Tuesday, October 3, 2017

Beers with Talos EP14: Ranking Threats and Avoiding Bush League Breach Response

Beers with Talos (BWT) Podcast Episode 14 is now available.  Download this episode and subscribe to Beers with Talos:

If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcast

EP14 Show Notes: 

We haven’t gone around the table and introduced ourselves in some time (about 50k downloads ago), so we take the time we usually complain about things at the top of the show to do that.

We have seen a massive amount of “top-tier” threats in the last six months or so. While it might seem like comparing apples and oranges (hint: it is), the crew takes a stab at ranking these recent threats/attacks: CCleaner, Deloitte, Equifax, Nyetya, SEC, Shamoon2, WannaCry. Shockingly, all of us have a different ranking. What’s your list look like?

Regarding response: Consistency matters, don’t be clever. We discuss some recent unbelievably boneheaded things we have seen in security response. More importantly, we discuss how one SHOULD respond to an incident.

Remember: Complexity kills. Unfortunately, it doesn’t kill thought leaders.

EP14 Timetable:

01:30 - Roundtable - WHOOOO are you?
12:35 - Ranking Threats - Is 2017 the “Year of the Supply Chain Attack”?
37:50 - Breach Response: The Good, Bad, and Ugly - Just be honest
53:10 - Complexity will kill you
59:20 - Closing shots and parting thoughts

The Links:

How to be a Thought Leader video: https://www.youtube.com/watch?v=_ZBKX-6Gz6A
Talos blog “On Conveying Doubt” - http://blog.talosintelligence.com/2017/08/on-conveying-doubt.html 


Featuring: Craig Williams (@Security_Craig), Joel Esler (@JoelEsler), Matt Olney (@kpyke) and Nigel Houghton (@EnglishLFC).
Hosted by Mitch Neff (@MitchNeff)

Find all episodes:

Subscribe via iTunes (and leave a review!)

Check out the Talos Threat Research Blog:

Subscribe to the Threat Source newsletter:

Follow Talos on Twitter:

Give us your feedback and suggestions for topics:

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.