Sign up to save your podcasts
Or
Share Quantifying Risk Through the Mindset of the Attacker
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Quantifying Risk Through the Mindset of the Attacker
Guest: Jason Mar-Tang, Director of Sales Engineers at Pentera
Host: James Azar, Host & CISO
Key Discussions:
1. Attacker's Mindset in Cybersecurity:
- Jason Mar-Tang emphasizes the importance of understanding and adopting the attacker's perspective to better defend against cyber threats. This approach helps in identifying and prioritizing risks more accurately.
2. Kill Chain and Its Decentralization:
- The discussion delved into the concept of the Lockheed kill chain and its relevance in modern cybersecurity. They explored how the kill chain has decentralized over time, with different players executing various steps of an attack.
3. Identity as the New Security Perimeter:
- The conversation highlighted the growing importance of identity security. They noted that initial access brokers often target identities, which can then be used or sold for further attacks.
4. Theory vs. Actual Risk:
- A significant part of the talk focused on differentiating theoretical risks from actual risks in cybersecurity practices. Jason Mar-tang stressed the importance of context in evaluating the impact and risk of vulnerabilities within specific environments.
5. Challenges in Vulnerability Management:
- The podcast discussed the challenges in managing vulnerabilities, especially in rapidly responding to new threats. They talked about the lag between identifying vulnerabilities and implementing solutions, and how this delay can be exploited by attackers.
6. Continuous Testing and Preparation:
- Both speakers agreed on the criticality of continuous testing and proactive preparation for potential breaches. Jason compared this to training in martial arts, where constant practice and pressure testing are essential to identifying and strengthening weaknesses.
7. Business Impact and Risk Management:
- James Azar emphasized the need to align cybersecurity with business operations, focusing on the potential financial and operational impacts of cyber incidents.
8. Community and Communication in Cybersecurity:
- The episode highlighted the importance of communication and information sharing within the cybersecurity community, drawing parallels with how attackers collaborate and share information.
Concluding Remarks:
- Jason Mar-tang invited listeners interested in understanding their cybersecurity posture from an attacker's perspective to reach out to Pentera. James Azar thanked the audience for tuning in and encouraged them to stay cyber safe.
View all episodes
By James Azar
4.6
55 ratings
Guest: Jason Mar-Tang, Director of Sales Engineers at Pentera
Host: James Azar, Host & CISO
Key Discussions:
1. Attacker's Mindset in Cybersecurity:
- Jason Mar-Tang emphasizes the importance of understanding and adopting the attacker's perspective to better defend against cyber threats. This approach helps in identifying and prioritizing risks more accurately.
2. Kill Chain and Its Decentralization:
- The discussion delved into the concept of the Lockheed kill chain and its relevance in modern cybersecurity. They explored how the kill chain has decentralized over time, with different players executing various steps of an attack.
3. Identity as the New Security Perimeter:
- The conversation highlighted the growing importance of identity security. They noted that initial access brokers often target identities, which can then be used or sold for further attacks.
4. Theory vs. Actual Risk:
- A significant part of the talk focused on differentiating theoretical risks from actual risks in cybersecurity practices. Jason Mar-tang stressed the importance of context in evaluating the impact and risk of vulnerabilities within specific environments.
5. Challenges in Vulnerability Management:
- The podcast discussed the challenges in managing vulnerabilities, especially in rapidly responding to new threats. They talked about the lag between identifying vulnerabilities and implementing solutions, and how this delay can be exploited by attackers.
6. Continuous Testing and Preparation:
- Both speakers agreed on the criticality of continuous testing and proactive preparation for potential breaches. Jason compared this to training in martial arts, where constant practice and pressure testing are essential to identifying and strengthening weaknesses.
7. Business Impact and Risk Management:
- James Azar emphasized the need to align cybersecurity with business operations, focusing on the potential financial and operational impacts of cyber incidents.
8. Community and Communication in Cybersecurity:
- The episode highlighted the importance of communication and information sharing within the cybersecurity community, drawing parallels with how attackers collaborate and share information.
Concluding Remarks:
- Jason Mar-tang invited listeners interested in understanding their cybersecurity posture from an attacker's perspective to reach out to Pentera. James Azar thanked the audience for tuning in and encouraged them to stay cyber safe.
More shows like CyberHub Podcast
View all
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
636 Listeners
Callan's Kicks
47 Listeners
CyberWire Daily
1,009 Listeners
Darknet Diaries
7,913 Listeners
Cybersecurity Today
166 Listeners
CISO Series Podcast
189 Listeners
Defense in Depth
74 Listeners
Afternoon Cyber Tea with Ann Johnson
37 Listeners
Cyber Security Headlines
127 Listeners
The Weekly Show with Jon Stewart
10,613 Listeners
IoT Security Podcast
5 Listeners
Safe Mode Podcast
8 Listeners
Unconfuse Me with Bill Gates
487 Listeners
NatSec Matters
256 Listeners
Security You Should Know
5 Listeners