Sign up to save your podcasts
Or
Share Quantifying Risk Through the Mindset of the Attacker
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Quantifying Risk Through the Mindset of the Attacker
Guest: Jason Mar-Tang, Director of Sales Engineers at Pentera
Host: James Azar, Host & CISO
Key Discussions:
1. Attacker's Mindset in Cybersecurity:
- Jason Mar-Tang emphasizes the importance of understanding and adopting the attacker's perspective to better defend against cyber threats. This approach helps in identifying and prioritizing risks more accurately.
2. Kill Chain and Its Decentralization:
- The discussion delved into the concept of the Lockheed kill chain and its relevance in modern cybersecurity. They explored how the kill chain has decentralized over time, with different players executing various steps of an attack.
3. Identity as the New Security Perimeter:
- The conversation highlighted the growing importance of identity security. They noted that initial access brokers often target identities, which can then be used or sold for further attacks.
4. Theory vs. Actual Risk:
- A significant part of the talk focused on differentiating theoretical risks from actual risks in cybersecurity practices. Jason Mar-tang stressed the importance of context in evaluating the impact and risk of vulnerabilities within specific environments.
5. Challenges in Vulnerability Management:
- The podcast discussed the challenges in managing vulnerabilities, especially in rapidly responding to new threats. They talked about the lag between identifying vulnerabilities and implementing solutions, and how this delay can be exploited by attackers.
6. Continuous Testing and Preparation:
- Both speakers agreed on the criticality of continuous testing and proactive preparation for potential breaches. Jason compared this to training in martial arts, where constant practice and pressure testing are essential to identifying and strengthening weaknesses.
7. Business Impact and Risk Management:
- James Azar emphasized the need to align cybersecurity with business operations, focusing on the potential financial and operational impacts of cyber incidents.
8. Community and Communication in Cybersecurity:
- The episode highlighted the importance of communication and information sharing within the cybersecurity community, drawing parallels with how attackers collaborate and share information.
Concluding Remarks:
- Jason Mar-tang invited listeners interested in understanding their cybersecurity posture from an attacker's perspective to reach out to Pentera. James Azar thanked the audience for tuning in and encouraged them to stay cyber safe.
View all episodes
By James Azar
4.6
55 ratings
Guest: Jason Mar-Tang, Director of Sales Engineers at Pentera
Host: James Azar, Host & CISO
Key Discussions:
1. Attacker's Mindset in Cybersecurity:
- Jason Mar-Tang emphasizes the importance of understanding and adopting the attacker's perspective to better defend against cyber threats. This approach helps in identifying and prioritizing risks more accurately.
2. Kill Chain and Its Decentralization:
- The discussion delved into the concept of the Lockheed kill chain and its relevance in modern cybersecurity. They explored how the kill chain has decentralized over time, with different players executing various steps of an attack.
3. Identity as the New Security Perimeter:
- The conversation highlighted the growing importance of identity security. They noted that initial access brokers often target identities, which can then be used or sold for further attacks.
4. Theory vs. Actual Risk:
- A significant part of the talk focused on differentiating theoretical risks from actual risks in cybersecurity practices. Jason Mar-tang stressed the importance of context in evaluating the impact and risk of vulnerabilities within specific environments.
5. Challenges in Vulnerability Management:
- The podcast discussed the challenges in managing vulnerabilities, especially in rapidly responding to new threats. They talked about the lag between identifying vulnerabilities and implementing solutions, and how this delay can be exploited by attackers.
6. Continuous Testing and Preparation:
- Both speakers agreed on the criticality of continuous testing and proactive preparation for potential breaches. Jason compared this to training in martial arts, where constant practice and pressure testing are essential to identifying and strengthening weaknesses.
7. Business Impact and Risk Management:
- James Azar emphasized the need to align cybersecurity with business operations, focusing on the potential financial and operational impacts of cyber incidents.
8. Community and Communication in Cybersecurity:
- The episode highlighted the importance of communication and information sharing within the cybersecurity community, drawing parallels with how attackers collaborate and share information.
Concluding Remarks:
- Jason Mar-tang invited listeners interested in understanding their cybersecurity posture from an attacker's perspective to reach out to Pentera. James Azar thanked the audience for tuning in and encouraged them to stay cyber safe.
More shows like CyberHub Podcast
View all
Radiolab
44,015 Listeners
Security Now (Audio)
2,000 Listeners
a16z Podcast
1,082 Listeners
Risky Business
375 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
638 Listeners
CyberWire Daily
1,018 Listeners
Click Here
417 Listeners
Darknet Diaries
8,010 Listeners
The Bulwark Podcast
12,238 Listeners
Cyber Security Headlines
134 Listeners
Hard Fork
5,467 Listeners
The Ezra Klein Show
16,030 Listeners
The Weekly Show with Jon Stewart
10,779 Listeners