Discover critical insights on enhancing cybersecurity strategies and embracing cyber resilience in the upcoming thought leadership research from AT&T Cybersecurity. Join the conversation with Theresa Lanowitz on reevaluating cybersecurity approaches and fortifying security postures to navigate the complex cybersecurity landscape effectively.
The upcoming thought leadership research set to be announced at the RSA Conference which will be presented by Theresa Lanowitz, the Head of Cybersecurity Evangelism at AT&T Cybersecurity, promises to dive into critical aspects of cyber resilience, providing actionable advice for organizations to enhance their cybersecurity strategies. AT&T Cybersecurity aims to empower businesses of all sizes to strengthen their security posture and embrace a proactive approach to cyber resilience through the insights delivered through their upcoming thought leadership report for 2024.
As organizations navigate the complex cybersecurity landscape, the focus on cyber resilience becomes paramount. The thought leadership report intends to prompt discussions within organizations, urging them to reevaluate their cybersecurity strategies and resilience efforts. By sharing insights and trends in cybersecurity, the report aims to equip businesses with the tools needed to enhance their security practices.
The interconnected nature of the supply chain, both physical and software-based, presents challenges and opportunities for businesses of all sizes. Assessing the security posture of vendors and partners is crucial in mitigating cyber threats and ensuring a robust cybersecurity framework within organizations. The thought leadership report from AT&T Cybersecurity seeks to guide organizations in fortifying their security posture and navigating the ever-evolving threat landscape effectively.
Be sure to connect with the Theresa and the rest of the AT&T Cybersecurity team during the RSA Conference. You can learn more and find them by visiting: https://itspm.ag/att-cy4nk3
Note: This story contains promotional content. Learn more.
Guest: Theresa Lanowitz, Head of Cybersecurity Evangelism at AT&T Cybersecurity [@attcyber]
On LinkedIn | https://www.linkedin.com/in/theresalanowitz/
At RSAC | https://www.rsaconference.com/experts/Theresa%20Lanowitz
Resources
Learn more and catch more stories from AT&T Cybersecurity: https://www.itspmagazine.com/directory/att-cybersecurity
The Possibilities, Risks, and Rewards of Cyber Tech Convergence: https://www.rsaconference.com/usa/agenda/session/The-Possibilities-Risks-and-Rewards-of-Cyber-Tech-Convergence
New Research Reveals Five New Trends for Cyber Resilience: https://www.rsaconference.com/USA/agenda/session/New%20Research%20Reveals%20Five%20New%20Trends%20for%20Cyber%20Resilience
View all of our RSA Conference Coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverage
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story
New Research Reveals Five New Trends for Cyber Resilience | A Brand Story Conversation From RSA Conference 2024 | An AT&T Cybersecurity Story with Theresa Lanowitz | On Location Coverage with Sean Martin and Marco Ciappelli
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording, as errors may exist. At this time, we provide it “as it is,” and we hope it can be helpful for our audience.
_________________________________________
Sean Martin: [00:00:00] Marco.
Marco Ciappelli: Sean.
Sean Martin: We are on our way.
Marco Ciappelli: Room, room, room. ,
Sean Martin: you're you're revving the engine.
Marco Ciappelli: Yeah, except, uh, it's gonna be an airplane this year.
Sean Martin: So you're revving the airplanes engine . I dunno if the pilots are like that.
Marco Ciappelli: If they let me drive it, um, I wouldn't trust myself, but, uh, you know, I've seen the movie airplane a couple of times.
Maybe maybe's work. That's, yeah.
Sean Martin: I was gonna go to the serious mock, uh, thing when you went to the airplane movie.
Marco Ciappelli: Yeah. Don't let me pilot an airplane. No.
Sean Martin: All right. I'll let you do that. Um. I'm glad you're on for this though, because we are talking about piloting our journey to RSA Conference, where there's a lot of cool stuff coming out and a lot of research being done and our good friends at AT& T cybersecurity, more specifically, Theresa Lanovitz has some news she'll be sharing and I'm thrilled to have you on, Theresa, thanks for joining us.
Theresa Lanowitz: Thanks so much for having me on. It's great to speak with both of you.
Sean Martin: It's going to be [00:01:00] fun. This is a prelude to, uh, our real chat. In broadcast, Dolly, I'm really looking forward to that as well. We'll get into the more of the nitty gritty before we get into today's topic, though, Theresa, a few words about your role at AT& T cybersecurity and, uh, anything else you want to share that, uh, might help folks understand.
Who you are and why we're chatting today.
Theresa Lanowitz: Indeed. My name is Theresa Lanowitz, as you mentioned, and I'm head of cybersecurity evangelism with AT& T cybersecurity. And my role entails evangelism, going out speaking with great people such as yourselves, but also thought leadership. And thought leadership is what we're going to talk about here.
And also I think in our time at Broadcast Alley coming up at RSA coming up at RSA. We'll be releasing our annual thought leadership report for 2024. But at AT& T Cybersecurity, what we do is we focus on [00:02:00] simplifying security, and we do that through three ways through our experienced consultants. And with consulting with our experience consulting team, you can really focus on predicting and protecting your security investments and your business intelligence and again, simplification that theme of simplification through our managed security services.
You can really help simplify your. Your cybersecurity strategy by working with a strategic extension of your own team through our managed security services. And third is the visibility that you gain by working with us and our AT& T Alien Labs threat intelligence team to be able to give you that visibility into what's going on to help you be able to innovate while managing your risk.
So that's what we do at AT& T Cybersecurity.
Sean Martin: I love it. It's, uh, I'm picturing a circle. I think in diagrams and images, people don't know this already, but I'm picturing a circle where you have to [00:03:00] have visibility so you can understand where complexity is putting you at risk or exposing your organization and your intelligence and your IP and whatever.
So that you can then simplify and kind of, kind of complete that circle. So I love that you describe it that way in terms of services you offer.
Theresa Lanowitz: Indeed. And I like your circle analogy because that circle it's just it represents continuity as well because it's continuous. It's never ending. And you're always focusing on what you're doing with cyber security.
You always have to be assessing your risk. You always have to have that visibility and you want to make sure that your team as is as strategic as possible
Marco Ciappelli: in the circle is a very simple. Uh, image, but also a perfect image. And, uh, I don't know. You know, perfection is what we aim for in this industry. But we also know that it's kind of like the ideal that maybe it's never going to be reached, but we're always going to [00:04:00] do the best that we can.
And every year. When you go to RSA conference, there is something that is trending, that is new. So I'm expecting AT& T cybersecurity will be there unveiling a few interesting things this year. So you, anything you want to tease the audience with?
Theresa Lanowitz: Well, I always, you talk about the perfect symbol and I always talk about the fact that cybersecurity is a journey, not a destination.
And as you mentioned, we go to RSA and there are always Provocative things there at RSA that make us think just a little bit differently or cause us to go back and say, what if, and this year the theme at RSA is art of possible. And I think we'll be seeing a lot of forward, forward looking things at RSA.
And speaking of forward looking, as I mentioned, we're going to be launching our big thought leadership piece for 2024 at RSA on May 7th. And it is. A way to think about the future in a 12 to 36 month horizon. [00:05:00] And what we did in 2023 was we looked at this concept of edge realities. We said, there are a lot of new use cases coming out.
We have these end points that are just scattered everywhere around the planet. We have to secure and protect those endpoints because if an adversary comes in, they can move laterally through our network, of course, and cause significant damage. We have to be aware of the attack types that are out there specifically based upon the vertical market that we might be in.
We have to also be thinking about How we're going to collaborate and communicate internally a little bit better to make sure that we have this ecosystem that we're building out. And then we also have to figure out how we're going to bring in these trusted third party advisors to help us with this new type of computing.
Now, in 2024, what we wanted to look at was what is going on in this area of cyber resilience. So we'll take a look in this thought leadership report about the barriers to cyber [00:06:00] resilience. Look at how cyber security resilience really matters to the organization and then also look at what the business really needs to do to be able to operationalize cyber resilience, cyber security, how they can think of things more holistically, and then we'll offer five tips on how to be more cyber resilient within your organization and start on that journey.
And the genesis of the idea for this report was based upon the fact that over the past decades, couple of decades, cyber security has been fairly isolated. It's been a technical problem, but now we see that cyber security is really a business requirement. So thinking about how that business could offer cyber resilience.
In the face of, yes, certainly a cyber attack, but also in the event of maybe unforeseen, whether some other unforeseen man made incident that would [00:07:00] cause your I. T. organization to go down, and that requires having resistance. Pretty good visibility into the I. T. estate. So without getting away too much, just kind of walk you down that path a little bit and say, we're going to be talking about visibility into the I.
T. estate, how organizations are saying, yes, we want to innovate and we know that innovation brings risk. So what they're doing with that and then taking a look holistically at what organizations are doing to make themselves more cyber resilient.
Sean Martin: And I love the word operationalize and, um, I'm going to connect that to resilience.
I don't know if you can share some insights into how organizations you work with look at resilience and operationalizing that, excuse me, because to your point that I. T. Is a big part of it, but there's much more to, uh, to a business world than just systems and data. [00:08:00] Um, so how, uh, How do organizations look at resilience?
How are they encapsulating IT and cybersecurity in that broad view of resilience that's helping to shape how you, uh, serve them with the services and offerings that you have.
Theresa Lanowitz: That is such a great connection. Tying resilience. To operationalizing and if you think about where we are now, at this point in time, 2024, the idea state, everything that we have, it's gotten big, complex, unwieldy, and it shows no sign of slowing down because we've moved beyond.
The four walls of our organization where we have these IOT devices, we are using computer on the go. One of the things we talked about in our 2023 research was the fact that this idea of edge computing says there are no boundaries. And you want to have your workloads, your hosting, your applications [00:09:00] closer to where that data is being generated and consumed.
So you have this big, unwieldy IT estate, but now the business is saying, wait a second, we have to understand from a cyber resilience perspective, from an entire business perspective, how can we take a look at everything we have? And still maintain those service level agreements we have with our clients in the event of a cyber breach, but also in the event of some sort of weather disaster, some sort of other man made accident that might take us offline.
And that's one of the things with AT& T cyber security through our consulting services, through our managed security services. Through our threat intelligence and visibility that we provide through threat intelligence. That's one of the things that we work with organizations on is helping to make them more cyber resilient, understanding what needs to be done across the entire business, not just from a cyber security perspective, [00:10:00] not just saying, Oh, you need to implement these three cyber security controls and you're going to be great.
What we are able to do is from a consulting perspective, be able to go in and, Really focus on this idea of cyber resilience and help organizations go through that process of bringing those previous probably silos inside of an organization together. So bringing together the different IT teams, the operations team, the application development team, the cyber security team, the line of business team, other stakeholders in the organization who have a vested interest.
In the event of some unforeseen accident. So that's really where, where we come in from a consulting perspective and can help.
Marco Ciappelli: All I heard is cyber resilience is business resilience. So you cannot have that without being cyber secure and it's about being ready, correct? Is that something that nowadays [00:11:00] because of working remotely, the complexity of the business that applies to everyone.
It's something that you look at, as you said, in a holistic way, but not just in terms of organization wide, but also for small, medium businesses, mom and pop shop. I mean, everybody is part of this ecosystem. So how important is it to be in every single aspect of our life?
Theresa Lanowitz: Such an excellent point that you bring up because you talked about maybe the larger enterprise.
Thank you so much. And then maybe the, maybe the smaller midsize businesses, or even getting into a smaller business into a mom and pop shop, they may be part of that larger ecosystem, that larger supply chain. And this is one of the things that we need to focus on as well. We look at the supply chain and we can couch that supply chain.
Discussion in two parts, the physical supply chain. So if I'm making some type of [00:12:00] goods, some type of widget, who am I buying my materials from? Who is shipping my widget out? How is it, how is it being handled at retail, for example? And then you also look at the software supply chain and the software supply chain, as well as that physical supply chain, we've seen attacks on both the physical supply chain and the software supply chain.
So in both cases, we've You have to make sure that you understand that complexity of the supply chain. Are the suppliers in that supply chain? Are they secure? Are they doing the right things to make sure that your data is secure? Are they doing the right things to make sure that the software that you might be bringing in to make some sort of custom application inside of your organization, is that software secure as well?
Sean Martin: Yeah, and, and It makes me think of data supply chain. It's flowing everywhere to from everywhere to everywhere. And [00:13:00] so how back to this report that, uh, and that you're going to now release at RSA conference. What I want to understand is how It shapes two things. One, how you approach the conversations with your customers and how they can use the same information to better prepare themselves for those same conversations.
Because I think getting everybody on the same page and understanding, Here's where we are. Here's where we need to go. Here's kind of the path we we need to take. Helps move things along more quickly, but also to your first point, it simplifies things, right? If you're on the same page. So how, how does the, how does the report, how do you expect that to kind of shape both directions there?
Theresa Lanowitz: Excellent question. And this report is thought leadership. So what I always advise people to do is read the report, take it back [00:14:00] to your organization and start the discussion in your organization. For example, one of the bits of research that we have in there every year is what is your biggest attack concern?
Is it DDoS? Is it ransomware? Is it business email compromise? Is it phishing? And we always have that broken out by industry. So you can take a look at your industry and say, Oh, my industry is more concerned about this attack type. Is this something that we're really prepared for? Is this something that we're ready to remediate immediately if something like this were to happen to us?
So take it back, start those conversations inside your organization. The other thing to do is at the end of the report, We have five pieces of actionable advice for people to start down this path of cyber resilience. So take a look at the end of that report. Start with those big strategic ideas of building out cyber resilience.
Take that back to your organization. You can use this report as a guide post [00:15:00] as a planning tool, as a way to start conversations. So this is, this is what thought leadership is really meant to do is to provoke thought leadership. Among among the readers and among the readers who can take it back and use it and implement it inside of their organizations.
Marco Ciappelli: Very cool. So we are very excited to be right there. One of the first that actually hear about the report when you unveil that, but it's not just you. Even if we're lucky to talk to you, um, you have an entire team there at the, at the booth in the expo hall. Uh, we want people to come there, to engage with your team.
What, what can they expect when they, I know there is espresso and pretzel, which is a very good thing.
Theresa Lanowitz: We absolutely want people to come visit us at RSA and at RSA, you can see the full AT& T cybersecurity team there inside of our booth at RSA. We're at booth number 6155 in [00:16:00] Moscone and you can see demos.
You can. I know we're going to have refreshments. You can get refreshments. You can sit in our theater, watch a theater presentation. And also there are two presentations at RSA conference that I'm going to be doing one. I'll be giving a presentation on the thought leadership report that we're announcing and our president Sundar Annamalai is also presenting as well.
So there are two opportunities to come RSA conference here. People from ATT cybersecurity speak, come by our booth, Get a refreshment, sit down in a theater, enjoy yourself, watch demos, find out what AT& T cybersecurity is all about, and enjoy RSA.
Sean Martin: Yep. So both of those sessions are Wednesday. So May 8th at 355, Sundar has his keynote, uh, Possibilities, Risks and Rewards of Cybertech Convergence.
So that sounds like a fun one. It has the word possibility in there, right? The art of possible. And, uh, then your session, of course, [00:17:00] is, uh, earlier that day, 1 15, we cover the new research that reveals five new trends for cyber resilience. And, uh, so I encourage everybody to attend those. And. If you want to hang out and see, uh, see Theresa and I chat, we're going to, we're going to be Moscone North right at the entrance to the expo hall in the broadcast alley.
And, uh, you and I, Theresa get to have fun getting into the nitty gritty. What, what is that thought leadership? What are the numbers? What are the facts? What are the trends? How does it work? Why does it matter? What do you, what's the outcome we want to achieve? We're going to get into all that. And like you're not sharing any of those points with us yet.
I'm not going to share my my final question to you yet. I'm going to leave that one secret and we're building suspense.
Theresa Lanowitz: We are cliffhanger on your podcast, john.
Sean Martin: That's right. So please, it's thursday at 1 30. Mosconi, uh, north. at the Broadcast Alley. Come by, say hi to Theresa, say [00:18:00] hi to me if you like as well, but mostly Theresa and have a chat with her about the report and everything else that AT& T Cybersecurity is doing.
So Theresa, it's been a fantastic chatting with you. I'm excited to see the results of this effort that I know took some time and uh, and an annual thing and I'm excited to see what's coming out of it and have that chat with you.
Theresa Lanowitz: We're thrilled to share it with the world. We can't wait. And it was great talking with you, Sean and Marco.
Thank you so much.
Marco Ciappelli: I'm looking forward to see you and to see everybody that is watching here, anybody that can make it to RSA Conference. Not everybody will. It's, uh, San Francisco is far away for a lot of people, but that's why Sean and I are going to be there. Talking again with people like you and sharing everything that happened on the floor as much as we can with our content.
So everybody stay tuned, follow us and be sure to catch up a conversation [00:19:00] with Theresa and AT& T Server Security coming up right from Broadcast Alley.
Sean Martin: Love it. Thank you everybody.
Theresa Lanowitz: Thank you.