Endace Packet Forensics Files: Episode #44

Original Entry by : Michael Morris

Michael talks to David Monahan, Business Information Security Officer and former security researcher.

By Michael Morris, Director of Global Business Development, Endace

Michael Morris, Director of Global Business Development, Endace

Cyberthreats are something all organizations are facing. But Pharmaceutical and Healthcare Providers have some unique challenges and vulnerabilities and come in for more than their fair share of attention from threat actors. What can your SOC team learn from some of the best practices these organizations are implementing? Are you architecting your environment to separate IOT devices from other critical assets and are you managing them with the same level of scrutiny?

In this episode I talk with David Monahan, a 30-year expert in cybersecurity and network management and former researcher at Enterprise Management Associates. David draws on his research background as well as his current experience working as the Business Information Security Officer at a large global pharmaceutical company.

He talks about some of the similarities and differences the Healthcare and Pharmaceutical industries have with other industries. He shares his insights into why the Healthcare and Pharmaceutical industries are so strongly targeted by threat actors and things consumers or patients can do to help protect themselves and their information.

David also discusses some of the unique challenges Healthcare organizations have around IOT devices and suggests ways to help manage these risks.  He shares some best practices your security organization can be leveraging and points out tools and solutions that are critical for any security stack.

Finally, David talks about what training and skills are important to ensure your SOC analysts are as prepared as possible to defend against cyberthreats.

Other episodes in the Secure Networks video/audio podcast series are available here. Or listen to the podcast here or on your favorite podcast platform.

Dressing for Success

Original Entry by : Katrina Schollum

By Katrina Schollum, People Partner, Endace

Endace has partnered with Dress for Success, a nonprofit organization that empowers women to achieve economic independence by providing a network of support, professional attire, and the development tools to help women thrive in work and in life.

Our own views are absolutely in line with Dress for Success’ worldwide mission for self-determination and raising women’s confidence in themselves,” said Stuart Wilson, CEO Endace. “We support Dress for Success through annual financial and clothes contributions.

To commemorate International Women’s Day 2023, Endace donated $15,000 to Dress for Success Auckland, and a clothes drive organized by Endace was provided to Dress for Success Hamilton.

Our role at Dress for Success is to help break down significant barriers for women, through our collective vision of providing workforce development services to our clients; this includes appropriate interview attire, career coaching and job readiness skills, upskilling and reskilling in technical and soft skills, and creating networks and communities where our women can connect and thrive,” said Andrea Hardy, Dress for Success Auckland. “Thank you, Endace, for your contributions to help us empower women towards self-sufficiency.

Endace Packet Forensics Files: Episode #43

Original Entry by : Michael Morris

Michael talks to Jim Mandelbaum, Field CTO at Gigamon

By Michael Morris, Director of Global Business Development, Endace

Michael Morris, Director of Global Business Development, Endace

As workloads move to the cloud, and infrastructure becomes increasingly complex, how can you ensure that your security posture evolves accordingly? It’s essential to ensure visibility across the entire network if you are to secure it effectively.

In this episode of the Endace Packet Forensic files, I talk with Jim Mandelbaum, Field CTO at Gigamon, about what “security at scale” means. Jim draws on more than a decade of experience as a CTO in the security industry, and shares best-practise tips to ensure that as your infrastructure evolves, your security posture keeps pace.

Jim highlights the importance of leveraging automation to help deal with the increasingly complex network environment. Key to this is having visibility into exactly what’s happening on your network – including on-prem, cloud and hybrid-cloud environments – so you can make informed decisions about what traffic needs to be monitored and recorded. And what tasks can be automated to ensure threat visibility.

It’s also critical to break down team silos, Jim says. Otherwise, responsibility has a tendency to fall through the cracks. Teams need to collaborate closely, and include the security team on IT strategy planning and particularly cloud migration projects. That makes it easier to determine who is responsible for what parts of security from the get-go. When teams have the opportunity to discuss the challenges they face they can often leverage solutions that have been successfully implemented elsewhere in the organization – saving time, resources and budget as a result.

Lastly, Jim highlights the importance of talking with your vendors about their future product strategies to ensure they align with your organization’s plans. Otherwise, there’s a risk of divergence which could prove very costly down the track.

Other episodes in the Secure Networks video/audio podcast series are available here. Or listen to the podcast here or on your favorite podcast platform.

Another Successful Intern Program Concludes

Original Entry by : Katrina Schollum

By Katrina Schollum, People Partner, Endace

February saw the end of our 22/23 Summer Intern Program, with our four interns finishing their 12-week structured placements with our Engineering team.  It was a great success, with all four interns completing their projects and achieving the goals that had been set.

The Big Reveal

The last day of the program is Presentations Day. Our interns presented the results of their projects to a live audience at our R&D centre in Hamilton NZ, with presentations also streamed live to the Global Endace team.

Intern Presentations Day 2023 - Endace

Despite a few (well-hidden) nerves, our interns did a fantastic job – providing insight into their individual journeys, outlining the objectives of their project, talking about some of the challenges they met and overcame, and demonstrating the solutions they had built.

Each presentation concluded with suggestions from the intern about where the projects could be further enhanced to provide additional benefits to the business in the future. There was also a live Q&A session where the interns did a great job of fielding a variety of questions from the audience

Reflecting on the Success of the Intern Program

It was really rewarding to see the growth in confidence of our interns as they saw how much their contributions were valued by the wider organisation and the obvious pride that they (rightfully) showed in the projects they completed.

Stuart Wilson, Endace CEO, summed it up when he said “.. it’s always such a pleasure to see the extraordinary contributions of our interns. What they manage to achieve, in such a short time, is remarkable. It makes us proud to be part of shaping the future of tech talent in New Zealand.”

Endace’s Intern Program gives interns invaluable insight into how a global tech business operates.  It is a great opportunity to put their university knowledge into practice, further develop their technical skills, and learn about team work in a collaborative environment. They also gain insight into all areas of our business, from operations and finance to sales and marketing.

The benefits of the intern program are very definitely in both directions. Interns are supported by an individual manager and mentor, who also benefits from sharing their knowledge and expertise to guide the projects and help prepare interns to transition from studying to the workplace.

Feedback from our interns at the close of the program was very positive.  They mentioned a strong sense of fulfillment from being able to contribute to direction of their projects, having the opportunity to solve rewarding problems and develop their creativity and professional communication skills.  They also mentioned how much they enjoyed being part of a fun team, with colleagues who were approachable and who valued their opinions and suggestions during team discussions.

Where to Next for our Interns?

Equipped with some new skills and hands-on experience, one of our interns is returning to continue their studies and we look forward to seeing their future industry accomplishments. We are delighted that our other three interns will join the Endace team and continue to grow their talent with us.

And we are proud to continue our strong tradition of working closely with tertiary education providers to ensure Endace continues to be an employer of choice for IT and engineering graduates in New Zealand.

Endace Packet Forensics Files: Episode #42

Original Entry by : Michael Morris

Michael talks to RoseAnn Guttierrez, Technical Enablement Specialist BM at IBM

By Michael Morris, Director of Global Business Development, Endace

Michael Morris, Director of Global Business Development, Endace

We have all heard horror stories about how SOC teams are overwhelmed and facing a never-ending battle against threat actors. And we all recognize it is not a matter of IF but WHEN you get breached.

So, when the worst happens is your team resilient enough and sufficiently trained to respond effectively ? Are you confident your team can determine, for certain, whether critical data, such as customer information, or systems have been compromised so you can meet all the necessary compliance and reporting obligations? And do you have the network forensics in place that your SOC needs to be able to thoroughly investigate and respond to a breach?

In this episode of the Endace Packet Forensic files, I talk with RoseAnn Guttierrez, Technical Enablement Specialist BM at IBM Security and a former SOC analyst.

Rose shares her experience of what a day in the life of a SOC engineer is really like. She discusses the best practices she and her team put in place to manage the day-to-day challenges and improve their security posture. She also highlights some of the tools that were most valued in their daily operations and the critical importance of interoperability and integrated workflows to ensure efficiency and simplicity for SOC teams.

Rose discussed the challenge of balancing the need to provide reactive incident response versus having the time to devote to more proactive threat-hunting activities and suggests some approaches to better manage the balance between these important tasks. And she provides some suggestions and recommendations for SOCs on how to build maturity into processes, training, and effectiveness to improve security investigation capability.

Rose’s combination of SOC experience and deep knowledge of the security landscape has given her unique insight into the importance of having an interoperable ecosystem of tools and vendors that enables SOC teams to build resiliency and efficiency into their DNA.

Other episodes in the Secure Networks video/audio podcast series are available here. Or listen to the podcast here or on your favorite podcast platform.

Endace 2022/23 Internship Program Kicks Off

Original Entry by : Katrina Schollum

By Katrina Schollum, People Partner, Endace

The Endace Summer Internship program has been a great success in previous years, and we are happy to say it’s back for another year!  We are very happy to have welcomed four interns to join us in our R&D centre in Hamilton, NZ for the summer, after a fantastic amount of interest from students around New Zealand.  We look forward to supporting the success of our new interns as they progress through the program

Induction Day

The first day of the program is an introduction to our interns on “life at Endace” and how we work.

Our interns learnt about Endace’s history and products and develop relationships with their mentors and managers.  From an opportunity to speak with our CEO, Stuart Wilson, to learning about the details of what to expect, and a delicious lunch networking with engineering team members, it’s safe to say our interns had a lot to absorb and feel excited about what’s to come.

 

Our interns also had the opportunity to engage in gameplaying in order to get to know their mentors.  One of our new mentors, Scott Yearbury, is one of many previous interns at Endace who have volunteered to mentor future interns.

Scott noted “being an intern at Endace was a great way to start my career. It was a challenge, but that challenge and the support provided to me allowed me to push myself to learn a lot and develop my skills a huge amount in a relatively short period of time. I’m excited to be on the other side of this program now and to be able to help provide our new interns with the great opportunity I got.”

It’s amazing to see the full cycle as previous interns become employees – and ultimately become mentors themselves – with the end result being that our talent continues to develop at all levels.

Our Program

Over the course of 13 weeks, the  intern program focuses on commercially relevant, individual projects and provides structured training – including lunch-and-learns to introduce other areas of the business such as Finance, HR, Marketing and Operations – to create a well-rounded experience.  The intern program culminates with our interns delivering a presentation at a shared learning session involving interns and their mentors, members of the senior leadership team and project managers.

Endace is proud of our ties to tertiary education and we see huge value in helping develop talent for IT and Engineering students seeking to join our industry as we showcase Endace as an employer of choice.

The experience provided to our interns is hands-on with intentional learning, which helps in building technical capability and giving insight into how a global tech organisation operates.  We look forward to supporting our interns as they continue to learn and develop, and to celebrating their future achievements.

Endace Packet Forensics Files: Episode #41

Original Entry by : Michael Morris

Michael talks to Andrew Stewart, Senior National Security and Government Strategist at Cisco

By Michael Morris, Director of Global Business Development, Endace

Michael Morris, Director of Global Business Development, Endace

In this episode of the Endace Packet Forensic files, I talk with Andrew Stewart, Senior National Security and Government Strategist at Cisco.  Andrew, CAPT, USN (Ret.) is a Senior Federal Strategist at Cisco where he implements strategies to support innovative cybersecurity and AI/ML solutions across the Federal Government.  He also served as the Commanding Officer and Program Manager at the Navy Cyber Warfare Development Group (NCWDG).

With Andrew’s deep experience in national security and government agencies, I wanted to get his thoughts on all the new Whitehouse mandates, and cybersecurity policies from CISA such as the emphasis on Zero Trust and other important initiatives.  We discuss whether what organizations are doing is sufficient given the risks posed by nation-state threat actors.

Noting that CISA guidelines and recommendations and Whitehouse mandates can help organizations and agencies prioritize cybersecurity with more urgency than before, Andrew raises the issue of awareness of cybersecurity among executives and corporate boards.  He suggests that, regardless of whether the threat is a nation-state attacker or a ransomware group, a threat-based approach is crucial. He also discusses the importance of building resilience across all “mission” functions, not just day-to-day operations, especially with a remote workforce.  In short,  security resilience is essential to underpin it all.

Lastly, Andrew highlights trends for the coming months – including the ever-changing nature of threats as hybrid cloud operating environments continue to expand the threat spectrum and transform the way we work. Visibility, he says, remains the key to mastering and controlling such a dynamic threat environment.

Other episodes in the Secure Networks video/audio podcast series are available here. Or listen to the podcast here or on your favorite podcast platform.

Endace Packet Forensics Files: Episode #40

Original Entry by : Michael Morris

Michael talks to Chris Greer, Packet Pioneer and Wireshark Guru.

By Michael Morris, Director of Global Business Development, Endace

Michael Morris, Director of Global Business Development, Endace

Threat hunting is a critical cybersecurity activity that is growing in importance and prevalence around the globe.  Are your SOC analysts developing the skills and toolsets they need to enable more efficient and effective threat hunting?  What are the inhibitors your teams face and do you have the right tools and processes in place?

In this episode of the Endace Packet Forensic files, I talk with Chris Greer of Packet Pioneer.

Chris is an experienced protocol analyst and forensics expert. He is a renowned instructor for Wireshark University as well as the host of a popular YouTube channel where he shares insights into threat hunting and demonstrates the importance of understanding how to investigate and resolve issues using packet analysis. In this episode, Chris talks about some of the problems or threats you can only see as part of your incident response investigation processes and workflows if you have access to full packet data.

Finally, Chris highlights some of the gaps that organizations have in their security stacks that make it hard for them to confirm or deny false positives and how to resolve this visibility issue. He offers recommendations for training and suggests how to improve your organization’s threat hunting capability.

Other episodes in the Secure Networks video/audio podcast series are available here. Or listen to the podcast here or on your favorite podcast platform.