Threat Team Purple with Richard Ford

Tech Transforms, sponsored by Dynatrace

May 4 2022 • 36 mins

Richard Ford, Chief Technology Officer at Praetorian joins Tech Transforms to talk about the cyber security threat landscape. Red team versus Blue team is a common and effective threat protection practice, but what could cyber security experts gain from team Purple? Listen in as Carolyn and Mark learn about the importance of managing your attack surface, implementing multi-factor authentication, and protecting against cyber phishing attacks. Episode Table of Contents[00:30] Our Biggest Cybersecurity Threat in the Last Quarter [07:39] Which Is Easier: Defense or Offense [16:40] Why Do We Need Single Sign-on [24:54] The Team Purple Idea Episode Links and Resources (Richard Ford) (Praetorian) (The Clothes in the Wardrobe) (Sauces and Shapes) (Essentials of Classic Italian Cooking) (Game Changer) Our Biggest Cybersecurity Threat in the Last QuarterCarolyn: So today our guest is actually an old friend, (Richard Ford), who is (Chief Technology Officer at Praetorian). For over 25 years, Richard has been able to design and implement NextGen product strategies and provide customers with the best threat detection available. Today, we're going to talk to Richard about the cyber threat landscape and what a good defense looks like. Richard: Hi, it's nice to be back on a call with you Carolyn, and Mark, it's good to see you. Carolyn: Yes, really good to have you today. So let's just jump right in. I want to know what your view is, what are our biggest cybersecurity threats? What does the cyber security threat landscape look like and how do we defend ourselves from it? So there's like three-part question there. Richard: So, we're starting with an easy question. I think the threat landscape is incredibly messy and I think that the most important part to think about is change. So if you think about just the last quarter or two that we've gone through you had, like log4shell someone we're all running around looking for log4j vulnerabilities. Then it's Spring4Shell, which wasn't as serious, but was still pretty nasty if you were impacted. The problem, we have this tremendous rate of change so the thing that was important to you yesterday may not be the thing that's important to you today. It's unlikely to be the thing that's most important for you tomorrow. So when we think about the threat landscape, the first thing to say is, if I give you an answer, it's like looking at a single, still image from a movie and telling you've watched the movie, right?Cyber Security Threat LandscapeRichard: Then as soon as we go click, you know that threat landscape will change. With that said, I do think there are some common themes that keep coming back, right? So there's a threat we have around being desperately short of people. There's a threat around, we don't know what assets we have. Even if we did know what assets we have, we don't know what they're running. Then the business conditions are driving us forward so quickly that it's difficult to keep security on the front burner. It sometimes drops to the back burner so we don't think about security as much. Perhaps, as how do I meet these business objectives that we have. I think this has created this sort of very unpleasant, perfect storm that will keep us well on our toes. I don't know, for the next couple of decades, it feels like. Carolyn: So when you say that we're constantly moving forward, changing, at the same time, I mean, are we still dealing with like SolarWinds? So as we're having to look to the future, we're still dealing with all the shit that's happened even a year, two...