Security Weekly Podcast Network (Audio) podcast

Do phishing tests do more harm than good? & Speed, Flexibility, and AI - Wolfgang Goerlich, Whitney Young - ESW #376

0:00
1:52:31
Rewind 15 seconds
Fast Forward 15 seconds

A month ago, my friend Wolfgang Goerlich posted a hot take on LinkedIn that is less and less of a hot take these days.

He posted, "our industry needs to kill the phish test",and I knew we needed to have a chat, ideally captured here on the podcast.

I've been on the fence when it comes to phishing simulation, partly because I used to phish people as a penetration tester. It always succeeded, and always would succeed, as long as it's part of someone's job to open emails and read them. Did that make phishing simulation a Sisyphean task? Was there any value in making some of the employees more 'phishing resistant'?

And who is in charge of these simulations? Who looks at a fake end-of-quarter bonus email and says, "yeah, that's cool, send that out."

Segment Resources:

In this episode, we explore some compelling reasons for transitioning from traditional SOAR tools to next-generation SOAR platforms. Discover how workflow automation and orchestration offers unparalleled speed and flexibility, allowing organizations to stay ahead of evolving security threats. We also delve into how advancements in AI are driving this shift, making new platforms more adaptable and responsive to current market demands.

Segment Resources:

This segment is sponsored by Tines. Visit https://securityweekly.com/tines to learn more about them!

This week, the cybersecurity industry's most basic assumptions under scrutiny. Following up our conversation with Wolfgang Goerlich, where he questions the value of phishing simulations, we discuss essays that call into question:

  • the maturity of the industry
  • the supposed "talent gap" with millions of open jobs despite complaints that this industry is difficult to break into
  • cybersecurity's 'delusion' problem

Also some whoopsies:

  • researchers accidentally take over a TLD
  • When nearly all your customers make the same insecure configuration mistakes, maybe it's not all their fault, ServiceNow finds out

Fortinet has a breach, but is it really accurate to call it that?

Some Coalfire pentesters that were arrested in Iowa 5 years ago share some unheard details about the event, and how it is still impacting their lives on a daily basis five years later.

The news this week isn't all negative though! We discuss an insightful essay on detection engineering for managers from Ryan McGeehan is a must read for secops managers.

Finally, we discuss a fun and excellent writeup on what happens when you ignore the integrity of your data at the beginning of a 20 year research project that resulted in several bestselling books and a Netflix series!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-376

More episodes from "Security Weekly Podcast Network (Audio)"