Once again, Theresa Lanowitz joins us to discuss Edge Computing, but with a twist this time, as Mani Keerthi Nagotu from SentinelOne joins us as well! As a field CISO, Mani knows all too well the struggles security leaders are going through, given the current market and threat landscape:

• Maybe not less budget, but more pressure to produce results and justify spending
• Security leaders being held personally accountable for performance
• Potential layoffs, and the need to achieve the same goals with less labor and tool overhead

Segment Resources

• https://cybersecurity.att.com/insights-report

This segment is sponsored by AT&T Cybersecurity. Visit https://securityweekly.com/attcybersecurity to learn more about them!

We regularly cover significant breaches on this podcast, but it is rare that we have enough information about a major breach to cover in enough detail to devote an entire segment to. Today, we dive into lessons learned from the breach of Okta's customer support system that targeted some other major security vendors.

This is part of a troubling trend, where the target of an attack only serves as a jumping off point to other organizations. China's 2023 attack of Microsoft is an example of this. It was easier to attack Microsoft 365, one of the world's largest business SaaS platforms, than to go after each of the 25 individual targets these Chinese actors needed access to.

Traditionally, we've thought of lateral movement as something that happens within a network segment, or even within a single organization. Now, we're seeing lateral movement between SaaS platforms, between clouds, from third party vendors to customer, and even from open source project to open source adopters.

In this segment, we'll cover five key lessons learned from Okta's breach, from information shared by Okta and three of its customers: 1Password, Cloudflare, and BeyondTrust.

1. Protect Your Session Tokens
2. Monitor for Unusual Behavior
3. SaaS Vendors Are Common Targets
4. Zero Trust Principles Work
5. MFA Isn't a Binary (on or off) Control

Segment Resources

• https://www.valencesecurity.com/resources/blogs/five-lessons-learned-from-oktas-support-site-breach

Finally, in the enterprise security news,

1. Lots of new security startups with early stage funding
2. SentinelOne picks up Chris Krebs and Alex Stamos’s consulting firm
3. PE firm picks up ActiveState - a company I haven’t thought about since I last downloaded ActiveState Perl 1000 years ago
4. Microsoft announces the limited release of Security Copilot
5. Semgrep releases a secrets scanner
6. AGI predicted to come much sooner than you might expect
7. NY State doubles down on cybersecurity regulations to protect its hospitals
8. the young hackers behind Mirai, one of the biggest botnets ever
9. Ransomware groups snitch on businesses to the SEC

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Show Notes: https://securityweekly.com/esw-340