ESW #296 - Travis Spencer, Sounil Yu, Brian Markham, Robert Graham, Rich Friedberg

Don’t leave the door open. Modern systems are complex and require you to consider many aspects. Here are some aspects we consider critical:

- APIs are the dominant software development direction/trend. Traditional/legacy ways to grant access is not fit for purpose of protecting this new way of delivering products and services.

- Customers are demanding better digital experiences. To maintain a competitive edge and drive brand loyalty businesses need to provide great online experiences.

- Standards (such as OAuth and OpenID Connect) are important to ensure high-security levels. Also enables scalability and helps future-proof your infrastructure. For example in the financial sector, these standards play a key role in the drive toward open banking.

- A modern architecture is a zero trust architecture. In a zero trust architecture, the new perimeter hinges on identity.

Segment Resources:

https://thenewstack.io/zero-trust-time-to-get-rid-of-your-vpn/

This segment is sponsored by Curity. Visit https://securityweekly.com/curity to learn more about them!

In this panel discussion, we'll discuss the polarizing case of Joe Sullivan that has rattled the CISO community. Was the Sullivan case a rare anomaly? Were his actions in this scenario typical or unconscionable for the average CISO? Is it okay for Sullivan to take the fall while the rest of Uber and involved parties plead out with little to no punishment?

We'll tackle all these questions and more with our excellent panel, comprised of:

Sounil Yu, CISO and Head of Research at JupiterOne

Brian Markham, CISO at EAB

Rich Friedburg, CISO at Live Oak Bank

Robert Graham, Owner at Errata Security 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Show Notes: https://securityweekly.com/esw296