November 8, 2024 • 29 mins
When bad actors get more sophisticated, cybersecurity professionals only have one choice: Innovation.
In this episode of Innovation Heroes, we explore the rapidly changing cybersecurity landscape with Brianna Farro, Cisco's Security Director of XDR Product Management. Briana explains why traditional siloed security approaches are insufficient in today's complex threat environment and how extended detection response, or XDR, provides a more comprehensive solution.
We delve into the key capabilities of XDR, including its ability to correlate data from multiple sources, prioritize critical threats, and automate responses. Briana shares real-world examples of XDR's success and advocates for Cisco's open and hybrid XDR approach. Discover how XDR can help your organization improve its security posture and stay ahead of the curve.
Featuring: Briana Farro, Cisco Security Director of XDR Product Management
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:02):
This episode is brought to you by Cisco,your partner in AI guided cybersecurity.
Cisco XDR improves your securityefficacy and lets you do more with less.
It detects advanced threats faster,automates responses, and prioritizes
your most critical security alerts.
Learn more at www.
shi.
com slash Cisco.
(00:24):
10 or 15 years ago from getting 10 alertsa day on a busy day or even 50 when they
were being attacked to thousands of eventsa day, even in a smaller environment, it
means I can't look at every single event.
I need to have something puttingthat information together for me.
In the world of technology,heroes are everywhere.
(00:46):
They're overcoming disruption, deliveringsustainable outcomes, and fearlessly
forging the future to solve what's next.
Join me, Ed McNamara, as we meet thepeople and businesses driving change
in our constantly disruptive world.
This is Innovation Heroes, apodcast brought to you by SHI.
(01:08):
The cybersecurity threatlandscape is changing.
Bad actors are getting more sophisticated,and an ever increasing number of
businesses are encountering attacks.
If you've been in the IT business fora while, and especially if you've been
in the marketing of IT business fora while, you've always heard that the
threat landscape is constantly changing.
Attacks are increasing, and thosetwo points are hammered home
(01:29):
since your first day on the job.
Aren't bad actors alwaysgetting more sophisticated?
Aren't attacks always increasing?
The honest answer is yes, they are,except it might be worse than you think.
Between 2021 and 2023, data breachesrose by 72%, and studies indicate
that over 60 percent of businessesexperience a cyber incident each year.
(01:52):
From ransomware to phishing schemesand IoT attacks, companies across
all sectors are being targeted.
making it difficult to rethink how weprotect our digital infrastructure.
Luckily, there are heroes ofinnovation helping us fight back.
Brianna Farrow, Cisco Securities Directorof XDR Product Management, is on the front
(02:13):
line of the fight against cyber threats.
Brianna and her team at Cisco are armingcustomers with an AI infused security
system to deliver end to end threatmanagement, break down silos between
different security systems, and provide aunified, automated, An efficient approach
to combating evolving cyber threats.
It's called Extended DetectionResponse or XDR for short.
(02:35):
Brianna, welcome to Innovation Heroes.
Thank you so much for having me, Ed.
It's a pleasure.
Absolutely.
So I guess we'll juststart with the background.
How did you get into cybersecurity?
Was there a moment thatset you on this path?
Yeah, so it's a little bit twofold.
I'll go back even a little bitfurther to just briefly talk
about how I got into informationtechnology before even cybersecurity.
(02:59):
Um, my path to information technologyactually starts with the TV show
Buffy the Vampire Slayer in the 90s.
And it's all because I decidedthat I needed to have my own
website for that TV show.
And I got into web developmentand those types of things.
And from that, I got reallyinterested in information technology.
(03:19):
I think to your point, the real turningpoint for me around cybersecurity was
starting to think through and realizethat the more we did digitally, the
more we were at risk and we can't turnaround and not live our lives digitally.
It does provide so many benefits.
Uh, there's probably some downsideto how much we look at our phones and
needing to, to break away from that.
(03:40):
But I was one of the first people touse online purchasing of services.
But the more we look through that,even before the first breaches
happened, really just started to thinkthrough the negative aspects of that.
And really, for me, where it hit homeis thinking through the much, much
darker side of the Internet where peopletraffic humans and do a lot of really bad
things and how much I could be a part ofhelping to stop that as much as possible.
(04:06):
Historically speaking, you know,what have been the building blocks of
an effective cybersecurity program?
Cybersecurity solutions needto be based on a concept of
knowing what is at most risk.
And as we've gone through theyears, it's really difficult to
think through, do I know what'sat most risk to my organization?
Do I even have a good understandingof what all of the assets that
(04:28):
are in my environment are?
And really, if you think aboutit, Back to our personal lives.
Do you know every single item that's inyour junk drawer in your house, assuming
that you have one, probably not, right?
Probably not.
But realistically, there's somestuff in there that you need.
We may call it a junk drawer,but it's there for a reason.
You put it in there versus throwing itout and making it easily accessible.
(04:49):
Right.
So absolutely.
Yeah.
So when we think through that, we,we may have assets that are critical
to doing things in our organizationand in our delivery of business
that we don't even know are there.
And so we need to be able to have away to defend against those, even if
we can't 100 percent identify them.
So that's knowing kind of what's atrisk to us, or what's at risk if we lose
(05:13):
things like data or lose things like, um,access to our environments in our systems.
And to put it reallysimply in a lot of these.
situations that could be Genuinely thedifference between somebody getting a
life saving surgery in a day and notand I don't say that to be dramatic
But if you think about it applied toreal life if a ransomware attack takes
(05:34):
a health Organization down and all ofthe systems that are not only used to
process that patient, but in a lot ofsituations we have regulated medical
devices that are used as part ofsurgeries or to keep people alive and
Functional after those surgeries, andif those get infected and they can't be
used, you literally could be making thedifference between saving a life or not.
(05:55):
So the program needs to think aboutwhat's most at risk to it, where are you
most exposed, what you, what controlsyou have in place to deal with that, and
then how you continue to assess thosethings at a real bare bones aspect of it.
Yeah.
And I don't think you'rebeing dramatic at all.
And especially with, with your workhistory, I mean, you spent eight
years working for the city of NewYork department of information
technology and telecommunications.
(06:17):
You know, we've got a goodsize public sector audience.
I mean, you, you don't get totake a day off an hour off, right?
I mean, it's, you, you, it'sreally, it's really true.
I mean, do you, do you ever look backwith any nostalgia on, on being in the,
in the public sector and with the, youknow, protecting the people's information?
Yeah.
Absolutely.
Again, not like genuinely andseriously when you think about, so
(06:39):
I'm a, I'm a lifelong New Yorker.
And one of the interesting thingsin working for your city in your
city is you become both a receiverof those services and a provider
of them at the exact same time.
Um, jokingly, like you'reactually kind of paying your
own salary hysterically, right?
Through tax money.
But, uh, you really start toappreciate that those services
are real and they're used right.
Train's not moving.
(07:00):
I mean, that's, Always a huge piece ofit too, because if it's what you depend
on to get places, and again, you'rethe doctor who has to perform the life
saving surgery and you're stuck on atrain underground, that's a real problem.
If a signal went down.
Absolutely.
In terms of threat landscape, youknow, what was once an effective
security program might become obsolete.
(07:20):
Um, you know, I kind of kid mymarketing colleagues who talk about
how the threat landscape is alwayschanging, but, um, I mean, you're,
you're at Cisco two plus years now.
Like how is it?
different today than it was five yearsago, whether it's the landscape, whether
it's Cisco's response to it, you know,what, what are the changes that you see?
Because you're on the front lines.
One of the things that I wouldsay is even as a practitioner.
(07:41):
So when I was still on the customerside of the fence, we For example,
we didn't have service desks.
When I first started, we had help desks,and it was because of the difference
of the transformation of what youprovided as part of that offering.
So on the digital and cyber security side,it's very similar, even simple things.
You didn't say cyber security withinformation technology or information
(08:03):
technology security, and you werereally looking at protecting.
perimeter that was defined and stationary.
You had locations, you had a finitenumber of physical locations, even if
you were a very distributed environment.
And then you would put physical appliancesin place to defend those environments
like firewalls and then progressing toidentity, uh, intrusion detection systems,
(08:24):
and then intrusion prevention systems.
When somebody thought through the fact.
That like a firewall, it might bea good idea to just block something
from happening versus monitoring it.
So there's been a huge transformation.
We use that term attack surfaceed, but I hate to say it.
It's true.
It just grows.
It just grows and grows and grows.
And that is a massive difference,including the fact that you changed from
(08:45):
having people who were always stationed ata desk and systems that were chained and
locked to desks that prevented physicaltheft to sometimes we don't even have.
Systems anymore.
There's applications that we'verun on that are based on what
we call serverless systems.
And a lot of times there's a whole newway to attack those types of systems
because there's no operating system.
(09:06):
There's nothing to hack from that format.
So you have to think through gettinginto that system in a different way.
And One kind of last thought aroundthis is as we continue to transform
constantly with things like AI andartificial intelligence, everybody
loves the chatbot style models thatare coming up or even the opportunity
to ask your phone a question withouthaving a type or or put some sort of
(09:29):
information in to obtain an answer.
But that is in and of itself a wholenother risk surface that now needs not
just defending, um, but also needs, um, Inresearch into to understand how we could
leverage it to go against the bad actors.
And then I think the last thingI would say is there's been an
interesting shift in what people arelooking to do when they attack you.
(09:51):
It used to be.
Maybe cause some disruption and damage.
Maybe there were activiststhat were literally trying to
do that for a for a reason.
And there were always like digitaland cyber criminals trying to
get at some sort of information.
Now, though, they maywant to take your data.
As a starting point, that data thatthey're going to take from you is going to
(10:13):
be to set up an identity for your childrenthat they don't even know exists to open
up bank accounts and apply for mortgagesand do all sorts of, of things that
are going to be a huge problem for yourchild later that you may not even realize
because you're not monitoring credit on,on your child because they shouldn't have
any until they're 18, at least in the U S.
(10:33):
So that's been a big shift as well aslike the intention of what, Criminals and
threats, threat actors are going after,especially when we talk about things like
nation states and politics, as we allknow, that's really come into play into
trying to sway things either way or to,uh, to try to do damage on a both a social
(10:56):
and a digital level to different entities.
Yeah, it's really interesting when,when you, you speak to that, because
you look at, you know, the, the crimethat makes the news like the smash
and grab or something like that.
Like, you know, it happened rightthen and there, like you're, it's,
there's no denying that somebody camein and took, took your jewelry or took
your phone out of, out of your store.
It's that, that, that'll like, Whenyou say how the bad actors, you know,
(11:20):
behave, it's that slow burn thatit's like, what, what were we hacked?
Like, what, what did they take?
Like, when did that happen?
You know, is that's, that'sthe one that really gets me.
That's like, just, just another levelof criminality there when you're
just like, yeah, we don't, we don'thave to act on this right away.
Like we can, we can stay in here for,for as long as we need to, to get what
we, that, that seems different to me.
(11:42):
Would you agree with that?
I would I would say that digitalsecurity is really interesting.
Digital crime is really interestingwhen you compare it to physical
crime and a traditional, you know,detective and police force because
there's a lot of similarities.
We might have an undercover personinfiltrate an environment and sit
there to gain trust and try to gainmore information about, uh, Right.
(12:03):
Right.
Uh, organization, a country, et cetera.
So the digital situation that you justdescribed is very similar to that.
It's kind of like the digital version ofthe old tricks that we start to put into
play, but because the digital footprintis so much more vast sometimes than what
the physical footprint could ever be,it, it does take on its, its own new,
(12:23):
uh, animal for lack of a better term.
Yeah, absolutely.
So to deal with this, thischanging landscape, we deal
with this, the changing animal.
You know, one of the innovations, um,is, is XDR, extended detection response.
Um, can you go into, you know, how isthis developed, like, how does it work,
um, you know, what's the, what's thepurpose, uh, you know, that, that you and
(12:45):
your team are, are using XDR to support?
Yes.
When we think about situations again,kind of masking or mapping, excuse
me, to our own in person lives.
If I came home, for example, and I sawthat my door was, it wasn't in the,
in the lock, it was kind of adjacent.
I would think that was weird.
We talked about it at Isle of New York.
(13:06):
I would lock everything.
So that would be very, very weird.
Right?
However, if I opened the door, there wouldbe a very different next response for me.
If I found things knocked over and itlooked like something had been ransacked
or rummaged through, or I walked inand I didn't see anything going on.
If I saw people in my house there or not,and whether or not I knew those people,
(13:28):
if I saw my TV gone, there was, thesewould be different indicators that would
help me understand what had happened.
Maybe I did somehow leave for the day.
And failed to close my door.
Once I left my window openon a New York city street.
Parked for an entire weekend and somehowgot nothing stolen out of my car.
So stranger things have occurred, butyou know, they thought it was a trap.
(13:48):
Absolutely.
I was like, somebody's like,I'm not touching that car.
I'm not going anywhere, but you know,things do happen and, and it's possible.
But if I walked in and I saw otherindicators that let me understand
that something likely had happened,I would then start to take
action, like call the cops and.
So when we take that to the digitalaspect, it's really very similar.
(14:11):
We want the extended in extendeddetection and response means I don't
want to focus just on endpoint orEDR detection and response or network
or NDR detection and response oremail security solutions or identity.
It's the whole package in orderto really understand what's
happening in an environment.
An organization needs to have visibilityinto all of those things, and the
(14:31):
visibility is more critical than ever whenwe have so many solutions that are used.
users can self service off of, includingthings like AI, where they could take
in a totally non malicious intended way,take my data from inside my organization,
plop it in chat GPT to get a summarizationto make the best report and presentation
they could, but not realize that theyjust leaked a lot of information.
(14:54):
So the visibility is reallyimportant there and, and helping
an organization that went maybe.
10 or 15 years ago from getting 10 alertsa day on a busy day or even 50 when they
were being attacked to thousands of eventsa day, even in a smaller environment.
It means I can't lookat every single event.
(15:14):
I need to have something puttingthat information together for me.
So I have the visibility now putthat information together for me.
Don't forget about certain aspects.
Most organizations have endpointdetection and response, but it's
more expensive and it's harder todeploy things like network detection.
So don't, don't lose that, build thatin, let me have the visibility across all
of those things so that I can understandwhat's happening in my environment.
(15:36):
And then very similar to ahuman central nervous system.
I want those sensors, my fingers, mytoes, my, you know, my nose, my Mouth to
help me understand what I'm absorbing.
But I need my brain.
I need analytics to process what happened.
Having a no TV in my house, a personknocked over my door open and a
(15:58):
broken window doesn't necessarilyindicate that I was robbed and I
have an injured family member in myhouse unless I know that that's what
all of those things mean together.
So really, organizationsneed to have that visibility.
And that correlation and comprehensivenessto help them understand what happened
in their environment and then guidethem to a response is really what we're
(16:18):
gold at because If I called you and saidyou need to come by our neighborhood
right away You'd have a super differentresponse if I said well I had a surprise
birthday party planned for you edand I forgot to tell you you might be
like that Sounds like a you problem.
I'm recording a podcast right now But i'llsee what I can but if I said the house was
robbed or it's on fire You're either goingto say You're calling the wrong person
(16:41):
or like, why are you calling me first?
Very different responses based on that.
So the guidance of how to respond so thatyou can quickly minimize the impact to
your environment and your organizationis also something that organizations
need to start transforming too.
And you, you touched on it a littlebit and there's, there's, there's one
thing that, that I want to, I wantto quote back to you said in a, in a
(17:03):
recent blog post, um, that Allowing,uh, security operations centers
teams to move away from the endlessinvestigation and instead spend their time
remediating the most critical incidentsacross their security stack quickly
and efficiently was a big priority.
And then in another post, you said thatyou mentioned streamlining the process
(17:24):
in in the security operations center.
So I love the consistency that you have.
I mean.
Your response to these, we always talkabout the evolving threats, but then
the increasing, you know, aspect ofthese threats or the number of threats
that are facing, you've got to make thesecurity operations center more efficient
and increase their bandwidth, right?
(17:46):
Yes, and I love you.
You brought up kind of theprioritization aspect that that
you've seen me quote in the past.
That's a key point about that.
We talked about knowing what'smost impactful to your environment
just a few minutes ago.
In reality, you know, when Iworked for the city, I would have
five sub ones come in at a time.
And I remember I used totell a manager of mine.
Well, to do that.
You just handed me 571.
(18:07):
So guess who's going to decidewhat priority order these work in?
Cause they're all at thesame severity, right?
I'm going to do some sortof additional triaging and
assessment and figure that out.
But if we can, but if we can use anunderstanding of the attack that we think
is happening in the organization andwhat's most important to add, like what
out of that junk drawer, when Ed openedthe drawer to grab, if there was a fire
(18:29):
in his place on the way out and hopefully.
Get out a okay with that.
We want to know that so that we canstart to put that information together
and not only tell you what happened,but help you stop the bleed or stop
what's happening on those systems andprotect those most critical systems.
So that prioritization is reallyimportant because how are you supposed
(18:49):
to work on something with priority ifyou don't know a difference between.
Five different events that arehappening in your environment
in today's complex threat landscape.
Security teams are stretched thin.
They spend too much time on repetitivetasks and struggle to prioritize alerts.
Our network led open, extended detectionand response solution provides a single,
(19:11):
Unified view of your security posture.
We correlate data from multiple sourcesto pinpoint the most critical threats.
Cisco XDR is built in automationand AI guided remediation save
you valuable time and resources.
Organizations using XDR have a 54percent improvement in advanced threat
detection, a 48 percent increase ina tier one analyst throughput and a
(19:33):
significant boost in team collaboration.
Cisco XDR integrates with the broaderCisco security portfolio and key
third party security tools, making itthe most comprehensive and flexible
solution on the market today.
Stop reaching, start anticipating.
Visit www.
shi.
com slash cisco to learn how CiscoXDR can empower your security team.
(19:58):
What can XDR do that older cybersecurities that came before it can't?
And like, kind of, what are a few of thebig ways that XDR is positively impacting
security outcomes for users that you're,that you're, Talking to you today,
there's a couple of things that at leastif you're looking at an XDR solution,
whether it's Cisco's or not, we feel isreally critically important for people.
So bringing in context for multiplesources, there's XDRs that have been
(20:22):
built at different times and comingfrom different places, and they may be
really great at interpreting a certainsource, like an endpoint component or
a network component, but they may notbe good at interpreting both of those
or more of those, like identity andemail security and collaboration tools.
Uh, cloud based detection, auditlogs, identity logs, et cetera.
(20:45):
There's, there's a need to understandand first of all, to have visibility
into all of those, but then to understandthose, one of the things that allows
us at Cisco to be able to do that isWe have happened to be fortunate enough
to have solutions in our portfoliofor all of those things by themselves.
So our ability to have an understandingof where that piece of information,
(21:05):
the TV being gone compared to thewindow being broken compared to the
lock being open, for example, theability to understand that is important
in understanding its relevance.
So definitely we would guide peopleto look at solutions that provide
that true extension, not just inwhat data they might pull in for
you, but in the usage of that data.
And then Brianna's favorite wordthat my team would tell you, they're
(21:28):
probably tired of hearing, butBrianna's favorite word is correlation.
We really do, and I really do believe,if you literally even just look up the
dictionary definition of aggregationversus correlation, it's a big difference
to say that an Ed and Brianna recordeda podcast in October, compared to
saying that this Ed and this Briannarecorded this podcast in November.
(21:49):
Podcast on this date.
And that is the difference betweencorrelating and getting a definitive
answer of what happened on what day versusa bunch of data that could be useful.
And I could certainly gothrough it to understand that.
But if we go back to the pointyou made earlier of getting
me to what I need, that's.
Fastest to then make, allow me to actionthe fastest and then minimize the impact
(22:11):
or any impact in theory to my environment,if possible, I really need correlation.
So we feel that as organizationsare looking to potentially make
this transformation and, andleverage a solution like extended
detection and response, thatthose are some key components.
The last one is that responsive action,uh, too often, even as a practitioner
in the industry, I've seen the R kind offall off in any detection and response.
(22:35):
It's like, Hey, I told you what happened.
So go handle it.
It's kind of like when, if you've evergotten your car towed in New York, I don't
know if you've ever had that benefit,uh, but you parked somewhere that you
didn't realize you weren't supposed to.
You get towed and you're like,Cool, so my car's gone, but it's not
like they leave a little marker inthe waiting area telling you that.
(22:55):
Our audience always loves,like, real world case studies.
Like, do you have a good one, uh,like, at the ready for, you know,
that to really just kind of illuminatewhat you're describing here?
Yeah, so there were a couple of prettysignificant breaches that had happened
earlier in the year for certainhealth care organizations, providers,
(23:15):
um, insurance companies, et cetera.
And we had a few without, you know,obviously naming names, but we had
a few customers who said, you know,wow, because we had certain things
set up in XDR looking for that.
This type of scenario looking forthis type of outcome, plus the native
capabilities that are built in, wewere able to avoid this entirely.
And that's, that's huge because especiallyin situations where you mentioned it
(23:39):
earlier, it's very clear what happened.
There's a huge data breach, like the,the, you know, the impact is there.
There's all of that trickleimpact that happens from that.
When your social security numberis stolen day one, maybe nothing
happens, but what happens six monthslater, if you're a company that has
that data breach happened, there'salso all sorts of legal ramifications
and liabilities that come in.
(24:00):
It was, I think, a combination of.
Validation of the solution and the modelof the solution to look through the entire
environment, have visibility, understandand process what's happening, but also
a sigh of relief for those organizationsthat when they looked at this model, this
transformational model of having thatbroad visibility and that analytics and
correlation that they saw it be effective.
(24:23):
So that was a huge thing for, um,for some recent organizations.
The other thing also that we haverecognized and noticed is organizations
have spent a lot of time in thesolutions that they're purchasing, and
they have already implemented those.
They have a knowledge basethat's built up on those.
So it's unrealistic to expect anyorganization to just Transform and go
(24:43):
all in on one vendor just to purchase anextended detection and response solution.
The other thing that we feel organizationsshould be mindful of is an open and
hybrid model where the delivery vendoris definitely taking on an aspect of
the development for the integration withthose third parties, but an organization
at least has the opportunity to bring.
In our case, a non Cisco EDR, a nonCisco NDR, a non Cisco email security
(25:07):
solution, and or the flexibility tocreate custom detections or integrations,
at least with those solutions.
So we would definitely encourage people tokeep an eye out for that as a requirement.
I think that the.
The rebranding of Cisco as a securitycompany has been just really something
for the textbooks that, that, thatI think marketing should, should be
(25:27):
teaching actually, but I T peopledon't buy because of marketing they
buy because there's, there's really,you know, uh, I T, you know, and,
and, and expertise that's behind that.
I just was curious, you know, do you careto comment on, on, on how they did that?
And, and, and what you've seen, youknow, from, from your own company to,
to kind of change that story and evolve.
(25:48):
When I came to Cisco, weknew we had a little bit of a
credibility challenge there.
I had mentioned that even at my oldcompany, there were times that we would
do a bake off or a proof of value witha customer and, and either Cisco didn't
come up or was not a worry if they did.
Um, so one of the things that we've reallybeen doubling down on is that credibility,
all security practitioners are trust, butverify type of people and word of mouth
(26:11):
or, or proof of solution is a huge piece.
Um, but.
One of the things that I think Ciscois doing a little bit differently is
being very specific about letting youknow, our strategy of why we're doing
this, how we're doing this, why wethink this transformation is needed,
and also giving ourselves the creditto say, this isn't our first rodeo.
We've been in the it businessinnovating for a long time.
(26:34):
Time.
There were no networkingtechnologies when Cisco started
did the WAN networking technology.
There were no collaboration toolsbesides Webex for a very long time,
or at least none worth their weight.
But Cisco has a very goodbackbone in understanding how
to deliver real transformation,innovation, quality, and security.
And right now, between a combinationof looking at the real needs of our
(26:57):
customers and of organizations that maynot be customers yet, but we hope will
join us in their cybersecurity journey.
Proving to them that ourstrategy is about how we help
them defend their organization.
We have practitioners building products.
I know what it's like to have a securityoperations mission behind me and
meaning needing to stand up to yourboard and say that I'm confident that
(27:19):
we're going to be able to defend andprotect ourselves or if we're attacked
to handle it, that is meaningful in,and we hope more people take notice
of that from a credibility perspectiveand at least give us the opportunity to
prove out that our products can deliveron the outcomes that organization.
What are looking for?
Where could listeners learn more aboutCisco XDR Cyber security or about you?
(27:40):
Yeah.
Thank you so much.
So they can go to cisco.
com.
We have a cisco.
com XDR page where you canget a lot of information.
You can see a click through demowithout having to contact anybody.
I get it.
As a customer, you don't always wantto have someone calling you back so
you can get some hands on access.
And for me, feel free to reach outon LinkedIn at any point in time.
Um, I always try to post the eventsthat I'm going to be speaking at as
well and would love to interact orhear more from peers in the industry.
(28:05):
Extended detection and response is thebrain of the cybersecurity nervous system.
It's the hub that analyzes disparatethreat information across an
organization's security environment.
This holistic approach improves threatdetection by reducing data silos,
enables faster identification andresponse to incidents, and minimizes
potential damage during a threat,all of which helps security teams
(28:27):
focus on the most critical issues.
A big thank you to Brianna Farrow forsharing her insights and expertise.
Until next time, keep innovatingand stay ahead of the curve.
For Innovation Heroes andSHI, I'm Ed McNamara, and I'll
see you again in two weeks.
(28:51):
This episode is brought to you by Cisco,your partner in AI guided cybersecurity.
Cisco XDR improves your securityefficacy and lets you do more with less.
It detects advanced threats faster,automates responses, and prioritizes
your most critical security alerts.
Learn more at www.
shi.
com.
This episode is brought to you by Cisco,your partner in AI guided cybersecurity.
Cisco XDR improves your securityefficacy and lets you do more with less.
It detects advanced threats faster,automates responses, and prioritizes
your most critical security alerts.
Learn more at www.
shi.
com slash Cisco.
(00:24):
10 or 15 years ago from getting 10 alertsa day on a busy day or even 50 when they
were being attacked to thousands of eventsa day, even in a smaller environment, it
means I can't look at every single event.
I need to have something puttingthat information together for me.
In the world of technology,heroes are everywhere.
(00:46):
They're overcoming disruption, deliveringsustainable outcomes, and fearlessly
forging the future to solve what's next.
Join me, Ed McNamara, as we meet thepeople and businesses driving change
in our constantly disruptive world.
This is Innovation Heroes, apodcast brought to you by SHI.
(01:08):
The cybersecurity threatlandscape is changing.
Bad actors are getting more sophisticated,and an ever increasing number of
businesses are encountering attacks.
If you've been in the IT business fora while, and especially if you've been
in the marketing of IT business fora while, you've always heard that the
threat landscape is constantly changing.
Attacks are increasing, and thosetwo points are hammered home
(01:29):
since your first day on the job.
Aren't bad actors alwaysgetting more sophisticated?
Aren't attacks always increasing?
The honest answer is yes, they are,except it might be worse than you think.
Between 2021 and 2023, data breachesrose by 72%, and studies indicate
that over 60 percent of businessesexperience a cyber incident each year.
(01:52):
From ransomware to phishing schemesand IoT attacks, companies across
all sectors are being targeted.
making it difficult to rethink how weprotect our digital infrastructure.
Luckily, there are heroes ofinnovation helping us fight back.
Brianna Farrow, Cisco Securities Directorof XDR Product Management, is on the front
(02:13):
line of the fight against cyber threats.
Brianna and her team at Cisco are armingcustomers with an AI infused security
system to deliver end to end threatmanagement, break down silos between
different security systems, and provide aunified, automated, An efficient approach
to combating evolving cyber threats.
It's called Extended DetectionResponse or XDR for short.
(02:35):
Brianna, welcome to Innovation Heroes.
Thank you so much for having me, Ed.
It's a pleasure.
Absolutely.
So I guess we'll juststart with the background.
How did you get into cybersecurity?
Was there a moment thatset you on this path?
Yeah, so it's a little bit twofold.
I'll go back even a little bitfurther to just briefly talk
about how I got into informationtechnology before even cybersecurity.
(02:59):
Um, my path to information technologyactually starts with the TV show
Buffy the Vampire Slayer in the 90s.
And it's all because I decidedthat I needed to have my own
website for that TV show.
And I got into web developmentand those types of things.
And from that, I got reallyinterested in information technology.
(03:19):
I think to your point, the real turningpoint for me around cybersecurity was
starting to think through and realizethat the more we did digitally, the
more we were at risk and we can't turnaround and not live our lives digitally.
It does provide so many benefits.
Uh, there's probably some downsideto how much we look at our phones and
needing to, to break away from that.
(03:40):
But I was one of the first people touse online purchasing of services.
But the more we look through that,even before the first breaches
happened, really just started to thinkthrough the negative aspects of that.
And really, for me, where it hit homeis thinking through the much, much
darker side of the Internet where peopletraffic humans and do a lot of really bad
things and how much I could be a part ofhelping to stop that as much as possible.
(04:06):
Historically speaking, you know,what have been the building blocks of
an effective cybersecurity program?
Cybersecurity solutions needto be based on a concept of
knowing what is at most risk.
And as we've gone through theyears, it's really difficult to
think through, do I know what'sat most risk to my organization?
Do I even have a good understandingof what all of the assets that
(04:28):
are in my environment are?
And really, if you think aboutit, Back to our personal lives.
Do you know every single item that's inyour junk drawer in your house, assuming
that you have one, probably not, right?
Probably not.
But realistically, there's somestuff in there that you need.
We may call it a junk drawer,but it's there for a reason.
You put it in there versus throwing itout and making it easily accessible.
(04:49):
Right.
So absolutely.
Yeah.
So when we think through that, we,we may have assets that are critical
to doing things in our organizationand in our delivery of business
that we don't even know are there.
And so we need to be able to have away to defend against those, even if
we can't 100 percent identify them.
So that's knowing kind of what's atrisk to us, or what's at risk if we lose
(05:13):
things like data or lose things like, um,access to our environments in our systems.
And to put it reallysimply in a lot of these.
situations that could be Genuinely thedifference between somebody getting a
life saving surgery in a day and notand I don't say that to be dramatic
But if you think about it applied toreal life if a ransomware attack takes
(05:34):
a health Organization down and all ofthe systems that are not only used to
process that patient, but in a lot ofsituations we have regulated medical
devices that are used as part ofsurgeries or to keep people alive and
Functional after those surgeries, andif those get infected and they can't be
used, you literally could be making thedifference between saving a life or not.
(05:55):
So the program needs to think aboutwhat's most at risk to it, where are you
most exposed, what you, what controlsyou have in place to deal with that, and
then how you continue to assess thosethings at a real bare bones aspect of it.
Yeah.
And I don't think you'rebeing dramatic at all.
And especially with, with your workhistory, I mean, you spent eight
years working for the city of NewYork department of information
technology and telecommunications.
(06:17):
You know, we've got a goodsize public sector audience.
I mean, you, you don't get totake a day off an hour off, right?
I mean, it's, you, you, it'sreally, it's really true.
I mean, do you, do you ever look backwith any nostalgia on, on being in the,
in the public sector and with the, youknow, protecting the people's information?
Yeah.
Absolutely.
Again, not like genuinely andseriously when you think about, so
(06:39):
I'm a, I'm a lifelong New Yorker.
And one of the interesting thingsin working for your city in your
city is you become both a receiverof those services and a provider
of them at the exact same time.
Um, jokingly, like you'reactually kind of paying your
own salary hysterically, right?
Through tax money.
But, uh, you really start toappreciate that those services
are real and they're used right.
Train's not moving.
(07:00):
I mean, that's, Always a huge piece ofit too, because if it's what you depend
on to get places, and again, you'rethe doctor who has to perform the life
saving surgery and you're stuck on atrain underground, that's a real problem.
If a signal went down.
Absolutely.
In terms of threat landscape, youknow, what was once an effective
security program might become obsolete.
(07:20):
Um, you know, I kind of kid mymarketing colleagues who talk about
how the threat landscape is alwayschanging, but, um, I mean, you're,
you're at Cisco two plus years now.
Like how is it?
different today than it was five yearsago, whether it's the landscape, whether
it's Cisco's response to it, you know,what, what are the changes that you see?
Because you're on the front lines.
One of the things that I wouldsay is even as a practitioner.
(07:41):
So when I was still on the customerside of the fence, we For example,
we didn't have service desks.
When I first started, we had help desks,and it was because of the difference
of the transformation of what youprovided as part of that offering.
So on the digital and cyber security side,it's very similar, even simple things.
You didn't say cyber security withinformation technology or information
(08:03):
technology security, and you werereally looking at protecting.
perimeter that was defined and stationary.
You had locations, you had a finitenumber of physical locations, even if
you were a very distributed environment.
And then you would put physical appliancesin place to defend those environments
like firewalls and then progressing toidentity, uh, intrusion detection systems,
(08:24):
and then intrusion prevention systems.
When somebody thought through the fact.
That like a firewall, it might bea good idea to just block something
from happening versus monitoring it.
So there's been a huge transformation.
We use that term attack surfaceed, but I hate to say it.
It's true.
It just grows.
It just grows and grows and grows.
And that is a massive difference,including the fact that you changed from
(08:45):
having people who were always stationed ata desk and systems that were chained and
locked to desks that prevented physicaltheft to sometimes we don't even have.
Systems anymore.
There's applications that we'verun on that are based on what
we call serverless systems.
And a lot of times there's a whole newway to attack those types of systems
because there's no operating system.
(09:06):
There's nothing to hack from that format.
So you have to think through gettinginto that system in a different way.
And One kind of last thought aroundthis is as we continue to transform
constantly with things like AI andartificial intelligence, everybody
loves the chatbot style models thatare coming up or even the opportunity
to ask your phone a question withouthaving a type or or put some sort of
(09:29):
information in to obtain an answer.
But that is in and of itself a wholenother risk surface that now needs not
just defending, um, but also needs, um, Inresearch into to understand how we could
leverage it to go against the bad actors.
And then I think the last thingI would say is there's been an
interesting shift in what people arelooking to do when they attack you.
(09:51):
It used to be.
Maybe cause some disruption and damage.
Maybe there were activiststhat were literally trying to
do that for a for a reason.
And there were always like digitaland cyber criminals trying to
get at some sort of information.
Now, though, they maywant to take your data.
As a starting point, that data thatthey're going to take from you is going to
(10:13):
be to set up an identity for your childrenthat they don't even know exists to open
up bank accounts and apply for mortgagesand do all sorts of, of things that
are going to be a huge problem for yourchild later that you may not even realize
because you're not monitoring credit on,on your child because they shouldn't have
any until they're 18, at least in the U S.
(10:33):
So that's been a big shift as well aslike the intention of what, Criminals and
threats, threat actors are going after,especially when we talk about things like
nation states and politics, as we allknow, that's really come into play into
trying to sway things either way or to,uh, to try to do damage on a both a social
(10:56):
and a digital level to different entities.
Yeah, it's really interesting when,when you, you speak to that, because
you look at, you know, the, the crimethat makes the news like the smash
and grab or something like that.
Like, you know, it happened rightthen and there, like you're, it's,
there's no denying that somebody camein and took, took your jewelry or took
your phone out of, out of your store.
It's that, that, that'll like, Whenyou say how the bad actors, you know,
(11:20):
behave, it's that slow burn thatit's like, what, what were we hacked?
Like, what, what did they take?
Like, when did that happen?
You know, is that's, that'sthe one that really gets me.
That's like, just, just another levelof criminality there when you're
just like, yeah, we don't, we don'thave to act on this right away.
Like we can, we can stay in here for,for as long as we need to, to get what
we, that, that seems different to me.
(11:42):
Would you agree with that?
I would I would say that digitalsecurity is really interesting.
Digital crime is really interestingwhen you compare it to physical
crime and a traditional, you know,detective and police force because
there's a lot of similarities.
We might have an undercover personinfiltrate an environment and sit
there to gain trust and try to gainmore information about, uh, Right.
(12:03):
Right.
Uh, organization, a country, et cetera.
So the digital situation that you justdescribed is very similar to that.
It's kind of like the digital version ofthe old tricks that we start to put into
play, but because the digital footprintis so much more vast sometimes than what
the physical footprint could ever be,it, it does take on its, its own new,
(12:23):
uh, animal for lack of a better term.
Yeah, absolutely.
So to deal with this, thischanging landscape, we deal
with this, the changing animal.
You know, one of the innovations, um,is, is XDR, extended detection response.
Um, can you go into, you know, how isthis developed, like, how does it work,
um, you know, what's the, what's thepurpose, uh, you know, that, that you and
(12:45):
your team are, are using XDR to support?
Yes.
When we think about situations again,kind of masking or mapping, excuse
me, to our own in person lives.
If I came home, for example, and I sawthat my door was, it wasn't in the,
in the lock, it was kind of adjacent.
I would think that was weird.
We talked about it at Isle of New York.
(13:06):
I would lock everything.
So that would be very, very weird.
Right?
However, if I opened the door, there wouldbe a very different next response for me.
If I found things knocked over and itlooked like something had been ransacked
or rummaged through, or I walked inand I didn't see anything going on.
If I saw people in my house there or not,and whether or not I knew those people,
(13:28):
if I saw my TV gone, there was, thesewould be different indicators that would
help me understand what had happened.
Maybe I did somehow leave for the day.
And failed to close my door.
Once I left my window openon a New York city street.
Parked for an entire weekend and somehowgot nothing stolen out of my car.
So stranger things have occurred, butyou know, they thought it was a trap.
(13:48):
Absolutely.
I was like, somebody's like,I'm not touching that car.
I'm not going anywhere, but you know,things do happen and, and it's possible.
But if I walked in and I saw otherindicators that let me understand
that something likely had happened,I would then start to take
action, like call the cops and.
So when we take that to the digitalaspect, it's really very similar.
(14:11):
We want the extended in extendeddetection and response means I don't
want to focus just on endpoint orEDR detection and response or network
or NDR detection and response oremail security solutions or identity.
It's the whole package in orderto really understand what's
happening in an environment.
An organization needs to have visibilityinto all of those things, and the
(14:31):
visibility is more critical than ever whenwe have so many solutions that are used.
users can self service off of, includingthings like AI, where they could take
in a totally non malicious intended way,take my data from inside my organization,
plop it in chat GPT to get a summarizationto make the best report and presentation
they could, but not realize that theyjust leaked a lot of information.
(14:54):
So the visibility is reallyimportant there and, and helping
an organization that went maybe.
10 or 15 years ago from getting 10 alertsa day on a busy day or even 50 when they
were being attacked to thousands of eventsa day, even in a smaller environment.
It means I can't lookat every single event.
(15:14):
I need to have something puttingthat information together for me.
So I have the visibility now putthat information together for me.
Don't forget about certain aspects.
Most organizations have endpointdetection and response, but it's
more expensive and it's harder todeploy things like network detection.
So don't, don't lose that, build thatin, let me have the visibility across all
of those things so that I can understandwhat's happening in my environment.
(15:36):
And then very similar to ahuman central nervous system.
I want those sensors, my fingers, mytoes, my, you know, my nose, my Mouth to
help me understand what I'm absorbing.
But I need my brain.
I need analytics to process what happened.
Having a no TV in my house, a personknocked over my door open and a
(15:58):
broken window doesn't necessarilyindicate that I was robbed and I
have an injured family member in myhouse unless I know that that's what
all of those things mean together.
So really, organizationsneed to have that visibility.
And that correlation and comprehensivenessto help them understand what happened
in their environment and then guidethem to a response is really what we're
(16:18):
gold at because If I called you and saidyou need to come by our neighborhood
right away You'd have a super differentresponse if I said well I had a surprise
birthday party planned for you edand I forgot to tell you you might be
like that Sounds like a you problem.
I'm recording a podcast right now But i'llsee what I can but if I said the house was
robbed or it's on fire You're either goingto say You're calling the wrong person
(16:41):
or like, why are you calling me first?
Very different responses based on that.
So the guidance of how to respond so thatyou can quickly minimize the impact to
your environment and your organizationis also something that organizations
need to start transforming too.
And you, you touched on it a littlebit and there's, there's, there's one
thing that, that I want to, I wantto quote back to you said in a, in a
(17:03):
recent blog post, um, that Allowing,uh, security operations centers
teams to move away from the endlessinvestigation and instead spend their time
remediating the most critical incidentsacross their security stack quickly
and efficiently was a big priority.
And then in another post, you said thatyou mentioned streamlining the process
(17:24):
in in the security operations center.
So I love the consistency that you have.
I mean.
Your response to these, we always talkabout the evolving threats, but then
the increasing, you know, aspect ofthese threats or the number of threats
that are facing, you've got to make thesecurity operations center more efficient
and increase their bandwidth, right?
(17:46):
Yes, and I love you.
You brought up kind of theprioritization aspect that that
you've seen me quote in the past.
That's a key point about that.
We talked about knowing what'smost impactful to your environment
just a few minutes ago.
In reality, you know, when Iworked for the city, I would have
five sub ones come in at a time.
And I remember I used totell a manager of mine.
Well, to do that.
You just handed me 571.
(18:07):
So guess who's going to decidewhat priority order these work in?
Cause they're all at thesame severity, right?
I'm going to do some sortof additional triaging and
assessment and figure that out.
But if we can, but if we can use anunderstanding of the attack that we think
is happening in the organization andwhat's most important to add, like what
out of that junk drawer, when Ed openedthe drawer to grab, if there was a fire
(18:29):
in his place on the way out and hopefully.
Get out a okay with that.
We want to know that so that we canstart to put that information together
and not only tell you what happened,but help you stop the bleed or stop
what's happening on those systems andprotect those most critical systems.
So that prioritization is reallyimportant because how are you supposed
(18:49):
to work on something with priority ifyou don't know a difference between.
Five different events that arehappening in your environment
in today's complex threat landscape.
Security teams are stretched thin.
They spend too much time on repetitivetasks and struggle to prioritize alerts.
Our network led open, extended detectionand response solution provides a single,
(19:11):
Unified view of your security posture.
We correlate data from multiple sourcesto pinpoint the most critical threats.
Cisco XDR is built in automationand AI guided remediation save
you valuable time and resources.
Organizations using XDR have a 54percent improvement in advanced threat
detection, a 48 percent increase ina tier one analyst throughput and a
(19:33):
significant boost in team collaboration.
Cisco XDR integrates with the broaderCisco security portfolio and key
third party security tools, making itthe most comprehensive and flexible
solution on the market today.
Stop reaching, start anticipating.
Visit www.
shi.
com slash cisco to learn how CiscoXDR can empower your security team.
(19:58):
What can XDR do that older cybersecurities that came before it can't?
And like, kind of, what are a few of thebig ways that XDR is positively impacting
security outcomes for users that you're,that you're, Talking to you today,
there's a couple of things that at leastif you're looking at an XDR solution,
whether it's Cisco's or not, we feel isreally critically important for people.
So bringing in context for multiplesources, there's XDRs that have been
(20:22):
built at different times and comingfrom different places, and they may be
really great at interpreting a certainsource, like an endpoint component or
a network component, but they may notbe good at interpreting both of those
or more of those, like identity andemail security and collaboration tools.
Uh, cloud based detection, auditlogs, identity logs, et cetera.
(20:45):
There's, there's a need to understandand first of all, to have visibility
into all of those, but then to understandthose, one of the things that allows
us at Cisco to be able to do that isWe have happened to be fortunate enough
to have solutions in our portfoliofor all of those things by themselves.
So our ability to have an understandingof where that piece of information,
(21:05):
the TV being gone compared to thewindow being broken compared to the
lock being open, for example, theability to understand that is important
in understanding its relevance.
So definitely we would guide peopleto look at solutions that provide
that true extension, not just inwhat data they might pull in for
you, but in the usage of that data.
And then Brianna's favorite wordthat my team would tell you, they're
(21:28):
probably tired of hearing, butBrianna's favorite word is correlation.
We really do, and I really do believe,if you literally even just look up the
dictionary definition of aggregationversus correlation, it's a big difference
to say that an Ed and Brianna recordeda podcast in October, compared to
saying that this Ed and this Briannarecorded this podcast in November.
(21:49):
Podcast on this date.
And that is the difference betweencorrelating and getting a definitive
answer of what happened on what day versusa bunch of data that could be useful.
And I could certainly gothrough it to understand that.
But if we go back to the pointyou made earlier of getting
me to what I need, that's.
Fastest to then make, allow me to actionthe fastest and then minimize the impact
(22:11):
or any impact in theory to my environment,if possible, I really need correlation.
So we feel that as organizationsare looking to potentially make
this transformation and, andleverage a solution like extended
detection and response, thatthose are some key components.
The last one is that responsive action,uh, too often, even as a practitioner
in the industry, I've seen the R kind offall off in any detection and response.
(22:35):
It's like, Hey, I told you what happened.
So go handle it.
It's kind of like when, if you've evergotten your car towed in New York, I don't
know if you've ever had that benefit,uh, but you parked somewhere that you
didn't realize you weren't supposed to.
You get towed and you're like,Cool, so my car's gone, but it's not
like they leave a little marker inthe waiting area telling you that.
(22:55):
Our audience always loves,like, real world case studies.
Like, do you have a good one, uh,like, at the ready for, you know,
that to really just kind of illuminatewhat you're describing here?
Yeah, so there were a couple of prettysignificant breaches that had happened
earlier in the year for certainhealth care organizations, providers,
(23:15):
um, insurance companies, et cetera.
And we had a few without, you know,obviously naming names, but we had
a few customers who said, you know,wow, because we had certain things
set up in XDR looking for that.
This type of scenario looking forthis type of outcome, plus the native
capabilities that are built in, wewere able to avoid this entirely.
And that's, that's huge because especiallyin situations where you mentioned it
(23:39):
earlier, it's very clear what happened.
There's a huge data breach, like the,the, you know, the impact is there.
There's all of that trickleimpact that happens from that.
When your social security numberis stolen day one, maybe nothing
happens, but what happens six monthslater, if you're a company that has
that data breach happened, there'salso all sorts of legal ramifications
and liabilities that come in.
(24:00):
It was, I think, a combination of.
Validation of the solution and the modelof the solution to look through the entire
environment, have visibility, understandand process what's happening, but also
a sigh of relief for those organizationsthat when they looked at this model, this
transformational model of having thatbroad visibility and that analytics and
correlation that they saw it be effective.
(24:23):
So that was a huge thing for, um,for some recent organizations.
The other thing also that we haverecognized and noticed is organizations
have spent a lot of time in thesolutions that they're purchasing, and
they have already implemented those.
They have a knowledge basethat's built up on those.
So it's unrealistic to expect anyorganization to just Transform and go
(24:43):
all in on one vendor just to purchase anextended detection and response solution.
The other thing that we feel organizationsshould be mindful of is an open and
hybrid model where the delivery vendoris definitely taking on an aspect of
the development for the integration withthose third parties, but an organization
at least has the opportunity to bring.
In our case, a non Cisco EDR, a nonCisco NDR, a non Cisco email security
(25:07):
solution, and or the flexibility tocreate custom detections or integrations,
at least with those solutions.
So we would definitely encourage people tokeep an eye out for that as a requirement.
I think that the.
The rebranding of Cisco as a securitycompany has been just really something
for the textbooks that, that, thatI think marketing should, should be
(25:27):
teaching actually, but I T peopledon't buy because of marketing they
buy because there's, there's really,you know, uh, I T, you know, and,
and, and expertise that's behind that.
I just was curious, you know, do you careto comment on, on, on how they did that?
And, and, and what you've seen, youknow, from, from your own company to,
to kind of change that story and evolve.
(25:48):
When I came to Cisco, weknew we had a little bit of a
credibility challenge there.
I had mentioned that even at my oldcompany, there were times that we would
do a bake off or a proof of value witha customer and, and either Cisco didn't
come up or was not a worry if they did.
Um, so one of the things that we've reallybeen doubling down on is that credibility,
all security practitioners are trust, butverify type of people and word of mouth
(26:11):
or, or proof of solution is a huge piece.
Um, but.
One of the things that I think Ciscois doing a little bit differently is
being very specific about letting youknow, our strategy of why we're doing
this, how we're doing this, why wethink this transformation is needed,
and also giving ourselves the creditto say, this isn't our first rodeo.
We've been in the it businessinnovating for a long time.
(26:34):
Time.
There were no networkingtechnologies when Cisco started
did the WAN networking technology.
There were no collaboration toolsbesides Webex for a very long time,
or at least none worth their weight.
But Cisco has a very goodbackbone in understanding how
to deliver real transformation,innovation, quality, and security.
And right now, between a combinationof looking at the real needs of our
(26:57):
customers and of organizations that maynot be customers yet, but we hope will
join us in their cybersecurity journey.
Proving to them that ourstrategy is about how we help
them defend their organization.
We have practitioners building products.
I know what it's like to have a securityoperations mission behind me and
meaning needing to stand up to yourboard and say that I'm confident that
(27:19):
we're going to be able to defend andprotect ourselves or if we're attacked
to handle it, that is meaningful in,and we hope more people take notice
of that from a credibility perspectiveand at least give us the opportunity to
prove out that our products can deliveron the outcomes that organization.
What are looking for?
Where could listeners learn more aboutCisco XDR Cyber security or about you?
(27:40):
Yeah.
Thank you so much.
So they can go to cisco.
com.
We have a cisco.
com XDR page where you canget a lot of information.
You can see a click through demowithout having to contact anybody.
I get it.
As a customer, you don't always wantto have someone calling you back so
you can get some hands on access.
And for me, feel free to reach outon LinkedIn at any point in time.
Um, I always try to post the eventsthat I'm going to be speaking at as
well and would love to interact orhear more from peers in the industry.
(28:05):
Extended detection and response is thebrain of the cybersecurity nervous system.
It's the hub that analyzes disparatethreat information across an
organization's security environment.
This holistic approach improves threatdetection by reducing data silos,
enables faster identification andresponse to incidents, and minimizes
potential damage during a threat,all of which helps security teams
(28:27):
focus on the most critical issues.
A big thank you to Brianna Farrow forsharing her insights and expertise.
Until next time, keep innovatingand stay ahead of the curve.
For Innovation Heroes andSHI, I'm Ed McNamara, and I'll
see you again in two weeks.
(28:51):
This episode is brought to you by Cisco,your partner in AI guided cybersecurity.
Cisco XDR improves your securityefficacy and lets you do more with less.
It detects advanced threats faster,automates responses, and prioritizes
your most critical security alerts.
Learn more at www.
shi.
com.
Popular Podcasts
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
24/7 News: The Latest
The latest news in 4 minutes updated every hour, every day.
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.