Olivia
Online
Ben Tesnar
@CISOTesnarB
Cybersecurity enthusiast, CISO, interested in learning from others
Joined May 2020
1 Following
4 Followers
38 Posts
Q5 Deeper incident response planning (including MS partners!), which includes regular testing, table tops, simulations, red teaming, with the assumption of a high percentage of remote workers. @CIOStraightTalk #Stinsights #OneHCL
@CIOStraightTalk @CISOTesnarB @JosephSteinberg @renjuv @sanjaykatkar @vthakur @DigitalSecArch A5: I'm a broken record in the fact that I've continually said it has been "WFA - Work From Anywhere" for several years now and increased during the pandemic and will remain at this elevated state going forward #STinsights @CIOStraightTalk
Q5 Forget traditional borders. Forget the physical location.
Zero trust strategies will help companies be better prepared. @CIOStraightTalk #Stinsights #OneHCL
Agree. RBAC strategy needs to also include privileged access management protocols. Lateral movement once "inside" and privilege escalation is a common tactic from threat adversaries.
@renjuv @CIOStraightTalk @CISOTesnarB @JosephSteinberg @sanjaykatkar @vthakur @DigitalSecArch In addition to the "defense in depth" point I just made, RBAC - Role Based Access Control is another best practice to help here #STinsights @CIOStraightTalk
Who to follow
vmayoral
@vmayoralv
Roboticist. AI Cybersecurity researcher
Lightrun
@Lightruntech
Lightrun is an AI-native reliability engineering platform that enables teams and AI agents autonomously prevent and remediate software issues across the SDLC.
Marco Piras
@mrcpiras
Do what you love, Talk less | https://t.co/L0eGMumcEh | https://t.co/Uwos7W2mu4
Appeal to the human aspect - "We're all in this together", "One Team".
Q4: Lean on the side of transparency and over-communication. The #social side of a crisis is important. We are seeing the value of transparency and #empathy and communicating the why, not just the what/how of #security. #STinsights @CIOStraightTalk #OneHCL
Q4 Most of what needs to be done isn't new. Some larger companies have seen targeted denial of service attacks on company VPN and remote access infrastructure. Ensure DDoS protections are in place. AND TESTED @CIOStraightTalk #Stinsights #OneHCL
No question about it. Before now, many companies viewed this risk as remote (but high impact). Those thoughts have/will shift. I expect more funding towards BCP programs, including more human resources.
Around 20-30% of companies that I have done assessment in last 2 years - including a few F100 - had trouble justifying "real" #BCDR resources. #COVID19 experience should help drive more all-hazards ready #continuity planning. #STinsights @CIOStraightTalk #OneHCL
I like the "addressing employee wellness" aspect! Fatigued resources, prone to mistakes, increase risk.
@CIOStraightTalk @CISOTesnarB @JosephSteinberg @mdkail @sanjaykatkar @vthakur @DigitalSecArch Q3, Enhancing Endpoint Security, Addressing employee wellness to reduce employee fatique, IAM & PAM programs, re-looking at protection for IPs & crown jewels #STinsights @CIOStraightTalk #OneHCL
Device profiling with NAC technology is one effective way to identify insecure machines when they return to the office, and quarantine them before they connect to internal resources. @CIOStraightTalk #Stinsights #OneHCL
Q3 Companies should consider developing a "return to office" plan before corporate devices return to the internal network. It should include things like verifying patch levels, deep and comprehensive malware scans, and log reviews for these users. @CIOStraightTalk #Stinsights
Q3 Companies should consider developing a "return to office" plan before corporate devices return to the internal network. It should include things like verifying patch levels, deep and comprehensive malware scans, and log reviews for these users. @CIOStraightTalk #Stinsights
Yes! Don't forget the basic hygiene measures
@CIOStraightTalk @CISOTesnarB @JosephSteinberg @mdkail @renjuv @sanjaykatkar @DigitalSecArch Not letting basics slip. Stay up with patches. Do vuln scanning. Have good password hygiene. Use MFA. Follow least privilege. Standardize on technologies. Standing up VPN infra for more bandwidth.
@CIOStraightTalk #Stinsights #OneHCL
Q3 Ensure that known COVID and WFH indicators of compromise are being ingested into threat intelligence platforms and correlated against network traffic and logs @CIOStraightTalk #Stinsights #OneHCL
Q3 Leveraging more virtual desktop environments, which can be deployed fairly quickly, helps users be productive from any device and helps maintain reasonable security measures in a company controlled environment @CIOStraightTalk #Stinsights #OneHCL
#brokenrecord Security is an enterprise risk, and everyone's responsibility
@CIOStraightTalk @CISOTesnarB @JosephSteinberg @mdkail @renjuv @sanjaykatkar @vthakur @DigitalSecArch A2: I have seen many companies and teams realizing now that security is "shared" responsibility.
Org. can no longer rely on their solid security tools and network infra alone to protect the systems and data. Employees have to play their role, too.
#STinsights #OneHCL
Role based communications, email warning banners, and phishing assessments have also been effective communication mechanisms for us. #stinsights
Per #3): Have you -- anyone on the panel -- seen examples of particularly effective communications that a company may have have used to educate thousands of employees working at home about cyber-vigilance? #STinsights @CIOStraightTalk #oneHCL
Somewhat tactical, but it's been highly effective to show end users actual COVID-19 and WFH themed phishing messages. Then they can visualize the actual threat.
Per #3): Have you -- anyone on the panel -- seen examples of particularly effective communications that a company may have have used to educate thousands of employees working at home about cyber-vigilance? #STinsights @CIOStraightTalk #oneHCL
@CIOStraightTalk @CISOTesnarB @JosephSteinberg @renjuv @sanjaykatkar @vthakur @DigitalSecArch A2: Unfortunately many are learning how ill prepared they were for any sort of "event" -- not having enough laptop, mobile device inventory, not enough VPN capacity, no communication guidelines. This is a people and process issue, not tech #STinsights @CIOStraightTalk
Completely agree. Never let a good crisis go to waste - this will help us change the narrative. Can't afford to not be direct.
It always has been, but #COVID has required i think more effort to communicate the "why" well, to be crisp in what the expectations are, and to help people with transparency of what threats look like. #STinsights @CIOStraightTalk #OneHCL
SOC's also need to ensure they have visibility in to key systems, and are looking at the right log sources @CIOStraightTalk #Stinsights #OneHCL
Q2 Security Operation Center's need additional training to spot threats related to COVID and work from home practices @CIOStraightTalk #Stinsights #OneHCL
Obtaining and using threat intelligence plays a critical role in identifying and stopping COVID and work from home threats @CIOStraightTalk #Stinsights #OneHCL
Last Seen Users on Sotwe
Mฦฐng Nแปn Lรฌnh ๐๐ฌ
Seen from Vietnam
Royal Cuckold ๐ฑุฏูุงุซุฉ ุฑููุงู
Seen from Egypt
SINIH SAMA TANTE
Seen from Indonesia
Thich Men
Seen from Vietnam
เธเธนเน เธเธฒเธเธฏเธเนเธฒเธกเนเธงเธ
Seen from Malaysia
CostinhaTV 
Seen from Indonesia
vini
Seen from Indonesia
M3ditAt3_93
Seen from Germany
Rida Med
Seen from Algeria
HEE top21cm
Seen from Vietnam
Most Popular Users
Elon Musk
@elonmusk
240.6M followers
Barack Obama
@barackobama
119.2M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.6M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.2M followers
Justin Bieber
@justinbieber
90.9M followers
KATY PERRY
@katyperry
87.6M followers
Taylor Swift
@taylorswift13
81.5M followers
Lady Gaga
@ladygaga
73M followers
Virat Kohli
@imvkohli
69.9M followers
Kim Kardashian
@kimkardashian
69.8M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.9M followers
Neymar Jr
@neymarjr
62.6M followers
The Ellen Show
@theellenshow
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.7M followers