In this hard-hitting episode of Future Secured, co-hosts Tom Finnigan and Jason Murrell sit down with renowned software supply chain expert Paul McCarty. They delve deep into the growing threat of software supply chain attacks and their critical impact on global cyber security. McCarty explains how state-sponsored actors from nations like North Korea and Russia are targeting businesses, often bypassing traditional cyber defences and leveraging sophisticated cyber weapons to infiltrate software development pipelines.
The episode sheds light on the challenges businesses face, particularly those in Australia, where cyber security startups struggle to get a foothold due to procurement issues and a lack of government support. Paul, an early adopter of DevSecOps, shares his journey through the world of DevOps and cybersecurity, offering actionable insights on how organisations can fortify their software supply chains and adapt to this evolving threat landscape. This is a must-watch for CISOs, DevOps teams, and business leaders aiming to safeguard their systems against these invisible, yet dangerous, attacks.
Don't miss Paul's breakdown of why the software supply chain is now the primary battleground for state-sponsored attacks, and his advice for organisations on how to prepare for these unprecedented threats. Tune in for insights into DevSecOps, cyber resilience, and what governments and businesses need to do now to protect themselves from this ever-growing threat.
Key Grabs from Paul McCarty
"We have this major problem where software supply chain attacks bypass everything we've traditionally relied on-EDR, intrusion detection, logging-it all gets skipped."
"Nation-state actors like North Korea and Russia are developing highly modular cyber weapons, designed for long-term persistence within software supply chains."
"Australia needs to get better at procuring sovereign capability. Right now, it's almost impossible for a small cybersecurity startup to sell to government."
"DevSecOps is an illusion. We've added security into DevOps pipelines, but real collaboration between teams still isn't happening."
"If governments aren't building offensive cyber capabilities, they're clueless. We need to play both sides of this game."
Негізгі бет How Software Supply Chain Attacks Are Becoming the New Cyber Battleground with Paul McCarty - Ep 18
Пікірлер