Artificial Intelligence: Automating SOC Workflows - Salem Cyber
June 20, 2023
Hosted by Joshua Nicholson
[Download MP3] [itunes] [Bookmark Episode]
Guest Information
Episode Description
Welcome to the Cybersecurity America Podcast! In episode 21, we have an exciting lineup of topics that cover critical insights from the DeepSeas (https://www.deepseas.com/learn/) Cyber Threat Intelligence (CTI) desk and the latest in cybersecurity innovation with Salem Cyber. Prepare for an informative and engaging discussion! #malware #informationsecurity #infosec #windows #cyberattack #ciso Host, Joshua R Nicholson (https://www.linkedin.com/in/joshuanicholson/) YouTube Channel: (https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg) Podcast Home Site: (https://www.voiceamerica.com/show/4125) In the first part of the episode, we bring you crucial insights on the recent MOVEit managed file transfer vulnerability, now identified as CVE-2023-34362. Learn about how threat actors exploited this vulnerability in Progress' MoveIt software as early as May 27th. Taking advantage of the Memorial Day weekend and limited staffing, they conducted scans and extracted files from multiple organizations. We delve into the tactics employed by threat actors, including the targeting of widely-used software and exploiting holidays when staffing is low. Microsoft and Mandiant have identified clap ransomware as the primary threat actor behind these attacks. What sets this incident apart is that clap ransomware instructed affected organizations to reach out and contact them instead of the usual extortion email. This unexpected approach raises questions about their motivations and capacity to handle a large cache of information. The second part of the episode shifts focus to cybersecurity innovation. We're joined by John Bagg, the co-founder and CEO of Salem Cyber, an AI cybersecurity startup. With over a decade of experience, John shares his expertise in implementing cyber technology and threat detection programs for top commercial organizations. He introduces us to their flagship technology, the "Virtual Cyber Analyst," which addresses the challenge of alert overload faced by cybersecurity experts. By leveraging AI capabilities, organizations can prioritize alerts and empower their analysts to focus on critical matters. This episode highlights the significance of reducing attack surfaces, implementing robust monitoring systems, and having a well-defined playbook for incident response. We delve into crucial questions you need to ask within your cyber fusion center or IT department to enhance your cybersecurity measures. Join us for this thought-provoking discussion as we navigate the landscape of cybersecurity, starting with the MOVEit vulnerability incident and moving on to the innovative solutions offered by Salem Cyber. Stay tuned for valuable insights and updates on the latest trends in the field. #Cybersecurity #ThreatIntelligence #DataBreach #Ransomware #AttackSurfaceReduction #IncidentResponse #Innovation #AI #Startup #ThreatDetection #AlertFatigue #AnomalyDetection #SalemCyber #CVE-2023-34362
Cyber Security America
Tuesday at 9AM Pacific Time on VoiceAmerica Business Channel
On the front lines of technology and business there’s a battle of survival. Behind the scenes, businesses are on a mission to keep a vigilant watch for threats in an ongoing Cyber War. But it’s not just about malware, ransomware, and breaches anymore. The obstacles and barriers companies face today are bigger and badder than ever — and these cyber threats are forcing them to prove they’re secure for the future. So when you need answers to win the battle, tune into Cyber Security America with your host Joshua Nicholson. You’ll learn what it’s like running cyber security operations teams inside some of the world’s largest companies. It’s a cyber backstage pass and real world advice for cyber defenders, CISOs, and security professionals. Cyber Security America airs every Tuesday at 9 AM Pacific, 12 Noon Eastern on the VoiceAmerica Business Channel.
Joshua Nicholson
Joshua R. Nicholson is a multi-faceted, strategic, and accomplished former U.S. Marine Corps, Sgt., global leader, and respected member of the international cyber security & IT communities. He has 24 years of "hands-on keyboard" technology experience coupled with direct CXO and Board transformation enablement skills. He has strong business acumen, extensive industry relationships, expert technical skills in several domains of IT and Security, and deep experience driving Information Security outcomes. Mr. Nicholson has a proven history delivering on large scale global enterprise information security projects and programs. He has broad experience working and travelling internationally (U.K., EU, Middle East, Asia, Australia) maintaining and building strong customer relationships with key foreign executives and Chief Information Security Officers. His strong technology and cyber engineering skills, coupled with a smooth and confident style of explaining highly technical terms in easy-to-understand business language, is a key attribute of his leadershp style.
