Join former ICE:NYSE CISO Jerry Perullo, former Snowflake CISO Mario Duarte, and former JupiterOne CISO and Bank of America leader Sounil Yu as they dive into the good, the bad, and the ugly in the latest cybersecurity news. Each week, we discuss the most pressing headlines, offer candid commentary, and share unique insights from our extensive experience in the field.
In this episode, former CISOs-turned-founders Jerry Perullo, Mario Duarte, and Sounil Yu discuss the recent Crowdstrike outages, PR in the recent Wiz acquisition rumors, stakeholder value in Rapid7, and the SEC dropping charges in the SolarWinds case. Stories: - Activist Jana has a stake in Rapid7. There are two paths to bolster value at the cybersecurity company: https://www.cnbc.com/2024/06/29/two-paths-for-jana-to-bolster-shareholder-value-at-rapid7.html - Google Near $23 Billion Deal for Cybersecurity Startup Wiz: https://www.wsj.com/business/deals/google-near-23-billion-deal-for-cybersecurity-startup-wiz-622edf1a - Most SEC charges dismissed in SolarWinds hack case: https://www.axios.com/2024/07/18/sec-solarwinds-cyberattack-case-dismissal Hosts: Jerry Perullo: https://www.linkedin.com/in/perullo/ Mario Duarte: https://www.linkedin.com/in/mario-duarte-7855237/ Sounil Yu: https://www.linkedin.com/in/sounil/
In this episode, former CISOs-turned-founders Jerry Perullo, Mario Duarte, and Sounil Yu discuss malicious Chrome extensions, the cybersecurity job market, mouse jigglers and security policy, and the impact of the recent ransomware wave. They share insights from their experiences, exploring the challenges of managing browser security policies, job burnout, and banning ransom payments. Stories: Millions under threat from malicious browser extensions — what to do: https://www.tomsguide.com/news/millions-under-threat-from-malicious-browser-extensions-what-to-do Demand for better cybersecurity fuels a booming job market: https://www.washingtonpost.com/business/2024/06/21/cybersecurity-job-demand-boot-camps/ Wells Fargo Fires Over a Dozen for ‘Simulation of Keyboard Activity’: https://www.bloomberg.com/news/articles/2024-06-13/wells-fires-over-a-dozen-for-simulation-of-keyboard-activity London hospitals cancel nearly 1,600 operations and appointments in one week due to hack: https://www.theguardian.com/technology/article/2024/jun/14/london-hospitals-cancelled-nearly-1600-operations-and-appointments-in-one-week-due-to-hack Cyberattacks crippled thousands of car dealers. Here's what to know. https://www.washingtonpost.com/business/2024/06/21/car-dealers-cyberattack-cdk-global/ Ticketmaster hackers send death threats to cybercrime investigators: https://www.thetimes.com/uk/technology-uk/article/ticketmaster-hackers-death-threats-cybercrime-unc5537-msjgqw92w CVE-2024-5806: Progress MOVEit Transfer Authentication Bypass Vulnerability: https://www.tenable.com/blog/cve-2024-5806-progress-moveit-transfer-authentication-bypass-vulnerability Hosts: Jerry Perullo: https://www.linkedin.com/in/perullo/ Mario Duarte: https://www.linkedin.com/in/mario-duarte-7855237/ Sounil Yu: https://www.linkedin.com/in/sounil/
Join former CISOs-turned-founders Jerry Perullo, Mario Duarte, and Sounil Yu as they reflect on the state of cybersecurity investments in 2024, debate the importance of configuration vs. code security, and discuss the importance of governance in risk management. Stories: ‘There’s A Lot Of Noise’ — VCs Trying To Find Clarity In Cluttered Cyber AI Landscape: https://news.crunchbase.com/cybersecurity/venture-funding-ai-wiz-ma-rsa/ Wiz raises $1B at a $12B valuation to expand its cloud security platform through acquisitions: https://techcrunch.com/2024/05/07/wiz-raises-1b-at-12b-valuation-expanding-through-acquisitions/ CyberArk Signs Definitive Agreement to Acquire Machine Identity Management Leader Venafi from Thoma Bravo: https://www.cyberark.com/press/cyberark-signs-definitive-agreement-to-acquire-machine-identity-management-leader-venafi-from-thoma-bravo/ A review of zero-day in-the-wild exploits in 2023: https://blog.google/technology/safety-security/a-review-of-zero-day-in-the-wild-exploits-in-2023/ Hosts: Jerry Perullo: https://www.linkedin.com/in/perullo/ Mario Duarte: https://www.linkedin.com/in/mario-duarte-7855237/ Sounil Yu: https://www.linkedin.com/in/sounil/
In this episode, former CISOs-turned-founders Jerry Perullo, Mario Duarte, and Sounil Yu discuss the recent wave of cyber-attacks using Snowflake and the model of shared fate. They debate the effectiveness of banning ransom payments and explore the complexities of cybersecurity regulation, using recent events involving UnitedHealth and Jerry's former employer as case studies. The conversation also touches on the ethical dilemmas CISOs face when interacting with venture capital, highlighting personal experiences and the fine line between advisory roles and conflicts of interest. Stories: UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion: https://cloud.google.com/blog/topics/threat-intelligence/unc5537-snowflake-data-theft-extortion SEC Charges Intercontinental Exchange and Nine Affiliates Including the New York Stock Exchange with Failing to Inform the Commission of a Cyber Intrusion: https://www.sec.gov/news/press-release/2024-63 Why cybercriminals are targeting small businesses: https://www.marketplace.org/2024/05/30/why-cybercriminals-are-targeting-small-businesses/ UnitedHealth leaders 'should be held responsible' for installing inexperienced CISO, senator says: https://therecord.media/unitedhealth-ciso-wyden-letter-sec-ftc The Gili Ra’anan model: Questions emerging from Cyberstarts' remarkable success: https://www.calcalistech.com/ctechnews/article/b1a1jn00hc Hosts: Jerry Perullo: https://www.linkedin.com/in/perullo/ Mario Duarte: https://www.linkedin.com/in/mario-duarte-7855237/ Sounil Yu: https://www.linkedin.com/in/sounil/
Joined by fellow Interim CISO veterans Yael Nagler of Yass Partners and Aurobindo Sundaram of RELX, host Jerry Perullo reflects on his experience as the Interim CISO of Silicon Valley Bank and explores the challenges of the role from hiring manager and candidate perspectives. Yael Nagler: https://www.linkedin.com/in/yaelnagler/ Aurobindo Sundaram: https://www.linkedin.com/in/aurobindosundaram/