Artwork

المحتوى المقدم من The EPAM Continuum Podcast Network and EPAM Continuum. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة The EPAM Continuum Podcast Network and EPAM Continuum أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.
Player FM - تطبيق بودكاست
انتقل إلى وضع عدم الاتصال باستخدام تطبيق Player FM !

Silo Busting 68: Cloud IR Readiness with Ron Konigsberg, Sam Rehman & Aviv Srour

36:51
 
مشاركة
 

Manage episode 407846122 series 3215634
المحتوى المقدم من The EPAM Continuum Podcast Network and EPAM Continuum. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة The EPAM Continuum Podcast Network and EPAM Continuum أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.
“There’s been an incident,” is a sentence no one wants to hear… except perhaps people like Ron Konigsberg, Co-Founder and CTO of Gem and our guest on *Silo Busting,* whose business is cloud incident response (IR). We know what you’re thinking: What makes cloud IR different from all other forms of IR? Let’s let Konigsberg explain: “The challenge is that the cloud is technically simply different.” If you’re using legacy tools, “you're going to protect probably 20% of the cloud.” Konigsberg is joined in conversation by Sam Rehman, EPAM’s Chief Information Security Officer and SVP, and the pair are pelted with questions by Aviv Srour, our Head of Cyber Innovation. Konigsberg says that incident responders need to “adapt from network and agents to services and APIs, and constantly learn about new services and stay up to date and up to speed” with what the bad guys are picking up. Oh, those bad guys! Regarding attackers, Konigsberg says: “They adopt innovation faster than defenders.” They can do so because they have fewer dependencies “and they care less [than defenders do] about breaking things.” To illustrate, he asks us to think about migrating to the cloud: Imagine you’re an attacker and you simply never worry about any legacy systems from your previous environments. “They have much more liberty and they move faster.” “They adopt techniques about new services that each cloud provider is releasing *tomorrow,*” says Konigsberg. So it is, in some ways, about playing catch-up. CISOs have had to adopt a new mindset and posture. “You can only block so many punches until you have to figure out [that] you need to move around, you need to counter, and so on,” says Rehman. Rehman adds that CISOs have finally understood the “shared responsibility between you and the cloud provider.” But that’s not the only issue with the cloud. “It's much flatter than what you’re used to on prem,” he says. “Which means a lateral attack is a lot quicker, moving things around a lot easier, and the *simplicity* of people actually moving things around and infecting a large area is substantially higher.” So how can an organization properly respond to, and learn to prioritize within, the cloud conundrum? One answer, says Rehman, is culture. “We have to adopt a learning culture in security,” he says. “They’re always gonna be one step ahead of us, but at least we're one step behind, not ten.” Pick up the pace of your learning and listen to the experts speak. Hit play! Host: Lisa Kocian Editor: Kyp Pilalas Producer: Ken Gordon
  continue reading

165 حلقات

Artwork
iconمشاركة
 
Manage episode 407846122 series 3215634
المحتوى المقدم من The EPAM Continuum Podcast Network and EPAM Continuum. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة The EPAM Continuum Podcast Network and EPAM Continuum أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.
“There’s been an incident,” is a sentence no one wants to hear… except perhaps people like Ron Konigsberg, Co-Founder and CTO of Gem and our guest on *Silo Busting,* whose business is cloud incident response (IR). We know what you’re thinking: What makes cloud IR different from all other forms of IR? Let’s let Konigsberg explain: “The challenge is that the cloud is technically simply different.” If you’re using legacy tools, “you're going to protect probably 20% of the cloud.” Konigsberg is joined in conversation by Sam Rehman, EPAM’s Chief Information Security Officer and SVP, and the pair are pelted with questions by Aviv Srour, our Head of Cyber Innovation. Konigsberg says that incident responders need to “adapt from network and agents to services and APIs, and constantly learn about new services and stay up to date and up to speed” with what the bad guys are picking up. Oh, those bad guys! Regarding attackers, Konigsberg says: “They adopt innovation faster than defenders.” They can do so because they have fewer dependencies “and they care less [than defenders do] about breaking things.” To illustrate, he asks us to think about migrating to the cloud: Imagine you’re an attacker and you simply never worry about any legacy systems from your previous environments. “They have much more liberty and they move faster.” “They adopt techniques about new services that each cloud provider is releasing *tomorrow,*” says Konigsberg. So it is, in some ways, about playing catch-up. CISOs have had to adopt a new mindset and posture. “You can only block so many punches until you have to figure out [that] you need to move around, you need to counter, and so on,” says Rehman. Rehman adds that CISOs have finally understood the “shared responsibility between you and the cloud provider.” But that’s not the only issue with the cloud. “It's much flatter than what you’re used to on prem,” he says. “Which means a lateral attack is a lot quicker, moving things around a lot easier, and the *simplicity* of people actually moving things around and infecting a large area is substantially higher.” So how can an organization properly respond to, and learn to prioritize within, the cloud conundrum? One answer, says Rehman, is culture. “We have to adopt a learning culture in security,” he says. “They’re always gonna be one step ahead of us, but at least we're one step behind, not ten.” Pick up the pace of your learning and listen to the experts speak. Hit play! Host: Lisa Kocian Editor: Kyp Pilalas Producer: Ken Gordon
  continue reading

165 حلقات

كل الحلقات

×
 
Loading …

مرحبًا بك في مشغل أف ام!

يقوم برنامج مشغل أف أم بمسح الويب للحصول على بودكاست عالية الجودة لتستمتع بها الآن. إنه أفضل تطبيق بودكاست ويعمل على أجهزة اندرويد والأيفون والويب. قم بالتسجيل لمزامنة الاشتراكات عبر الأجهزة.

 

دليل مرجعي سريع