March Media Madness
Cyber Security, Events, Public Relations, Technology Posted Apr 12, 2019 by Doug De Orchis
If you’ve been keeping up with our blog posts (who are we kidding, of course you have!), the RSA Conference made a big impact on CHEN PR and its clients at the beginning of March. As a result, the event was a very common thread in our clients’ coverage. Here are some examples that stood out:
Digital Anarchist, Kelly Shortridge, Capsule8 | RSA Conference 2019
At RSA Conference 2019, MediaOps (the fine folks that bring you DevOps.com and Security Boulevard) introduced their newest media brand, Digital Anarchist. A self-described “Netflix” for technical folks, Digital Anarchist sat down with Kelly Shortridge, Capsule8’s VP of Product Strategy, to discuss observations she’s made while at the conference. Kelly noted that SecOps seems to be the key player at the conference, and that security professionals are still struggling to understand how “painful” security can be for DevOps side.
In anticipation of RSA Conference 2019, CRN editor Michael Novinson reached out to several cybersecurity leaders to ask about trends attendees would likely encounter at the show. Digital Guardian’s president and CEO Mo Rosen in was quoted in Novinson’s story saying that CASBs (cloud access security brokers) and data protection vendors are starting to partner through standard APIs to deliver best-of-breed identity protection and fraud detection.
During the RSA Conference 2019, Duo Security’s Head of Advisory CISOs Wendy Nather sat down with BrianMadden.com’s Kyle Johnson to discuss a hot topic within the security industry: zero-trust. Wendy explained that it’s not that we shouldn’t trust users, but rather figure out how best to trust them and for how long. Contract employees remain a tricky question for companies around access. They often work for multiple companies and so mobile device management (MDM) is rarely an option. Duo has an angle here, offering a solution that allows companies to at least determine if an employee’s device that will access their app, network, or whatever, can be trusted.
InfoSecurity Magazine, #RSAC: How to and Maintain Your Risk Appetite
Co-Founder and Chief Risk Scientist of RiskLens Jack Jones spoke this year at RSA Conference 2019 about defining a cyber-risk appetite that works. In this article, InfoSecurity Magazine’s contributing editor Dan Raywood highlights the key points of the talk, including why companies need to bother with a cyber risk appetite and how to do so. To determine what an acceptable loss is to your company – and subsequently draw a line in the sand – Jack Jones (also the chairman of the FAIR Institute) encouraged CISOs to think about worst-case scenarios by saying, “What is the loss or event scenario you care about: maybe it’s disclosure, outage, non-compliance or financial mis-statement – it could be all of them, and by defining distinctly you could define it and manage risk appetites.”
As big as the RSA conference was there were plenty of other opportunities in March for CHEN PR’s clients to spread their influence and thought leadership across the media by. Our clients accomplished this by presenting new research and discussing novel trends that are rarely mentioned in mainstream cybersecurity discourse:
At the WOPR Summit this month, SafeBreach’s Security Researcher, Dor Azouri revealed a new exploit impacting the Windows IoT Core operating systems that gives threat actors full control over vulnerable devices. Specifically, the vulnerability impacts the Sirep/WPCon communications protocol included with the Windows IoT operating system. ZDNet’s Catalin Cimpanu wrote an exclusive on what exactly Dor exposed during his presentation.
KrebsonSecurity, Why Phone Numbers Stink As Identity Proof
Who would’ve thought something as simple as a phone number could provide access to so much of our personal identity and online experience? Security expert Brian Krebs dives into this topic with Flashpoint’s Director of Research, Allison Nixon, and discusses how our phone numbers can easily unveil our online accounts and personal information to hackers. Allison gives perspective, based upon the work she does and her personal experience, on how our online identity is easier to mask and a larger target for identity fraud.
In mid-March, a ransomware attack disrupted operations of Norsk Hydro, a prominent aluminum and hydroelectric power producer. In the wake of this incident, E&E News examined cybersecurity concerns that affect water utilities. E&E News quoted Claroty’s VP of Research Dave Weinstein about how water and wastewater facilities are among his top concerns… “It gets the least attention, and they’re probably the least mature sector from a cybersecurity standpoint.”
Last but certainly not least, March 8th marked International Women’s Day. CHEN PR has the pleasure of working with many talented women – including one who received public praise for her leadership:
Lady Business Newsletter, Lady Business: Scandinavian gender utopias and International Women’s Day lip-service
In her independent March 14th newsletter, Maria Aspan, editor at large for Inc. Magazine, discusses her interview with Cadenza Innovation CEO and Founder Christina Lampe-Onnerud. She writes that the article was one of her more technical features, but that what drew her to the story “was the opportunity to profile an accomplished scientist of the sort rarely seen in the business press: a woman who’s an MIT-trained inorganic chemistry PhD; a would-be opera singer who still names her products and her conference rooms after musical terms; a mother who’s married to her high school sweetheart-turned-chief-technology-officer; and a woman who clearly cares about fashion and her feminine style, who generally wore skirts and jewelry and cute shoes to every interview (even when she was recovering from a leg she had broken while skiing with her family).”