humans had the power to be invisible, they would act without consequence. In his book, Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency, Greenberg details the truth of Plato’s claim as he recounts stories of criminal activity on the dark web, where people believed they wer…
R
RSA Conference


1
Pulling Back the Curtain on the Dark Web Payment Card Landscape
20:04
20:04
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
20:04
Intrigued by the dark web payment card landscape? Join us for this RSAC 365 podcast to hear about how the dark web payment card landscape was affected by the Russia-Ukraine war, exploring everything from the magecart infections/e-skimmers, which are used to steal the payment card data to “checkers”, which are tools used by cybercriminals to check t…
Cybersecurity and the resiliency of space assets are a priority because of the critical infrastructure services they provide. This session will discuss the attack vectors and mitigation approaches of exploits that can impact them as well as how the cyber security and space asset resiliency range will be used to test and validate their confidentiali…
R
RSA Conference


1
Critical Infrastructure at Risk: Uncovering the Danger of insecure-by-design Control System Software
28:42
28:42
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
28:42
In this podcast, we will uncover the realities of insecure control systems software in critical infrastructure. From discovering zero-days to exposing vulnerabilities in built-in features, we'll explore the role of both vendors and operators in safeguarding our essential utilities. By the end, listeners will have a new perspective on the need to im…
R
RSA Conference


1
A Quantum-Ready Board: Governance and Cyber Risk Oversight
21:44
21:44
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
21:44
There is a general lack of quantum risk awareness among board members. The emergence of powerful quantum computers are an impending threat to our digital ecosystems — e.g. mobile phones and internet — because they can conceivably crack classical encryption. A quantum algorithm with that capability already exists; yet, quantum risk management is not…
R
RSA Conference


1
Ransomware Operators Can Circle Defenses: Proactive Defense Strategies
28:54
28:54
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
28:54
Ransomware Operators have not only increased the ransoms they demand but are also using additional coercion techniques to perform multifaceted extortion attacks. Between us, we have worked on several ransomware incidents observing closely the challenges that organizations face while battling and remediating ransomware incidents. Based on the learni…
R
RSA Conference


1
Beyond MFA: Why Multi-factor Alone Is Not a Fail-Safe for Identity Protection
22:49
22:49
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
22:49
Most organizations have moved beyond the insecure username and password access control a long time ago and started using multifactor authentication. But as Yahoo, Deloitte, and LinkedIn know, MFA won’t always save the company from a data breach. Not only has MFA access been defeated multiple times by attackers, but users hate it. It’s cumbersome, a…
R
RSA Conference


1
Transcendent Tango: The Role of Cryptography in Establishing Zero Trust Identity
12:08
12:08
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
12:08
In the same way that the tango begins with foundational steps, the layering of device, application/workload, and user identity forms the foundation of Zero Trust security. Each intentional step weaving to create an intricately coordinated pattern. Join us as we take a look at the cryptographic dance between keys and identity that forms the basis of…
R
RSA Conference


1
Analyst Experience: SOC Analysts Finally Escape The Shackles Of Bad UX
21:58
21:58
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
21:58
Security analysts must fight both attackers and the products and services they rely on to drive their detection and response capabilities because of a lack of usability of security tools and processes. This podcast explains an emerging cybersecurity technology trend: analyst experience (AX). Join us to understand how AX can enable your team to find…
R
RSA Conference


1
September Spotlight: From Hacker Kid to Cyber Pro
14:54
14:54
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
14:54
Back in 2017 New America and The Christian Science Monitor hosted then 14-year-old and CEO of VannTechCyber LLC, Paul Vann. He was indeed a rising star in the field, but where is Vann now? Join this RSAC 365 podcast as we shine a spotlight on the making of a cyber professional. We’ll feature Paul Vann, who’s now a senior at the University of Virgin…
R
RSA Conference


1
Overcoming Barriers to Intelligence Sharing
15:15
15:15
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
15:15
When it comes to defending critical infrastructure from cyber threats, understanding the threat landscape is critical to assessing risk and implementing a robust security strategy. Threat intelligence enables organizations to identify and react to threats, and we know that having the right attack surface intelligence informs the processes and proce…
R
RSA Conference


1
What Could a U.S. Federal Data Privacy and Security Law Look Like?
21:08
21:08
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
21:08
Congress has tried for years to pass a comprehensive federal data privacy and security law without success, which impacts consumers, industry, and security. Meanwhile, other countries and multiple U.S. states have moved forward with laws. However, the bipartisan, bicameral American Data Privacy and Protection Act (ADPPA) could be an opportunity to …
R
RSA Conference


1
The Cyber Physical War: Does the Investment Match the Hype?
18:26
18:26
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
18:26
While there seems to be a growing awareness of the threats to the cyber-physical world with cybercriminals increasingly targeting industrial organizations within critical infrastructure, are current investments, regulations, and actions enough to stop attackers. In this podcast, we’ll have a follow up Q&A to the RSAC 2022 session, “The Cyber Physic…
R
RSA Conference


1
"Anatomy of Smart Living” - Limit Cyber Exposure by Embracing Mobility and IoT
19:30
19:30
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
19:30
We live very “smart” lives equipped to stay connected anywhere, any time. Getting connected is easy, securing it may be a fool’s errand if not approached properly. Say goodbye to the days of signature-based detection and say hello to IoT data anomaly and volatility predictive analysis for advanced “on the go” monitoring, detection and response. In …
R
RSA Conference


1
Incentivizing Collaboration and Promoting Zero Trust Adoption
23:20
23:20
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
23:20
Our world is becoming increasingly interconnected and more interdependent than ever before. We continue to see an increase in cybercrime, which brings us to an inflection point - who's responsible for addressing security in our integrated digital world and what should be the role of policymakers and industry regulators in promoting good cyber hygie…
R
RSA Conference


1
Effective or Confusing: New Structures and Regulations in Cybersecurity
23:05
23:05
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
23:05
Over the course of the last two years, cybersecurity planning and thought leadership have picked up with a parallel increase in regulation, Congressional action, and government reorganization. The Cyberspace Solarium Commission recommended and got a National Cyber Director and incident reporting legislation through the hard work of the SASC, HASC, …
R
RSA Conference


1
What is DevSecOps and why is it important?
18:23
18:23
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
18:23
Integrating security into the development lifecycle can be a challenge, especially for those who don’t understand why security matters to development and operations. What’s the ROI of DevSecOps? What are the key KPIs? Join us for an insightful conversation that explains why DevSecOps is important while shining a spotlight on some DevSecOps bloopers…
R
RSA Conference


1
Affirming LGBTQ Populations in Virtual Health through DevSecOps & Software Integrity
30:55
30:55
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
30:55
Virtual health providers create favorable conditions for the LGBTQ population's access to healthcare, an influx of electronic personal health information, and massive increases in cyber threats. Using software flaws, bad actors increasingly target healthcare systems to steal, monetize, and affect availability of data. This session explores software…
R
RSA Conference


1
Get Your Head IN the Clouds: SOC Teams Must Live in Clouds to Secure Them
35:02
35:02
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
35:02
Massive cloud proliferation has driven huge increases in IT and security complexity, the vast majority of which come from trying to force fit legacy concepts, processes and even tools, into a cloud context. This will cover the most important considerations and requirements facing organizations to adequately understand and affect their new reality –…
Leading and guiding a data-driven security program as a BISO can be challenging. Data is everywhere and owned by many departments. Once a BISO has found that data they need, they must overcome the challenges of data access, storage, normalization and all the other steps required to turn that data into an actionable story. Fortunately, the Cloud can…
R
RSA Conference


1
How Threats in Today’s Landscape Can Be Exploited (And Avoided)
28:33
28:33
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
28:33
What does an attacker need to do to exploit a threat? Join us to discuss the TTPs attackers are using to exploit myriad threats in today’s threat landscape. Our guests will look across different sectors to understand new and emerging threats, how those threats can be exploited, and steps organizations can take to avoid being the next victim of a cy…
R
RSA Conference


1
Defending with Passion: Cultivating a Passion for Evolving as a Cyber Defender
19:53
19:53
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
19:53
The technology we work to secure is ever evolving, as are the threat actors that are out there trying to exploit those technologies. Hence, the challenge we face today with securing and then defending those advances in technology requires people that are just as excited about learning how to defend that new technology as someone once was about crea…
R
RSA Conference


1
SBOM: Where We’ve Come From, and Where We’re Going
22:32
22:32
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
22:32
Across the security world, there’s a growing appreciation about the need to better understand our software supply chain. Transparency won’t solve all our problems, but will lay a foundation for greater resilience and more informed decisions. This discussion will review the basics of SBOM, using the recent log4j vulnerability to understand how SBOM …
R
RSA Conference


1
Zero-sum Security: Zero Trust is Compromised as Long as Passwords Remain
33:37
33:37
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
33:37
Furthering the White House Cybersecurity EO, the OMB just released a Zero Trust Architecture Strategy with one of its 5 pillars focused on identity, and requiring implementation of strong, phishing-resistant MFA for agency and citizen access. This session explores the gatekeeper role of identity in ZTA, and the business and technology challenges fa…
R
RSA Conference


1
Beware AI Landmines: Legal and Policy Considerations Revisited
25:07
25:07
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
25:07
In 2021, artificial intelligence emerged as a viable technology, which warranted a conversation about the legal and policy considerations underlying modern society. We’ll look back at the ethical, legal, and policy considerations discussed in May of 2021 and ask where are we now? What more needs to be done in order to maximize a successful implemen…
R
RSA Conference


1
The Road to Smart Cities is Paved with Good AI Intentions
22:58
22:58
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
22:58
In a world where the terms “AI” and “machine learning” are used liberally to describe new products and technologies, creating an assessment framework for buyers (and sellers!) to evaluate these products is essential. In this session, we’ll follow the Cost and Vulnerability dimension of MITRE’s AI Relevance Competence Cost Score (ARCCS) Framework an…
R
RSA Conference


1
What’s Trending in Protecting Data & the Supply Chain
39:00
39:00
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
39:00
Protecting Data & the Supply Chain so deeply intertwined with everything from software to identity. Join Program Committee members Edna Conway and Diana Kelley as they discuss the challenges that folks are struggling with right now and some potential mitigation strategies. We'll explore what’s happening with Log4j and other vulnerabilities as well …
R
RSA Conference


1
Cybersecurity? Isn't it really the Data Care industry?
29:30
29:30
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
29:30
Countless conversations with students, politicians, and leaders about cybersecurity suggest that the term ‘cybersecurity’ does not invoke the personal sense of responsibility necessary, nor is it inviting to the majority of the public including minorities, women and young adults who we want to seek a career in this field. How do we change that? Let…
R
RSA Conference


1
Privacy Tech: The Crossroads of Cybersecurity
23:30
23:30
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
23:30
The Rise of Privacy Tech (TROPT) recently released a whitepaper categorizing the privacy tech landscape. It explores privacy tech's relationship to its adjacent industries, which include cybersecurity, identity management, and data governance, among others. Join this podcast for a look at key takeaways and insight into the 8-month-long working grou…
R
RSA Conference


1
What Do We Owe Each Other? Securing Systemic Dependencies and Beyond
19:33
19:33
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
19:33
Recognizing that the security of our interconnected world is as interdependent and fragile as a Jenga puzzle, how do we ensure that the entire system doesn’t fall apart when a single block is pulled? What do we ow each other, and how do we work together to ensure those organizations—be they non-profits, NGOs, or public schools and institutions—have…
R
RSA Conference


1
Informed Consent in the Age of Big Data
21:12
21:12
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
21:12
How much responsibility should people really bear in the big data realm? Does informed consent equate to waiving rights? Is it realistic that they understand how data travels and is there an incorrect underlying assumption that data is their priority when they are consenting to its collection or use? In this podcast, we will examine the reasons peo…
The Program Committee for the RSAC 2022 Privacy track was challenged with selecting the top session that would make it onto the agenda, but privacy topics were not limited to this one track. So why is privacy trending, and what are this year’s privacy trends? Join two members of the Privacy Program Committee as they reveal their favorite picks and …
R
RSA Conference


1
Shift-left! Scanning for Security Compliance from Day Zero
29:08
29:08
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
29:08
Migrating to public cloud introduces new attack surfaces commonly the exploitation of misconfigured resources. In a cloud landscape that contains millions of resources, how do we detect these threats. This session explores the journey from security policy documentation to scanning and detecting security compliance violations in product infrastructu…
R
RSA Conference


1
Cloud Security & Cloud Sec Ops: Trends that Matter Most for 2022
33:05
33:05
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
33:05
The importance of cloud security has, perhaps, never been more critical, following massive shifts to remote workforces and ramped up digital transformation across organizations of all sizes. In this podcast, two members of the Cloud Security & Cloud Sec Ops Program Committee discuss trends observed in their selection process for 2022 RSA Conference…
R
RSA Conference


1
Turn It Up to 11: MITRE’s 11 Strategies for a World Class Cybersecurity Operations Center (CSOC)
30:38
30:38
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
30:38
Refreshed and updated to include the latest technologies and best practices in cybersecurity operations, guests will share key takeaways from the new 11 Strategies for Operating a World Class Cybersecurity Operations Center (CSOC) book that will be coming out later this year. We will discuss the 11 strategies, how to balance the CSOCs core incident…
R
RSA Conference


1
Pay What You Owe: Fiduciary Duty and Ransomware
42:25
42:25
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
42:25
In today’s world, data is currency. With that in mind, organizations need to consider the fiduciary duty they owe to data subjects, especially when they suffer a ransomware attack. This session outlines what types of fiduciary duties organizations have, why paying a ransom falls under those duties, how negotiations mitigate harm, and three steps fo…
R
RSA Conference


1
Cybersecurity Jobs that Don't Require a Cybersecurity Background
25:45
25:45
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
25:45
Have you been wondering how to get into Cybersecurity? It may seem that you have to be a security tester or expert. It's not true! There are many paths into Cybersecurity using your existing experience, skills, and schooling. This talk will show the multiple paths people have followed into the Schneider Electric IT Security and Application Security…
You've gotten the job in tech—congrats! So now what do you do? We’ve heard stories from those who struggled with overcoming unexpected obstacles while new to the job. Let’s talk about what you can do to prepare for the unexpected. In this podcast, you’ll hear from an industry expert on ways to level up your career. This talk will provide various to…
R
RSA Conference


1
Thinking about Android – A Multi-Faceted Discussion
27:07
27:07
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
27:07
Humans engage with Android technology in myriad ways, but how has the technology been used to date and how is it evolving? This podcast will explore the ways in which the Android ecosystem has evolved by looking at Android from a techno-sociological, security, and privacy context. We will discuss dimensions of privacy, the impact Android has had on…
R
RSA Conference


1
Trust, but Verify: Maintaining Democracy Despite Информационные контрмеры
34:19
34:19
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
34:19
In this podcast, we discuss how countries have influenced worldwide elections historically and in modern day using cyberwarfare. We explore how countries and critical infrastructure respond to these attacks and how they should respond in the future. By the end, we brainstorm the ways to disrupt a future election in order to understand how to better…
R
RSA Conference


1
The Ransomware Paradigm Change — Lessons from Insurers and Breach Coaches
49:53
49:53
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
49:53
Throughout 2020, ransomware was consistently amongst the most challenging cyber exposures for organizations to manage. The insurance market can provide critical insights on how to understand the evolving ransomware landscape, given the volume of insurance claims being seen and emerging data on loss and exposure trends. This session will bring toget…
R
RSA Conference


1
Hunting Sodinokibi: Insights from Tracking the King of Ransomware
31:49
31:49
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
31:49
Drawing on original research, the speakers will dive deep into one of the most prominent ransomware strains today: Sodinokibi/REvil. By tracking its operators’ activity in affected organizations, on the dark web, and through the group’s public blog, we will bring our collective insights to the audience, detailing how Sodinokibi operates, its malwar…
R
RSA Conference


1
Who’s Driving Your Security Architecture Bus?
35:32
35:32
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
35:32
With the increased scale and pace of automated processes along with migrations to the cloud, proper design of security architecture becomes a critical component of your overall IT architecture implementation. Considering this, what should your business prioritize as the ultimate driver for security architecture decisions - and where does risk, priv…
R
RSA Conference


1
The Journey Toward a Singular Security Framework: Lessons from Finland
20:18
20:18
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
20:18
Turku Energia - a Finnish energy distribution company - secured its power supply & IT network for the city’s 200,000 citizens. Utility SCADA systems are hacking targets, due to the damage that can be inflicted by sending cities dark or damaging the grids. The utility’s IT team ensured data integrity, visibility, and rapid threat detection and remed…
R
RSA Conference


1
The Art & Science of Using Cybersecurity Talent Frameworks & Taxonomies
31:14
31:14
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
31:14
Study after study shows cybersecurity job descriptions lack clarity across most roles and industries — stifling talent recruitment, development and retention efforts. Infosec Institute and Aspen Cybersecurity Workforce Coalition will provide data-backed insights into how organizations are aligning job descriptions and training to tools like the NIC…
R
RSA Conference


1
Catch a Hacker if You Can: Social Engineering Meets Risk Mitigation
27:04
27:04
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
27:04
Rachel Tobac hacks people based on publicly available information. Camille Stewart encourages people to mitigate risk and defend against Rachel’s methods. We’re bringing these two industry leaders together for this one-of-a-kind podcast that will explore social engineering risks and highlight some best practices to help protect users and organizati…
R
RSA Conference


1
Fraud on the Rise! An In-Depth Look at the FBI’s 2020 Internet Crime Report
24:07
24:07
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
24:07
The FBI’s Internet Crime Complaint Center received more than 791,000 complaints in 2020—a record number, representing a 69% increase over 2019. Join us for an in-depth discussion as we examine details of the report with FBI’s Cyber Division's Deputy Assistant Director Herb Stapleton.Speakers:Herb Stapleton, Deputy Assistant Director, Cyber Division…
R
RSA Conference


1
Reduce the Cybersecurity Risks for Property Management Systems through Secure Payment Practices
42:02
42:02
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
42:02
Hotel chain data breaches have resulted in huge financial loss and reputational harm. Unlike other consumer-facing businesses, such as retail stores, hotels must hold onto payment card data for extended periods passing this valuable data among many participants in the payment security ecosystem as customers make reservations and complete travel. In…
R
RSA Conference


1
Detect BEC and Vishing Attacks Before the Deal Is Done
29:48
29:48
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
29:48
Business email compromise (BEC) has made a comeback. Vishing calls have proven profitable for cybercriminals as well. How can you stay ahead of these threats and detect fraud before any money is sent? Join us for a podcast that discusses how these attacks work, who they target and why. Our guests will also offer tips on what to do both professional…