The cloud and digital transformation have fundamentally changed the way organizations build and run business applications. Companies are running massive amounts of critical workloads while storing personal and sensitive information in their cloud-native environments, making them valuable targets for bad actors. Attackers are using stolen credentials, supply chain attacks, and other forms of advanced attacks to gain access to data and applications in the cloud.
We're all headed to BlackHat / DEFCON in Las Vegas, so no local chapter meeting. If you're planning to be there, please reach out to us on slack - we'd love to see you.
Formal methods play a crucial role in raising the security and safety level of firmware, which is an essential component of modern computing systems. Firmware, being the low-level software responsible for controlling hardware devices, presents unique challenges due to its direct interaction with critical system functionalities. This talk highlights the importance of employing formal methods as a means to enhance the security and safety aspects of firmware development.
Building on Shaky Ground: Unveiling the Vulnerabilities of Firmware
In this talk, we shine a spotlight on the often underestimated realm of firmware security. We will delve into the crucial yet frequently overlooked role of firmware in technology and the potential security threats it poses.
Abstract: In the world of cybersecurity, communicating complex technical information to stakeholders can be a daunting task. As highly technical practitioners, it can be challenging to convey the importance of new projects, request additional resources, or persuade stakeholders to take action. However, mastering the art of storytelling can help you convey your message with impact, clarity, and inspiration.
You can’t improve what you don’t measure. To mature your security operations program, you need to evaluate its effectiveness. But this is a task many organizations still struggle with when it comes to collection, detection, and response. If showing the effectiveness of your security operations is a challenge, it might be time to re-evaluate your KPIs and your ability to measure them in order to communicate to your board the metrics that drive programmatic gains in your secops practices.
Cyber Risk Quantification (CRQ) and benefits of prioritizing risk for business decision-making.
Gartner says it best: “Faced with increasing board scrutiny and executive demand for cybersecurity
services, security and risk management (SRM) leaders are turning to cyber-risk quantification (CRQ) to
communicate risk, aid enterprise decision making and prioritize cybersecurity risks with greater
precision.”
Join us for our hybrid in-person and zoom meeting for an in-depth discussion with cyber security luminaries Pavi Ramamurthy of Upstart, Anmol Misra of Autodesk, and SSA Scott Hellman of the FBI